#include "crypto/evp.h"
#include "crypto/cms.h"
#include "crypto/ess.h"
+#include "crypto/x509.h" /* for X509_add_cert_new() */
DEFINE_STACK_OF(CMS_RevocationInfoChoice)
DEFINE_STACK_OF(CMS_SignerInfo)
-DEFINE_STACK_OF(X509)
DEFINE_STACK_OF(X509_ALGOR)
-DEFINE_STACK_OF(X509_ATTRIBUTE)
/* CMS SignedData Utilities */
for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
si = sk_CMS_SignerInfo_value(sinfos, i);
if (si->signer != NULL) {
- if (signers == NULL) {
- signers = sk_X509_new_null();
- if (signers == NULL)
- return NULL;
- }
- if (!sk_X509_push(signers, si->signer)) {
+ if (!X509_add_cert_new(&signers, si->signer,
+ X509_ADD_FLAG_DEFAULT)) {
sk_X509_free(signers);
return NULL;
}
unsigned char *abuf = NULL;
int alen, r = -1;
const char *name;
- EVP_MD *md = NULL;
+ const EVP_MD *md;
+ EVP_MD *fetched_md = NULL;
const CMS_CTX *ctx = si->cms_ctx;
if (si->pkey == NULL) {
return -1;
name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm));
- md = EVP_MD_fetch(ctx->libctx, name, ctx->propq);
- if (md == NULL)
+
+ (void)ERR_set_mark();
+ fetched_md = EVP_MD_fetch(ctx->libctx, name, ctx->propq);
+
+ if (fetched_md != NULL)
+ md = fetched_md;
+ else
+ md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+ if (md == NULL) {
+ (void)ERR_clear_last_mark();
+ CMSerr(0, CMS_R_UNKNOWN_DIGEST_ALGORITHM);
return -1;
+ }
+ (void)ERR_pop_to_mark();
+
if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
if (r <= 0)
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
err:
- EVP_MD_free(md);
+ EVP_MD_free(fetched_md);
EVP_MD_CTX_reset(mctx);
return r;
}