Various S/MIME fixes.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 11 Dec 1999 20:04:06 +0000 (20:04 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 11 Dec 1999 20:04:06 +0000 (20:04 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 11 Dec 1999 20:04:06 +0000 (20:04 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 11 Dec 1999 20:04:06 +0000 (20:04 +0000)
diff --git a/CHANGES b/CHANGES

index 196e56d1b6d2fb8f54576bb0bb9da9cf999cd1d3..b6348e37a4cb2164ff06ab549f5e61beb90d4947 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@
  
   Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
  
  
   Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
  
+  *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the
+     ordering of SMIMECapabilities wasn't in "strength order" and there
+     was a missing NULL in the AlgorithmIdentifier for the SHA1 signature
+     algorithm.
+     [Steve Henson]
+
    *) Some ASN1 types with illegal zero length encoding (INTEGER,
       ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines.
       [Frans Heymans <fheymans@isaserver.be>, modified by Steve Henson]
    *) Some ASN1 types with illegal zero length encoding (INTEGER,
       ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines.
       [Frans Heymans <fheymans@isaserver.be>, modified by Steve Henson]
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h

index 22721925007f99ab030a54999e38e7e707925d52..c45574d218c82bfbf0969890a977d9fa6d12feff 100644 (file)
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -66,7 +66,7 @@
  #define NUM_LN 175
  #define NUM_OBJ 152
  
  #define NUM_LN 175
  #define NUM_OBJ 152
  
-static unsigned char lvalues[1057]={
+static unsigned char lvalues[1065]={
  0x00,                                        /* [  0] OBJ_undef */
  0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
  0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
  0x00,                                        /* [  0] OBJ_undef */
  0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
  0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -205,20 +205,20 @@ static unsigned char lvalues[1057]={
  0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [933] OBJ_hmacWithSHA1 */
  0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [941] OBJ_id_qt_cps */
  0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [949] OBJ_id_qt_unotice */
  0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [933] OBJ_hmacWithSHA1 */
  0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [941] OBJ_id_qt_cps */
  0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [949] OBJ_id_qt_unotice */
-0x0F,                                        /* [957] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [958] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [967] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [976] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [985] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [995] OBJ_ext_req */
-0x55,0x04,0x29,                              /* [1004] OBJ_name */
-0x55,0x04,0x2E,                              /* [1007] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1010] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1017] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1024] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1032] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1040] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1048] OBJ_OCSP_sign */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [957] OBJ_SMIMECapabilities */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [966] OBJ_pbeWithMD2AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [975] OBJ_pbeWithMD5AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [984] OBJ_pbeWithSHA1AndDES_CBC */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [993] OBJ_ms_ext_req */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1003] OBJ_ext_req */
+0x55,0x04,0x29,                              /* [1012] OBJ_name */
+0x55,0x04,0x2E,                              /* [1015] OBJ_dnQualifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1018] OBJ_id_pe */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1025] OBJ_id_ad */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1032] OBJ_info_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1040] OBJ_ad_OCSP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1048] OBJ_ad_ca_issuers */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1056] OBJ_OCSP_sign */
  };
  
  static ASN1_OBJECT nid_objs[NUM_NID]={
  };
  
  static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -453,26 +453,26 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
  {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
         &(lvalues[949]),0},
  {"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
  {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
         &(lvalues[949]),0},
  {"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
-{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,1,
+{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
         &(lvalues[957]),0},
  {"pbeWithMD2AndRC2-CBC","pbeWithMD2AndRC2-CBC",
         &(lvalues[957]),0},
  {"pbeWithMD2AndRC2-CBC","pbeWithMD2AndRC2-CBC",
-       NID_pbeWithMD2AndRC2_CBC,9,&(lvalues[958]),0},
+       NID_pbeWithMD2AndRC2_CBC,9,&(lvalues[966]),0},
  {"pbeWithMD5AndRC2-CBC","pbeWithMD5AndRC2-CBC",
  {"pbeWithMD5AndRC2-CBC","pbeWithMD5AndRC2-CBC",
-       NID_pbeWithMD5AndRC2_CBC,9,&(lvalues[967]),0},
+       NID_pbeWithMD5AndRC2_CBC,9,&(lvalues[975]),0},
  {"pbeWithSHA1AndDES-CBC","pbeWithSHA1AndDES-CBC",
  {"pbeWithSHA1AndDES-CBC","pbeWithSHA1AndDES-CBC",
-       NID_pbeWithSHA1AndDES_CBC,9,&(lvalues[976]),0},
+       NID_pbeWithSHA1AndDES_CBC,9,&(lvalues[984]),0},
  {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
  {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
-       &(lvalues[985]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[995]),0},
-{"name","name",NID_name,3,&(lvalues[1004]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1007]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1010]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1017]),0},
+       &(lvalues[993]),0},
+{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1003]),0},
+{"name","name",NID_name,3,&(lvalues[1012]),0},
+{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1015]),0},
+{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1018]),0},
+{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1025]),0},
  {"authorityInfoAccess","Authority Information Access",NID_info_access,
  {"authorityInfoAccess","Authority Information Access",NID_info_access,
-       8,&(lvalues[1024]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1032]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1040]),0},
-{"OCSP Signing","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1048]),0},
+       8,&(lvalues[1032]),0},
+{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1040]),0},
+{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1048]),0},
+{"OCSP Signing","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1056]),0},
  };
  
  static ASN1_OBJECT *sn_objs[NUM_SN]={
  };
  
  static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -786,7 +786,6 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
  
  static ASN1_OBJECT *obj_objs[NUM_OBJ]={
  &(nid_objs[ 0]),/* OBJ_undef                        0 */
  
  static ASN1_OBJECT *obj_objs[NUM_OBJ]={
  &(nid_objs[ 0]),/* OBJ_undef                        0 */
-&(nid_objs[167]),/* OBJ_SMIMECapabilities             15 */
  &(nid_objs[11]),/* OBJ_X500                         2 5 */
  &(nid_objs[12]),/* OBJ_X509                         2 5 4 */
  &(nid_objs[81]),/* OBJ_ld_ce                        2 5 29 */
  &(nid_objs[11]),/* OBJ_X500                         2 5 */
  &(nid_objs[12]),/* OBJ_X509                         2 5 4 */
  &(nid_objs[81]),/* OBJ_ld_ce                        2 5 29 */
@@ -904,6 +903,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
  &(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
  &(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
  &(nid_objs[172]),/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
  &(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
  &(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
  &(nid_objs[172]),/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
+&(nid_objs[167]),/* OBJ_SMIMECapabilities            1 2 840 113549 1 9 15 */
  &(nid_objs[156]),/* OBJ_friendlyName                 1 2 840 113549 1 9  20 */
  &(nid_objs[157]),/* OBJ_localKeyID                   1 2 840 113549 1 9  21 */
  &(nid_objs[71]),/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
  &(nid_objs[156]),/* OBJ_friendlyName                 1 2 840 113549 1 9  20 */
  &(nid_objs[157]),/* OBJ_localKeyID                   1 2 840 113549 1 9  21 */
  &(nid_objs[71]),/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h

index ecdfd3e56bdd983e5b53f54a232cfcc3679d9d31..325128813dbadc284d9fae9f06af93c137ec7752 100644 (file)
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -876,7 +876,7 @@ extern "C" {
  #define SN_SMIMECapabilities           "SMIME-CAPS"
  #define LN_SMIMECapabilities           "S/MIME Capabilities"
  #define NID_SMIMECapabilities          167
  #define SN_SMIMECapabilities           "SMIME-CAPS"
  #define LN_SMIMECapabilities           "S/MIME Capabilities"
  #define NID_SMIMECapabilities          167
-#define OBJ_SMIMECapabilities          OBJ_id_pkcs9,15L
+#define OBJ_SMIMECapabilities          OBJ_pkcs9,15L
  
  #define LN_pbeWithMD2AndRC2_CBC                "pbeWithMD2AndRC2-CBC"
  #define NID_pbeWithMD2AndRC2_CBC       168
  
  #define LN_pbeWithMD2AndRC2_CBC                "pbeWithMD2AndRC2-CBC"
  #define NID_pbeWithMD2AndRC2_CBC       168
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c

index 388a1d78b3f5bf34e3ceb8deeac58d74c4235716..a13be9ae3a82a73ed34d40a1d6aae46e6b8f09ff 100644 (file)
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -227,8 +227,13 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
                 }
         if (!j) /* we need to add another algorithm */
                 {
                 }
         if (!j) /* we need to add another algorithm */
                 {
-               alg=X509_ALGOR_new();
+               if(!(alg=X509_ALGOR_new())
+                       || !(alg->parameter = ASN1_TYPE_new())) {
+                       PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE);
+                       return(0);
+               }
                 alg->algorithm=OBJ_nid2obj(nid);
                 alg->algorithm=OBJ_nid2obj(nid);
+               alg->parameter->type = V_ASN1_NULL;
                 sk_X509_ALGOR_push(md_sk,alg);
                 }
  
                 sk_X509_ALGOR_push(md_sk,alg);
                 }
  
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c

index 4b557f48a22a43f390c3c45881750aca4c660695..04489380b8f22d0634958ab91ca9fd52f518bcd4 100644 (file)
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -115,12 +115,16 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
                 }
  #ifndef NO_DES
                 PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1);
                 }
  #ifndef NO_DES
                 PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1);
-               PKCS7_simple_smimecap (smcap, NID_des_cbc, -1);
  #endif
  #ifndef NO_RC2
  #endif
  #ifndef NO_RC2
-               PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40);
                 PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128);
                 PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64);
                 PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128);
                 PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64);
+#endif
+#ifndef NO_DES
+               PKCS7_simple_smimecap (smcap, NID_des_cbc, -1);
+#endif
+#ifndef NO_RC2
+               PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40);
  #endif
                 PKCS7_add_attrib_smimecap (si, smcap);
                 sk_pop_free(smcap, X509_ALGOR_free);
  #endif
                 PKCS7_add_attrib_smimecap (si, smcap);
                 sk_pop_free(smcap, X509_ALGOR_free);
@@ -152,7 +156,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
  
         if(!p7) {
                 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
  
         if(!p7) {
                 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
-               return NULL;
+               return 0;
         }
  
         if(!PKCS7_type_is_signed(p7)) {
         }
  
         if(!PKCS7_type_is_signed(p7)) {
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 11 Dec 1999 20:04:06 +0000 (20:04 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 11 Dec 1999 20:04:06 +0000 (20:04 +0000)
CHANGES		patch \| blob \| history
crypto/objects/obj_dat.h		patch \| blob \| history
crypto/objects/objects.h		patch \| blob \| history
crypto/pkcs7/pk7_lib.c		patch \| blob \| history
crypto/pkcs7/pk7_smime.c		patch \| blob \| history