support for encrypted content type in PKCS7_set_content().
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
+ NID_pkcs7_encrypted by default: this was wrong since this should almost
+ always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
+ the encrypted data type: this is a more sensible place to put it and it
+ allows the PKCS#12 code to be tidied up that duplicated this
+ functionality.
+ [Steve Henson]
+
*) Changed obj_dat.pl script so it takes its input and output files on
the command line. This should avoid shell escape redirection problems
under Win32.
M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);
/* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */
- ret->content_type=OBJ_nid2obj(NID_pkcs7_encrypted);
+ /* We will almost always want this: so make it the default */
+ ret->content_type=OBJ_nid2obj(NID_pkcs7_data);
M_ASN1_New(ret->algorithm,X509_ALGOR_new);
ret->enc_data=NULL;
return(ret);
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
return NULL;
}
- p7->type = OBJ_nid2obj(NID_pkcs7_encrypted);
- if (!(p7->d.encrypted = PKCS7_ENCRYPT_new ())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+ if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
+ PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
+ PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
return NULL;
}
- ASN1_INTEGER_set (p7->d.encrypted->version, 0);
- p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
return NULL;
{PKCS12_R_DECODE_ERROR ,"decode error"},
{PKCS12_R_ENCODE_ERROR ,"encode error"},
{PKCS12_R_ENCRYPT_ERROR ,"encrypt error"},
+{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},
{PKCS12_R_INVALID_NULL_ARGUMENT ,"invalid null argument"},
{PKCS12_R_INVALID_NULL_PKCS12_POINTER ,"invalid null pkcs12 pointer"},
{PKCS12_R_IV_GEN_ERROR ,"iv gen error"},
#define PKCS12_R_DECODE_ERROR 101
#define PKCS12_R_ENCODE_ERROR 102
#define PKCS12_R_ENCRYPT_ERROR 103
+#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
#define PKCS12_R_INVALID_NULL_ARGUMENT 104
#define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
#define PKCS12_R_IV_GEN_ERROR 106
/* We need to process the data */
/* We cannot support detached encryption */
p7bio=PKCS7_dataDecode(p7,pkey,detached,x509);
-
+
if (p7bio == NULL)
{
printf("problems decoding\n");
if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
== NULL) goto err;
ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
-/* p7->d.signed_and_enveloped->enc_data->content_type=
- OBJ_nid2obj(NID_pkcs7_encrypted);*/
-
break;
case NID_pkcs7_enveloped:
p7->type=obj;
== NULL) goto err;
ASN1_INTEGER_set(p7->d.enveloped->version,0);
break;
- case NID_pkcs7_digest:
case NID_pkcs7_encrypted:
+ p7->type=obj;
+ if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
+ == NULL) goto err;
+ ASN1_INTEGER_set(p7->d.encrypted->version,0);
+ break;
+
+ case NID_pkcs7_digest:
default:
PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
goto err;
projects / openssl.git / commitdiff