/* CMS CompressedData Utilities */
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OSSL_LIB_CTX *libctx,
- const char *propq)
+CMS_ContentInfo *ossl_cms_CompressedData_create(int comp_nid,
+ OSSL_LIB_CTX *libctx,
+ const char *propq)
{
CMS_ContentInfo *cms;
CMS_CompressedData *cd;
return NULL;
}
-BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms)
+BIO *ossl_cms_CompressedData_init_bio(const CMS_ContentInfo *cms)
{
CMS_CompressedData *cd;
const ASN1_OBJECT *compoid;
/* CMS DigestedData Utilities */
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
- OSSL_LIB_CTX *libctx,
- const char *propq)
+CMS_ContentInfo *ossl_cms_DigestedData_create(const EVP_MD *md,
+ OSSL_LIB_CTX *libctx,
+ const char *propq)
{
CMS_ContentInfo *cms;
CMS_DigestedData *dd;
return NULL;
}
-BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms)
+BIO *ossl_cms_DigestedData_init_bio(const CMS_ContentInfo *cms)
{
CMS_DigestedData *dd = cms->d.digestedData;
- return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm, cms_get0_cmsctx(cms));
+ return ossl_cms_DigestAlgorithm_init_bio(dd->digestAlgorithm,
+ ossl_cms_get0_cmsctx(cms));
}
-int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify)
+int ossl_cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain,
+ int verify)
{
EVP_MD_CTX *mctx = EVP_MD_CTX_new();
unsigned char md[EVP_MAX_MD_SIZE];
dd = cms->d.digestedData;
- if (!cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm))
+ if (!ossl_cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm))
goto err;
if (EVP_DigestFinal_ex(mctx, md, &mdlen) <= 0)
return rv;
}
-int cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt)
+int ossl_cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt)
{
assert(decrypt == 0 || decrypt == 1);
return rv;
}
-int cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt)
+int ossl_cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt)
{
assert(decrypt == 0 || decrypt == 1);
}
/* ECDSA and DSA implementation is the same */
-int cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify)
+int ossl_cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify)
{
assert(verify == 0 || verify == 1);
/* Return BIO based on EncryptedContentInfo and key */
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
- const CMS_CTX *cms_ctx)
+BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
+ const CMS_CTX *cms_ctx)
{
BIO *b;
EVP_CIPHER_CTX *ctx;
size_t tkeylen = 0;
int ok = 0;
int enc, keep_key = 0;
- OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(cms_ctx);
- const char *propq = cms_ctx_get0_propq(cms_ctx);
+ OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(cms_ctx);
+ const char *propq = ossl_cms_ctx_get0_propq(cms_ctx);
enc = ec->cipher ? 1 : 0;
return NULL;
}
-int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
- const EVP_CIPHER *cipher,
- const unsigned char *key, size_t keylen,
- const CMS_CTX *cms_ctx)
+int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
+ const EVP_CIPHER *cipher,
+ const unsigned char *key, size_t keylen,
+ const CMS_CTX *cms_ctx)
{
ec->cipher = cipher;
if (key) {
return 0;
}
ec = cms->d.encryptedData->encryptedContentInfo;
- return cms_EncryptedContent_init(ec, ciph, key, keylen, cms_get0_cmsctx(cms));
+ return ossl_cms_EncryptedContent_init(ec, ciph, key, keylen,
+ ossl_cms_get0_cmsctx(cms));
}
-BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms)
+BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms)
{
CMS_EncryptedData *enc = cms->d.encryptedData;
if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
enc->version = 2;
- return cms_EncryptedContent_init_bio(enc->encryptedContentInfo,
- cms_get0_cmsctx(cms));
+ return ossl_cms_EncryptedContent_init_bio(enc->encryptedContentInfo,
+ ossl_cms_get0_cmsctx(cms));
}
}
}
-CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
+CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
return cms->d.envelopedData;
}
-CMS_AuthEnvelopedData *cms_get0_auth_enveloped(CMS_ContentInfo *cms)
+CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_authEnvelopedData) {
ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
return cms->d.envelopedData;
}
- return cms_get0_enveloped(cms);
+ return ossl_cms_get0_enveloped(cms);
}
static CMS_AuthEnvelopedData *
cms->contentType = OBJ_nid2obj(NID_id_smime_ct_authEnvelopedData);
return cms->d.authEnvelopedData;
}
- return cms_get0_auth_enveloped(cms);
+ return ossl_cms_get0_auth_enveloped(cms);
}
-int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
+int ossl_cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
{
EVP_PKEY *pkey;
int i;
return 0;
if (EVP_PKEY_is_a(pkey, "DHX") || EVP_PKEY_is_a(pkey, "DH"))
- return cms_dh_envelope(ri, cmd);
+ return ossl_cms_dh_envelope(ri, cmd);
else if (EVP_PKEY_is_a(pkey, "EC"))
- return cms_ecdh_envelope(ri, cmd);
+ return ossl_cms_ecdh_envelope(ri, cmd);
else if (EVP_PKEY_is_a(pkey, "RSA"))
- return cms_rsa_envelope(ri, cmd);
+ return ossl_cms_rsa_envelope(ri, cmd);
/* Something else? We'll give engines etc a chance to handle this */
if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL)
return 1;
}
-CMS_EncryptedContentInfo* cms_get0_env_enc_content(const CMS_ContentInfo *cms)
+CMS_EncryptedContentInfo* ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms)
{
switch (cms_get_enveloped_type(cms)) {
case CMS_ENVELOPED_STANDARD:
}
}
-void cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms)
+void ossl_cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms)
{
int i;
CMS_RecipientInfo *ri;
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
STACK_OF(CMS_RecipientInfo) *rinfos = CMS_get0_RecipientInfos(cms);
for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
break;
case CMS_RECIPINFO_TRANS:
ri->d.ktri->cms_ctx = ctx;
- x509_set0_libctx(ri->d.ktri->recip, cms_ctx_get0_libctx(ctx),
- cms_ctx_get0_propq(ctx));
+ x509_set0_libctx(ri->d.ktri->recip,
+ ossl_cms_ctx_get0_libctx(ctx),
+ ossl_cms_ctx_get0_propq(ctx));
break;
case CMS_RECIPINFO_KEK:
ri->d.kekri->cms_ctx = ctx;
if (env == NULL)
goto merr;
- if (!cms_EncryptedContent_init(env->encryptedContentInfo, cipher, NULL, 0,
- cms_get0_cmsctx(cms)))
+ if (!ossl_cms_EncryptedContent_init(env->encryptedContentInfo, cipher, NULL,
+ 0, ossl_cms_get0_cmsctx(cms)))
goto merr;
return cms;
merr:
aenv = cms_auth_enveloped_data_init(cms);
if (aenv == NULL)
goto merr;
- if (!cms_EncryptedContent_init(aenv->authEncryptedContentInfo,
- cipher, NULL, 0, cms_get0_cmsctx(cms)))
+ if (!ossl_cms_EncryptedContent_init(aenv->authEncryptedContentInfo,
+ cipher, NULL, 0,
+ ossl_cms_get0_cmsctx(cms)))
goto merr;
return cms;
merr:
* structure.
*/
- if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype, ctx))
+ if (!ossl_cms_set1_SignerIdentifier(ktri->rid, recip, idtype, ctx))
return 0;
X509_up_ref(recip);
ktri->recip = recip;
if (flags & CMS_KEY_PARAM) {
- ktri->pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx),
+ ktri->pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
ktri->pkey,
- cms_ctx_get0_propq(ctx));
+ ossl_cms_ctx_get0_propq(ctx));
if (ktri->pctx == NULL)
return 0;
if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
return 0;
- } else if (!cms_env_asn1_ctrl(ri, 0))
+ } else if (!ossl_cms_env_asn1_ctrl(ri, 0))
return 0;
return 1;
}
CMS_RecipientInfo *ri = NULL;
STACK_OF(CMS_RecipientInfo) *ris;
EVP_PKEY *pk = NULL;
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
ris = CMS_get0_RecipientInfos(cms);
if (ris == NULL)
goto err;
}
- switch (cms_pkey_get_ri_type(pk)) {
+ switch (ossl_cms_pkey_get_ri_type(pk)) {
case CMS_RECIPINFO_TRANS:
if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags, ctx))
break;
case CMS_RECIPINFO_AGREE:
- if (!cms_RecipientInfo_kari_init(ri, recip, pk, originator,
- originatorPrivKey, flags, ctx))
+ if (!ossl_cms_RecipientInfo_kari_init(ri, recip, pk, originator,
+ originatorPrivKey, flags, ctx))
goto err;
break;
}
ktri = ri->d.ktri;
- return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer, sno);
+ return ossl_cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer,
+ sno);
}
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
ERR_raise(ERR_LIB_CMS, CMS_R_NOT_KEY_TRANSPORT);
return -2;
}
- return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
+ return ossl_cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
}
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
EVP_PKEY_CTX *pctx;
unsigned char *ek = NULL;
size_t eklen;
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
int ret = 0;
return 0;
}
ktri = ri->d.ktri;
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
pctx = ktri->pctx;
if (pctx) {
- if (!cms_env_asn1_ctrl(ri, 0))
+ if (!ossl_cms_env_asn1_ctrl(ri, 0))
goto err;
} else {
- pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx), ktri->pkey,
- cms_ctx_get0_propq(ctx));
+ pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
+ ktri->pkey,
+ ossl_cms_ctx_get0_propq(ctx));
if (pctx == NULL)
return 0;
const EVP_CIPHER *cipher = NULL;
EVP_CIPHER *fetched_cipher = NULL;
CMS_EncryptedContentInfo *ec;
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
- OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
- const char *propq = cms_ctx_get0_propq(ctx);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
+ OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
+ const char *propq = ossl_cms_ctx_get0_propq(ctx);
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
if (ktri->pkey == NULL) {
ERR_raise(ERR_LIB_CMS, CMS_R_NO_PRIVATE_KEY);
if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0)
goto err;
- if (!cms_env_asn1_ctrl(ri, 1))
+ if (!ossl_cms_env_asn1_ctrl(ri, 1))
goto err;
if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT,
default:
return NULL;
}
- return EVP_CIPHER_fetch(cms_ctx_get0_libctx(ctx), alg,
- cms_ctx_get0_propq(ctx));
+ return EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(ctx), alg,
+ ossl_cms_ctx_get0_propq(ctx));
}
EVP_CIPHER *cipher = NULL;
int outlen = 0;
EVP_CIPHER_CTX *ctx = NULL;
- const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
if (ec == NULL)
return 0;
EVP_CIPHER *cipher = NULL;
int outlen = 0;
EVP_CIPHER_CTX *ctx = NULL;
- const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
if (ec == NULL)
return 0;
return cms_RecipientInfo_kekri_decrypt(cms, ri);
case CMS_RECIPINFO_PASS:
- return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
+ return ossl_cms_RecipientInfo_pwri_crypt(cms, ri, 0);
default:
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE);
return cms_RecipientInfo_ktri_encrypt(cms, ri);
case CMS_RECIPINFO_AGREE:
- return cms_RecipientInfo_kari_encrypt(cms, ri);
+ return ossl_cms_RecipientInfo_kari_encrypt(cms, ri);
case CMS_RECIPINFO_KEK:
return cms_RecipientInfo_kekri_encrypt(cms, ri);
case CMS_RECIPINFO_PASS:
- return cms_RecipientInfo_pwri_crypt(cms, ri, 1);
+ return ossl_cms_RecipientInfo_pwri_crypt(cms, ri, 1);
default:
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
static BIO *cms_EnvelopedData_Decryption_init_bio(CMS_ContentInfo *cms)
{
CMS_EncryptedContentInfo *ec = cms->d.envelopedData->encryptedContentInfo;
- BIO *contentBio = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
+ BIO *contentBio = ossl_cms_EncryptedContent_init_bio(ec,
+ ossl_cms_get0_cmsctx(cms));
EVP_CIPHER_CTX *ctx = NULL;
if (contentBio == NULL)
* If the selected cipher supports unprotected attributes,
* deal with it using special ctrl function
*/
- if ((EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_CIPHER_WITH_MAC)
+ if ((EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx))
+ & EVP_CIPH_FLAG_CIPHER_WITH_MAC)
&& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_PROCESS_UNPROTECTED, 0,
cms->d.envelopedData->unprotectedAttrs) <= 0) {
BIO_free(contentBio);
/* Get BIO first to set up key */
ec = env->encryptedContentInfo;
- ret = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
+ ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms));
/* If error end of processing */
if (!ret)
return NULL;
}
-BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
+BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
{
if (cms->d.envelopedData->encryptedContentInfo->cipher != NULL) {
/* If cipher is set it's encryption */
return cms_EnvelopedData_Decryption_init_bio(cms);
}
-BIO *cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms)
+BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms)
{
CMS_EncryptedContentInfo *ec;
STACK_OF(CMS_RecipientInfo) *rinfos;
ec->tag = aenv->mac->data;
ec->taglen = aenv->mac->length;
}
- ret = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
+ ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms));
/* If error or no cipher end of processing */
if (ret == NULL || ec->cipher == NULL)
return NULL;
}
-int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
+int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
{
CMS_EnvelopedData *env = NULL;
EVP_CIPHER_CTX *ctx = NULL;
BIO *mbio = BIO_find_type(chain, BIO_TYPE_CIPHER);
- env = cms_get0_enveloped(cms);
+ env = ossl_cms_get0_enveloped(cms);
if (env == NULL)
return 0;
return 1;
}
-int cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio)
+int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio)
{
EVP_CIPHER_CTX *ctx;
unsigned char *tag = NULL;
* retain compatibility with previous behaviour if the ctrl value isn't
* supported we assume key transport.
*/
-int cms_pkey_get_ri_type(EVP_PKEY *pk)
+int ossl_cms_pkey_get_ri_type(EVP_PKEY *pk)
{
/* Check types that we know about */
if (EVP_PKEY_is_a(pk, "DH"))
return CMS_RECIPINFO_TRANS;
}
-int cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type)
+int ossl_cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type)
{
int supportedRiType;
return r;
}
- supportedRiType = cms_pkey_get_ri_type(pk);
+ supportedRiType = ossl_cms_pkey_get_ri_type(pk);
if (supportedRiType < 0)
return 0;
the |cert_ids|(Hash+IssuerID) list from this ESS_SIGNING_CERT.
Derived from ts_check_signing_certs()
*/
-int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
+int ossl_ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
{
ESS_SIGNING_CERT *ss = NULL;
ESS_SIGNING_CERT_V2 *ssv2 = NULL;
X509 *cert;
int i = 0, ret = 0;
- if (cms_signerinfo_get_signing_cert(si, &ss) > 0 && ss->cert_ids != NULL) {
+ if (ossl_cms_signerinfo_get_signing_cert(si, &ss) > 0
+ && ss->cert_ids != NULL) {
STACK_OF(ESS_CERT_ID) *cert_ids = ss->cert_ids;
cert = sk_X509_value(chain, 0);
- if (ess_find_cert(cert_ids, cert) != 0)
+ if (ossl_ess_find_cert(cert_ids, cert) != 0)
goto err;
/*
/* for each chain cert, try to find its cert id */
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
- if (ess_find_cert(cert_ids, cert) < 0)
+ if (ossl_ess_find_cert(cert_ids, cert) < 0)
goto err;
}
}
- } else if (cms_signerinfo_get_signing_cert_v2(si, &ssv2) > 0
+ } else if (ossl_cms_signerinfo_get_signing_cert_v2(si, &ssv2) > 0
&& ssv2->cert_ids!= NULL) {
STACK_OF(ESS_CERT_ID_V2) *cert_ids_v2 = ssv2->cert_ids;
cert = sk_X509_value(chain, 0);
- if (ess_find_cert_v2(cert_ids_v2, cert) != 0)
+ if (ossl_ess_find_cert_v2(cert_ids_v2, cert) != 0)
goto err;
/*
/* for each chain cert, try to find its cert id */
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
- if (ess_find_cert_v2(cert_ids_v2, cert) < 0)
+ if (ossl_ess_find_cert_v2(cert_ids_v2, cert) < 0)
goto err;
}
}
return 0;
if (!asn1_item_digest_ex(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
si->signedAttrs, dig, diglen,
- cms_ctx_get0_libctx(si->cms_ctx),
- cms_ctx_get0_propq(si->cms_ctx)))
+ ossl_cms_ctx_get0_libctx(si->cms_ctx),
+ ossl_cms_ctx_get0_propq(si->cms_ctx)))
return 0;
return 1;
}
/* Add a msgSigDigest attribute to a SignerInfo */
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
+int ossl_cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
{
unsigned char dig[EVP_MAX_MD_SIZE];
unsigned int diglen;
/* Verify signed receipt after it has already passed normal CMS verify */
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
+int ossl_cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
{
int r = 0, i;
CMS_ReceiptRequest *rr = NULL;
* SignedData ContentInfo.
*/
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
+ASN1_OCTET_STRING *ossl_cms_encode_Receipt(CMS_SignerInfo *si)
{
CMS_Receipt rct;
CMS_ReceiptRequest *rr = NULL;
* Add signer certificate's V2 digest |sc| to a SignerInfo structure |si|
*/
-int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc)
+int ossl_cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;
* Add signer certificate's digest |sc| to a SignerInfo structure |si|
*/
-int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
+int ossl_cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;
ci = ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
if (ci != NULL)
- cms_resolve_libctx(ci);
+ ossl_cms_resolve_libctx(ci);
return ci;
}
STACK_OF(X509_ALGOR) *mdalgs;
int ctype_nid = OBJ_obj2nid(cms->contentType);
int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms));
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (ctype_nid == NID_pkcs7_signed)
mdalgs = cms->d.signedData->digestAlgorithms;
return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)cms, data, flags, ctype_nid,
econt_nid, mdalgs,
ASN1_ITEM_rptr(CMS_ContentInfo),
- cms_ctx_get0_libctx(ctx),
- cms_ctx_get0_propq(ctx));
+ ossl_cms_ctx_get0_libctx(ctx),
+ ossl_cms_ctx_get0_propq(ctx));
}
CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **cms)
ASN1_ITEM_rptr(CMS_ContentInfo),
(ASN1_VALUE **)cms);
if (ci != NULL)
- cms_resolve_libctx(ci);
+ ossl_cms_resolve_libctx(ci);
return ci;
}
}
oik = ri->d.kari->originator;
if (oik->type == CMS_OIK_ISSUER_SERIAL)
- return cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
+ return ossl_cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
else if (oik->type == CMS_OIK_KEYIDENTIFIER)
- return cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
+ return ossl_cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
return -1;
}
CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
if (rid->type == CMS_REK_ISSUER_SERIAL)
- return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
+ return ossl_cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
else if (rid->type == CMS_REK_KEYIDENTIFIER)
- return cms_keyid_cert_cmp(rid->d.rKeyId->subjectKeyIdentifier, cert);
+ return ossl_cms_keyid_cert_cmp(rid->d.rKeyId->subjectKeyIdentifier,
+ cert);
else
return -1;
}
-int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri, EVP_PKEY *pk, X509 *peer)
+int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri,
+ EVP_PKEY *pk, X509 *peer)
{
EVP_PKEY_CTX *pctx;
CMS_KeyAgreeRecipientInfo *kari = ri->d.kari;
if (pk == NULL)
return 1;
- pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(kari->cms_ctx), pk,
- cms_ctx_get0_propq(kari->cms_ctx));
+ pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(kari->cms_ctx),
+ pk,
+ ossl_cms_ctx_get0_propq(kari->cms_ctx));
if (pctx == NULL || EVP_PKEY_derive_init(pctx) <= 0)
goto err;
enckeylen = rek->encryptedKey->length;
enckey = rek->encryptedKey->data;
/* Setup all parameters to derive KEK */
- if (!cms_env_asn1_ctrl(ri, 1))
+ if (!ossl_cms_env_asn1_ctrl(ri, 1))
goto err;
/* Attempt to decrypt CEK */
if (!cms_kek_cipher(&cek, &ceklen, enckey, enckeylen, ri->d.kari, 0))
goto err;
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
OPENSSL_clear_free(ec->key, ec->keylen);
ec->key = cek;
ec->keylen = ceklen;
EVP_PKEY *ekey = NULL;
int rv = 0;
const CMS_CTX *ctx = kari->cms_ctx;
- OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
- const char *propq = cms_ctx_get0_propq(ctx);
+ OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
+ const char *propq = ossl_cms_ctx_get0_propq(ctx);
pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pk, propq);
if (pctx == NULL)
int rv = 0;
const CMS_CTX *ctx = kari->cms_ctx;
- pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx),
+ pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
originatorPrivKey,
- cms_ctx_get0_propq(ctx));
+ ossl_cms_ctx_get0_propq(ctx));
if (pctx == NULL)
goto err;
if (EVP_PKEY_derive_init(pctx) <= 0)
/* Initialise a kari based on passed certificate and key */
-int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
- EVP_PKEY *recipPubKey, X509 *originator,
- EVP_PKEY *originatorPrivKey, unsigned int flags,
- const CMS_CTX *ctx)
+int ossl_cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
+ EVP_PKEY *recipPubKey, X509 *originator,
+ EVP_PKEY *originatorPrivKey,
+ unsigned int flags, const CMS_CTX *ctx)
{
CMS_KeyAgreeRecipientInfo *kari;
CMS_RecipientEncryptedKey *rek = NULL;
rek->rid->d.rKeyId = M_ASN1_new_of(CMS_RecipientKeyIdentifier);
if (rek->rid->d.rKeyId == NULL)
return 0;
- if (!cms_set1_keyid(&rek->rid->d.rKeyId->subjectKeyIdentifier, recip))
+ if (!ossl_cms_set1_keyid(&rek->rid->d.rKeyId->subjectKeyIdentifier, recip))
return 0;
} else {
rek->rid->type = CMS_REK_ISSUER_SERIAL;
- if (!cms_set1_ias(&rek->rid->d.issuerAndSerialNumber, recip))
+ if (!ossl_cms_set1_ias(&rek->rid->d.issuerAndSerialNumber, recip))
return 0;
}
oik->d.subjectKeyIdentifier = ASN1_OCTET_STRING_new();
if (oik->d.subjectKeyIdentifier == NULL)
return 0;
- if (!cms_set1_keyid(&oik->d.subjectKeyIdentifier, originator))
+ if (!ossl_cms_set1_keyid(&oik->d.subjectKeyIdentifier, originator))
return 0;
} else {
oik->type = CMS_REK_ISSUER_SERIAL;
- if (!cms_set1_ias(&oik->d.issuerAndSerialNumber, originator))
+ if (!ossl_cms_set1_ias(&oik->d.issuerAndSerialNumber, originator))
return 0;
}
else
kekcipher_name = SN_id_aes256_wrap;
enc:
- fetched_kekcipher = EVP_CIPHER_fetch(cms_ctx_get0_libctx(cms_ctx),
+ fetched_kekcipher = EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(cms_ctx),
kekcipher_name,
- cms_ctx_get0_propq(cms_ctx));
+ ossl_cms_ctx_get0_propq(cms_ctx));
if (fetched_kekcipher == NULL)
return 0;
ret = EVP_EncryptInit_ex(ctx, fetched_kekcipher, NULL, NULL, NULL);
/* Encrypt content key in key agreement recipient info */
-int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
- CMS_RecipientInfo *ri)
+int ossl_cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
+ CMS_RecipientInfo *ri)
{
CMS_KeyAgreeRecipientInfo *kari;
CMS_EncryptedContentInfo *ec;
}
kari = ri->d.kari;
reks = kari->recipientEncryptedKeys;
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
/* Initialise wrap algorithm parameters */
if (!cms_wrap_init(kari, ec->cipher))
return 0;
return 0;
}
/* Initialise KDF algorithm */
- if (!cms_env_asn1_ctrl(ri, 0))
+ if (!ossl_cms_env_asn1_ctrl(ri, 0))
return 0;
/* For each rek, derive KEK, encrypt CEK */
for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
ci = (CMS_ContentInfo *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
(CMS_ContentInfo_it()));
if (ci != NULL)
- cms_resolve_libctx(ci);
+ ossl_cms_resolve_libctx(ci);
return ci;
}
}
}
-const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms)
+const CMS_CTX *ossl_cms_get0_cmsctx(const CMS_ContentInfo *cms)
{
return cms != NULL ? &cms->ctx : NULL;
}
-OSSL_LIB_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx)
+OSSL_LIB_CTX *ossl_cms_ctx_get0_libctx(const CMS_CTX *ctx)
{
return ctx != NULL ? ctx->libctx : NULL;
}
-const char *cms_ctx_get0_propq(const CMS_CTX *ctx)
+const char *ossl_cms_ctx_get0_propq(const CMS_CTX *ctx)
{
return ctx != NULL ? ctx->propq : NULL;
}
-void cms_resolve_libctx(CMS_ContentInfo *ci)
+void ossl_cms_resolve_libctx(CMS_ContentInfo *ci)
{
int i;
CMS_CertificateChoices *cch;
STACK_OF(CMS_CertificateChoices) **pcerts;
- const CMS_CTX *ctx = cms_get0_cmsctx(ci);
- OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
- const char *propq = cms_ctx_get0_propq(ctx);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(ci);
+ OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
+ const char *propq = ossl_cms_ctx_get0_propq(ctx);
- cms_SignerInfos_set_cmsctx(ci);
- cms_RecipientInfos_set_cmsctx(ci);
+ ossl_cms_SignerInfos_set_cmsctx(ci);
+ ossl_cms_RecipientInfos_set_cmsctx(ci);
pcerts = cms_get0_certificate_choices(ci);
if (pcerts != NULL) {
return cms->contentType;
}
-CMS_ContentInfo *cms_Data_create(OSSL_LIB_CTX *libctx, const char *propq)
+CMS_ContentInfo *ossl_cms_Data_create(OSSL_LIB_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms = CMS_ContentInfo_new_ex(libctx, propq);
return cms;
}
-BIO *cms_content_bio(CMS_ContentInfo *cms)
+BIO *ossl_cms_content_bio(CMS_ContentInfo *cms)
{
ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
if (icont)
cont = icont;
else
- cont = cms_content_bio(cms);
+ cont = ossl_cms_content_bio(cms);
if (!cont) {
ERR_raise(ERR_LIB_CMS, CMS_R_NO_CONTENT);
return NULL;
return cont;
case NID_pkcs7_signed:
- cmsbio = cms_SignedData_init_bio(cms);
+ cmsbio = ossl_cms_SignedData_init_bio(cms);
break;
case NID_pkcs7_digest:
- cmsbio = cms_DigestedData_init_bio(cms);
+ cmsbio = ossl_cms_DigestedData_init_bio(cms);
break;
#ifdef ZLIB
case NID_id_smime_ct_compressedData:
- cmsbio = cms_CompressedData_init_bio(cms);
+ cmsbio = ossl_cms_CompressedData_init_bio(cms);
break;
#endif
case NID_pkcs7_encrypted:
- cmsbio = cms_EncryptedData_init_bio(cms);
+ cmsbio = ossl_cms_EncryptedData_init_bio(cms);
break;
case NID_pkcs7_enveloped:
- cmsbio = cms_EnvelopedData_init_bio(cms);
+ cmsbio = ossl_cms_EnvelopedData_init_bio(cms);
break;
case NID_id_smime_ct_authEnvelopedData:
- cmsbio = cms_AuthEnvelopedData_init_bio(cms);
+ cmsbio = ossl_cms_AuthEnvelopedData_init_bio(cms);
break;
default:
return 1;
case NID_pkcs7_enveloped:
- return cms_EnvelopedData_final(cms, cmsbio);
+ return ossl_cms_EnvelopedData_final(cms, cmsbio);
case NID_id_smime_ct_authEnvelopedData:
- return cms_AuthEnvelopedData_final(cms, cmsbio);
+ return ossl_cms_AuthEnvelopedData_final(cms, cmsbio);
case NID_pkcs7_signed:
- return cms_SignedData_final(cms, cmsbio);
+ return ossl_cms_SignedData_final(cms, cmsbio);
case NID_pkcs7_digest:
- return cms_DigestedData_do_final(cms, cmsbio, 0);
+ return ossl_cms_DigestedData_do_final(cms, cmsbio, 0);
default:
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_TYPE);
/* Create a digest BIO from an X509_ALGOR structure */
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
- const CMS_CTX *ctx)
+BIO *ossl_cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
+ const CMS_CTX *ctx)
{
BIO *mdbio = NULL;
const ASN1_OBJECT *digestoid;
alg = OBJ_nid2sn(OBJ_obj2nid(digestoid));
(void)ERR_set_mark();
- fetched_digest = EVP_MD_fetch(cms_ctx_get0_libctx(ctx), alg,
- cms_ctx_get0_propq(ctx));
+ fetched_digest = EVP_MD_fetch(ossl_cms_ctx_get0_libctx(ctx), alg,
+ ossl_cms_ctx_get0_propq(ctx));
if (fetched_digest != NULL)
digest = fetched_digest;
/* Locate a message digest content from a BIO chain based on SignerInfo */
-int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
- X509_ALGOR *mdalg)
+int ossl_cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
+ X509_ALGOR *mdalg)
{
int nid;
const ASN1_OBJECT *mdoid;
return crls;
}
-int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
+int ossl_cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
{
int ret;
ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert));
return ASN1_INTEGER_cmp(ias->serialNumber, X509_get0_serialNumber(cert));
}
-int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
+int ossl_cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
{
const ASN1_OCTET_STRING *cert_keyid = X509_get0_subject_key_id(cert);
return ASN1_OCTET_STRING_cmp(keyid, cert_keyid);
}
-int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
+int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
{
CMS_IssuerAndSerialNumber *ias;
ias = M_ASN1_new_of(CMS_IssuerAndSerialNumber);
return 0;
}
-int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
+int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
{
ASN1_OCTET_STRING *keyid = NULL;
const ASN1_OCTET_STRING *cert_keyid;
# define CMS_OIK_KEYIDENTIFIER 1
# define CMS_OIK_PUBKEY 2
-BIO *cms_content_bio(CMS_ContentInfo *cms);
-const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms);
-OSSL_LIB_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx);
-const char *cms_ctx_get0_propq(const CMS_CTX *ctx);
-void cms_resolve_libctx(CMS_ContentInfo *ci);
-
-CMS_ContentInfo *cms_Data_create(OSSL_LIB_CTX *ctx, const char *propq);
-
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
- OSSL_LIB_CTX *libctx,
- const char *propq);
-BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms);
-int cms_DigestedData_do_final(const CMS_ContentInfo *cms,
- BIO *chain, int verify);
-
-BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
-int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
-int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
- int type, const CMS_CTX *ctx);
-int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer,
- ASN1_INTEGER **sno);
-int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
-
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OSSL_LIB_CTX *libctx,
- const char *propq);
-BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms);
-
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
- const CMS_CTX *ctx);
-int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
- X509_ALGOR *mdalg);
-
-int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
-int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
-int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
-int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
-
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
+BIO *ossl_cms_content_bio(CMS_ContentInfo *cms);
+const CMS_CTX *ossl_cms_get0_cmsctx(const CMS_ContentInfo *cms);
+OSSL_LIB_CTX *ossl_cms_ctx_get0_libctx(const CMS_CTX *ctx);
+const char *ossl_cms_ctx_get0_propq(const CMS_CTX *ctx);
+void ossl_cms_resolve_libctx(CMS_ContentInfo *ci);
+
+CMS_ContentInfo *ossl_cms_Data_create(OSSL_LIB_CTX *ctx, const char *propq);
+
+CMS_ContentInfo *ossl_cms_DigestedData_create(const EVP_MD *md,
+ OSSL_LIB_CTX *libctx,
+ const char *propq);
+BIO *ossl_cms_DigestedData_init_bio(const CMS_ContentInfo *cms);
+int ossl_cms_DigestedData_do_final(const CMS_ContentInfo *cms,
+ BIO *chain, int verify);
+
+BIO *ossl_cms_SignedData_init_bio(CMS_ContentInfo *cms);
+int ossl_cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
+int ossl_cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
+ int type, const CMS_CTX *ctx);
+int ossl_cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno);
+int ossl_cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
+
+CMS_ContentInfo *ossl_cms_CompressedData_create(int comp_nid,
+ OSSL_LIB_CTX *libctx,
+ const char *propq);
+BIO *ossl_cms_CompressedData_init_bio(const CMS_ContentInfo *cms);
+
+BIO *ossl_cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
+ const CMS_CTX *ctx);
+int ossl_cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
+ X509_ALGOR *mdalg);
+
+int ossl_cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
+int ossl_cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
+int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
+int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
+
+BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
+ const CMS_CTX *ctx);
+BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms);
+int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
+ const EVP_CIPHER *cipher,
+ const unsigned char *key, size_t keylen,
const CMS_CTX *ctx);
-BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms);
-int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
- const EVP_CIPHER *cipher,
- const unsigned char *key, size_t keylen,
- const CMS_CTX *ctx);
-
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
-
-BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
-int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
-BIO *cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
-int cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
-CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
-CMS_AuthEnvelopedData *cms_get0_auth_enveloped(CMS_ContentInfo *cms);
-CMS_EncryptedContentInfo* cms_get0_env_enc_content(const CMS_ContentInfo *cms);
+
+int ossl_cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
+int ossl_cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
+ASN1_OCTET_STRING *ossl_cms_encode_Receipt(CMS_SignerInfo *si);
+
+BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
+int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
+BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
+int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
+CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms);
+CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms);
+CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms);
/* RecipientInfo routines */
-int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
-int cms_pkey_get_ri_type(EVP_PKEY *pk);
-int cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type);
+int ossl_cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
+int ossl_cms_pkey_get_ri_type(EVP_PKEY *pk);
+int ossl_cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type);
-void cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms);
+void ossl_cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms);
/* KARI routines */
-int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
- EVP_PKEY *recipPubKey, X509 *originator,
- EVP_PKEY *originatorPrivKey, unsigned int flags,
- const CMS_CTX *ctx);
-int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
- CMS_RecipientInfo *ri);
+int ossl_cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
+ EVP_PKEY *recipPubKey, X509 *originator,
+ EVP_PKEY *originatorPrivKey,
+ unsigned int flags,
+ const CMS_CTX *ctx);
+int ossl_cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
+ CMS_RecipientInfo *ri);
/* PWRI routines */
-int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
- CMS_RecipientInfo *ri, int en_de);
+int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
+ CMS_RecipientInfo *ri, int en_de);
/* SignerInfo routines */
int CMS_si_check_attributes(const CMS_SignerInfo *si);
-void cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms);
+void ossl_cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms);
/* ESS routines */
-int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain);
+int ossl_ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain);
-int cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt);
-int cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt);
-int cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt);
-int cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify);
-int cms_rsa_sign(CMS_SignerInfo *si, int verify);
+int ossl_cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt);
+int ossl_cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt);
+int ossl_cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt);
+int ossl_cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify);
+int ossl_cms_rsa_sign(CMS_SignerInfo *si, int verify);
DECLARE_ASN1_ITEM(CMS_CertificateChoices)
DECLARE_ASN1_ITEM(CMS_DigestedData)
X509_ALGOR *encalg = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
int ivlen;
- const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
if (ec == NULL)
return NULL;
ris = CMS_get0_RecipientInfos(cms);
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) {
- if (RAND_bytes_ex(cms_ctx_get0_libctx(cms_ctx), iv, ivlen) <= 0)
+ if (RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), iv, ivlen) <= 0)
goto err;
if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) {
ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
memcpy(out + 4, in, inlen);
/* Add random padding to end */
if (olen > inlen + 4
- && RAND_bytes_ex(cms_ctx_get0_libctx(cms_ctx), out + 4 + inlen,
+ && RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), out + 4 + inlen,
olen - 4 - inlen) <= 0)
return 0;
/* Encrypt twice */
/* Encrypt/Decrypt content key in PWRI recipient info */
-int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
- CMS_RecipientInfo *ri, int en_de)
+int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
+ CMS_RecipientInfo *ri, int en_de)
{
CMS_EncryptedContentInfo *ec;
CMS_PasswordRecipientInfo *pwri;
EVP_CIPHER *kekcipher;
unsigned char *key = NULL;
size_t keylen;
- const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
- ec = cms_get0_env_enc_content(cms);
+ ec = ossl_cms_get0_env_enc_content(cms);
pwri = ri->d.pwri;
}
name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
- kekcipher = EVP_CIPHER_fetch(cms_ctx_get0_libctx(cms_ctx), name,
- cms_ctx_get0_propq(cms_ctx));
+ kekcipher = EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(cms_ctx), name,
+ ossl_cms_ctx_get0_propq(cms_ctx));
if (kekcipher == NULL) {
ERR_raise(ERR_LIB_CMS, CMS_R_UNKNOWN_CIPHER);
return rv;
}
-int cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt)
+int ossl_cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt)
{
assert(decrypt == 0 || decrypt == 1);
return 0;
}
-int cms_rsa_sign(CMS_SignerInfo *si, int verify)
+int ossl_cms_rsa_sign(CMS_SignerInfo *si, int verify)
{
assert(verify == 0 || verify == 1);
return 0;
}
-int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type,
- const CMS_CTX *ctx)
+int ossl_cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
+ int type, const CMS_CTX *ctx)
{
switch (type) {
case CMS_SIGNERINFO_ISSUER_SERIAL:
- if (!cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
+ if (!ossl_cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
return 0;
break;
case CMS_SIGNERINFO_KEYIDENTIFIER:
- if (!cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
+ if (!ossl_cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
return 0;
break;
return 1;
}
-int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer,
- ASN1_INTEGER **sno)
+int ossl_cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno)
{
if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) {
if (issuer)
return 1;
}
-int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
+int ossl_cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
{
if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL)
- return cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
+ return ossl_cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
- return cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
+ return ossl_cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
else
return -1;
}
int i;
if (EVP_PKEY_is_a(pkey, "DSA") || EVP_PKEY_is_a(pkey, "EC"))
- return cms_ecdsa_dsa_sign(si, cmd);
+ return ossl_cms_ecdsa_dsa_sign(si, cmd);
else if (EVP_PKEY_is_a(pkey, "RSA") || EVP_PKEY_is_a(pkey, "RSA-PSS"))
- return cms_rsa_sign(si, cmd);
+ return ossl_cms_rsa_sign(si, cmd);
/* Something else? We'll give engines etc a chance to handle this */
if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL)
CMS_SignerInfo *si = NULL;
X509_ALGOR *alg;
int i, type;
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (!X509_check_private_key(signer, pk)) {
ERR_raise(ERR_LIB_CMS, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
si->version = 1;
}
- if (!cms_set1_SignerIdentifier(si->sid, signer, type, ctx))
+ if (!ossl_cms_set1_SignerIdentifier(si->sid, signer, type, ctx))
goto err;
if (md == NULL) {
int add_sc;
if (md == EVP_sha1() || md == NULL) {
- if ((sc = ESS_SIGNING_CERT_new_init(signer,
- NULL, 1)) == NULL)
+ if ((sc = ossl_ess_signing_cert_new_init(signer,
+ NULL, 1)) == NULL)
goto err;
- add_sc = cms_add1_signing_cert(si, sc);
+ add_sc = ossl_cms_add1_signing_cert(si, sc);
ESS_SIGNING_CERT_free(sc);
} else {
- if ((sc2 = ESS_SIGNING_CERT_V2_new_init(md, signer,
- NULL, 1)) == NULL)
+ if ((sc2 = ossl_ess_signing_cert_v2_new_init(md, signer,
+ NULL, 1)) == NULL)
goto err;
- add_sc = cms_add1_signing_cert_v2(si, sc2);
+ add_sc = ossl_cms_add1_signing_cert_v2(si, sc2);
ESS_SIGNING_CERT_V2_free(sc2);
}
if (!add_sc)
if (flags & CMS_KEY_PARAM) {
if (flags & CMS_NOATTR) {
- si->pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx),
+ si->pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
si->pkey,
- cms_ctx_get0_propq(ctx));
+ ossl_cms_ctx_get0_propq(ctx));
if (si->pctx == NULL)
goto err;
if (EVP_PKEY_sign_init(si->pctx) <= 0)
if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
goto err;
} else if (EVP_DigestSignInit_ex(si->mctx, &si->pctx, EVP_MD_name(md),
- cms_ctx_get0_libctx(ctx),
- cms_ctx_get0_propq(ctx), pk) <= 0) {
+ ossl_cms_ctx_get0_libctx(ctx),
+ ossl_cms_ctx_get0_propq(ctx),
+ pk) <= 0) {
goto err;
}
}
}
-void cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms)
+void ossl_cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms)
{
int i;
CMS_SignerInfo *si;
STACK_OF(CMS_SignerInfo) *sinfos = CMS_get0_SignerInfos(cms);
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
si = sk_CMS_SignerInfo_value(sinfos, i);
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer, ASN1_INTEGER **sno)
{
- return cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
+ return ossl_cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
}
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert)
{
- return cms_SignerIdentifier_cert_cmp(si->sid, cert);
+ return ossl_cms_SignerIdentifier_cert_cmp(si->sid, cert);
}
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
EVP_MD_CTX *mctx = EVP_MD_CTX_new();
int r = 0;
EVP_PKEY_CTX *pctx = NULL;
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (mctx == NULL) {
ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
+ if (!ossl_cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
/* Set SignerInfo algorithm details if we used custom parameter */
if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
goto err;
}
if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey,
- cms_ctx_get0_libctx(ctx),
- cms_ctx_get0_propq(ctx))) {
+ ossl_cms_ctx_get0_libctx(ctx),
+ ossl_cms_ctx_get0_propq(ctx))) {
ERR_raise(ERR_LIB_CMS, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
goto err;
}
-int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
+int ossl_cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
{
STACK_OF(CMS_SignerInfo) *sinfos;
CMS_SignerInfo *si;
pctx = si->pctx;
else {
EVP_MD_CTX_reset(mctx);
- if (EVP_DigestSignInit_ex(mctx, &pctx, md_name, cms_ctx_get0_libctx(ctx),
- cms_ctx_get0_propq(ctx), si->pkey) <= 0)
+ if (EVP_DigestSignInit_ex(mctx, &pctx, md_name,
+ ossl_cms_ctx_get0_libctx(ctx),
+ ossl_cms_ctx_get0_propq(ctx), si->pkey) <= 0)
goto err;
si->pctx = pctx;
}
const EVP_MD *md;
EVP_MD *fetched_md = NULL;
const CMS_CTX *ctx = si->cms_ctx;
- OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
- const char *propq = cms_ctx_get0_propq(ctx);
+ OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
+ const char *propq = ossl_cms_ctx_get0_propq(ctx);
if (si->pkey == NULL) {
ERR_raise(ERR_LIB_CMS, CMS_R_NO_PUBLIC_KEY);
/* Create a chain of digest BIOs from a CMS ContentInfo */
-BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
+BIO *ossl_cms_SignedData_init_bio(CMS_ContentInfo *cms)
{
int i;
CMS_SignedData *sd;
BIO *mdbio;
digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
- mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm, cms_get0_cmsctx(cms));
+ mdbio = ossl_cms_DigestAlgorithm_init_bio(digestAlgorithm,
+ ossl_cms_get0_cmsctx(cms));
if (mdbio == NULL)
goto err;
if (chain != NULL)
}
}
- if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
+ if (!ossl_cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) {
const EVP_MD *md = EVP_MD_CTX_md(mctx);
const CMS_CTX *ctx = si->cms_ctx;
- pkctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx), si->pkey,
- cms_ctx_get0_propq(ctx));
+ pkctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
+ si->pkey,
+ ossl_cms_ctx_get0_propq(ctx));
if (pkctx == NULL)
goto err;
if (EVP_PKEY_verify_init(pkctx) <= 0)
CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
OSSL_LIB_CTX *libctx, const char *propq)
{
- CMS_ContentInfo *cms = cms_Data_create(libctx, propq);
+ CMS_ContentInfo *cms = ossl_cms_Data_create(libctx, propq);
if (cms == NULL)
return NULL;
r = cms_copy_content(out, cont, flags);
if (r)
- r = cms_DigestedData_do_final(cms, cont, 1);
+ r = ossl_cms_DigestedData_do_final(cms, cont, 1);
do_free_upto(cont, dcont);
return r;
}
if (md == NULL)
md = EVP_sha1();
- cms = cms_DigestedData_create(md, ctx, propq);
+ cms = ossl_cms_DigestedData_create(md, ctx, propq);
if (cms == NULL)
return NULL;
X509 *signer;
int i, j, r = 0;
- ctx = X509_STORE_CTX_new_ex(cms_ctx_get0_libctx(cms_ctx),
- cms_ctx_get0_propq(cms_ctx));
+ ctx = X509_STORE_CTX_new_ex(ossl_cms_ctx_get0_libctx(cms_ctx),
+ ossl_cms_ctx_get0_propq(cms_ctx));
if (ctx == NULL) {
ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
goto err;
int i, scount = 0, ret = 0;
BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL;
int cadesVerify = (flags & CMS_CADES) != 0;
- const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+ const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (dcont == NULL && !check_content(cms))
return 0;
if (cadesVerify) {
STACK_OF(X509) *si_chain = si_chains ? si_chains[i] : NULL;
- if (ess_check_signing_certs(si, si_chain) <= 0)
+ if (ossl_ess_check_signing_certs(si, si_chain) <= 0)
goto err;
}
}
r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
if (r <= 0)
return r;
- return cms_Receipt_verify(rcms, ocms);
+ return ossl_cms_Receipt_verify(rcms, ocms);
}
CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
/* Initialize signed data */
- cms = CMS_sign_ex(NULL, NULL, certs, NULL, flags, cms_ctx_get0_libctx(ctx),
- cms_ctx_get0_propq(ctx));
+ cms = CMS_sign_ex(NULL, NULL, certs, NULL, flags,
+ ossl_cms_ctx_get0_libctx(ctx),
+ ossl_cms_ctx_get0_propq(ctx));
if (cms == NULL)
goto err;
goto err;
}
- os = cms_encode_Receipt(si);
+ os = ossl_cms_encode_Receipt(si);
if (os == NULL)
goto err;
/* Add msgSigDigest attribute */
- if (!cms_msgSigDigest_add1(rct_si, si))
+ if (!ossl_cms_msgSigDigest_add1(rct_si, si))
goto err;
/* Finalize structure */
ris = CMS_get0_RecipientInfos(cms);
if (ris != NULL)
- debug = cms_get0_env_enc_content(cms)->debug;
+ debug = ossl_cms_get0_env_enc_content(cms)->debug;
- cms_pkey_ri_type = cms_pkey_get_ri_type(pk);
+ cms_pkey_ri_type = ossl_cms_pkey_get_ri_type(pk);
if (cms_pkey_ri_type == CMS_RECIPINFO_NONE) {
ERR_raise(ERR_LIB_CMS, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
return 0;
ri = sk_CMS_RecipientInfo_value(ris, i);
ri_type = CMS_RecipientInfo_type(ri);
- if (!cms_pkey_is_ri_type_supported(pk, ri_type))
+ if (!ossl_cms_pkey_is_ri_type_supported(pk, ri_type))
continue;
match_ri = 1;
if (ri_type == CMS_RECIPINFO_AGREE) {
if (dcont == NULL && !check_content(cms))
return 0;
if (flags & CMS_DEBUG_DECRYPT)
- cms_get0_env_enc_content(cms)->debug = 1;
+ ossl_cms_get0_env_enc_content(cms)->debug = 1;
else
- cms_get0_env_enc_content(cms)->debug = 0;
+ ossl_cms_get0_env_enc_content(cms)->debug = 0;
if (cert == NULL)
- cms_get0_env_enc_content(cms)->havenocert = 1;
+ ossl_cms_get0_env_enc_content(cms)->havenocert = 1;
else
- cms_get0_env_enc_content(cms)->havenocert = 0;
+ ossl_cms_get0_env_enc_content(cms)->havenocert = 0;
if (pk == NULL && cert == NULL && dcont == NULL && out == NULL)
return 1;
if (pk != NULL && !CMS_decrypt_set1_pkey(cms, pk, cert))
if (comp_nid <= 0)
comp_nid = NID_zlib_compression;
- cms = cms_CompressedData_create(comp_nid, NULL, NULL);
+ cms = ossl_cms_CompressedData_create(comp_nid, NULL, NULL);
if (cms == NULL)
return NULL;
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* Returns < 0 if attribute is not found, 1 if found, or
* -1 on attribute parsing failure.
*/
-int cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
- ESS_SIGNING_CERT_V2 **psc)
+int ossl_cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
+ ESS_SIGNING_CERT_V2 **psc)
{
ASN1_STRING *str;
ESS_SIGNING_CERT_V2 *sc;
* Returns < 0 if attribute is not found, 1 if found, or
* -1 on attribute parsing failure.
*/
-int cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
- ESS_SIGNING_CERT **psc)
+int ossl_cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
+ ESS_SIGNING_CERT **psc)
{
ASN1_STRING *str;
ESS_SIGNING_CERT *sc;
static ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new_init(const EVP_MD *hash_alg,
X509 *cert, int issuer_needed);
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
- STACK_OF(X509) *certs,
- int issuer_needed)
+ESS_SIGNING_CERT *ossl_ess_signing_cert_new_init(X509 *signcert,
+ STACK_OF(X509) *certs,
+ int issuer_needed)
{
ESS_CERT_ID *cid = NULL;
ESS_SIGNING_CERT *sc;
return NULL;
}
-ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
- X509 *signcert,
- STACK_OF(X509) *certs,
- int issuer_needed)
+ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_new_init(const EVP_MD *hash_alg,
+ X509 *signcert,
+ STACK_OF(X509) *certs,
+ int issuer_needed)
{
ESS_CERT_ID_V2 *cid = NULL;
ESS_SIGNING_CERT_V2 *sc;
return NULL;
}
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si)
+ESS_SIGNING_CERT *ossl_ess_signing_cert_get(PKCS7_SIGNER_INFO *si)
{
ASN1_TYPE *attr;
const unsigned char *p;
return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
}
-ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si)
+ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_get(PKCS7_SIGNER_INFO *si)
{
ASN1_TYPE *attr;
const unsigned char *p;
return d2i_ESS_SIGNING_CERT_V2(NULL, &p, attr->value.sequence->length);
}
-int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
+int ossl_ess_signing_cert_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;
return 0;
}
-int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si,
- ESS_SIGNING_CERT_V2 *sc)
+int ossl_ess_signing_cert_v2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;
}
/* Returns < 0 if certificate is not found, certificate index otherwise. */
-int ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
+int ossl_ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
{
int i;
unsigned char cert_sha1[SHA_DIGEST_LENGTH];
}
/* Returns < 0 if certificate is not found, certificate index otherwise. */
-int ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids, const X509 *cert)
+int ossl_ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids,
+ const X509 *cert)
{
int i;
unsigned char cert_digest[EVP_MAX_MD_SIZE];
certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
if (ctx->ess_cert_id_digest == NULL
|| ctx->ess_cert_id_digest == EVP_sha1()) {
- if ((sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs, 0)) == NULL)
+ if ((sc = ossl_ess_signing_cert_new_init(ctx->signer_cert,
+ certs, 0)) == NULL)
goto err;
- if (!ESS_SIGNING_CERT_add(si, sc)) {
+ if (!ossl_ess_signing_cert_add(si, sc)) {
ERR_raise(ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
goto err;
}
} else {
- sc2 = ESS_SIGNING_CERT_V2_new_init(ctx->ess_cert_id_digest,
- ctx->signer_cert, certs, 0);
+ sc2 = ossl_ess_signing_cert_v2_new_init(ctx->ess_cert_id_digest,
+ ctx->signer_cert, certs, 0);
if (sc2 == NULL)
goto err;
- if (!ESS_SIGNING_CERT_V2_add(si, sc2)) {
+ if (!ossl_ess_signing_cert_v2_add(si, sc2)) {
ERR_raise(ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR);
goto err;
}
static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
STACK_OF(X509) *chain)
{
- ESS_SIGNING_CERT *ss = ESS_SIGNING_CERT_get(si);
+ ESS_SIGNING_CERT *ss = ossl_ess_signing_cert_get(si);
STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
- ESS_SIGNING_CERT_V2 *ssv2 = ESS_SIGNING_CERT_V2_get(si);
+ ESS_SIGNING_CERT_V2 *ssv2 = ossl_ess_signing_cert_v2_get(si);
STACK_OF(ESS_CERT_ID_V2) *cert_ids_v2 = NULL;
X509 *cert;
int i = 0;
if (ss != NULL) {
cert_ids = ss->cert_ids;
cert = sk_X509_value(chain, 0);
- if (ess_find_cert(cert_ids, cert) != 0)
+ if (ossl_ess_find_cert(cert_ids, cert) != 0)
goto err;
/*
if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
- if (ess_find_cert(cert_ids, cert) < 0)
+ if (ossl_ess_find_cert(cert_ids, cert) < 0)
goto err;
}
}
} else if (ssv2 != NULL) {
cert_ids_v2 = ssv2->cert_ids;
cert = sk_X509_value(chain, 0);
- if (ess_find_cert_v2(cert_ids_v2, cert) != 0)
+ if (ossl_ess_find_cert_v2(cert_ids_v2, cert) != 0)
goto err;
/*
if (sk_ESS_CERT_ID_V2_num(cert_ids_v2) > 1) {
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
- if (ess_find_cert_v2(cert_ids_v2, cert) < 0)
+ if (ossl_ess_find_cert_v2(cert_ids_v2, cert) < 0)
goto err;
}
}
/* internal CMS-ESS related stuff */
-int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);
-int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc);
+int ossl_cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);
+int ossl_cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc);
-int cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
- ESS_SIGNING_CERT_V2 **psc);
-int cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
- ESS_SIGNING_CERT **psc);
+int ossl_cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
+ ESS_SIGNING_CERT_V2 **psc);
+int ossl_cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
+ ESS_SIGNING_CERT **psc);
# endif /* OPENSSL_NO_CMS */
#endif
/* internal ESS related stuff */
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si);
-int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
+ESS_SIGNING_CERT *ossl_ess_signing_cert_get(PKCS7_SIGNER_INFO *si);
+int ossl_ess_signing_cert_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
- STACK_OF(X509) *certs,
- int issuer_needed);
+ESS_SIGNING_CERT *ossl_ess_signing_cert_new_init(X509 *signcert,
+ STACK_OF(X509) *certs,
+ int issuer_needed);
-ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si);
-int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);
+ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_get(PKCS7_SIGNER_INFO *si);
+int ossl_ess_signing_cert_v2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);
-ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
- X509 *signcert,
- STACK_OF(X509) *certs,
- int issuer_needed);
+ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_new_init(const EVP_MD *hash_alg,
+ X509 *signcert,
+ STACK_OF(X509) *certs,
+ int issuer_needed);
/* Returns < 0 if certificate is not found, certificate index otherwise. */
-int ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids, const X509 *cert);
-int ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
+int ossl_ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids,
+ const X509 *cert);
+int ossl_ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
/*-
* IssuerSerial ::= SEQUENCE {
# undef i2d_ECPKPARAMETERS
# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
-/* This one clashes with CMS_data_create */
-# undef cms_Data_create
-# define cms_Data_create priv_cms_Data_create
-
# endif
#endif /* ! defined HEADER_VMS_IDHACKS_H */