Give consistent return value and add error code for duplicate certificates.
authorDr. Stephen Henson <steve@openssl.org>
Sun, 6 Apr 2008 15:41:25 +0000 (15:41 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 6 Apr 2008 15:41:25 +0000 (15:41 +0000)
crypto/cms/cms.h
crypto/cms/cms_err.c
crypto/cms/cms_lib.c

index 19fde29..ec48aab 100644 (file)
@@ -327,6 +327,7 @@ void ERR_load_CMS_strings(void);
 
 /* Function codes. */
 #define CMS_F_CHECK_CONTENT                             99
+#define CMS_F_CMS_ADD0_CERT                             164
 #define CMS_F_CMS_ADD0_RECIPIENT_KEY                    100
 #define CMS_F_CMS_ADD1_RECEIPTREQUEST                   158
 #define CMS_F_CMS_ADD1_RECIPIENT_CERT                   101
@@ -396,6 +397,7 @@ void ERR_load_CMS_strings(void);
 #define CMS_R_ADD_SIGNER_ERROR                          99
 #define CMS_R_CERTIFICATE_HAS_NO_KEYID                  160
 #define CMS_R_CERTIFICATE_VERIFY_ERROR                  100
+#define CMS_R_CERTIFICTATE_ALREADY_PRESENT              175
 #define CMS_R_CIPHER_INITIALISATION_ERROR               101
 #define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR     102
 #define CMS_R_CMS_DATAFINAL_ERROR                       103
index 9c813e5..5680be3 100644 (file)
@@ -71,6 +71,7 @@
 static ERR_STRING_DATA CMS_str_functs[]=
        {
 {ERR_FUNC(CMS_F_CHECK_CONTENT),        "CHECK_CONTENT"},
+{ERR_FUNC(CMS_F_CMS_ADD0_CERT),        "CMS_add0_cert"},
 {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY),       "CMS_add0_recipient_key"},
 {ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST),      "CMS_add1_ReceiptRequest"},
 {ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT),      "CMS_add1_recipient_cert"},
@@ -131,7 +132,7 @@ static ERR_STRING_DATA CMS_str_functs[]=
 {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY),        "CMS_SignerInfo_verify"},
 {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CERT),   "CMS_SIGNERINFO_VERIFY_CERT"},
 {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),        "CMS_SignerInfo_verify_content"},
-{ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT),     "CMS_SIGN_RECEIPT"},
+{ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT),     "CMS_sign_receipt"},
 {ERR_FUNC(CMS_F_CMS_STREAM),   "CMS_stream"},
 {ERR_FUNC(CMS_F_CMS_UNCOMPRESS),       "CMS_uncompress"},
 {ERR_FUNC(CMS_F_CMS_VERIFY),   "CMS_verify"},
@@ -143,6 +144,7 @@ static ERR_STRING_DATA CMS_str_reasons[]=
 {ERR_REASON(CMS_R_ADD_SIGNER_ERROR)      ,"add signer error"},
 {ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID),"certificate has no keyid"},
 {ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
+{ERR_REASON(CMS_R_CERTIFICTATE_ALREADY_PRESENT),"certifictate already present"},
 {ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),"cipher initialisation error"},
 {ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),"cipher parameter initialisation error"},
 {ERR_REASON(CMS_R_CMS_DATAFINAL_ERROR)   ,"cms datafinal error"},
index 8c3854d..a715fc3 100644 (file)
@@ -472,8 +472,11 @@ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert)
                if (cch->type == CMS_CERTCHOICE_CERT)
                        {
                        if (!X509_cmp(cch->d.certificate, cert))
-                               return -1;
-                               
+                               {
+                               CMSerr(CMS_F_CMS_ADD0_CERT, 
+                                       CMS_R_CERTIFICTATE_ALREADY_PRESENT);
+                               return 0;
+                               }
                        }
                }
        cch = CMS_add0_CertificateChoices(cms);