summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
2449961)
and not excluding parameters with DSA keys.
if(operation == SMIME_ENCRYPT) {
if (!cipher) cipher = EVP_rc2_40_cbc();
if(operation == SMIME_ENCRYPT) {
if (!cipher) cipher = EVP_rc2_40_cbc();
+ encerts = sk_X509_new_null();
- encerts = sk_X509_new_null();
if(!(cert = load_cert(*args))) {
BIO_printf(bio_err, "Can't read recipent certificate file %s\n", *args);
goto end;
}
if(!(cert = load_cert(*args))) {
BIO_printf(bio_err, "Can't read recipent certificate file %s\n", *args);
goto end;
}
- sk_X509_push (encerts, cert);
+ sk_X509_push(encerts, cert);
}
} else if(operation == SMIME_VERIFY) {
STACK_OF(X509) *signers;
}
} else if(operation == SMIME_VERIFY) {
STACK_OF(X509) *signers;
- signers = PKCS7_iget_signers(p7, other, flags);
if(PKCS7_verify(p7, other, store, indata, out, flags)) {
BIO_printf(bio_err, "Verification Successful\n");
} else {
BIO_printf(bio_err, "Verification Failure\n");
goto end;
}
if(PKCS7_verify(p7, other, store, indata, out, flags)) {
BIO_printf(bio_err, "Verification Successful\n");
} else {
BIO_printf(bio_err, "Verification Failure\n");
goto end;
}
+ signers = PKCS7_iget_signers(p7, other, flags);
if(!save_certs(signerfile, signers)) {
BIO_printf(bio_err, "Error writing signers to %s\n",
signerfile);
if(!save_certs(signerfile, signers)) {
BIO_printf(bio_err, "Error writing signers to %s\n",
signerfile);
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
EVP_MD *dgst)
{
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
EVP_MD *dgst)
{
+ char is_dsa;
+ if (pkey->type == EVP_PKEY_DSA) is_dsa = 1;
+ else is_dsa = 0;
/* We now need to add another PKCS7_SIGNER_INFO entry */
ASN1_INTEGER_set(p7i->version,1);
X509_NAME_set(&p7i->issuer_and_serial->issuer,
/* We now need to add another PKCS7_SIGNER_INFO entry */
ASN1_INTEGER_set(p7i->version,1);
X509_NAME_set(&p7i->issuer_and_serial->issuer,
p7i->pkey=pkey;
/* Set the algorithms */
p7i->pkey=pkey;
/* Set the algorithms */
- if (pkey->type == EVP_PKEY_DSA)
- p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
+ if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
else
p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
else
p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
if (p7i->digest_enc_alg->parameter != NULL)
ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
if (p7i->digest_enc_alg->parameter != NULL)
ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
- if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL)
- goto err;
- p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+ if(is_dsa) p7i->digest_enc_alg->parameter = NULL;
+ else {
+ if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
+ goto err;
+ p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+ }