1 files changed, 54 insertions, 69 deletions
diff --git a/src/lib/libcrypto/cms/cms_asn1.c b/src/lib/libcrypto/cms/cms_asn1.c
index bd7466cc1d..a2b0217a93 100644
--- a/src/lib/libcrypto/cms/cms_asn1.c
+++ b/src/lib/libcrypto/cms/cms_asn1.c
@@ -10,7 +10,7 @@
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
@@ -57,7 +57,6 @@
 #include "cms.h"
 #include "cms_lcl.h"
 ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {
        ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME),
        ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER)
@@ -87,19 +86,18 @@ ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = {
 } ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
 /* Minor tweak to operation: free up signer key, cert */
-static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+static int
-                                                        void *exarg)
+cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-        {
+{
-        if(operation == ASN1_OP_FREE_POST)
+        if (operation == ASN1_OP_FREE_POST) {
-                {
                CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
                if (si->pkey)
                        EVP_PKEY_free(si->pkey);
                if (si->signer)
                        X509_free(si->signer);
-                }
-        return 1;
        }
+        return 1;
+}
 ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {
        ASN1_SIMPLE(CMS_SignerInfo, version, LONG),
@@ -160,8 +158,8 @@ ASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = {
 } ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier)
 ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {
-  ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+        ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
-  ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
+        ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
 } ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
 ASN1_SEQUENCE(CMS_RecipientEncryptedKey) = {
@@ -170,14 +168,14 @@ ASN1_SEQUENCE(CMS_RecipientEncryptedKey) = {
 } ASN1_SEQUENCE_END(CMS_RecipientEncryptedKey)
 ASN1_SEQUENCE(CMS_OriginatorPublicKey) = {
-  ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),
+        ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),
-  ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)
+        ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)
 } ASN1_SEQUENCE_END(CMS_OriginatorPublicKey)
 ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
-  ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+        ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
-  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
+        ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
-  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
+        ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
 } ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
 ASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = {
@@ -209,46 +207,38 @@ ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
 } ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo)
 ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
-  ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
+        ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
-  ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
+        ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
 } ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
 /* Free up RecipientInfo additional data */
-static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+static int
-                                                        void *exarg)
+cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-        {
+{
-        if(operation == ASN1_OP_FREE_PRE)
+        if (operation == ASN1_OP_FREE_PRE) {
-                {
                CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
-                if (ri->type == CMS_RECIPINFO_TRANS)
+                if (ri->type == CMS_RECIPINFO_TRANS) {
-                        {
                        CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
                        if (ktri->pkey)
                                EVP_PKEY_free(ktri->pkey);
                        if (ktri->recip)
                                X509_free(ktri->recip);
-                        }
+                } else if (ri->type == CMS_RECIPINFO_KEK) {
-                else if (ri->type == CMS_RECIPINFO_KEK)
-                        {
                        CMS_KEKRecipientInfo *kekri = ri->d.kekri;
-                        if (kekri->key)
+                        if (kekri->key) {
-                                {
                                OPENSSL_cleanse(kekri->key, kekri->keylen);
                                free(kekri->key);
-                                }
                        }
-                else if (ri->type == CMS_RECIPINFO_PASS)
+                } else if (ri->type == CMS_RECIPINFO_PASS) {
-                        {
                        CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
-                        if (pwri->pass)
+                        if (pwri->pass) {
-                                {
                                OPENSSL_cleanse(pwri->pass, pwri->passlen);
                                free(pwri->pass);
-                                }
                        }
                }
-        return 1;
        }
+        return 1;
+}
 ASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = {
        ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo),
@@ -295,7 +285,7 @@ ASN1_NDEF_SEQUENCE(CMS_CompressedData) = {
        ASN1_SIMPLE(CMS_CompressedData, version, LONG),
        ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
        ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo),
-} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)
+    } ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)
 /* This is the ANY DEFINED BY table for the top level ContentInfo structure */
@@ -312,36 +302,34 @@ ASN1_ADB(CMS_ContentInfo) = {
 } ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL);
 /* CMS streaming support */
-static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+static int
-                                                        void *exarg)
+cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-        {
+{
        ASN1_STREAM_ARG *sarg = exarg;
        CMS_ContentInfo *cms = NULL;
        if (pval)
                cms = (CMS_ContentInfo *)*pval;
        else
                return 1;
-        switch(operation)
-                {
-                case ASN1_OP_STREAM_PRE:
+        switch (operation) {
+        case ASN1_OP_STREAM_PRE:
                if (CMS_stream(&sarg->boundary, cms) <= 0)
                        return 0;
-                case ASN1_OP_DETACHED_PRE:
+        case ASN1_OP_DETACHED_PRE:
                sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
                if (!sarg->ndef_bio)
                        return 0;
                break;
+        case ASN1_OP_STREAM_POST:
-                case ASN1_OP_STREAM_POST:
+        case ASN1_OP_DETACHED_POST:
-                case ASN1_OP_DETACHED_POST:
                if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
                        return 0;
                break;
-                }
-        return 1;
        }
+        return 1;
+}
 ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
        ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT),
@@ -354,36 +342,33 @@ ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
 * encoding.
 */
-ASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) = 
+ASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE)
+ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE)
 ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign)
-/* When verifying attributes we need to use the received order. So 
+/* When verifying attributes we need to use the received order. So
 * we use SEQUENCE OF and tag it to SET OF
 */
-ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) = 
+ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
+ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
-                                V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
+    V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
 ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
 ASN1_CHOICE(CMS_ReceiptsFrom) = {
-  ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
+        ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
-  ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
+        ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
 } ASN1_CHOICE_END(CMS_ReceiptsFrom)
 ASN1_SEQUENCE(CMS_ReceiptRequest) = {
-  ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
-  ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom),
+        ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom),
-  ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES)
+        ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES)
 } ASN1_SEQUENCE_END(CMS_ReceiptRequest)
 ASN1_SEQUENCE(CMS_Receipt) = {
-  ASN1_SIMPLE(CMS_Receipt, version, LONG),
+        ASN1_SIMPLE(CMS_Receipt, version, LONG),
-  ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),
+        ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),
-  ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),
-  ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
+        ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
 } ASN1_SEQUENCE_END(CMS_Receipt)

diff --git a/src/lib/libcrypto/cms/cms_asn1.c b/src/lib/libcrypto/cms/cms_asn1.c index bd7466cc1d..a2b0217a93 100644 --- a/src/lib/libcrypto/cms/cms_asn1.c +++ b/src/lib/libcrypto/cms/cms_asn1.c
@@ -10,7 +10,7 @@
10	* are met:	10	* are met:
11	*	11	*
12	* 1. Redistributions of source code must retain the above copyright	12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.	13	* notice, this list of conditions and the following disclaimer.
14	*	14	*
15	* 2. Redistributions in binary form must reproduce the above copyright	15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in	16	* notice, this list of conditions and the following disclaimer in
@@ -57,7 +57,6 @@
57	#include "cms.h"	57	#include "cms.h"
58	#include "cms_lcl.h"	58	#include "cms_lcl.h"
59		59
60
61	ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {	60	ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {
62	ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME),	61	ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME),
63	ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER)	62	ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER)
@@ -87,19 +86,18 @@ ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = {
87	} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)	86	} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
88		87
89	/* Minor tweak to operation: free up signer key, cert */	88	/* Minor tweak to operation: free up signer key, cert */
90	static int cms_si_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it,	89	static int
91	void *exarg)	90	cms_si_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it, void *exarg)
92	{	91	{
93	if(operation == ASN1_OP_FREE_POST)	92	if (operation == ASN1_OP_FREE_POST) {
94	{
95	CMS_SignerInfo si = (CMS_SignerInfo )*pval;	93	CMS_SignerInfo si = (CMS_SignerInfo )*pval;
96	if (si->pkey)	94	if (si->pkey)
97	EVP_PKEY_free(si->pkey);	95	EVP_PKEY_free(si->pkey);
98	if (si->signer)	96	if (si->signer)
99	X509_free(si->signer);	97	X509_free(si->signer);
100	}
101	return 1;
102	}	98	}
		99	return 1;
		100	}
103		101
104	ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {	102	ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {
105	ASN1_SIMPLE(CMS_SignerInfo, version, LONG),	103	ASN1_SIMPLE(CMS_SignerInfo, version, LONG),
@@ -160,8 +158,8 @@ ASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = {
160	} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier)	158	} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier)
161		159
162	ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {	160	ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {
163	ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),	161	ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
164	ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)	162	ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
165	} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)	163	} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
166		164
167	ASN1_SEQUENCE(CMS_RecipientEncryptedKey) = {	165	ASN1_SEQUENCE(CMS_RecipientEncryptedKey) = {
@@ -170,14 +168,14 @@ ASN1_SEQUENCE(CMS_RecipientEncryptedKey) = {
170	} ASN1_SEQUENCE_END(CMS_RecipientEncryptedKey)	168	} ASN1_SEQUENCE_END(CMS_RecipientEncryptedKey)
171		169
172	ASN1_SEQUENCE(CMS_OriginatorPublicKey) = {	170	ASN1_SEQUENCE(CMS_OriginatorPublicKey) = {
173	ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),	171	ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),
174	ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)	172	ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)
175	} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey)	173	} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey)
176		174
177	ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {	175	ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
178	ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),	176	ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
179	ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),	177	ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
180	ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)	178	ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
181	} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)	179	} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
182		180
183	ASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = {	181	ASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = {
@@ -209,46 +207,38 @@ ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
209	} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo)	207	} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo)
210		208
211	ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {	209	ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
212	ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),	210	ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
213	ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)	211	ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
214	} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)	212	} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
215		213
216	/* Free up RecipientInfo additional data */	214	/* Free up RecipientInfo additional data */
217	static int cms_ri_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it,	215	static int
218	void *exarg)	216	cms_ri_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it, void *exarg)
219	{	217	{
220	if(operation == ASN1_OP_FREE_PRE)	218	if (operation == ASN1_OP_FREE_PRE) {
221	{
222	CMS_RecipientInfo ri = (CMS_RecipientInfo )*pval;	219	CMS_RecipientInfo ri = (CMS_RecipientInfo )*pval;
223	if (ri->type == CMS_RECIPINFO_TRANS)	220	if (ri->type == CMS_RECIPINFO_TRANS) {
224	{
225	CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;	221	CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
226	if (ktri->pkey)	222	if (ktri->pkey)
227	EVP_PKEY_free(ktri->pkey);	223	EVP_PKEY_free(ktri->pkey);
228	if (ktri->recip)	224	if (ktri->recip)
229	X509_free(ktri->recip);	225	X509_free(ktri->recip);
230	}	226	} else if (ri->type == CMS_RECIPINFO_KEK) {
231	else if (ri->type == CMS_RECIPINFO_KEK)
232	{
233	CMS_KEKRecipientInfo *kekri = ri->d.kekri;	227	CMS_KEKRecipientInfo *kekri = ri->d.kekri;
234	if (kekri->key)	228	if (kekri->key) {
235	{
236	OPENSSL_cleanse(kekri->key, kekri->keylen);	229	OPENSSL_cleanse(kekri->key, kekri->keylen);
237	free(kekri->key);	230	free(kekri->key);
238	}
239	}	231	}
240	else if (ri->type == CMS_RECIPINFO_PASS)	232	} else if (ri->type == CMS_RECIPINFO_PASS) {
241	{
242	CMS_PasswordRecipientInfo *pwri = ri->d.pwri;	233	CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
243	if (pwri->pass)	234	if (pwri->pass) {
244	{
245	OPENSSL_cleanse(pwri->pass, pwri->passlen);	235	OPENSSL_cleanse(pwri->pass, pwri->passlen);
246	free(pwri->pass);	236	free(pwri->pass);
247	}
248	}	237	}
249	}	238	}
250	return 1;
251	}	239	}
		240	return 1;
		241	}
252		242
253	ASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = {	243	ASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = {
254	ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo),	244	ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo),
@@ -295,7 +285,7 @@ ASN1_NDEF_SEQUENCE(CMS_CompressedData) = {
295	ASN1_SIMPLE(CMS_CompressedData, version, LONG),	285	ASN1_SIMPLE(CMS_CompressedData, version, LONG),
296	ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),	286	ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
297	ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo),	287	ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo),
298	} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)	288	} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)
299		289
300	/* This is the ANY DEFINED BY table for the top level ContentInfo structure */	290	/* This is the ANY DEFINED BY table for the top level ContentInfo structure */
301		291
@@ -312,36 +302,34 @@ ASN1_ADB(CMS_ContentInfo) = {
312	} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL);	302	} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL);
313		303
314	/* CMS streaming support */	304	/* CMS streaming support */
315	static int cms_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it,	305	static int
316	void *exarg)	306	cms_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it, void *exarg)
317	{	307	{
318	ASN1_STREAM_ARG *sarg = exarg;	308	ASN1_STREAM_ARG *sarg = exarg;
319	CMS_ContentInfo *cms = NULL;	309	CMS_ContentInfo *cms = NULL;
		310
320	if (pval)	311	if (pval)
321	cms = (CMS_ContentInfo )pval;	312	cms = (CMS_ContentInfo )pval;
322	else	313	else
323	return 1;	314	return 1;
324	switch(operation)
325	{
326		315
327	case ASN1_OP_STREAM_PRE:	316	switch (operation) {
		317	case ASN1_OP_STREAM_PRE:
328	if (CMS_stream(&sarg->boundary, cms) <= 0)	318	if (CMS_stream(&sarg->boundary, cms) <= 0)
329	return 0;	319	return 0;
330	case ASN1_OP_DETACHED_PRE:	320	case ASN1_OP_DETACHED_PRE:
331	sarg->ndef_bio = CMS_dataInit(cms, sarg->out);	321	sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
332	if (!sarg->ndef_bio)	322	if (!sarg->ndef_bio)
333	return 0;	323	return 0;
334	break;	324	break;
335		325	case ASN1_OP_STREAM_POST:
336	case ASN1_OP_STREAM_POST:	326	case ASN1_OP_DETACHED_POST:
337	case ASN1_OP_DETACHED_POST:
338	if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)	327	if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
339	return 0;	328	return 0;
340	break;	329	break;
341
342	}
343	return 1;
344	}	330	}
		331	return 1;
		332	}
345		333
346	ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {	334	ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
347	ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT),	335	ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT),
@@ -354,36 +342,33 @@ ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
354	* encoding.	342	* encoding.
355	*/	343	*/
356		344
357	ASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) =	345	ASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) =
358	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE)	346	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE)
359	ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign)	347	ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign)
360		348
361	/* When verifying attributes we need to use the received order. So	349	/* When verifying attributes we need to use the received order. So
362	* we use SEQUENCE OF and tag it to SET OF	350	* we use SEQUENCE OF and tag it to SET OF
363	*/	351	*/
364		352
365	ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =	353	ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =
366	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF \| ASN1_TFLG_IMPTAG \| ASN1_TFLG_UNIVERSAL,	354	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF \| ASN1_TFLG_IMPTAG \| ASN1_TFLG_UNIVERSAL,
367	V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)	355	V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
368	ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)	356	ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
369		357
370
371
372	ASN1_CHOICE(CMS_ReceiptsFrom) = {	358	ASN1_CHOICE(CMS_ReceiptsFrom) = {
373	ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),	359	ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
374	ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)	360	ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
375	} ASN1_CHOICE_END(CMS_ReceiptsFrom)	361	} ASN1_CHOICE_END(CMS_ReceiptsFrom)
376		362
377	ASN1_SEQUENCE(CMS_ReceiptRequest) = {	363	ASN1_SEQUENCE(CMS_ReceiptRequest) = {
378	ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),	364	ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
379	ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom),	365	ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom),
380	ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES)	366	ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES)
381	} ASN1_SEQUENCE_END(CMS_ReceiptRequest)	367	} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
382		368
383	ASN1_SEQUENCE(CMS_Receipt) = {	369	ASN1_SEQUENCE(CMS_Receipt) = {
384	ASN1_SIMPLE(CMS_Receipt, version, LONG),	370	ASN1_SIMPLE(CMS_Receipt, version, LONG),
385	ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),	371	ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),
386	ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),	372	ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),
387	ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)	373	ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
388	} ASN1_SEQUENCE_END(CMS_Receipt)	374	} ASN1_SEQUENCE_END(CMS_Receipt)
389