1 files changed, 105 insertions, 138 deletions
diff --git a/src/lib/libcrypto/cms/cms_ess.c b/src/lib/libcrypto/cms/cms_ess.c
index 8dbd56ef2b..6868edaaed 100644
--- a/src/lib/libcrypto/cms/cms_ess.c
+++ b/src/lib/libcrypto/cms/cms_ess.c
@@ -10,7 +10,7 @@
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
@@ -67,15 +67,17 @@ IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
 /* ESS services: for now just Signed Receipt related */
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
+int
-        {
+CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
+{
        ASN1_STRING *str;
        CMS_ReceiptRequest *rr = NULL;
        if (prr)
                *prr = NULL;
        str = CMS_signed_get0_data_by_OBJ(si,
-                                OBJ_nid2obj(NID_id_smime_aa_receiptRequest),
+            OBJ_nid2obj(NID_id_smime_aa_receiptRequest),
-                                        -3, V_ASN1_SEQUENCE);
+            -3, V_ASN1_SEQUENCE);
        if (!str)
                return 0;
@@ -87,13 +89,12 @@ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
        else
                CMS_ReceiptRequest_free(rr);
        return 1;
-        }
+}
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+CMS_ReceiptRequest *
-                                int allorfirst,
+CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst,
-                                STACK_OF(GENERAL_NAMES) *receiptList,
+    STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo)
-                                STACK_OF(GENERAL_NAMES) *receiptsTo)
+{
-        {
        CMS_ReceiptRequest *rr = NULL;
        rr = CMS_ReceiptRequest_new();
@@ -101,44 +102,38 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
                goto merr;
        if (id)
                ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
-        else
+        else {
-                {
                if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
                        goto merr;
-                if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32) 
+                if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
-                                        <= 0)
+                        <= 0)
                        goto err;
-                }
+        }
        sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
        rr->receiptsTo = receiptsTo;
-        if (receiptList)
+        if (receiptList) {
-                {
                rr->receiptsFrom->type = 1;
                rr->receiptsFrom->d.receiptList = receiptList;
-                }
+        } else {
-        else
-                {
                rr->receiptsFrom->type = 0;
                rr->receiptsFrom->d.allOrFirstTier = allorfirst;
-                }
+        }
        return rr;
-        merr:
+merr:
        CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
+err:
-        err:
        if (rr)
                CMS_ReceiptRequest_free(rr);
        return NULL;
-        
+}
-        }
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
+int
-        {
+CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
+{
        unsigned char *rrder = NULL;
        int rrderlen, r = 0;
@@ -147,86 +142,81 @@ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
                goto merr;
        if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
-                                        V_ASN1_SEQUENCE, rrder, rrderlen))
+            V_ASN1_SEQUENCE, rrder, rrderlen))
                goto merr;
        r = 1;
-        merr:
+merr:
        if (!r)
                CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
        free(rrder);
        return r;
-        
+}
-        }
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+void
-                                        ASN1_STRING **pcid,
+CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
-                                        int *pallorfirst,
+    int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist,
-                                        STACK_OF(GENERAL_NAMES) **plist,
+    STACK_OF(GENERAL_NAMES) **prto)
-                                        STACK_OF(GENERAL_NAMES) **prto)
+{
-        {
        if (pcid)
                *pcid = rr->signedContentIdentifier;
-        if (rr->receiptsFrom->type == 0)
+        if (rr->receiptsFrom->type == 0) {
-                {
                if (pallorfirst)
                        *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
                if (plist)
                        *plist = NULL;
-                }
+        } else {
-        else
-                {
                if (pallorfirst)
                        *pallorfirst = -1;
                if (plist)
                        *plist = rr->receiptsFrom->d.receiptList;
-                }
+        }
        if (prto)
                *prto = rr->receiptsTo;
-        }
+}
 /* Digest a SignerInfo structure for msgSigDigest attribute processing */
-static int cms_msgSigDigest(CMS_SignerInfo *si,
+static int
-                                unsigned char *dig, unsigned int *diglen)
+cms_msgSigDigest(CMS_SignerInfo *si, unsigned char *dig, unsigned int *diglen)
-        {
+{
        const EVP_MD *md;
        md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
        if (md == NULL)
                return 0;
        if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
-                                                si->signedAttrs, dig, diglen))
+            si->signedAttrs, dig, diglen))
                return 0;
        return 1;
-        }
+}
 /* Add a msgSigDigest attribute to a SignerInfo */
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
+int
-        {
+cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
+{
        unsigned char dig[EVP_MAX_MD_SIZE];
        unsigned int diglen;
-        if (!cms_msgSigDigest(src, dig, &diglen))
-                {
+        if (!cms_msgSigDigest(src, dig, &diglen)) {
                CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
                return 0;
-                }
+        }
        if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
-                                        V_ASN1_OCTET_STRING, dig, diglen))
+            V_ASN1_OCTET_STRING, dig, diglen)) {
-                {
                CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
                return 0;
-                }
-        return 1;
        }
+        return 1;
+}
 /* Verify signed receipt after it has already passed normal CMS verify */
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
+int
-        {
+cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
+{
        int r = 0, i;
        CMS_ReceiptRequest *rr = NULL;
        CMS_Receipt *rct = NULL;
@@ -243,138 +233,122 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
        if (!osis || !sis)
                goto err;
-        if (sk_CMS_SignerInfo_num(sis) != 1)
+        if (sk_CMS_SignerInfo_num(sis) != 1) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
                goto err;
-                }
+        }
        /* Check receipt content type */
-        if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt)
+        if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
                goto err;
-                }
+        }
        /* Extract and decode receipt content */
        pcont = CMS_get0_content(cms);
-        if (!pcont || !*pcont)
+        if (!pcont || !*pcont) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
                goto err;
-                }
+        }
        rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
-        if (!rct)       
+        if (!rct) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
                goto err;
-                }
+        }
        /* Locate original request */
-        for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++)
+        for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
-                {
                osi = sk_CMS_SignerInfo_value(osis, i);
                if (!ASN1_STRING_cmp(osi->signature,
-                                        rct->originatorSignatureValue))
+                    rct->originatorSignatureValue))
                        break;
-                }
+        }
-        if (i == sk_CMS_SignerInfo_num(osis))
+        if (i == sk_CMS_SignerInfo_num(osis)) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
                goto err;
-                }
+        }
        si = sk_CMS_SignerInfo_value(sis, 0);
        /* Get msgSigDigest value and compare */
        msig = CMS_signed_get0_data_by_OBJ(si,
-                                OBJ_nid2obj(NID_id_smime_aa_msgSigDigest),
+            OBJ_nid2obj(NID_id_smime_aa_msgSigDigest), -3, V_ASN1_OCTET_STRING);
-                                        -3, V_ASN1_OCTET_STRING);
-        if (!msig)
+        if (!msig) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
                goto err;
-                }
+        }
-        if (!cms_msgSigDigest(osi, dig, &diglen))
+        if (!cms_msgSigDigest(osi, dig, &diglen)) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
                goto err;
-                }
+        }
-        if (diglen != (unsigned int)msig->length)
+        if (diglen != (unsigned int)msig->length) {
-                        {
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-                        CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+                    CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
-                                CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
+                goto err;
-                        goto err;
+        }
-                        }
-        if (memcmp(dig, msig->data, diglen))
+        if (memcmp(dig, msig->data, diglen)) {
-                        {
+                CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-                        CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+                    CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
-                                CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
+                goto err;
-                        goto err;
+        }
-                        }
        /* Compare content types */
        octype = CMS_signed_get0_data_by_OBJ(osi,
-                                OBJ_nid2obj(NID_pkcs9_contentType),
+            OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
-                                        -3, V_ASN1_OBJECT);
+        if (!octype) {
-        if (!octype)
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
                goto err;
-                }
+        }
        /* Compare details in receipt request */
-        if (OBJ_cmp(octype, rct->contentType))
+        if (OBJ_cmp(octype, rct->contentType)) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
                goto err;
-                }
+        }
        /* Get original receipt request details */
-        if (CMS_get1_ReceiptRequest(osi, &rr) <= 0)
+        if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
                goto err;
-                }
+        }
        if (ASN1_STRING_cmp(rr->signedContentIdentifier,
-                                        rct->signedContentIdentifier))
+            rct->signedContentIdentifier)) {
-                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-                                        CMS_R_CONTENTIDENTIFIER_MISMATCH);
+                    CMS_R_CONTENTIDENTIFIER_MISMATCH);
                goto err;
-                }
+        }
        r = 1;
-        err:
+err:
        if (rr)
                CMS_ReceiptRequest_free(rr);
        if (rct)
                M_ASN1_free_of(rct, CMS_Receipt);
        return r;
+}
-        }
 /* Encode a Receipt into an OCTET STRING read for including into content of
 * a SignedData ContentInfo.
 */
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
+ASN1_OCTET_STRING *
-        {
+cms_encode_Receipt(CMS_SignerInfo *si)
+{
        CMS_Receipt rct;
        CMS_ReceiptRequest *rr = NULL;
        ASN1_OBJECT *ctype;
@@ -384,22 +358,19 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
        /* Get original receipt request details */
-        if (CMS_get1_ReceiptRequest(si, &rr) <= 0)
+        if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
-                {
                CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
                goto err;
-                }
+        }
        /* Get original content type */
        ctype = CMS_signed_get0_data_by_OBJ(si,
-                                OBJ_nid2obj(NID_pkcs9_contentType),
+            OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
-                                        -3, V_ASN1_OBJECT);
+        if (!ctype) {
-        if (!ctype)
-                {
                CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
                goto err;
-                }
+        }
        rct.version = 1;
        rct.contentType = ctype;
@@ -408,12 +379,8 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
        os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
-        err:
+err:
        if (rr)
                CMS_ReceiptRequest_free(rr);
        return os;
+}
-        }

diff --git a/src/lib/libcrypto/cms/cms_ess.c b/src/lib/libcrypto/cms/cms_ess.c index 8dbd56ef2b..6868edaaed 100644 --- a/src/lib/libcrypto/cms/cms_ess.c +++ b/src/lib/libcrypto/cms/cms_ess.c
@@ -10,7 +10,7 @@
10	* are met:	10	* are met:
11	*	11	*
12	* 1. Redistributions of source code must retain the above copyright	12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.	13	* notice, this list of conditions and the following disclaimer.
14	*	14	*
15	* 2. Redistributions in binary form must reproduce the above copyright	15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in	16	* notice, this list of conditions and the following disclaimer in
@@ -67,15 +67,17 @@ IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
67		67
68	/* ESS services: for now just Signed Receipt related */	68	/* ESS services: for now just Signed Receipt related */
69		69
70	int CMS_get1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest *prr)	70	int
71	{	71	CMS_get1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest *prr)
		72	{
72	ASN1_STRING *str;	73	ASN1_STRING *str;
73	CMS_ReceiptRequest *rr = NULL;	74	CMS_ReceiptRequest *rr = NULL;
		75
74	if (prr)	76	if (prr)
75	*prr = NULL;	77	*prr = NULL;
76	str = CMS_signed_get0_data_by_OBJ(si,	78	str = CMS_signed_get0_data_by_OBJ(si,
77	OBJ_nid2obj(NID_id_smime_aa_receiptRequest),	79	OBJ_nid2obj(NID_id_smime_aa_receiptRequest),
78	-3, V_ASN1_SEQUENCE);	80	-3, V_ASN1_SEQUENCE);
79	if (!str)	81	if (!str)
80	return 0;	82	return 0;
81		83
@@ -87,13 +89,12 @@ int CMS_get1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest *prr)
87	else	89	else
88	CMS_ReceiptRequest_free(rr);	90	CMS_ReceiptRequest_free(rr);
89	return 1;	91	return 1;
90	}	92	}
91		93
92	CMS_ReceiptRequest CMS_ReceiptRequest_create0(unsigned char id, int idlen,	94	CMS_ReceiptRequest *
93	int allorfirst,	95	CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst,
94	STACK_OF(GENERAL_NAMES) *receiptList,	96	STACK_OF(GENERAL_NAMES) receiptList, STACK_OF(GENERAL_NAMES) receiptsTo)
95	STACK_OF(GENERAL_NAMES) *receiptsTo)	97	{
96	{
97	CMS_ReceiptRequest *rr = NULL;	98	CMS_ReceiptRequest *rr = NULL;
98		99
99	rr = CMS_ReceiptRequest_new();	100	rr = CMS_ReceiptRequest_new();
@@ -101,44 +102,38 @@ CMS_ReceiptRequest CMS_ReceiptRequest_create0(unsigned char id, int idlen,
101	goto merr;	102	goto merr;
102	if (id)	103	if (id)
103	ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);	104	ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
104	else	105	else {
105	{
106	if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))	106	if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
107	goto merr;	107	goto merr;
108	if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)	108	if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
109	<= 0)	109	<= 0)
110	goto err;	110	goto err;
111	}	111	}
112		112
113	sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);	113	sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
114	rr->receiptsTo = receiptsTo;	114	rr->receiptsTo = receiptsTo;
115		115
116	if (receiptList)	116	if (receiptList) {
117	{
118	rr->receiptsFrom->type = 1;	117	rr->receiptsFrom->type = 1;
119	rr->receiptsFrom->d.receiptList = receiptList;	118	rr->receiptsFrom->d.receiptList = receiptList;
120	}	119	} else {
121	else
122	{
123	rr->receiptsFrom->type = 0;	120	rr->receiptsFrom->type = 0;
124	rr->receiptsFrom->d.allOrFirstTier = allorfirst;	121	rr->receiptsFrom->d.allOrFirstTier = allorfirst;
125	}	122	}
126		123
127	return rr;	124	return rr;
128		125
129	merr:	126	merr:
130	CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);	127	CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
131		128	err:
132	err:
133	if (rr)	129	if (rr)
134	CMS_ReceiptRequest_free(rr);	130	CMS_ReceiptRequest_free(rr);
135
136	return NULL;	131	return NULL;
137		132	}
138	}
139		133
140	int CMS_add1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest rr)	134	int
141	{	135	CMS_add1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest rr)
		136	{
142	unsigned char *rrder = NULL;	137	unsigned char *rrder = NULL;
143	int rrderlen, r = 0;	138	int rrderlen, r = 0;
144		139
@@ -147,86 +142,81 @@ int CMS_add1_ReceiptRequest(CMS_SignerInfo si, CMS_ReceiptRequest rr)
147	goto merr;	142	goto merr;
148		143
149	if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,	144	if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
150	V_ASN1_SEQUENCE, rrder, rrderlen))	145	V_ASN1_SEQUENCE, rrder, rrderlen))
151	goto merr;	146	goto merr;
152		147
153	r = 1;	148	r = 1;
154		149
155	merr:	150	merr:
156	if (!r)	151	if (!r)
157	CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);	152	CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
158
159	free(rrder);	153	free(rrder);
160
161	return r;	154	return r;
162		155	}
163	}
164		156
165	void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,	157	void
166	ASN1_STRING **pcid,	158	CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest rr, ASN1_STRING *pcid,
167	int *pallorfirst,	159	int pallorfirst, STACK_OF(GENERAL_NAMES) *plist,
168	STACK_OF(GENERAL_NAMES) **plist,	160	STACK_OF(GENERAL_NAMES) **prto)
169	STACK_OF(GENERAL_NAMES) **prto)	161	{
170	{
171	if (pcid)	162	if (pcid)
172	*pcid = rr->signedContentIdentifier;	163	*pcid = rr->signedContentIdentifier;
173	if (rr->receiptsFrom->type == 0)	164	if (rr->receiptsFrom->type == 0) {
174	{
175	if (pallorfirst)	165	if (pallorfirst)
176	*pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;	166	*pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
177	if (plist)	167	if (plist)
178	*plist = NULL;	168	*plist = NULL;
179	}	169	} else {
180	else
181	{
182	if (pallorfirst)	170	if (pallorfirst)
183	*pallorfirst = -1;	171	*pallorfirst = -1;
184	if (plist)	172	if (plist)
185	*plist = rr->receiptsFrom->d.receiptList;	173	*plist = rr->receiptsFrom->d.receiptList;
186	}	174	}
187	if (prto)	175	if (prto)
188	*prto = rr->receiptsTo;	176	*prto = rr->receiptsTo;
189	}	177	}
190		178
191	/* Digest a SignerInfo structure for msgSigDigest attribute processing */	179	/* Digest a SignerInfo structure for msgSigDigest attribute processing */
192		180
193	static int cms_msgSigDigest(CMS_SignerInfo *si,	181	static int
194	unsigned char dig, unsigned int diglen)	182	cms_msgSigDigest(CMS_SignerInfo si, unsigned char dig, unsigned int *diglen)
195	{	183	{
196	const EVP_MD *md;	184	const EVP_MD *md;
		185
197	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);	186	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
198	if (md == NULL)	187	if (md == NULL)
199	return 0;	188	return 0;
200	if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,	189	if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
201	si->signedAttrs, dig, diglen))	190	si->signedAttrs, dig, diglen))
202	return 0;	191	return 0;
203	return 1;	192	return 1;
204	}	193	}
205		194
206	/* Add a msgSigDigest attribute to a SignerInfo */	195	/* Add a msgSigDigest attribute to a SignerInfo */
207		196
208	int cms_msgSigDigest_add1(CMS_SignerInfo dest, CMS_SignerInfo src)	197	int
209	{	198	cms_msgSigDigest_add1(CMS_SignerInfo dest, CMS_SignerInfo src)
		199	{
210	unsigned char dig[EVP_MAX_MD_SIZE];	200	unsigned char dig[EVP_MAX_MD_SIZE];
211	unsigned int diglen;	201	unsigned int diglen;
212	if (!cms_msgSigDigest(src, dig, &diglen))	202
213	{	203	if (!cms_msgSigDigest(src, dig, &diglen)) {
214	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);	204	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
215	return 0;	205	return 0;
216	}	206	}
217	if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,	207	if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
218	V_ASN1_OCTET_STRING, dig, diglen))	208	V_ASN1_OCTET_STRING, dig, diglen)) {
219	{
220	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);	209	CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
221	return 0;	210	return 0;
222	}
223	return 1;
224	}	211	}
		212	return 1;
		213	}
225		214
226	/* Verify signed receipt after it has already passed normal CMS verify */	215	/* Verify signed receipt after it has already passed normal CMS verify */
227		216
228	int cms_Receipt_verify(CMS_ContentInfo cms, CMS_ContentInfo req_cms)	217	int
229	{	218	cms_Receipt_verify(CMS_ContentInfo cms, CMS_ContentInfo req_cms)
		219	{
230	int r = 0, i;	220	int r = 0, i;
231	CMS_ReceiptRequest *rr = NULL;	221	CMS_ReceiptRequest *rr = NULL;
232	CMS_Receipt *rct = NULL;	222	CMS_Receipt *rct = NULL;
@@ -243,138 +233,122 @@ int cms_Receipt_verify(CMS_ContentInfo cms, CMS_ContentInfo req_cms)
243	if (!osis \|\| !sis)	233	if (!osis \|\| !sis)
244	goto err;	234	goto err;
245		235
246	if (sk_CMS_SignerInfo_num(sis) != 1)	236	if (sk_CMS_SignerInfo_num(sis) != 1) {
247	{
248	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);	237	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
249	goto err;	238	goto err;
250	}	239	}
251		240
252	/* Check receipt content type */	241	/* Check receipt content type */
253	if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt)	242	if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
254	{
255	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);	243	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
256	goto err;	244	goto err;
257	}	245	}
258		246
259	/* Extract and decode receipt content */	247	/* Extract and decode receipt content */
260	pcont = CMS_get0_content(cms);	248	pcont = CMS_get0_content(cms);
261	if (!pcont \|\| !*pcont)	249	if (!pcont \|\| !*pcont) {
262	{
263	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);	250	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
264	goto err;	251	goto err;
265	}	252	}
266		253
267	rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));	254	rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
268		255
269	if (!rct)	256	if (!rct) {
270	{
271	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);	257	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
272	goto err;	258	goto err;
273	}	259	}
274		260
275	/* Locate original request */	261	/* Locate original request */
276		262
277	for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++)	263	for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
278	{
279	osi = sk_CMS_SignerInfo_value(osis, i);	264	osi = sk_CMS_SignerInfo_value(osis, i);
280	if (!ASN1_STRING_cmp(osi->signature,	265	if (!ASN1_STRING_cmp(osi->signature,
281	rct->originatorSignatureValue))	266	rct->originatorSignatureValue))
282	break;	267	break;
283	}	268	}
284		269
285	if (i == sk_CMS_SignerInfo_num(osis))	270	if (i == sk_CMS_SignerInfo_num(osis)) {
286	{
287	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);	271	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
288	goto err;	272	goto err;
289	}	273	}
290		274
291	si = sk_CMS_SignerInfo_value(sis, 0);	275	si = sk_CMS_SignerInfo_value(sis, 0);
292		276
293	/* Get msgSigDigest value and compare */	277	/* Get msgSigDigest value and compare */
294		278
295	msig = CMS_signed_get0_data_by_OBJ(si,	279	msig = CMS_signed_get0_data_by_OBJ(si,
296	OBJ_nid2obj(NID_id_smime_aa_msgSigDigest),	280	OBJ_nid2obj(NID_id_smime_aa_msgSigDigest), -3, V_ASN1_OCTET_STRING);
297	-3, V_ASN1_OCTET_STRING);
298		281
299	if (!msig)	282	if (!msig) {
300	{
301	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);	283	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
302	goto err;	284	goto err;
303	}	285	}
304		286
305	if (!cms_msgSigDigest(osi, dig, &diglen))	287	if (!cms_msgSigDigest(osi, dig, &diglen)) {
306	{
307	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);	288	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
308	goto err;	289	goto err;
309	}	290	}
310		291
311	if (diglen != (unsigned int)msig->length)	292	if (diglen != (unsigned int)msig->length) {
312	{	293	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
313	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,	294	CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
314	CMS_R_MSGSIGDIGEST_WRONG_LENGTH);	295	goto err;
315	goto err;	296	}
316	}
317		297
318	if (memcmp(dig, msig->data, diglen))	298	if (memcmp(dig, msig->data, diglen)) {
319	{	299	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
320	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,	300	CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
321	CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);	301	goto err;
322	goto err;	302	}
323	}
324		303
325	/* Compare content types */	304	/* Compare content types */
326		305
327	octype = CMS_signed_get0_data_by_OBJ(osi,	306	octype = CMS_signed_get0_data_by_OBJ(osi,
328	OBJ_nid2obj(NID_pkcs9_contentType),	307	OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
329	-3, V_ASN1_OBJECT);	308	if (!octype) {
330	if (!octype)
331	{
332	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);	309	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
333	goto err;	310	goto err;
334	}	311	}
335		312
336	/* Compare details in receipt request */	313	/* Compare details in receipt request */
337		314
338	if (OBJ_cmp(octype, rct->contentType))	315	if (OBJ_cmp(octype, rct->contentType)) {
339	{
340	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);	316	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
341	goto err;	317	goto err;
342	}	318	}
343		319
344	/* Get original receipt request details */	320	/* Get original receipt request details */
345		321
346	if (CMS_get1_ReceiptRequest(osi, &rr) <= 0)	322	if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
347	{
348	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);	323	CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
349	goto err;	324	goto err;
350	}	325	}
351		326
352	if (ASN1_STRING_cmp(rr->signedContentIdentifier,	327	if (ASN1_STRING_cmp(rr->signedContentIdentifier,
353	rct->signedContentIdentifier))	328	rct->signedContentIdentifier)) {
354	{
355	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,	329	CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
356	CMS_R_CONTENTIDENTIFIER_MISMATCH);	330	CMS_R_CONTENTIDENTIFIER_MISMATCH);
357	goto err;	331	goto err;
358	}	332	}
359		333
360	r = 1;	334	r = 1;
361		335
362	err:	336	err:
363	if (rr)	337	if (rr)
364	CMS_ReceiptRequest_free(rr);	338	CMS_ReceiptRequest_free(rr);
365	if (rct)	339	if (rct)
366	M_ASN1_free_of(rct, CMS_Receipt);	340	M_ASN1_free_of(rct, CMS_Receipt);
367		341
368	return r;	342	return r;
369		343	}
370	}
371		344
372	/* Encode a Receipt into an OCTET STRING read for including into content of	345	/* Encode a Receipt into an OCTET STRING read for including into content of
373	* a SignedData ContentInfo.	346	* a SignedData ContentInfo.
374	*/	347	*/
375		348
376	ASN1_OCTET_STRING cms_encode_Receipt(CMS_SignerInfo si)	349	ASN1_OCTET_STRING *
377	{	350	cms_encode_Receipt(CMS_SignerInfo *si)
		351	{
378	CMS_Receipt rct;	352	CMS_Receipt rct;
379	CMS_ReceiptRequest *rr = NULL;	353	CMS_ReceiptRequest *rr = NULL;
380	ASN1_OBJECT *ctype;	354	ASN1_OBJECT *ctype;
@@ -384,22 +358,19 @@ ASN1_OCTET_STRING cms_encode_Receipt(CMS_SignerInfo si)
384		358
385	/* Get original receipt request details */	359	/* Get original receipt request details */
386		360
387	if (CMS_get1_ReceiptRequest(si, &rr) <= 0)	361	if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
388	{
389	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);	362	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
390	goto err;	363	goto err;
391	}	364	}
392		365
393	/* Get original content type */	366	/* Get original content type */
394		367
395	ctype = CMS_signed_get0_data_by_OBJ(si,	368	ctype = CMS_signed_get0_data_by_OBJ(si,
396	OBJ_nid2obj(NID_pkcs9_contentType),	369	OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
397	-3, V_ASN1_OBJECT);	370	if (!ctype) {
398	if (!ctype)
399	{
400	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);	371	CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
401	goto err;	372	goto err;
402	}	373	}
403		374
404	rct.version = 1;	375	rct.version = 1;
405	rct.contentType = ctype;	376	rct.contentType = ctype;
@@ -408,12 +379,8 @@ ASN1_OCTET_STRING cms_encode_Receipt(CMS_SignerInfo si)
408		379
409	os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);	380	os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
410		381
411	err:	382	err:
412	if (rr)	383	if (rr)
413	CMS_ReceiptRequest_free(rr);	384	CMS_ReceiptRequest_free(rr);
414
415	return os;	385	return os;
416		386	}
417	}
418
419