Allow alternate eContentType oids to be set in cms utility.
authorDr. Stephen Henson <steve@openssl.org>
Wed, 19 Mar 2008 19:34:30 +0000 (19:34 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 19 Mar 2008 19:34:30 +0000 (19:34 +0000)
Add id-ct-asciiTextWithCRLF OID.

Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.

apps/cms.c
crypto/cms/cms.h
crypto/cms/cms_err.c
crypto/cms/cms_sd.c
crypto/objects/obj_dat.h
crypto/objects/obj_mac.h
crypto/objects/obj_mac.num
crypto/objects/objects.txt

index 2cbd43b..70847d9 100644 (file)
@@ -125,6 +125,8 @@ int MAIN(int argc, char **argv)
        unsigned char *secret_key = NULL, *secret_keyid = NULL;
        size_t secret_keylen = 0, secret_keyidlen = 0;
 
+       ASN1_OBJECT *econtent_type = NULL;
+
        X509_VERIFY_PARAM *vpm = NULL;
 
        args = argv + 1;
@@ -268,6 +270,18 @@ int MAIN(int argc, char **argv)
                                }
                        secret_keyidlen = (size_t)ltmp;
                        }
+               else if (!strcmp(*args,"-econtent_type"))
+                       {
+                       if (!args[1])
+                               goto argerr;
+                       args++;
+                       econtent_type = OBJ_txt2obj(*args, 0);
+                       if (!econtent_type)
+                               {
+                               BIO_printf(bio_err, "Invalid OID %s\n", *args);
+                               goto argerr;
+                               }
+                       }
                else if (!strcmp(*args,"-rand"))
                        {
                        if (!args[1])
@@ -797,6 +811,8 @@ int MAIN(int argc, char **argv)
                                }
                        flags |= CMS_PARTIAL;
                        cms = CMS_sign(NULL, NULL, other, in, flags);
+                       if (econtent_type)
+                               CMS_set1_eContentType(cms, econtent_type);
                        if (!cms)
                                goto end;
                        }
@@ -965,6 +981,8 @@ end:
                OPENSSL_free(secret_key);
        if (secret_keyid)
                OPENSSL_free(secret_keyid);
+       if (econtent_type)
+               ASN1_OBJECT_free(econtent_type);
        X509_STORE_free(store);
        X509_free(cert);
        X509_free(recip);
index 4f74cd1..1a316d7 100644 (file)
@@ -352,6 +352,7 @@ void ERR_load_CMS_strings(void);
 
 /* Reason codes. */
 #define CMS_R_ADD_SIGNER_ERROR                          99
+#define CMS_R_CERTIFICATE_HAS_NO_KEYID                  160
 #define CMS_R_CERTIFICATE_VERIFY_ERROR                  100
 #define CMS_R_CIPHER_INITIALISATION_ERROR               101
 #define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR     102
index 494544d..51a3ade 100644 (file)
@@ -135,6 +135,7 @@ static ERR_STRING_DATA CMS_str_functs[]=
 static ERR_STRING_DATA CMS_str_reasons[]=
        {
 {ERR_REASON(CMS_R_ADD_SIGNER_ERROR)      ,"add signer error"},
+{ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID),"certificate has no keyid"},
 {ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
 {ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),"cipher initialisation error"},
 {ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),"cipher parameter initialisation error"},
index 302b93f..6f31f63 100644 (file)
@@ -226,6 +226,12 @@ int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
                break;
 
                case CMS_SIGNERINFO_KEYIDENTIFIER:
+               if (!cert->skid)
+                       {
+                       CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER,
+                                       CMS_R_CERTIFICATE_HAS_NO_KEYID);
+                       return 0;
+                       }
                sid->d.subjectKeyIdentifier = ASN1_STRING_dup(cert->skid);
                if (!sid->d.subjectKeyIdentifier)
                        goto merr;
index 5b3881e..6f7792b 100644 (file)
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 855
-#define NUM_SN 848
-#define NUM_LN 848
-#define NUM_OBJ 802
+#define NUM_NID 856
+#define NUM_SN 849
+#define NUM_LN 849
+#define NUM_OBJ 803
 
-static const unsigned char lvalues[5691]={
+static const unsigned char lvalues[5702]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -870,6 +870,7 @@ static const unsigned char lvalues[5691]={
 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5663] OBJ_id_aes128_wrap */
 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5672] OBJ_id_aes192_wrap */
 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5681] OBJ_id_aes256_wrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5690] OBJ_id_ct_asciiTextWithCRLF */
 };
 
 static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2250,6 +2251,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
        &(lvalues[5672]),0},
 {"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
        &(lvalues[5681]),0},
+{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
+       NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5690]),0},
 };
 
 static const unsigned int sn_objs[NUM_SN]={
@@ -2636,6 +2639,7 @@ static const unsigned int sn_objs[NUM_SN]={
 332,   /* "id-cmc-senderNonce" */
 327,   /* "id-cmc-statusInfo" */
 331,   /* "id-cmc-transactionId" */
+855,   /* "id-ct-asciiTextWithCRLF" */
 408,   /* "id-ecPublicKey" */
 508,   /* "id-hex-multipart-message" */
 507,   /* "id-hex-partial-message" */
@@ -3482,6 +3486,7 @@ static const unsigned int ln_objs[NUM_LN]={
 332,   /* "id-cmc-senderNonce" */
 327,   /* "id-cmc-statusInfo" */
 331,   /* "id-cmc-transactionId" */
+855,   /* "id-ct-asciiTextWithCRLF" */
 408,   /* "id-ecPublicKey" */
 508,   /* "id-hex-multipart-message" */
 507,   /* "id-hex-partial-message" */
@@ -4704,6 +4709,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
 210,   /* OBJ_id_smime_ct_DVCSRequestData  1 2 840 113549 1 9 16 1 7 */
 211,   /* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
 851,   /* OBJ_id_smime_ct_compressedData   1 2 840 113549 1 9 16 1 9 */
+855,   /* OBJ_id_ct_asciiTextWithCRLF      1 2 840 113549 1 9 16 1 27 */
 212,   /* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
 213,   /* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
 214,   /* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */
index a373bc0..b45218d 100644 (file)
 #define NID_id_smime_ct_compressedData         851
 #define OBJ_id_smime_ct_compressedData         OBJ_id_smime_ct,9L
 
+#define SN_id_ct_asciiTextWithCRLF             "id-ct-asciiTextWithCRLF"
+#define NID_id_ct_asciiTextWithCRLF            855
+#define OBJ_id_ct_asciiTextWithCRLF            OBJ_id_smime_ct,27L
+
 #define SN_id_smime_aa_receiptRequest          "id-smime-aa-receiptRequest"
 #define NID_id_smime_aa_receiptRequest         212
 #define OBJ_id_smime_aa_receiptRequest         OBJ_id_smime_aa,1L
index 7aeafd7..820650e 100644 (file)
@@ -852,3 +852,4 @@ id_smime_ct_compressedData          851
 id_aes128_wrap         852
 id_aes192_wrap         853
 id_aes256_wrap         854
+id_ct_asciiTextWithCRLF                855
index 0060f3c..5d6b602 100644 (file)
@@ -252,6 +252,7 @@ id-smime-ct 6               : id-smime-ct-contentInfo
 id-smime-ct 7          : id-smime-ct-DVCSRequestData
 id-smime-ct 8          : id-smime-ct-DVCSResponseData
 id-smime-ct 9          : id-smime-ct-compressedData
+id-smime-ct 27         : id-ct-asciiTextWithCRLF
 
 # S/MIME Attributes
 id-smime-aa 1          : id-smime-aa-receiptRequest