Fix PKCS7_ENC_CONTENT_new() to include a sensible default content type and add
authorDr. Stephen Henson <steve@openssl.org>
Tue, 17 Aug 1999 12:58:01 +0000 (12:58 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 17 Aug 1999 12:58:01 +0000 (12:58 +0000)
support for encrypted content type in PKCS7_set_content().

CHANGES
crypto/asn1/p7_enc_c.c
crypto/pkcs12/p12_add.c
crypto/pkcs12/pk12err.c
crypto/pkcs12/pkcs12.h
crypto/pkcs7/dec.c
crypto/pkcs7/pk7_lib.c

diff --git a/CHANGES b/CHANGES
index 6d77412..93c314e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,14 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
+     NID_pkcs7_encrypted by default: this was wrong since this should almost
+     always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
+     the encrypted data type: this is a more sensible place to put it and it
+     allows the PKCS#12 code to be tidied up that duplicated this
+     functionality.
+     [Steve Henson]
+
   *) Changed obj_dat.pl script so it takes its input and output files on
      the command line. This should avoid shell escape redirection problems
      under Win32.
index a832737..d8dcb11 100644 (file)
@@ -101,7 +101,8 @@ PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void)
 
        M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);
        /* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */
-       ret->content_type=OBJ_nid2obj(NID_pkcs7_encrypted);
+       /* We will almost always want this: so make it the default */
+       ret->content_type=OBJ_nid2obj(NID_pkcs7_data);
        M_ASN1_New(ret->algorithm,X509_ALGOR_new);
        ret->enc_data=NULL;
        return(ret);
index ae3d9de..50a7d0b 100644 (file)
@@ -157,13 +157,11 @@ PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen,
                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
                return NULL;
        }
-       p7->type = OBJ_nid2obj(NID_pkcs7_encrypted);
-       if (!(p7->d.encrypted = PKCS7_ENCRYPT_new ())) {
-               PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+       if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
+               PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
+                               PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
                return NULL;
        }
-       ASN1_INTEGER_set (p7->d.encrypted->version, 0);
-       p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
        if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
                return NULL;
index 38d7be7..5bbe2fa 100644 (file)
@@ -99,6 +99,7 @@ static ERR_STRING_DATA PKCS12_str_reasons[]=
 {PKCS12_R_DECODE_ERROR                   ,"decode error"},
 {PKCS12_R_ENCODE_ERROR                   ,"encode error"},
 {PKCS12_R_ENCRYPT_ERROR                  ,"encrypt error"},
+{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},
 {PKCS12_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},
 {PKCS12_R_INVALID_NULL_PKCS12_POINTER    ,"invalid null pkcs12 pointer"},
 {PKCS12_R_IV_GEN_ERROR                   ,"iv gen error"},
index 4cfba5e..f79cc23 100644 (file)
@@ -313,6 +313,7 @@ PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
 #define PKCS12_R_DECODE_ERROR                           101
 #define PKCS12_R_ENCODE_ERROR                           102
 #define PKCS12_R_ENCRYPT_ERROR                          103
+#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE      120
 #define PKCS12_R_INVALID_NULL_ARGUMENT                  104
 #define PKCS12_R_INVALID_NULL_PKCS12_POINTER            105
 #define PKCS12_R_IV_GEN_ERROR                           106
index 5150006..c552c8f 100644 (file)
@@ -149,7 +149,7 @@ char *argv[];
        /* We need to process the data */
        /* We cannot support detached encryption */
        p7bio=PKCS7_dataDecode(p7,pkey,detached,x509);
-       
+
        if (p7bio == NULL)
                {
                printf("problems decoding\n");
index 8b863d0..22cbb17 100644 (file)
@@ -165,9 +165,6 @@ int PKCS7_set_type(PKCS7 *p7, int type)
                if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
                        == NULL) goto err;
                ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
-/*             p7->d.signed_and_enveloped->enc_data->content_type=
-                       OBJ_nid2obj(NID_pkcs7_encrypted);*/
-                       
                break;
        case NID_pkcs7_enveloped:
                p7->type=obj;
@@ -175,8 +172,14 @@ int PKCS7_set_type(PKCS7 *p7, int type)
                        == NULL) goto err;
                ASN1_INTEGER_set(p7->d.enveloped->version,0);
                break;
-       case NID_pkcs7_digest:
        case NID_pkcs7_encrypted:
+               p7->type=obj;
+               if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
+                       == NULL) goto err;
+               ASN1_INTEGER_set(p7->d.encrypted->version,0);
+               break;
+
+       case NID_pkcs7_digest:
        default:
                PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
                goto err;