X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fcms%2Fcms_lib.c;h=a5a186c5ac85c265c7e34b0ecf66c2dfd1dff575;hp=606abafccb627b76305fa1b65e5c586b09ccd209;hb=5762f7778da56b9502534fd236007b9a1b0244d9;hpb=320bfc1be79513f2a782f9ee8894cf7a7b9ffe2d diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index 606abafccb..a5a186c5ac 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -137,6 +137,10 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont) cmsbio = cms_EncryptedData_init_bio(cms); break; + case NID_pkcs7_enveloped: + cmsbio = cms_EnvelopedData_init_bio(cms); + break; + default: CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE); return NULL; @@ -180,6 +184,8 @@ int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio) { case NID_pkcs7_data: + case NID_pkcs7_enveloped: + case NID_pkcs7_encrypted: case NID_id_smime_ct_compressedData: /* Nothing to do */ return 1; @@ -335,21 +341,6 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached) return 0; } -/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */ - -void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md) - { - int param_type; - - if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT) - param_type = V_ASN1_UNDEF; - else - param_type = V_ASN1_NULL; - - X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL); - - } - /* Create a digest BIO from an X509_ALGOR structure */ BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm) @@ -400,16 +391,17 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, return 0; } BIO_get_md_ctx(chain, &mtmp); - if (EVP_MD_CTX_type(mtmp) == nid) - { - EVP_MD_CTX_copy_ex(mctx, mtmp); - return 1; - } + if (EVP_MD_CTX_type(mtmp) == nid + /* Workaround for broken implementations that use signature + * algorithm OID instead of digest. + */ + || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid) + return EVP_MD_CTX_copy_ex(mctx, mtmp); chain = BIO_next(chain); } } -STACK_OF(CMS_CertificateChoices) **cms_get0_certificate_choices(CMS_ContentInfo *cms) +static STACK_OF(CMS_CertificateChoices) **cms_get0_certificate_choices(CMS_ContentInfo *cms) { switch (OBJ_obj2nid(cms->contentType)) { @@ -466,8 +458,11 @@ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert) if (cch->type == CMS_CERTCHOICE_CERT) { if (!X509_cmp(cch->d.certificate, cert)) - return -1; - + { + CMSerr(CMS_F_CMS_ADD0_CERT, + CMS_R_CERTIFICATE_ALREADY_PRESENT); + return 0; + } } } cch = CMS_add0_CertificateChoices(cms); @@ -487,7 +482,7 @@ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert) return r; } -STACK_OF(CMS_RevocationInfoChoice) **cms_get0_revocation_choices(CMS_ContentInfo *cms) +static STACK_OF(CMS_RevocationInfoChoice) **cms_get0_revocation_choices(CMS_ContentInfo *cms) { switch (OBJ_obj2nid(cms->contentType)) { @@ -539,6 +534,15 @@ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl) return 1; } +int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl) + { + int r; + r = CMS_add0_crl(cms, crl); + if (r > 0) + CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL); + return r; + } + STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms) { STACK_OF(X509) *certs = NULL;