1 files changed, 249 insertions, 249 deletions
diff --git a/src/lib/libcrypto/cms/cms_ess.c b/src/lib/libcrypto/cms/cms_ess.c
index d1483c4d49..bcc3e58368 100644
--- a/src/lib/libcrypto/cms/cms_ess.c
+++ b/src/lib/libcrypto/cms/cms_ess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_ess.c,v 1.12 2019/08/10 16:39:17 jsing Exp $ */
+/* $OpenBSD: cms_ess.c,v 1.13 2019/08/10 16:42:20 jsing Exp $ */
 /*
 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
@@ -67,274 +67,274 @@ IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
 int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
 {
-    ASN1_STRING *str;
+        ASN1_STRING *str;
-    CMS_ReceiptRequest *rr = NULL;
+        CMS_ReceiptRequest *rr = NULL;
-    if (prr)
+        if (prr)
-        *prr = NULL;
+                *prr = NULL;
-    str = CMS_signed_get0_data_by_OBJ(si,
+        str = CMS_signed_get0_data_by_OBJ(si,
-                                      OBJ_nid2obj
+                                                  OBJ_nid2obj
-                                      (NID_id_smime_aa_receiptRequest), -3,
+                                                  (NID_id_smime_aa_receiptRequest), -3,
-                                      V_ASN1_SEQUENCE);
+                                                  V_ASN1_SEQUENCE);
-    if (!str)
+        if (!str)
-        return 0;
+                return 0;
-    rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
+        rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
-    if (!rr)
+        if (!rr)
-        return -1;
+                return -1;
-    if (prr)
+        if (prr)
-        *prr = rr;
+                *prr = rr;
-    else
+        else
-        CMS_ReceiptRequest_free(rr);
+                CMS_ReceiptRequest_free(rr);
-    return 1;
+        return 1;
 }
 CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-                                               int allorfirst,
+                                                           int allorfirst,
-                                               STACK_OF(GENERAL_NAMES)
+                                                           STACK_OF(GENERAL_NAMES)
-                                               *receiptList, STACK_OF(GENERAL_NAMES)
+                                                           *receiptList, STACK_OF(GENERAL_NAMES)
-                                               *receiptsTo)
+                                                           *receiptsTo)
 {
-    CMS_ReceiptRequest *rr = NULL;
+        CMS_ReceiptRequest *rr = NULL;
-    rr = CMS_ReceiptRequest_new();
+        rr = CMS_ReceiptRequest_new();
-    if (rr == NULL)
+        if (rr == NULL)
-        goto merr;
+                goto merr;
-    if (id)
+        if (id)
-        ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
+                ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
-    else {
+        else {
-        if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
+                if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
-            goto merr;
+                        goto merr;
-        if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
+                if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
-            goto err;
+                        goto err;
-    }
+        }
-    sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
+        sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
-    rr->receiptsTo = receiptsTo;
+        rr->receiptsTo = receiptsTo;
-    if (receiptList) {
+        if (receiptList) {
-        rr->receiptsFrom->type = 1;
+                rr->receiptsFrom->type = 1;
-        rr->receiptsFrom->d.receiptList = receiptList;
+                rr->receiptsFrom->d.receiptList = receiptList;
-    } else {
+        } else {
-        rr->receiptsFrom->type = 0;
+                rr->receiptsFrom->type = 0;
-        rr->receiptsFrom->d.allOrFirstTier = allorfirst;
+                rr->receiptsFrom->d.allOrFirstTier = allorfirst;
-    }
+        }
-    return rr;
+        return rr;
 merr:
-    CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
+        CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
 err:
-    CMS_ReceiptRequest_free(rr);
+        CMS_ReceiptRequest_free(rr);
-    return NULL;
+        return NULL;
 }
 int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
 {
-    unsigned char *rrder = NULL;
+        unsigned char *rrder = NULL;
-    int rrderlen, r = 0;
+        int rrderlen, r = 0;
-    rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
+        rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
-    if (rrderlen < 0)
+        if (rrderlen < 0)
-        goto merr;
+                goto merr;
-    if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
+        if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
-                                     V_ASN1_SEQUENCE, rrder, rrderlen))
+                                                 V_ASN1_SEQUENCE, rrder, rrderlen))
-        goto merr;
+                goto merr;
-    r = 1;
+        r = 1;
 merr:
-    if (!r)
+        if (!r)
-        CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
+                CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
-    OPENSSL_free(rrder);
+        OPENSSL_free(rrder);
-    return r;
+        return r;
 }
 void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
-                                    ASN1_STRING **pcid,
+                                                ASN1_STRING **pcid,
-                                    int *pallorfirst,
+                                                int *pallorfirst,
-                                    STACK_OF(GENERAL_NAMES) **plist,
+                                                STACK_OF(GENERAL_NAMES) **plist,
-                                    STACK_OF(GENERAL_NAMES) **prto)
+                                                STACK_OF(GENERAL_NAMES) **prto)
 {
-    if (pcid)
+        if (pcid)
-        *pcid = rr->signedContentIdentifier;
+                *pcid = rr->signedContentIdentifier;
-    if (rr->receiptsFrom->type == 0) {
+        if (rr->receiptsFrom->type == 0) {
-        if (pallorfirst)
+                if (pallorfirst)
-            *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
+                        *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
-        if (plist)
+                if (plist)
-            *plist = NULL;
+                        *plist = NULL;
-    } else {
+        } else {
-        if (pallorfirst)
+                if (pallorfirst)
-            *pallorfirst = -1;
+                        *pallorfirst = -1;
-        if (plist)
+                if (plist)
-            *plist = rr->receiptsFrom->d.receiptList;
+                        *plist = rr->receiptsFrom->d.receiptList;
-    }
+        }
-    if (prto)
+        if (prto)
-        *prto = rr->receiptsTo;
+                *prto = rr->receiptsTo;
 }
 /* Digest a SignerInfo structure for msgSigDigest attribute processing */
 static int cms_msgSigDigest(CMS_SignerInfo *si,
-                            unsigned char *dig, unsigned int *diglen)
+                                        unsigned char *dig, unsigned int *diglen)
 {
-    const EVP_MD *md;
+        const EVP_MD *md;
-    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+        md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-    if (md == NULL)
+        if (md == NULL)
-        return 0;
+                return 0;
-    if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
+        if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
-                          si->signedAttrs, dig, diglen))
+                                      si->signedAttrs, dig, diglen))
-        return 0;
+                return 0;
-    return 1;
+        return 1;
 }
 /* Add a msgSigDigest attribute to a SignerInfo */
 int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
 {
-    unsigned char dig[EVP_MAX_MD_SIZE];
+        unsigned char dig[EVP_MAX_MD_SIZE];
-    unsigned int diglen;
+        unsigned int diglen;
-    if (!cms_msgSigDigest(src, dig, &diglen)) {
+        if (!cms_msgSigDigest(src, dig, &diglen)) {
-        CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
+                CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
-        return 0;
+                return 0;
-    }
+        }
-    if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
+        if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
-                                     V_ASN1_OCTET_STRING, dig, diglen)) {
+                                                 V_ASN1_OCTET_STRING, dig, diglen)) {
-        CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
+                CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
-        return 0;
+                return 0;
-    }
+        }
-    return 1;
+        return 1;
 }
 /* Verify signed receipt after it has already passed normal CMS verify */
 int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
 {
-    int r = 0, i;
+        int r = 0, i;
-    CMS_ReceiptRequest *rr = NULL;
+        CMS_ReceiptRequest *rr = NULL;
-    CMS_Receipt *rct = NULL;
+        CMS_Receipt *rct = NULL;
-    STACK_OF(CMS_SignerInfo) *sis, *osis;
+        STACK_OF(CMS_SignerInfo) *sis, *osis;
-    CMS_SignerInfo *si, *osi = NULL;
+        CMS_SignerInfo *si, *osi = NULL;
-    ASN1_OCTET_STRING *msig, **pcont;
+        ASN1_OCTET_STRING *msig, **pcont;
-    ASN1_OBJECT *octype;
+        ASN1_OBJECT *octype;
-    unsigned char dig[EVP_MAX_MD_SIZE];
+        unsigned char dig[EVP_MAX_MD_SIZE];
-    unsigned int diglen;
+        unsigned int diglen;
-    /* Get SignerInfos, also checks SignedData content type */
+        /* Get SignerInfos, also checks SignedData content type */
-    osis = CMS_get0_SignerInfos(req_cms);
+        osis = CMS_get0_SignerInfos(req_cms);
-    sis = CMS_get0_SignerInfos(cms);
+        sis = CMS_get0_SignerInfos(cms);
-    if (!osis || !sis)
+        if (!osis || !sis)
-        goto err;
+                goto err;
-    if (sk_CMS_SignerInfo_num(sis) != 1) {
+        if (sk_CMS_SignerInfo_num(sis) != 1) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
-        goto err;
+                goto err;
-    }
+        }
-    /* Check receipt content type */
+        /* Check receipt content type */
-    if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
+        if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
-        goto err;
+                goto err;
-    }
+        }
-    /* Extract and decode receipt content */
+        /* Extract and decode receipt content */
-    pcont = CMS_get0_content(cms);
+        pcont = CMS_get0_content(cms);
-    if (!pcont || !*pcont) {
+        if (!pcont || !*pcont) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
-        goto err;
+                goto err;
-    }
+        }
-    rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
+        rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
-    if (!rct) {
+        if (!rct) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
-        goto err;
+                goto err;
-    }
+        }
-    /* Locate original request */
+        /* Locate original request */
-    for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
+        for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
-        osi = sk_CMS_SignerInfo_value(osis, i);
+                osi = sk_CMS_SignerInfo_value(osis, i);
-        if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
+                if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
-            break;
+                        break;
-    }
+        }
-    if (i == sk_CMS_SignerInfo_num(osis)) {
+        if (i == sk_CMS_SignerInfo_num(osis)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
-        goto err;
+                goto err;
-    }
+        }
-    si = sk_CMS_SignerInfo_value(sis, 0);
+        si = sk_CMS_SignerInfo_value(sis, 0);
-    /* Get msgSigDigest value and compare */
+        /* Get msgSigDigest value and compare */
-    msig = CMS_signed_get0_data_by_OBJ(si,
+        msig = CMS_signed_get0_data_by_OBJ(si,
-                                       OBJ_nid2obj
+                                                   OBJ_nid2obj
-                                       (NID_id_smime_aa_msgSigDigest), -3,
+                                                   (NID_id_smime_aa_msgSigDigest), -3,
-                                       V_ASN1_OCTET_STRING);
+                                                   V_ASN1_OCTET_STRING);
-    if (!msig) {
+        if (!msig) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
-        goto err;
+                goto err;
-    }
+        }
-    if (!cms_msgSigDigest(osi, dig, &diglen)) {
+        if (!cms_msgSigDigest(osi, dig, &diglen)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
-        goto err;
+                goto err;
-    }
+        }
-    if (diglen != (unsigned int)msig->length) {
+        if (diglen != (unsigned int)msig->length) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
-        goto err;
+                goto err;
-    }
+        }
-    if (memcmp(dig, msig->data, diglen)) {
+        if (memcmp(dig, msig->data, diglen)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-               CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
+                           CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
-        goto err;
+                goto err;
-    }
+        }
-    /* Compare content types */
+        /* Compare content types */
-    octype = CMS_signed_get0_data_by_OBJ(osi,
+        octype = CMS_signed_get0_data_by_OBJ(osi,
-                                         OBJ_nid2obj(NID_pkcs9_contentType),
+                                                     OBJ_nid2obj(NID_pkcs9_contentType),
-                                         -3, V_ASN1_OBJECT);
+                                                     -3, V_ASN1_OBJECT);
-    if (!octype) {
+        if (!octype) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
-        goto err;
+                goto err;
-    }
+        }
-    /* Compare details in receipt request */
+        /* Compare details in receipt request */
-    if (OBJ_cmp(octype, rct->contentType)) {
+        if (OBJ_cmp(octype, rct->contentType)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
-        goto err;
+                goto err;
-    }
+        }
-    /* Get original receipt request details */
+        /* Get original receipt request details */
-    if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
+        if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
-        goto err;
+                goto err;
-    }
+        }
-    if (ASN1_STRING_cmp(rr->signedContentIdentifier,
+        if (ASN1_STRING_cmp(rr->signedContentIdentifier,
-                        rct->signedContentIdentifier)) {
+                                    rct->signedContentIdentifier)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
-        goto err;
+                goto err;
-    }
+        }
-    r = 1;
+        r = 1;
 err:
-    CMS_ReceiptRequest_free(rr);
+        CMS_ReceiptRequest_free(rr);
-    M_ASN1_free_of(rct, CMS_Receipt);
+        M_ASN1_free_of(rct, CMS_Receipt);
-    return r;
+        return r;
 }
@@ -345,38 +345,38 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
 ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
 {
-    CMS_Receipt rct;
+        CMS_Receipt rct;
-    CMS_ReceiptRequest *rr = NULL;
+        CMS_ReceiptRequest *rr = NULL;
-    ASN1_OBJECT *ctype;
+        ASN1_OBJECT *ctype;
-    ASN1_OCTET_STRING *os = NULL;
+        ASN1_OCTET_STRING *os = NULL;
-    /* Get original receipt request */
+        /* Get original receipt request */
-    /* Get original receipt request details */
+        /* Get original receipt request details */
-    if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
+        if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
-        CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
+                CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
-        goto err;
+                goto err;
-    }
+        }
-    /* Get original content type */
+        /* Get original content type */
-    ctype = CMS_signed_get0_data_by_OBJ(si,
+        ctype = CMS_signed_get0_data_by_OBJ(si,
-                                        OBJ_nid2obj(NID_pkcs9_contentType),
+                                                    OBJ_nid2obj(NID_pkcs9_contentType),
-                                        -3, V_ASN1_OBJECT);
+                                                    -3, V_ASN1_OBJECT);
-    if (!ctype) {
+        if (!ctype) {
-        CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
+                CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
-        goto err;
+                goto err;
-    }
+        }
-    rct.version = 1;
+        rct.version = 1;
-    rct.contentType = ctype;
+        rct.contentType = ctype;
-    rct.signedContentIdentifier = rr->signedContentIdentifier;
+        rct.signedContentIdentifier = rr->signedContentIdentifier;
-    rct.originatorSignatureValue = si->signature;
+        rct.originatorSignatureValue = si->signature;
-    os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
+        os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
 err:
-    CMS_ReceiptRequest_free(rr);
+        CMS_ReceiptRequest_free(rr);
-    return os;
+        return os;
 }

diff --git a/src/lib/libcrypto/cms/cms_ess.c b/src/lib/libcrypto/cms/cms_ess.c index d1483c4d49..bcc3e58368 100644 --- a/src/lib/libcrypto/cms/cms_ess.c +++ b/src/lib/libcrypto/cms/cms_ess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: cms_ess.c,v 1.12 2019/08/10 16:39:17 jsing Exp $ */	1	/* $OpenBSD: cms_ess.c,v 1.13 2019/08/10 16:42:20 jsing Exp $ */
2	/*	2	/*
3	* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	3	* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4	* project.	4	* project.
@@ -67,274 +67,274 @@ IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
67		67
68	int CMS_get1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest *prr)	68	int CMS_get1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest *prr)
69	{	69	{
70	ASN1_STRING *str;	70	ASN1_STRING *str;
71	CMS_ReceiptRequest *rr = NULL;	71	CMS_ReceiptRequest *rr = NULL;
72	if (prr)	72	if (prr)
73	*prr = NULL;	73	*prr = NULL;
74	str = CMS_signed_get0_data_by_OBJ(si,	74	str = CMS_signed_get0_data_by_OBJ(si,
75	OBJ_nid2obj	75	OBJ_nid2obj
76	(NID_id_smime_aa_receiptRequest), -3,	76	(NID_id_smime_aa_receiptRequest), -3,
77	V_ASN1_SEQUENCE);	77	V_ASN1_SEQUENCE);
78	if (!str)	78	if (!str)
79	return 0;	79	return 0;
80		80
81	rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));	81	rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
82	if (!rr)	82	if (!rr)
83	return -1;	83	return -1;
84	if (prr)	84	if (prr)
85	*prr = rr;	85	*prr = rr;
86	else	86	else
87	CMS_ReceiptRequest_free(rr);	87	CMS_ReceiptRequest_free(rr);
88	return 1;	88	return 1;
89	}	89	}
90		90
91	CMS_ReceiptRequest CMS_ReceiptRequest_create0(unsigned char id, int idlen,	91	CMS_ReceiptRequest CMS_ReceiptRequest_create0(unsigned char id, int idlen,
92	int allorfirst,	92	int allorfirst,
93	STACK_OF(GENERAL_NAMES)	93	STACK_OF(GENERAL_NAMES)
94	*receiptList, STACK_OF(GENERAL_NAMES)	94	*receiptList, STACK_OF(GENERAL_NAMES)
95	*receiptsTo)	95	*receiptsTo)
96	{	96	{
97	CMS_ReceiptRequest *rr = NULL;	97	CMS_ReceiptRequest *rr = NULL;
98		98
99	rr = CMS_ReceiptRequest_new();	99	rr = CMS_ReceiptRequest_new();
100	if (rr == NULL)	100	if (rr == NULL)
101	goto merr;	101	goto merr;
102	if (id)	102	if (id)
103	ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);	103	ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
104	else {	104	else {
105	if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))	105	if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
106	goto merr;	106	goto merr;
107	if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)	107	if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
108	goto err;	108	goto err;
109	}	109	}
110		110
111	sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);	111	sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
112	rr->receiptsTo = receiptsTo;	112	rr->receiptsTo = receiptsTo;
113		113
114	if (receiptList) {	114	if (receiptList) {
115	rr->receiptsFrom->type = 1;	115	rr->receiptsFrom->type = 1;
116	rr->receiptsFrom->d.receiptList = receiptList;	116	rr->receiptsFrom->d.receiptList = receiptList;
117	} else {	117	} else {
118	rr->receiptsFrom->type = 0;	118	rr->receiptsFrom->type = 0;
119	rr->receiptsFrom->d.allOrFirstTier = allorfirst;	119	rr->receiptsFrom->d.allOrFirstTier = allorfirst;
120	}	120	}
121		121
122	return rr;	122	return rr;
123		123
124	merr:	124	merr:
125	CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);	125	CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
126		126
127	err:	127	err:
128	CMS_ReceiptRequest_free(rr);	128	CMS_ReceiptRequest_free(rr);
129	return NULL;	129	return NULL;
130		130
131	}	131	}
132		132
133	int CMS_add1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest rr)	133	int CMS_add1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest rr)
134	{	134	{
135	unsigned char *rrder = NULL;	135	unsigned char *rrder = NULL;
136	int rrderlen, r = 0;	136	int rrderlen, r = 0;
137		137
138	rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);	138	rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
139	if (rrderlen < 0)	139	if (rrderlen < 0)
140	goto merr;	140	goto merr;
141		141
142	if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,	142	if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
143	V_ASN1_SEQUENCE, rrder, rrderlen))	143	V_ASN1_SEQUENCE, rrder, rrderlen))
144	goto merr;	144	goto merr;
145		145
146	r = 1;	146	r = 1;
147		147
148	merr:	148	merr:
149	if (!r)	149	if (!r)
150	CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);	150	CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
151		151
152	OPENSSL_free(rrder);	152	OPENSSL_free(rrder);
153		153
154	return r;	154	return r;
155		155
156	}	156	}
157		157
158	void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,	158	void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
159	ASN1_STRING **pcid,	159	ASN1_STRING **pcid,
160	int *pallorfirst,	160	int *pallorfirst,
161	STACK_OF(GENERAL_NAMES) **plist,	161	STACK_OF(GENERAL_NAMES) **plist,
162	STACK_OF(GENERAL_NAMES) **prto)	162	STACK_OF(GENERAL_NAMES) **prto)
163	{	163	{
164	if (pcid)	164	if (pcid)
165	*pcid = rr->signedContentIdentifier;	165	*pcid = rr->signedContentIdentifier;
166	if (rr->receiptsFrom->type == 0) {	166	if (rr->receiptsFrom->type == 0) {
167	if (pallorfirst)	167	if (pallorfirst)
168	*pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;	168	*pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
169	if (plist)	169	if (plist)
170	*plist = NULL;	170	*plist = NULL;
171	} else {	171	} else {
172	if (pallorfirst)	172	if (pallorfirst)
173	*pallorfirst = -1;	173	*pallorfirst = -1;
174	if (plist)	174	if (plist)
175	*plist = rr->receiptsFrom->d.receiptList;	175	*plist = rr->receiptsFrom->d.receiptList;
176	}	176	}
177	if (prto)	177	if (prto)
178	*prto = rr->receiptsTo;	178	*prto = rr->receiptsTo;
179	}	179	}
180		180
181	/* Digest a SignerInfo structure for msgSigDigest attribute processing */	181	/* Digest a SignerInfo structure for msgSigDigest attribute processing */
182		182
183	static int cms_msgSigDigest(CMS_SignerInfo *si,	183	static int cms_msgSigDigest(CMS_SignerInfo *si,
184	unsigned char dig, unsigned int diglen)	184	unsigned char dig, unsigned int diglen)
185	{	185	{
186	const EVP_MD *md;	186	const EVP_MD *md;
187	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);	187	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
188	if (md == NULL)	188	if (md == NULL)
189	return 0;	189	return 0;
190	if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,	190	if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
191	si->signedAttrs, dig, diglen))	191	si->signedAttrs, dig, diglen))
192	return 0;	192	return 0;
193	return 1;	193	return 1;
194	}	194	}
195		195
196	/* Add a msgSigDigest attribute to a SignerInfo */	196	/* Add a msgSigDigest attribute to a SignerInfo */
197		197
198	int cms_msgSigDigest_add1(CMS_SignerInfo dest, CMS_SignerInfo src)	198	int cms_msgSigDigest_add1(CMS_SignerInfo dest, CMS_SignerInfo src)
199	{	199	{
200	unsigned char dig[EVP_MAX_MD_SIZE];	200	unsigned char dig[EVP_MAX_MD_SIZE];
201	unsigned int diglen;	201	unsigned int diglen;
202	if (!cms_msgSigDigest(src, dig, &diglen)) {	202	if (!cms_msgSigDigest(src, dig, &diglen)) {
203	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);	203	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
204	return 0;	204	return 0;
205	}	205	}
206	if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,	206	if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
207	V_ASN1_OCTET_STRING, dig, diglen)) {	207	V_ASN1_OCTET_STRING, dig, diglen)) {
208	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);	208	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
209	return 0;	209	return 0;
210	}	210	}
211	return 1;	211	return 1;
212	}	212	}
213		213
214	/* Verify signed receipt after it has already passed normal CMS verify */	214	/* Verify signed receipt after it has already passed normal CMS verify */
215		215
216	int cms_Receipt_verify(CMS_ContentInfo cms, CMS_ContentInfo req_cms)	216	int cms_Receipt_verify(CMS_ContentInfo cms, CMS_ContentInfo req_cms)
217	{	217	{
218	int r = 0, i;	218	int r = 0, i;
219	CMS_ReceiptRequest *rr = NULL;	219	CMS_ReceiptRequest *rr = NULL;
220	CMS_Receipt *rct = NULL;	220	CMS_Receipt *rct = NULL;
221	STACK_OF(CMS_SignerInfo) sis, osis;	221	STACK_OF(CMS_SignerInfo) sis, osis;
222	CMS_SignerInfo si, osi = NULL;	222	CMS_SignerInfo si, osi = NULL;
223	ASN1_OCTET_STRING msig, *pcont;	223	ASN1_OCTET_STRING msig, *pcont;
224	ASN1_OBJECT *octype;	224	ASN1_OBJECT *octype;
225	unsigned char dig[EVP_MAX_MD_SIZE];	225	unsigned char dig[EVP_MAX_MD_SIZE];
226	unsigned int diglen;	226	unsigned int diglen;
227		227
228	/* Get SignerInfos, also checks SignedData content type */	228	/* Get SignerInfos, also checks SignedData content type */
229	osis = CMS_get0_SignerInfos(req_cms);	229	osis = CMS_get0_SignerInfos(req_cms);
230	sis = CMS_get0_SignerInfos(cms);	230	sis = CMS_get0_SignerInfos(cms);
231	if (!osis \|\| !sis)	231	if (!osis \|\| !sis)
232	goto err;	232	goto err;
233		233
234	if (sk_CMS_SignerInfo_num(sis) != 1) {	234	if (sk_CMS_SignerInfo_num(sis) != 1) {
235	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);	235	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
236	goto err;	236	goto err;
237	}	237	}
238		238
239	/* Check receipt content type */	239	/* Check receipt content type */
240	if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {	240	if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
241	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);	241	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
242	goto err;	242	goto err;
243	}	243	}
244		244
245	/* Extract and decode receipt content */	245	/* Extract and decode receipt content */
246	pcont = CMS_get0_content(cms);	246	pcont = CMS_get0_content(cms);
247	if (!pcont \|\| !*pcont) {	247	if (!pcont \|\| !*pcont) {
248	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);	248	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
249	goto err;	249	goto err;
250	}	250	}
251		251
252	rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));	252	rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
253		253
254	if (!rct) {	254	if (!rct) {
255	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);	255	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
256	goto err;	256	goto err;
257	}	257	}
258		258
259	/* Locate original request */	259	/* Locate original request */
260		260
261	for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {	261	for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
262	osi = sk_CMS_SignerInfo_value(osis, i);	262	osi = sk_CMS_SignerInfo_value(osis, i);
263	if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))	263	if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
264	break;	264	break;
265	}	265	}
266		266
267	if (i == sk_CMS_SignerInfo_num(osis)) {	267	if (i == sk_CMS_SignerInfo_num(osis)) {
268	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);	268	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
269	goto err;	269	goto err;
270	}	270	}
271		271
272	si = sk_CMS_SignerInfo_value(sis, 0);	272	si = sk_CMS_SignerInfo_value(sis, 0);
273		273
274	/* Get msgSigDigest value and compare */	274	/* Get msgSigDigest value and compare */
275		275
276	msig = CMS_signed_get0_data_by_OBJ(si,	276	msig = CMS_signed_get0_data_by_OBJ(si,
277	OBJ_nid2obj	277	OBJ_nid2obj
278	(NID_id_smime_aa_msgSigDigest), -3,	278	(NID_id_smime_aa_msgSigDigest), -3,
279	V_ASN1_OCTET_STRING);	279	V_ASN1_OCTET_STRING);
280		280
281	if (!msig) {	281	if (!msig) {
282	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);	282	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
283	goto err;	283	goto err;
284	}	284	}
285		285
286	if (!cms_msgSigDigest(osi, dig, &diglen)) {	286	if (!cms_msgSigDigest(osi, dig, &diglen)) {
287	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);	287	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
288	goto err;	288	goto err;
289	}	289	}
290		290
291	if (diglen != (unsigned int)msig->length) {	291	if (diglen != (unsigned int)msig->length) {
292	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);	292	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
293	goto err;	293	goto err;
294	}	294	}
295		295
296	if (memcmp(dig, msig->data, diglen)) {	296	if (memcmp(dig, msig->data, diglen)) {
297	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,	297	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
298	CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);	298	CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
299	goto err;	299	goto err;
300	}	300	}
301		301
302	/* Compare content types */	302	/* Compare content types */
303		303
304	octype = CMS_signed_get0_data_by_OBJ(osi,	304	octype = CMS_signed_get0_data_by_OBJ(osi,
305	OBJ_nid2obj(NID_pkcs9_contentType),	305	OBJ_nid2obj(NID_pkcs9_contentType),
306	-3, V_ASN1_OBJECT);	306	-3, V_ASN1_OBJECT);
307	if (!octype) {	307	if (!octype) {
308	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);	308	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
309	goto err;	309	goto err;
310	}	310	}
311		311
312	/* Compare details in receipt request */	312	/* Compare details in receipt request */
313		313
314	if (OBJ_cmp(octype, rct->contentType)) {	314	if (OBJ_cmp(octype, rct->contentType)) {
315	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);	315	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
316	goto err;	316	goto err;
317	}	317	}
318		318
319	/* Get original receipt request details */	319	/* Get original receipt request details */
320		320
321	if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {	321	if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
322	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);	322	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
323	goto err;	323	goto err;
324	}	324	}
325		325
326	if (ASN1_STRING_cmp(rr->signedContentIdentifier,	326	if (ASN1_STRING_cmp(rr->signedContentIdentifier,
327	rct->signedContentIdentifier)) {	327	rct->signedContentIdentifier)) {
328	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);	328	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
329	goto err;	329	goto err;
330	}	330	}
331		331
332	r = 1;	332	r = 1;
333		333
334	err:	334	err:
335	CMS_ReceiptRequest_free(rr);	335	CMS_ReceiptRequest_free(rr);
336	M_ASN1_free_of(rct, CMS_Receipt);	336	M_ASN1_free_of(rct, CMS_Receipt);
337	return r;	337	return r;
338		338
339	}	339	}
340		340
@@ -345,38 +345,38 @@ int cms_Receipt_verify(CMS_ContentInfo cms, CMS_ContentInfo req_cms)
345		345
346	ASN1_OCTET_STRING cms_encode_Receipt(CMS_SignerInfo si)	346	ASN1_OCTET_STRING cms_encode_Receipt(CMS_SignerInfo si)
347	{	347	{
348	CMS_Receipt rct;	348	CMS_Receipt rct;
349	CMS_ReceiptRequest *rr = NULL;	349	CMS_ReceiptRequest *rr = NULL;
350	ASN1_OBJECT *ctype;	350	ASN1_OBJECT *ctype;
351	ASN1_OCTET_STRING *os = NULL;	351	ASN1_OCTET_STRING *os = NULL;
352		352
353	/* Get original receipt request */	353	/* Get original receipt request */
354		354
355	/* Get original receipt request details */	355	/* Get original receipt request details */
356		356
357	if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {	357	if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
358	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);	358	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
359	goto err;	359	goto err;
360	}	360	}
361		361
362	/* Get original content type */	362	/* Get original content type */
363		363
364	ctype = CMS_signed_get0_data_by_OBJ(si,	364	ctype = CMS_signed_get0_data_by_OBJ(si,
365	OBJ_nid2obj(NID_pkcs9_contentType),	365	OBJ_nid2obj(NID_pkcs9_contentType),
366	-3, V_ASN1_OBJECT);	366	-3, V_ASN1_OBJECT);
367	if (!ctype) {	367	if (!ctype) {
368	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);	368	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
369	goto err;	369	goto err;
370	}	370	}
371		371
372	rct.version = 1;	372	rct.version = 1;
373	rct.contentType = ctype;	373	rct.contentType = ctype;
374	rct.signedContentIdentifier = rr->signedContentIdentifier;	374	rct.signedContentIdentifier = rr->signedContentIdentifier;
375	rct.originatorSignatureValue = si->signature;	375	rct.originatorSignatureValue = si->signature;
376		376
377	os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);	377	os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
378		378
379	err:	379	err:
380	CMS_ReceiptRequest_free(rr);	380	CMS_ReceiptRequest_free(rr);
381	return os;	381	return os;
382	}	382	}