| OLD | NEW |
|---|
| 1 /* crypto/pkcs7/pk7_lib.c */ | 1 /* crypto/pkcs7/pk7_lib.c */ |
| 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 * All rights reserved. | 3 * All rights reserved. |
| 4 * | 4 * |
| 5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
| 6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
| 7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
| 8 * | 8 * |
| 9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
| 10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 53 * The licence and distribution terms for any publically available version or | 53 * The licence and distribution terms for any publically available version or |
| 54 * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 * copied and put under another distribution licence | 55 * copied and put under another distribution licence |
| 56 * [including the GNU Public Licence.] | 56 * [including the GNU Public Licence.] |
| 57 */ | 57 */ |
| 58 | 58 |
| 59 #include <stdio.h> | 59 #include <stdio.h> |
| 60 #include "cryptlib.h" | 60 #include "cryptlib.h" |
| 61 #include <openssl/objects.h> | 61 #include <openssl/objects.h> |
| 62 #include <openssl/x509.h> | 62 #include <openssl/x509.h> |
| 63 #include "asn1_locl.h" |
| 63 | 64 |
| 64 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) | 65 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) |
| 65 { | 66 { |
| 66 int nid; | 67 int nid; |
| 67 long ret; | 68 long ret; |
| 68 | 69 |
| 69 nid=OBJ_obj2nid(p7->type); | 70 nid=OBJ_obj2nid(p7->type); |
| 70 | 71 |
| 71 switch (cmd) | 72 switch (cmd) |
| 72 { | 73 { |
| (...skipping 234 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 307 break; | 308 break; |
| 308 default: | 309 default: |
| 309 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYP
E); | 310 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYP
E); |
| 310 return(0); | 311 return(0); |
| 311 } | 312 } |
| 312 | 313 |
| 313 if (*sk == NULL) | 314 if (*sk == NULL) |
| 314 *sk=sk_X509_new_null(); | 315 *sk=sk_X509_new_null(); |
| 315 if (*sk == NULL) | 316 if (*sk == NULL) |
| 316 { | 317 { |
| 317 » » PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,ERR_R_MALLOC_FAILURE); | 318 » » PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE); |
| 318 return 0; | 319 return 0; |
| 319 } | 320 } |
| 320 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | 321 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
| 321 if (!sk_X509_push(*sk,x509)) | 322 if (!sk_X509_push(*sk,x509)) |
| 322 { | 323 { |
| 323 X509_free(x509); | 324 X509_free(x509); |
| 324 return 0; | 325 return 0; |
| 325 } | 326 } |
| 326 return(1); | 327 return(1); |
| 327 } | 328 } |
| (...skipping 30 matching lines...) Expand all Loading... |
| 358 { | 359 { |
| 359 X509_CRL_free(crl); | 360 X509_CRL_free(crl); |
| 360 return 0; | 361 return 0; |
| 361 } | 362 } |
| 362 return(1); | 363 return(1); |
| 363 } | 364 } |
| 364 | 365 |
| 365 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, | 366 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, |
| 366 const EVP_MD *dgst) | 367 const EVP_MD *dgst) |
| 367 { | 368 { |
| 368 » int nid; | 369 » int ret; |
| 369 » char is_dsa; | |
| 370 | 370 |
| 371 if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC) | |
| 372 is_dsa = 1; | |
| 373 else | |
| 374 is_dsa = 0; | |
| 375 /* We now need to add another PKCS7_SIGNER_INFO entry */ | 371 /* We now need to add another PKCS7_SIGNER_INFO entry */ |
| 376 if (!ASN1_INTEGER_set(p7i->version,1)) | 372 if (!ASN1_INTEGER_set(p7i->version,1)) |
| 377 goto err; | 373 goto err; |
| 378 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, | 374 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, |
| 379 X509_get_issuer_name(x509))) | 375 X509_get_issuer_name(x509))) |
| 380 goto err; | 376 goto err; |
| 381 | 377 |
| 382 /* because ASN1_INTEGER_set is used to set a 'long' we will do | 378 /* because ASN1_INTEGER_set is used to set a 'long' we will do |
| 383 * things the ugly way. */ | 379 * things the ugly way. */ |
| 384 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | 380 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
| 385 if (!(p7i->issuer_and_serial->serial= | 381 if (!(p7i->issuer_and_serial->serial= |
| 386 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) | 382 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) |
| 387 goto err; | 383 goto err; |
| 388 | 384 |
| 389 /* lets keep the pkey around for a while */ | 385 /* lets keep the pkey around for a while */ |
| 390 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); | 386 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); |
| 391 p7i->pkey=pkey; | 387 p7i->pkey=pkey; |
| 392 | 388 |
| 393 /* Set the algorithms */ | 389 /* Set the algorithms */ |
| 394 if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); | |
| 395 else | |
| 396 p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); | |
| 397 | 390 |
| 398 » if (p7i->digest_alg->parameter != NULL) | 391 » X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)), |
| 399 » » ASN1_TYPE_free(p7i->digest_alg->parameter); | 392 » » » » V_ASN1_NULL, NULL); |
| 400 » if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) | |
| 401 » » goto err; | |
| 402 » p7i->digest_alg->parameter->type=V_ASN1_NULL; | |
| 403 | 393 |
| 404 » if (p7i->digest_enc_alg->parameter != NULL) | 394 » if (pkey->ameth && pkey->ameth->pkey_ctrl) |
| 405 » » ASN1_TYPE_free(p7i->digest_enc_alg->parameter); | |
| 406 » nid = EVP_PKEY_type(pkey->type); | |
| 407 » if (nid == EVP_PKEY_RSA) | |
| 408 { | 395 { |
| 409 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); | 396 » » ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, |
| 410 » » if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | 397 » » » » » » 0, p7i); |
| 411 » » » goto err; | 398 » » if (ret > 0) |
| 412 » » p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | 399 » » » return 1; |
| 400 » » if (ret != -2) |
| 401 » » » { |
| 402 » » » PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, |
| 403 » » » » » PKCS7_R_SIGNING_CTRL_FAILURE); |
| 404 » » » return 0; |
| 405 » » » } |
| 413 } | 406 } |
| 414 » else if (nid == EVP_PKEY_DSA) | 407 » PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, |
| 415 » » { | 408 » » » PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); |
| 416 #if 1 | |
| 417 » » /* use 'dsaEncryption' OID for compatibility with other software | |
| 418 » » * (PKCS #7 v1.5 does specify how to handle DSA) ... */ | |
| 419 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa); | |
| 420 #else | |
| 421 » » /* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 f
or CMS) | |
| 422 » » * would make more sense. */ | |
| 423 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1); | |
| 424 #endif | |
| 425 » » p7i->digest_enc_alg->parameter = NULL; /* special case for DSA:
omit 'parameter'! */ | |
| 426 » » } | |
| 427 » else if (nid == EVP_PKEY_EC) | |
| 428 » » { | |
| 429 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1); | |
| 430 » » if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | |
| 431 » » » goto err; | |
| 432 » » p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | |
| 433 » » } | |
| 434 » else | |
| 435 » » return(0); | |
| 436 | |
| 437 » return(1); | |
| 438 err: | 409 err: |
| 439 » return(0); | 410 » return 0; |
| 440 } | 411 } |
| 441 | 412 |
| 442 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, | 413 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, |
| 443 const EVP_MD *dgst) | 414 const EVP_MD *dgst) |
| 444 { | 415 { |
| 445 » PKCS7_SIGNER_INFO *si; | 416 » PKCS7_SIGNER_INFO *si = NULL; |
| 417 |
| 418 » if (dgst == NULL) |
| 419 » » { |
| 420 » » int def_nid; |
| 421 » » if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) |
| 422 » » » goto err; |
| 423 » » dgst = EVP_get_digestbynid(def_nid); |
| 424 » » if (dgst == NULL) |
| 425 » » » { |
| 426 » » » PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE, |
| 427 » » » » » » PKCS7_R_NO_DEFAULT_DIGEST); |
| 428 » » » goto err; |
| 429 » » » } |
| 430 » » } |
| 446 | 431 |
| 447 if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; | 432 if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; |
| 448 if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; | 433 if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; |
| 449 if (!PKCS7_add_signer(p7,si)) goto err; | 434 if (!PKCS7_add_signer(p7,si)) goto err; |
| 450 return(si); | 435 return(si); |
| 451 err: | 436 err: |
| 452 » PKCS7_SIGNER_INFO_free(si); | 437 » if (si) |
| 438 » » PKCS7_SIGNER_INFO_free(si); |
| 453 return(NULL); | 439 return(NULL); |
| 454 } | 440 } |
| 455 | 441 |
| 456 int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) | 442 int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) |
| 457 { | 443 { |
| 458 if (PKCS7_type_is_digest(p7)) | 444 if (PKCS7_type_is_digest(p7)) |
| 459 { | 445 { |
| 460 if(!(p7->d.digest->md->parameter = ASN1_TYPE_new())) | 446 if(!(p7->d.digest->md->parameter = ASN1_TYPE_new())) |
| 461 { | 447 { |
| 462 PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,ERR_R_MALLOC_FAILURE); | 448 PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,ERR_R_MALLOC_FAILURE); |
| (...skipping 15 matching lines...) Expand all Loading... |
| 478 return(p7->d.sign->signer_info); | 464 return(p7->d.sign->signer_info); |
| 479 } | 465 } |
| 480 else if (PKCS7_type_is_signedAndEnveloped(p7)) | 466 else if (PKCS7_type_is_signedAndEnveloped(p7)) |
| 481 { | 467 { |
| 482 return(p7->d.signed_and_enveloped->signer_info); | 468 return(p7->d.signed_and_enveloped->signer_info); |
| 483 } | 469 } |
| 484 else | 470 else |
| 485 return(NULL); | 471 return(NULL); |
| 486 } | 472 } |
| 487 | 473 |
| 474 void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, |
| 475 X509_ALGOR **pdig, X509_ALGOR **psig) |
| 476 { |
| 477 if (pk) |
| 478 *pk = si->pkey; |
| 479 if (pdig) |
| 480 *pdig = si->digest_alg; |
| 481 if (psig) |
| 482 *psig = si->digest_enc_alg; |
| 483 } |
| 484 |
| 485 void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc) |
| 486 { |
| 487 if (penc) |
| 488 *penc = ri->key_enc_algor; |
| 489 } |
| 490 |
| 488 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) | 491 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) |
| 489 { | 492 { |
| 490 PKCS7_RECIP_INFO *ri; | 493 PKCS7_RECIP_INFO *ri; |
| 491 | 494 |
| 492 if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; | 495 if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; |
| 493 if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; | 496 if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; |
| 494 if (!PKCS7_add_recipient_info(p7,ri)) goto err; | 497 if (!PKCS7_add_recipient_info(p7,ri)) goto err; |
| 495 » return(ri); | 498 » return ri; |
| 496 err: | 499 err: |
| 497 » PKCS7_RECIP_INFO_free(ri); | 500 » if (ri) |
| 498 » return(NULL); | 501 » » PKCS7_RECIP_INFO_free(ri); |
| 502 » return NULL; |
| 499 } | 503 } |
| 500 | 504 |
| 501 int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) | 505 int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) |
| 502 { | 506 { |
| 503 int i; | 507 int i; |
| 504 STACK_OF(PKCS7_RECIP_INFO) *sk; | 508 STACK_OF(PKCS7_RECIP_INFO) *sk; |
| 505 | 509 |
| 506 i=OBJ_obj2nid(p7->type); | 510 i=OBJ_obj2nid(p7->type); |
| 507 switch (i) | 511 switch (i) |
| 508 { | 512 { |
| 509 case NID_pkcs7_signedAndEnveloped: | 513 case NID_pkcs7_signedAndEnveloped: |
| 510 sk= p7->d.signed_and_enveloped->recipientinfo; | 514 sk= p7->d.signed_and_enveloped->recipientinfo; |
| 511 break; | 515 break; |
| 512 case NID_pkcs7_enveloped: | 516 case NID_pkcs7_enveloped: |
| 513 sk= p7->d.enveloped->recipientinfo; | 517 sk= p7->d.enveloped->recipientinfo; |
| 514 break; | 518 break; |
| 515 default: | 519 default: |
| 516 PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_
TYPE); | 520 PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_
TYPE); |
| 517 return(0); | 521 return(0); |
| 518 } | 522 } |
| 519 | 523 |
| 520 if (!sk_PKCS7_RECIP_INFO_push(sk,ri)) | 524 if (!sk_PKCS7_RECIP_INFO_push(sk,ri)) |
| 521 return 0; | 525 return 0; |
| 522 return(1); | 526 return(1); |
| 523 } | 527 } |
| 524 | 528 |
| 525 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) | 529 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) |
| 526 { | 530 { |
| 531 int ret; |
| 532 EVP_PKEY *pkey = NULL; |
| 527 if (!ASN1_INTEGER_set(p7i->version,0)) | 533 if (!ASN1_INTEGER_set(p7i->version,0)) |
| 528 return 0; | 534 return 0; |
| 529 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, | 535 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, |
| 530 X509_get_issuer_name(x509))) | 536 X509_get_issuer_name(x509))) |
| 531 return 0; | 537 return 0; |
| 532 | 538 |
| 533 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | 539 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
| 534 if (!(p7i->issuer_and_serial->serial= | 540 if (!(p7i->issuer_and_serial->serial= |
| 535 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) | 541 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) |
| 536 return 0; | 542 return 0; |
| 537 | 543 |
| 538 » X509_ALGOR_free(p7i->key_enc_algor); | 544 » pkey = X509_get_pubkey(x509); |
| 539 » if (!(p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor))) | 545 |
| 540 » » return 0; | 546 » if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) |
| 547 » » { |
| 548 » » PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, |
| 549 » » » PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); |
| 550 » » goto err; |
| 551 » » } |
| 552 |
| 553 » ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, |
| 554 » » » » » » 0, p7i); |
| 555 » if (ret == -2) |
| 556 » » { |
| 557 » » PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, |
| 558 » » » PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); |
| 559 » » goto err; |
| 560 » » } |
| 561 » if (ret <= 0) |
| 562 » » { |
| 563 » » PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, |
| 564 » » » » PKCS7_R_ENCRYPTION_CTRL_FAILURE); |
| 565 » » goto err; |
| 566 » » } |
| 567 |
| 568 » EVP_PKEY_free(pkey); |
| 541 | 569 |
| 542 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | 570 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
| 543 p7i->cert=x509; | 571 p7i->cert=x509; |
| 544 | 572 |
| 545 » return(1); | 573 » return 1; |
| 574 |
| 575 » err: |
| 576 » if (pkey) |
| 577 » » EVP_PKEY_free(pkey); |
| 578 » return 0; |
| 546 } | 579 } |
| 547 | 580 |
| 548 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) | 581 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) |
| 549 { | 582 { |
| 550 if (PKCS7_type_is_signed(p7)) | 583 if (PKCS7_type_is_signed(p7)) |
| 551 return(X509_find_by_issuer_and_serial(p7->d.sign->cert, | 584 return(X509_find_by_issuer_and_serial(p7->d.sign->cert, |
| 552 si->issuer_and_serial->issuer, | 585 si->issuer_and_serial->issuer, |
| 553 si->issuer_and_serial->serial)); | 586 si->issuer_and_serial->serial)); |
| 554 else | 587 else |
| 555 return(NULL); | 588 return(NULL); |
| 556 } | 589 } |
| 557 | 590 |
| 558 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) | 591 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) |
| 559 { | 592 { |
| 560 int i; | 593 int i; |
| 561 ASN1_OBJECT *objtmp; | |
| 562 PKCS7_ENC_CONTENT *ec; | 594 PKCS7_ENC_CONTENT *ec; |
| 563 | 595 |
| 564 i=OBJ_obj2nid(p7->type); | 596 i=OBJ_obj2nid(p7->type); |
| 565 switch (i) | 597 switch (i) |
| 566 { | 598 { |
| 567 case NID_pkcs7_signedAndEnveloped: | 599 case NID_pkcs7_signedAndEnveloped: |
| 568 ec=p7->d.signed_and_enveloped->enc_data; | 600 ec=p7->d.signed_and_enveloped->enc_data; |
| 569 break; | 601 break; |
| 570 case NID_pkcs7_enveloped: | 602 case NID_pkcs7_enveloped: |
| 571 ec=p7->d.enveloped->enc_data; | 603 ec=p7->d.enveloped->enc_data; |
| 572 break; | 604 break; |
| 573 default: | 605 default: |
| 574 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); | 606 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); |
| 575 return(0); | 607 return(0); |
| 576 } | 608 } |
| 577 | 609 |
| 578 /* Check cipher OID exists and has data in it*/ | 610 /* Check cipher OID exists and has data in it*/ |
| 579 i = EVP_CIPHER_type(cipher); | 611 i = EVP_CIPHER_type(cipher); |
| 580 if(i == NID_undef) { | 612 if(i == NID_undef) { |
| 581 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_I
DENTIFIER); | 613 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_I
DENTIFIER); |
| 582 return(0); | 614 return(0); |
| 583 } | 615 } |
| 584 objtmp = OBJ_nid2obj(i); | |
| 585 | 616 |
| 586 ec->cipher = cipher; | 617 ec->cipher = cipher; |
| 587 return 1; | 618 return 1; |
| 588 } | 619 } |
| 589 | 620 |
| 621 int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) |
| 622 { |
| 623 ASN1_OCTET_STRING *os = NULL; |
| 624 |
| 625 switch (OBJ_obj2nid(p7->type)) |
| 626 { |
| 627 case NID_pkcs7_data: |
| 628 os = p7->d.data; |
| 629 break; |
| 630 |
| 631 case NID_pkcs7_signedAndEnveloped: |
| 632 os = p7->d.signed_and_enveloped->enc_data->enc_data; |
| 633 if (os == NULL) |
| 634 { |
| 635 os=M_ASN1_OCTET_STRING_new(); |
| 636 p7->d.signed_and_enveloped->enc_data->enc_data=os; |
| 637 } |
| 638 break; |
| 639 |
| 640 case NID_pkcs7_enveloped: |
| 641 os = p7->d.enveloped->enc_data->enc_data; |
| 642 if (os == NULL) |
| 643 { |
| 644 os=M_ASN1_OCTET_STRING_new(); |
| 645 p7->d.enveloped->enc_data->enc_data=os; |
| 646 } |
| 647 break; |
| 648 |
| 649 case NID_pkcs7_signed: |
| 650 os=p7->d.sign->contents->d.data; |
| 651 break; |
| 652 |
| 653 default: |
| 654 os = NULL; |
| 655 break; |
| 656 } |
| 657 |
| 658 if (os == NULL) |
| 659 return 0; |
| 660 |
| 661 os->flags |= ASN1_STRING_FLAG_NDEF; |
| 662 *boundary = &os->data; |
| 663 |
| 664 return 1; |
| 665 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/