-/* crypto/cms/cms_lib.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <openssl/asn1t.h>
#include <openssl/bio.h>
#include <openssl/asn1.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-DECLARE_ASN1_ITEM(CMS_CertificateChoices)
-DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
-DECLARE_STACK_OF(CMS_CertificateChoices)
-DECLARE_STACK_OF(CMS_RevocationInfoChoice)
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms)
+const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms)
{
return cms->contentType;
}
{
CMS_ContentInfo *cms;
cms = CMS_ContentInfo_new();
- if (cms) {
+ if (cms != NULL) {
cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
/* Never detached */
CMS_set_detached(cms, 0);
BIO *cms_content_bio(CMS_ContentInfo *cms)
{
ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
- if (!pos)
+
+ if (pos == NULL)
return NULL;
/* If content detached data goes nowhere: create NULL BIO */
- if (!*pos)
+ if (*pos == NULL)
return BIO_new(BIO_s_null());
/*
* If content not detached and created return memory BIO
*/
- if (!*pos || ((*pos)->flags == ASN1_STRING_FLAG_CONT))
+ if (*pos == NULL || ((*pos)->flags == ASN1_STRING_FLAG_CONT))
return BIO_new(BIO_s_mem());
/* Else content was read in: return read only BIO for it */
return BIO_new_mem_buf((*pos)->data, (*pos)->length);
}
+/* unfortunately cannot constify SMIME_write_ASN1() due to this function */
int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
{
ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
- if (!pos)
+
+ if (pos == NULL)
return 0;
- /* If ebmedded content find memory BIO and set content */
+ /* If embedded content find memory BIO and set content */
if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT)) {
BIO *mbio;
unsigned char *cont;
int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid)
{
ASN1_OBJECT **petype, *etype;
+
petype = cms_get0_econtent_type(cms);
- if (!petype)
+ if (petype == NULL)
return 0;
- if (!oid)
+ if (oid == NULL)
return 1;
etype = OBJ_dup(oid);
- if (!etype)
+ if (etype == NULL)
return 0;
ASN1_OBJECT_free(*petype);
*petype = etype;
int CMS_is_detached(CMS_ContentInfo *cms)
{
ASN1_OCTET_STRING **pos;
+
pos = CMS_get0_content(cms);
- if (!pos)
+ if (pos == NULL)
return -1;
- if (*pos)
+ if (*pos != NULL)
return 0;
return 1;
}
int CMS_set_detached(CMS_ContentInfo *cms, int detached)
{
ASN1_OCTET_STRING **pos;
+
pos = CMS_get0_content(cms);
- if (!pos)
+ if (pos == NULL)
return 0;
if (detached) {
ASN1_OCTET_STRING_free(*pos);
*pos = NULL;
return 1;
}
- if (!*pos)
+ if (*pos == NULL)
*pos = ASN1_OCTET_STRING_new();
- if (*pos) {
+ if (*pos != NULL) {
/*
* NB: special flag to show content is created and not read in.
*/
BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
{
BIO *mdbio = NULL;
- ASN1_OBJECT *digestoid;
+ const ASN1_OBJECT *digestoid;
const EVP_MD *digest;
X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
digest = EVP_get_digestbyobj(digestoid);
if (!digest) {
CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
- CMS_R_UNKNOWN_DIGEST_ALGORIHM);
+ CMS_R_UNKNOWN_DIGEST_ALGORITHM);
goto err;
}
mdbio = BIO_new(BIO_f_md());
- if (!mdbio || !BIO_set_md(mdbio, digest)) {
+ if (mdbio == NULL || !BIO_set_md(mdbio, digest)) {
CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, CMS_R_MD_BIO_INIT_ERROR);
goto err;
}
X509_ALGOR *mdalg)
{
int nid;
- ASN1_OBJECT *mdoid;
+ const ASN1_OBJECT *mdoid;
X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg);
nid = OBJ_obj2nid(mdoid);
/* Look for digest type to match signature */
return &cms->d.signedData->certificates;
case NID_pkcs7_enveloped:
+ if (cms->d.envelopedData->originatorInfo == NULL)
+ return NULL;
return &cms->d.envelopedData->originatorInfo->certificates;
default:
{
STACK_OF(CMS_CertificateChoices) **pcerts;
CMS_CertificateChoices *cch;
+
pcerts = cms_get0_certificate_choices(cms);
- if (!pcerts)
+ if (pcerts == NULL)
return NULL;
- if (!*pcerts)
+ if (*pcerts == NULL)
*pcerts = sk_CMS_CertificateChoices_new_null();
- if (!*pcerts)
+ if (*pcerts == NULL)
return NULL;
cch = M_ASN1_new_of(CMS_CertificateChoices);
if (!cch)
CMS_CertificateChoices *cch;
STACK_OF(CMS_CertificateChoices) **pcerts;
int i;
+
pcerts = cms_get0_certificate_choices(cms);
- if (!pcerts)
+ if (pcerts == NULL)
return 0;
for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
cch = sk_CMS_CertificateChoices_value(*pcerts, i);
int r;
r = CMS_add0_cert(cms, cert);
if (r > 0)
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cert);
return r;
}
return &cms->d.signedData->crls;
case NID_pkcs7_enveloped:
+ if (cms->d.envelopedData->originatorInfo == NULL)
+ return NULL;
return &cms->d.envelopedData->originatorInfo->crls;
default:
{
STACK_OF(CMS_RevocationInfoChoice) **pcrls;
CMS_RevocationInfoChoice *rch;
+
pcrls = cms_get0_revocation_choices(cms);
- if (!pcrls)
+ if (pcrls == NULL)
return NULL;
- if (!*pcrls)
+ if (*pcrls == NULL)
*pcrls = sk_CMS_RevocationInfoChoice_new_null();
- if (!*pcrls)
+ if (*pcrls == NULL)
return NULL;
rch = M_ASN1_new_of(CMS_RevocationInfoChoice);
- if (!rch)
+ if (rch == NULL)
return NULL;
if (!sk_CMS_RevocationInfoChoice_push(*pcrls, rch)) {
M_ASN1_free_of(rch, CMS_RevocationInfoChoice);
int r;
r = CMS_add0_crl(cms, crl);
if (r > 0)
- CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(crl);
return r;
}
CMS_CertificateChoices *cch;
STACK_OF(CMS_CertificateChoices) **pcerts;
int i;
+
pcerts = cms_get0_certificate_choices(cms);
- if (!pcerts)
+ if (pcerts == NULL)
return NULL;
for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
cch = sk_CMS_CertificateChoices_value(*pcerts, i);
sk_X509_pop_free(certs, X509_free);
return NULL;
}
- CRYPTO_add(&cch->d.certificate->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cch->d.certificate);
}
}
return certs;
STACK_OF(CMS_RevocationInfoChoice) **pcrls;
CMS_RevocationInfoChoice *rch;
int i;
+
pcrls = cms_get0_revocation_choices(cms);
- if (!pcrls)
+ if (pcrls == NULL)
return NULL;
for (i = 0; i < sk_CMS_RevocationInfoChoice_num(*pcrls); i++) {
rch = sk_CMS_RevocationInfoChoice_value(*pcrls, i);
sk_X509_CRL_pop_free(crls, X509_CRL_free);
return NULL;
}
- CRYPTO_add(&rch->d.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(rch->d.crl);
}
}
return crls;
int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
{
- X509_check_purpose(cert, -1, -1);
- if (!cert->skid)
+ const ASN1_OCTET_STRING *cert_keyid = X509_get0_subject_key_id(cert);
+
+ if (cert_keyid == NULL)
return -1;
- return ASN1_OCTET_STRING_cmp(keyid, cert->skid);
+ return ASN1_OCTET_STRING_cmp(keyid, cert_keyid);
}
int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
{
ASN1_OCTET_STRING *keyid = NULL;
- X509_check_purpose(cert, -1, -1);
- if (!cert->skid) {
+ const ASN1_OCTET_STRING *cert_keyid;
+ cert_keyid = X509_get0_subject_key_id(cert);
+ if (cert_keyid == NULL) {
CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID);
return 0;
}
- keyid = ASN1_STRING_dup(cert->skid);
+ keyid = ASN1_STRING_dup(cert_keyid);
if (!keyid) {
CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE);
return 0;