summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs7/pk7_attr.c
diff options
context:
space:
mode:
authorjsing <>2014-06-29 17:05:36 +0000
committerjsing <>2014-06-29 17:05:36 +0000
commit27b7b9b8fab110ef186831220c8eda6eee8f63f0 (patch)
treea4b77bc415a0ed73aa4cc548cf42bb540b90de9d /src/lib/libcrypto/pkcs7/pk7_attr.c
parent9d44d3784f281c21a4fc03e18b10241744da5af5 (diff)
downloadopenbsd-27b7b9b8fab110ef186831220c8eda6eee8f63f0.tar.gz
openbsd-27b7b9b8fab110ef186831220c8eda6eee8f63f0.tar.bz2
openbsd-27b7b9b8fab110ef186831220c8eda6eee8f63f0.zip
KNF.
I just spent too long chasing a bug in here and really should have done this first. Gem of the day... is it an if test or a for loop? No, it is a super ifloop! if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
Diffstat (limited to 'src/lib/libcrypto/pkcs7/pk7_attr.c')
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_attr.c97
1 files changed, 53 insertions, 44 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c
index f4c2fadac9..2f4d5089f5 100644
--- a/src/lib/libcrypto/pkcs7/pk7_attr.c
+++ b/src/lib/libcrypto/pkcs7/pk7_attr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_attr.c,v 1.8 2014/06/12 15:49:30 deraadt Exp $ */ 1/* $OpenBSD: pk7_attr.c,v 1.9 2014/06/29 17:05:36 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2001. 3 * project 2001.
4 */ 4 */
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -66,21 +66,24 @@
66#include <openssl/x509.h> 66#include <openssl/x509.h>
67#include <openssl/err.h> 67#include <openssl/err.h>
68 68
69int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) 69int
70PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
70{ 71{
71 ASN1_STRING *seq; 72 ASN1_STRING *seq;
72 if(!(seq = ASN1_STRING_new())) { 73 if (!(seq = ASN1_STRING_new())) {
73 PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); 74 PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,
75 ERR_R_MALLOC_FAILURE);
74 return 0; 76 return 0;
75 } 77 }
76 seq->length = ASN1_item_i2d((ASN1_VALUE *)cap,&seq->data, 78 seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data,
77 ASN1_ITEM_rptr(X509_ALGORS)); 79 ASN1_ITEM_rptr(X509_ALGORS));
78 return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, 80 return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
79 V_ASN1_SEQUENCE, seq); 81 V_ASN1_SEQUENCE, seq);
80} 82}
81 83
82STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) 84STACK_OF(X509_ALGOR) *
83 { 85PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
86{
84 ASN1_TYPE *cap; 87 ASN1_TYPE *cap;
85 const unsigned char *p; 88 const unsigned char *p;
86 89
@@ -89,33 +92,37 @@ STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
89 return NULL; 92 return NULL;
90 p = cap->value.sequence->data; 93 p = cap->value.sequence->data;
91 return (STACK_OF(X509_ALGOR) *) 94 return (STACK_OF(X509_ALGOR) *)
92 ASN1_item_d2i(NULL, &p, cap->value.sequence->length, 95 ASN1_item_d2i(NULL, &p, cap->value.sequence->length,
93 ASN1_ITEM_rptr(X509_ALGORS)); 96 ASN1_ITEM_rptr(X509_ALGORS));
94 } 97}
95 98
96/* Basic smime-capabilities OID and optional integer arg */ 99/* Basic smime-capabilities OID and optional integer arg */
97int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) 100int
101PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
98{ 102{
99 X509_ALGOR *alg; 103 X509_ALGOR *alg;
100 104
101 if(!(alg = X509_ALGOR_new())) { 105 if (!(alg = X509_ALGOR_new())) {
102 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); 106 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
103 return 0; 107 return 0;
104 } 108 }
105 ASN1_OBJECT_free(alg->algorithm); 109 ASN1_OBJECT_free(alg->algorithm);
106 alg->algorithm = OBJ_nid2obj (nid); 110 alg->algorithm = OBJ_nid2obj (nid);
107 if (arg > 0) { 111 if (arg > 0) {
108 ASN1_INTEGER *nbit; 112 ASN1_INTEGER *nbit;
109 if(!(alg->parameter = ASN1_TYPE_new())) { 113 if (!(alg->parameter = ASN1_TYPE_new())) {
110 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); 114 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,
115 ERR_R_MALLOC_FAILURE);
111 return 0; 116 return 0;
112 } 117 }
113 if(!(nbit = ASN1_INTEGER_new())) { 118 if (!(nbit = ASN1_INTEGER_new())) {
114 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); 119 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,
120 ERR_R_MALLOC_FAILURE);
115 return 0; 121 return 0;
116 } 122 }
117 if(!ASN1_INTEGER_set (nbit, arg)) { 123 if (!ASN1_INTEGER_set (nbit, arg)) {
118 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); 124 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,
125 ERR_R_MALLOC_FAILURE);
119 return 0; 126 return 0;
120 } 127 }
121 alg->parameter->value.integer = nbit; 128 alg->parameter->value.integer = nbit;
@@ -125,41 +132,43 @@ int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
125 return 1; 132 return 1;
126} 133}
127 134
128int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid) 135int
129 { 136PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
137{
130 if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType)) 138 if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType))
131 return 0; 139 return 0;
132 if (!coid) 140 if (!coid)
133 coid = OBJ_nid2obj(NID_pkcs7_data); 141 coid = OBJ_nid2obj(NID_pkcs7_data);
134 return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, 142 return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
135 V_ASN1_OBJECT, coid); 143 V_ASN1_OBJECT, coid);
136 } 144}
137 145
138int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t) 146int
139 { 147PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
140 if (!t && !(t=X509_gmtime_adj(NULL,0))) 148{
141 { 149 if (!t && !(t = X509_gmtime_adj(NULL, 0))) {
142 PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME, 150 PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
143 ERR_R_MALLOC_FAILURE); 151 ERR_R_MALLOC_FAILURE);
144 return 0; 152 return 0;
145 }
146 return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
147 V_ASN1_UTCTIME, t);
148 } 153 }
154 return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
155 V_ASN1_UTCTIME, t);
156}
149 157
150int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, 158int
151 const unsigned char *md, int mdlen) 159PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, const unsigned char *md,
152 { 160 int mdlen)
161{
153 ASN1_OCTET_STRING *os; 162 ASN1_OCTET_STRING *os;
163
154 os = ASN1_OCTET_STRING_new(); 164 os = ASN1_OCTET_STRING_new();
155 if (!os) 165 if (!os)
156 return 0; 166 return 0;
157 if (!ASN1_STRING_set(os, md, mdlen) 167 if (!ASN1_STRING_set(os, md, mdlen) ||
158 || !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest, 168 !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest,
159 V_ASN1_OCTET_STRING, os)) 169 V_ASN1_OCTET_STRING, os)) {
160 {
161 ASN1_OCTET_STRING_free(os); 170 ASN1_OCTET_STRING_free(os);
162 return 0; 171 return 0;
163 }
164 return 1;
165 } 172 }
173 return 1;
174}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-16 05:15:24 +0000