summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/cms/cms_smime.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/cms/cms_smime.c536
1 files changed, 253 insertions, 283 deletions
diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c
index 94f60c1b5c..e32a58b3bc 100644
--- a/src/lib/libcrypto/cms/cms_smime.c
+++ b/src/lib/libcrypto/cms/cms_smime.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -59,114 +59,107 @@
59#include <openssl/cms.h> 59#include <openssl/cms.h>
60#include "cms_lcl.h" 60#include "cms_lcl.h"
61 61
62static int cms_copy_content(BIO *out, BIO *in, unsigned int flags) 62static int
63 { 63cms_copy_content(BIO *out, BIO *in, unsigned int flags)
64{
64 unsigned char buf[4096]; 65 unsigned char buf[4096];
65 int r = 0, i; 66 int r = 0, i;
66 BIO *tmpout = NULL; 67 BIO *tmpout = NULL;
67 68
68 if (out == NULL) 69 if (out == NULL)
69 tmpout = BIO_new(BIO_s_null()); 70 tmpout = BIO_new(BIO_s_null());
70 else if (flags & CMS_TEXT) 71 else if (flags & CMS_TEXT) {
71 {
72 tmpout = BIO_new(BIO_s_mem()); 72 tmpout = BIO_new(BIO_s_mem());
73 BIO_set_mem_eof_return(tmpout, 0); 73 BIO_set_mem_eof_return(tmpout, 0);
74 } 74 } else
75 else
76 tmpout = out; 75 tmpout = out;
77 76
78 if(!tmpout) 77 if (!tmpout) {
79 { 78 CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE);
80 CMSerr(CMS_F_CMS_COPY_CONTENT,ERR_R_MALLOC_FAILURE);
81 goto err; 79 goto err;
82 } 80 }
83 81
84 /* Read all content through chain to process digest, decrypt etc */ 82 /* Read all content through chain to process digest, decrypt etc */
85 for (;;) 83 for (;;) {
86 { 84 i = BIO_read(in, buf, sizeof(buf));
87 i=BIO_read(in,buf,sizeof(buf)); 85 if (i <= 0) {
88 if (i <= 0) 86 if (BIO_method_type(in) == BIO_TYPE_CIPHER) {
89 {
90 if (BIO_method_type(in) == BIO_TYPE_CIPHER)
91 {
92 if (!BIO_get_cipher_status(in)) 87 if (!BIO_get_cipher_status(in))
93 goto err; 88 goto err;
94 } 89 }
95 if (i < 0) 90 if (i < 0)
96 goto err; 91 goto err;
97 break; 92 break;
98 } 93 }
99 94
100 if (tmpout && (BIO_write(tmpout, buf, i) != i)) 95 if (tmpout && (BIO_write(tmpout, buf, i) != i))
101 goto err; 96 goto err;
102 } 97 }
103 98
104 if(flags & CMS_TEXT) 99 if (flags & CMS_TEXT) {
105 { 100 if (!SMIME_text(tmpout, out)) {
106 if(!SMIME_text(tmpout, out)) 101 CMSerr(CMS_F_CMS_COPY_CONTENT, CMS_R_SMIME_TEXT_ERROR);
107 {
108 CMSerr(CMS_F_CMS_COPY_CONTENT,CMS_R_SMIME_TEXT_ERROR);
109 goto err; 102 goto err;
110 }
111 } 103 }
104 }
112 105
113 r = 1; 106 r = 1;
114 107
115 err: 108err:
116 if (tmpout && (tmpout != out)) 109 if (tmpout && (tmpout != out))
117 BIO_free(tmpout); 110 BIO_free(tmpout);
118 return r; 111 return r;
112}
119 113
120 } 114static int
121 115check_content(CMS_ContentInfo *cms)
122static int check_content(CMS_ContentInfo *cms) 116{
123 {
124 ASN1_OCTET_STRING **pos = CMS_get0_content(cms); 117 ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
125 if (!pos || !*pos) 118
126 { 119 if (!pos || !*pos) {
127 CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT); 120 CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT);
128 return 0; 121 return 0;
129 }
130 return 1;
131 } 122 }
123 return 1;
124}
132 125
133static void do_free_upto(BIO *f, BIO *upto) 126static void
134 { 127do_free_upto(BIO *f, BIO *upto)
135 if (upto) 128{
136 { 129 if (upto) {
137 BIO *tbio; 130 BIO *tbio;
138 do 131 do {
139 {
140 tbio = BIO_pop(f); 132 tbio = BIO_pop(f);
141 BIO_free(f); 133 BIO_free(f);
142 f = tbio; 134 f = tbio;
143 } 135 } while (f != upto);
144 while (f != upto); 136 } else
145 }
146 else
147 BIO_free_all(f); 137 BIO_free_all(f);
148 } 138}
149 139
150int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags) 140int
151 { 141CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
142{
152 BIO *cont; 143 BIO *cont;
153 int r; 144 int r;
154 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) 145
155 { 146 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) {
156 CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA); 147 CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA);
157 return 0; 148 return 0;
158 } 149 }
159 cont = CMS_dataInit(cms, NULL); 150 cont = CMS_dataInit(cms, NULL);
160 if (!cont) 151 if (!cont)
161 return 0; 152 return 0;
162 r = cms_copy_content(out, cont, flags); 153 r = cms_copy_content(out, cont, flags);
163 BIO_free_all(cont); 154 BIO_free_all(cont);
164 return r; 155 return r;
165 } 156}
166 157
167CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags) 158CMS_ContentInfo *
168 { 159CMS_data_create(BIO *in, unsigned int flags)
160{
169 CMS_ContentInfo *cms; 161 CMS_ContentInfo *cms;
162
170 cms = cms_Data_create(); 163 cms = cms_Data_create();
171 if (!cms) 164 if (!cms)
172 return NULL; 165 return NULL;
@@ -177,18 +170,19 @@ CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
177 CMS_ContentInfo_free(cms); 170 CMS_ContentInfo_free(cms);
178 171
179 return NULL; 172 return NULL;
180 } 173}
181 174
182int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, 175int
183 unsigned int flags) 176CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
184 { 177 unsigned int flags)
178{
185 BIO *cont; 179 BIO *cont;
186 int r; 180 int r;
187 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) 181
188 { 182 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) {
189 CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA); 183 CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA);
190 return 0; 184 return 0;
191 } 185 }
192 186
193 if (!dcont && !check_content(cms)) 187 if (!dcont && !check_content(cms))
194 return 0; 188 return 0;
@@ -201,19 +195,20 @@ int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
201 r = cms_DigestedData_do_final(cms, cont, 1); 195 r = cms_DigestedData_do_final(cms, cont, 1);
202 do_free_upto(cont, dcont); 196 do_free_upto(cont, dcont);
203 return r; 197 return r;
204 } 198}
205 199
206CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, 200CMS_ContentInfo *
207 unsigned int flags) 201CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags)
208 { 202{
209 CMS_ContentInfo *cms; 203 CMS_ContentInfo *cms;
204
210 if (!md) 205 if (!md)
211 md = EVP_sha1(); 206 md = EVP_sha1();
212 cms = cms_DigestedData_create(md); 207 cms = cms_DigestedData_create(md);
213 if (!cms) 208 if (!cms)
214 return NULL; 209 return NULL;
215 210
216 if(!(flags & CMS_DETACHED)) 211 if (!(flags & CMS_DETACHED))
217 CMS_set_detached(cms, 0); 212 CMS_set_detached(cms, 0);
218 213
219 if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags)) 214 if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
@@ -221,20 +216,20 @@ CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
221 216
222 CMS_ContentInfo_free(cms); 217 CMS_ContentInfo_free(cms);
223 return NULL; 218 return NULL;
224 } 219}
225 220
226int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, 221int
227 const unsigned char *key, size_t keylen, 222CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key,
228 BIO *dcont, BIO *out, unsigned int flags) 223 size_t keylen, BIO *dcont, BIO *out, unsigned int flags)
229 { 224{
230 BIO *cont; 225 BIO *cont;
231 int r; 226 int r;
232 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) 227
233 { 228 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) {
234 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT, 229 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT,
235 CMS_R_TYPE_NOT_ENCRYPTED_DATA); 230 CMS_R_TYPE_NOT_ENCRYPTED_DATA);
236 return 0; 231 return 0;
237 } 232 }
238 233
239 if (!dcont && !check_content(cms)) 234 if (!dcont && !check_content(cms))
240 return 0; 235 return 0;
@@ -247,75 +242,73 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
247 r = cms_copy_content(out, cont, flags); 242 r = cms_copy_content(out, cont, flags);
248 do_free_upto(cont, dcont); 243 do_free_upto(cont, dcont);
249 return r; 244 return r;
250 } 245}
251 246
252CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, 247CMS_ContentInfo *
253 const unsigned char *key, size_t keylen, 248CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
254 unsigned int flags) 249 const unsigned char *key, size_t keylen, unsigned int flags)
255 { 250{
256 CMS_ContentInfo *cms; 251 CMS_ContentInfo *cms;
257 if (!cipher) 252
258 { 253 if (!cipher) {
259 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER); 254 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER);
260 return NULL; 255 return NULL;
261 } 256 }
262 cms = CMS_ContentInfo_new(); 257 cms = CMS_ContentInfo_new();
263 if (!cms) 258 if (!cms)
264 return NULL; 259 return NULL;
265 if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen)) 260 if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
266 return NULL; 261 return NULL;
267 262
268 if(!(flags & CMS_DETACHED)) 263 if (!(flags & CMS_DETACHED))
269 CMS_set_detached(cms, 0); 264 CMS_set_detached(cms, 0);
270 265
271 if ((flags & (CMS_STREAM|CMS_PARTIAL)) 266 if ((flags & (CMS_STREAM|CMS_PARTIAL)) ||
272 || CMS_final(cms, in, NULL, flags)) 267 CMS_final(cms, in, NULL, flags))
273 return cms; 268 return cms;
274 269
275 CMS_ContentInfo_free(cms); 270 CMS_ContentInfo_free(cms);
276 return NULL; 271 return NULL;
277 } 272}
278 273
279static int cms_signerinfo_verify_cert(CMS_SignerInfo *si, 274static int
280 X509_STORE *store, 275cms_signerinfo_verify_cert(CMS_SignerInfo *si, X509_STORE *store,
281 STACK_OF(X509) *certs, 276 STACK_OF(X509) *certs, STACK_OF(X509_CRL) *crls, unsigned int flags)
282 STACK_OF(X509_CRL) *crls, 277{
283 unsigned int flags)
284 {
285 X509_STORE_CTX ctx; 278 X509_STORE_CTX ctx;
286 X509 *signer; 279 X509 *signer;
287 int i, j, r = 0; 280 int i, j, r = 0;
281
288 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); 282 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
289 if (!X509_STORE_CTX_init(&ctx, store, signer, certs)) 283 if (!X509_STORE_CTX_init(&ctx, store, signer, certs)) {
290 {
291 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, 284 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
292 CMS_R_STORE_INIT_ERROR); 285 CMS_R_STORE_INIT_ERROR);
293 goto err; 286 goto err;
294 } 287 }
295 X509_STORE_CTX_set_default(&ctx, "smime_sign"); 288 X509_STORE_CTX_set_default(&ctx, "smime_sign");
296 if (crls) 289 if (crls)
297 X509_STORE_CTX_set0_crls(&ctx, crls); 290 X509_STORE_CTX_set0_crls(&ctx, crls);
298 291
299 i = X509_verify_cert(&ctx); 292 i = X509_verify_cert(&ctx);
300 if (i <= 0) 293 if (i <= 0) {
301 {
302 j = X509_STORE_CTX_get_error(&ctx); 294 j = X509_STORE_CTX_get_error(&ctx);
303 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, 295 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
304 CMS_R_CERTIFICATE_VERIFY_ERROR); 296 CMS_R_CERTIFICATE_VERIFY_ERROR);
305 ERR_asprintf_error_data("Verify error:%s", 297 ERR_asprintf_error_data("Verify error:%s",
306 X509_verify_cert_error_string(j)); 298 X509_verify_cert_error_string(j));
307 goto err; 299 goto err;
308 } 300 }
309 r = 1; 301 r = 1;
310 err: 302
303err:
311 X509_STORE_CTX_cleanup(&ctx); 304 X509_STORE_CTX_cleanup(&ctx);
312 return r; 305 return r;
306}
313 307
314 } 308int
315 309CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
316int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, 310 BIO *dcont, BIO *out, unsigned int flags)
317 X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags) 311{
318 {
319 CMS_SignerInfo *si; 312 CMS_SignerInfo *si;
320 STACK_OF(CMS_SignerInfo) *sinfos; 313 STACK_OF(CMS_SignerInfo) *sinfos;
321 STACK_OF(X509) *cms_certs = NULL; 314 STACK_OF(X509) *cms_certs = NULL;
@@ -331,58 +324,51 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
331 324
332 sinfos = CMS_get0_SignerInfos(cms); 325 sinfos = CMS_get0_SignerInfos(cms);
333 326
334 if (sk_CMS_SignerInfo_num(sinfos) <= 0) 327 if (sk_CMS_SignerInfo_num(sinfos) <= 0) {
335 {
336 CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS); 328 CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS);
337 goto err; 329 goto err;
338 } 330 }
339 331
340 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) 332 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
341 {
342 si = sk_CMS_SignerInfo_value(sinfos, i); 333 si = sk_CMS_SignerInfo_value(sinfos, i);
343 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); 334 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
344 if (signer) 335 if (signer)
345 scount++; 336 scount++;
346 } 337 }
347 338
348 if (scount != sk_CMS_SignerInfo_num(sinfos)) 339 if (scount != sk_CMS_SignerInfo_num(sinfos))
349 scount += CMS_set1_signers_certs(cms, certs, flags); 340 scount += CMS_set1_signers_certs(cms, certs, flags);
350 341
351 if (scount != sk_CMS_SignerInfo_num(sinfos)) 342 if (scount != sk_CMS_SignerInfo_num(sinfos)) {
352 {
353 CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND); 343 CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND);
354 goto err; 344 goto err;
355 } 345 }
356 346
357 /* Attempt to verify all signers certs */ 347 /* Attempt to verify all signers certs */
358 348
359 if (!(flags & CMS_NO_SIGNER_CERT_VERIFY)) 349 if (!(flags & CMS_NO_SIGNER_CERT_VERIFY)) {
360 {
361 cms_certs = CMS_get1_certs(cms); 350 cms_certs = CMS_get1_certs(cms);
362 if (!(flags & CMS_NOCRL)) 351 if (!(flags & CMS_NOCRL))
363 crls = CMS_get1_crls(cms); 352 crls = CMS_get1_crls(cms);
364 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) 353 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
365 {
366 si = sk_CMS_SignerInfo_value(sinfos, i); 354 si = sk_CMS_SignerInfo_value(sinfos, i);
367 if (!cms_signerinfo_verify_cert(si, store, 355 if (!cms_signerinfo_verify_cert(si, store,
368 cms_certs, crls, flags)) 356 cms_certs, crls, flags))
369 goto err; 357 goto err;
370 }
371 } 358 }
359 }
372 360
373 /* Attempt to verify all SignerInfo signed attribute signatures */ 361 /* Attempt to verify all SignerInfo signed attribute signatures */
374 362
375 if (!(flags & CMS_NO_ATTR_VERIFY)) 363 if (!(flags & CMS_NO_ATTR_VERIFY)) {
376 { 364 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
377 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
378 {
379 si = sk_CMS_SignerInfo_value(sinfos, i); 365 si = sk_CMS_SignerInfo_value(sinfos, i);
380 if (CMS_signed_get_attr_count(si) < 0) 366 if (CMS_signed_get_attr_count(si) < 0)
381 continue; 367 continue;
382 if (CMS_SignerInfo_verify(si) <= 0) 368 if (CMS_SignerInfo_verify(si) <= 0)
383 goto err; 369 goto err;
384 }
385 } 370 }
371 }
386 372
387 /* Performance optimization: if the content is a memory BIO then 373 /* Performance optimization: if the content is a memory BIO then
388 * store its contents in a temporary read only memory BIO. This 374 * store its contents in a temporary read only memory BIO. This
@@ -391,47 +377,40 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
391 * are calculated. 377 * are calculated.
392 */ 378 */
393 379
394 if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) 380 if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) {
395 {
396 char *ptr; 381 char *ptr;
397 long len; 382 long len;
398 len = BIO_get_mem_data(dcont, &ptr); 383 len = BIO_get_mem_data(dcont, &ptr);
399 tmpin = BIO_new_mem_buf(ptr, len); 384 tmpin = BIO_new_mem_buf(ptr, len);
400 if (tmpin == NULL) 385 if (tmpin == NULL) {
401 { 386 CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
402 CMSerr(CMS_F_CMS_VERIFY,ERR_R_MALLOC_FAILURE);
403 return 0; 387 return 0;
404 }
405 } 388 }
406 else 389 } else
407 tmpin = dcont; 390 tmpin = dcont;
408
409 391
410 cmsbio=CMS_dataInit(cms, tmpin); 392
393 cmsbio = CMS_dataInit(cms, tmpin);
411 if (!cmsbio) 394 if (!cmsbio)
412 goto err; 395 goto err;
413 396
414 if (!cms_copy_content(out, cmsbio, flags)) 397 if (!cms_copy_content(out, cmsbio, flags))
415 goto err; 398 goto err;
416 399
417 if (!(flags & CMS_NO_CONTENT_VERIFY)) 400 if (!(flags & CMS_NO_CONTENT_VERIFY)) {
418 { 401 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
419 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
420 {
421 si = sk_CMS_SignerInfo_value(sinfos, i); 402 si = sk_CMS_SignerInfo_value(sinfos, i);
422 if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) 403 if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) {
423 {
424 CMSerr(CMS_F_CMS_VERIFY, 404 CMSerr(CMS_F_CMS_VERIFY,
425 CMS_R_CONTENT_VERIFY_ERROR); 405 CMS_R_CONTENT_VERIFY_ERROR);
426 goto err; 406 goto err;
427 }
428 } 407 }
429 } 408 }
409 }
430 410
431 ret = 1; 411 ret = 1;
432 412
433 err: 413err:
434
435 if (dcont && (tmpin == dcont)) 414 if (dcont && (tmpin == dcont))
436 do_free_upto(cmsbio, dcont); 415 do_free_upto(cmsbio, dcont);
437 else 416 else
@@ -443,23 +422,25 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
443 sk_X509_CRL_pop_free(crls, X509_CRL_free); 422 sk_X509_CRL_pop_free(crls, X509_CRL_free);
444 423
445 return ret; 424 return ret;
446 } 425}
447 426
448int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, 427int
449 STACK_OF(X509) *certs, 428CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
450 X509_STORE *store, unsigned int flags) 429 STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags)
451 { 430{
452 int r; 431 int r;
432
453 flags &= ~(CMS_DETACHED|CMS_TEXT); 433 flags &= ~(CMS_DETACHED|CMS_TEXT);
454 r = CMS_verify(rcms, certs, store, NULL, NULL, flags); 434 r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
455 if (r <= 0) 435 if (r <= 0)
456 return r; 436 return r;
457 return cms_Receipt_verify(rcms, ocms); 437 return cms_Receipt_verify(rcms, ocms);
458 } 438}
459 439
460CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, 440CMS_ContentInfo *
461 BIO *data, unsigned int flags) 441CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data,
462 { 442 unsigned int flags)
443{
463 CMS_ContentInfo *cms; 444 CMS_ContentInfo *cms;
464 int i; 445 int i;
465 446
@@ -467,42 +448,38 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
467 if (!cms || !CMS_SignedData_init(cms)) 448 if (!cms || !CMS_SignedData_init(cms))
468 goto merr; 449 goto merr;
469 450
470 if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) 451 if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
471 {
472 CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR); 452 CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
473 goto err; 453 goto err;
474 } 454 }
475 455
476 for (i = 0; i < sk_X509_num(certs); i++) 456 for (i = 0; i < sk_X509_num(certs); i++) {
477 {
478 X509 *x = sk_X509_value(certs, i); 457 X509 *x = sk_X509_value(certs, i);
479 if (!CMS_add1_cert(cms, x)) 458 if (!CMS_add1_cert(cms, x))
480 goto merr; 459 goto merr;
481 } 460 }
482 461
483 if(!(flags & CMS_DETACHED)) 462 if (!(flags & CMS_DETACHED))
484 CMS_set_detached(cms, 0); 463 CMS_set_detached(cms, 0);
485 464
486 if ((flags & (CMS_STREAM|CMS_PARTIAL)) 465 if ((flags & (CMS_STREAM|CMS_PARTIAL)) ||
487 || CMS_final(cms, data, NULL, flags)) 466 CMS_final(cms, data, NULL, flags))
488 return cms; 467 return cms;
489 else 468 else
490 goto err; 469 goto err;
491 470
492 merr: 471merr:
493 CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE); 472 CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
494 473err:
495 err:
496 if (cms) 474 if (cms)
497 CMS_ContentInfo_free(cms); 475 CMS_ContentInfo_free(cms);
498 return NULL; 476 return NULL;
499 } 477}
500 478
501CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, 479CMS_ContentInfo *
502 X509 *signcert, EVP_PKEY *pkey, 480CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey,
503 STACK_OF(X509) *certs, 481 STACK_OF(X509) *certs, unsigned int flags)
504 unsigned int flags) 482{
505 {
506 CMS_SignerInfo *rct_si; 483 CMS_SignerInfo *rct_si;
507 CMS_ContentInfo *cms = NULL; 484 CMS_ContentInfo *cms = NULL;
508 ASN1_OCTET_STRING **pos, *os; 485 ASN1_OCTET_STRING **pos, *os;
@@ -512,11 +489,10 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
512 flags &= ~(CMS_STREAM|CMS_TEXT); 489 flags &= ~(CMS_STREAM|CMS_TEXT);
513 /* Not really detached but avoids content being allocated */ 490 /* Not really detached but avoids content being allocated */
514 flags |= CMS_PARTIAL|CMS_BINARY|CMS_DETACHED; 491 flags |= CMS_PARTIAL|CMS_BINARY|CMS_DETACHED;
515 if (!pkey || !signcert) 492 if (!pkey || !signcert) {
516 {
517 CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT); 493 CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT);
518 return NULL; 494 return NULL;
519 } 495 }
520 496
521 /* Initialize signed data */ 497 /* Initialize signed data */
522 498
@@ -529,11 +505,10 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
529 goto err; 505 goto err;
530 506
531 rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags); 507 rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags);
532 if (!rct_si) 508 if (!rct_si) {
533 {
534 CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR); 509 CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR);
535 goto err; 510 goto err;
536 } 511 }
537 512
538 os = cms_encode_Receipt(si); 513 os = cms_encode_Receipt(si);
539 514
@@ -560,91 +535,88 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
560 535
561 r = 1; 536 r = 1;
562 537
563 err: 538err:
564 if (rct_cont) 539 if (rct_cont)
565 BIO_free(rct_cont); 540 BIO_free(rct_cont);
566 if (r) 541 if (r)
567 return cms; 542 return cms;
568 CMS_ContentInfo_free(cms); 543 CMS_ContentInfo_free(cms);
569 return NULL; 544 return NULL;
545}
570 546
571 } 547CMS_ContentInfo *
572 548CMS_encrypt(STACK_OF(X509) *certs, BIO *data, const EVP_CIPHER *cipher,
573CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data, 549 unsigned int flags)
574 const EVP_CIPHER *cipher, unsigned int flags) 550{
575 {
576 CMS_ContentInfo *cms; 551 CMS_ContentInfo *cms;
577 int i; 552 int i;
578 X509 *recip; 553 X509 *recip;
554
579 cms = CMS_EnvelopedData_create(cipher); 555 cms = CMS_EnvelopedData_create(cipher);
580 if (!cms) 556 if (!cms)
581 goto merr; 557 goto merr;
582 for (i = 0; i < sk_X509_num(certs); i++) 558 for (i = 0; i < sk_X509_num(certs); i++) {
583 {
584 recip = sk_X509_value(certs, i); 559 recip = sk_X509_value(certs, i);
585 if (!CMS_add1_recipient_cert(cms, recip, flags)) 560 if (!CMS_add1_recipient_cert(cms, recip, flags)) {
586 {
587 CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR); 561 CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR);
588 goto err; 562 goto err;
589 }
590 } 563 }
564 }
591 565
592 if(!(flags & CMS_DETACHED)) 566 if (!(flags & CMS_DETACHED))
593 CMS_set_detached(cms, 0); 567 CMS_set_detached(cms, 0);
594 568
595 if ((flags & (CMS_STREAM|CMS_PARTIAL)) 569 if ((flags & (CMS_STREAM|CMS_PARTIAL)) ||
596 || CMS_final(cms, data, NULL, flags)) 570 CMS_final(cms, data, NULL, flags))
597 return cms; 571 return cms;
598 else 572 else
599 goto err; 573 goto err;
600 574
601 merr: 575merr:
602 CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE); 576 CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
603 err: 577err:
604 if (cms) 578 if (cms)
605 CMS_ContentInfo_free(cms); 579 CMS_ContentInfo_free(cms);
606 return NULL; 580 return NULL;
607 } 581}
608 582
609int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) 583int
610 { 584CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
585{
611 STACK_OF(CMS_RecipientInfo) *ris; 586 STACK_OF(CMS_RecipientInfo) *ris;
612 CMS_RecipientInfo *ri; 587 CMS_RecipientInfo *ri;
613 int i, r; 588 int i, r;
614 int debug = 0; 589 int debug = 0;
590
615 ris = CMS_get0_RecipientInfos(cms); 591 ris = CMS_get0_RecipientInfos(cms);
616 if (ris) 592 if (ris)
617 debug = cms->d.envelopedData->encryptedContentInfo->debug; 593 debug = cms->d.envelopedData->encryptedContentInfo->debug;
618 for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) 594 for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
619 {
620 ri = sk_CMS_RecipientInfo_value(ris, i); 595 ri = sk_CMS_RecipientInfo_value(ris, i);
621 if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS) 596 if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS)
622 continue; 597 continue;
623 /* If we have a cert try matching RecipientInfo 598 /* If we have a cert try matching RecipientInfo
624 * otherwise try them all. 599 * otherwise try them all.
625 */ 600 */
626 if (!cert || (CMS_RecipientInfo_ktri_cert_cmp(ri, cert) == 0)) 601 if (!cert || (CMS_RecipientInfo_ktri_cert_cmp(ri, cert) == 0)) {
627 {
628 CMS_RecipientInfo_set0_pkey(ri, pk); 602 CMS_RecipientInfo_set0_pkey(ri, pk);
629 r = CMS_RecipientInfo_decrypt(cms, ri); 603 r = CMS_RecipientInfo_decrypt(cms, ri);
630 CMS_RecipientInfo_set0_pkey(ri, NULL); 604 CMS_RecipientInfo_set0_pkey(ri, NULL);
631 if (cert) 605 if (cert) {
632 {
633 /* If not debugging clear any error and 606 /* If not debugging clear any error and
634 * return success to avoid leaking of 607 * return success to avoid leaking of
635 * information useful to MMA 608 * information useful to MMA
636 */ 609 */
637 if (!debug) 610 if (!debug) {
638 {
639 ERR_clear_error(); 611 ERR_clear_error();
640 return 1; 612 return 1;
641 } 613 }
642 if (r > 0) 614 if (r > 0)
643 return 1; 615 return 1;
644 CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, 616 CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY,
645 CMS_R_DECRYPT_ERROR); 617 CMS_R_DECRYPT_ERROR);
646 return 0; 618 return 0;
647 } 619 }
648 /* If no cert and not debugging don't leave loop 620 /* If no cert and not debugging don't leave loop
649 * after first successful decrypt. Always attempt 621 * after first successful decrypt. Always attempt
650 * to decrypt all recipients to avoid leaking timing 622 * to decrypt all recipients to avoid leaking timing
@@ -652,94 +624,90 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
652 */ 624 */
653 else if (r > 0 && debug) 625 else if (r > 0 && debug)
654 return 1; 626 return 1;
655 }
656 } 627 }
628 }
657 /* If no cert and not debugging always return success */ 629 /* If no cert and not debugging always return success */
658 if (!cert && !debug) 630 if (!cert && !debug) {
659 {
660 ERR_clear_error(); 631 ERR_clear_error();
661 return 1; 632 return 1;
662 } 633 }
663 634
664 CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT); 635 CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT);
665 return 0; 636 return 0;
637}
666 638
667 } 639int
668 640CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key, size_t keylen,
669int CMS_decrypt_set1_key(CMS_ContentInfo *cms, 641 unsigned char *id, size_t idlen)
670 unsigned char *key, size_t keylen, 642{
671 unsigned char *id, size_t idlen)
672 {
673 STACK_OF(CMS_RecipientInfo) *ris; 643 STACK_OF(CMS_RecipientInfo) *ris;
674 CMS_RecipientInfo *ri; 644 CMS_RecipientInfo *ri;
675 int i, r; 645 int i, r;
646
676 ris = CMS_get0_RecipientInfos(cms); 647 ris = CMS_get0_RecipientInfos(cms);
677 for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) 648 for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
678 {
679 ri = sk_CMS_RecipientInfo_value(ris, i); 649 ri = sk_CMS_RecipientInfo_value(ris, i);
680 if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK) 650 if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK)
681 continue; 651 continue;
682 652
683 /* If we have an id try matching RecipientInfo 653 /* If we have an id try matching RecipientInfo
684 * otherwise try them all. 654 * otherwise try them all.
685 */ 655 */
686 if (!id || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) 656 if (!id ||
687 { 657 (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) {
688 CMS_RecipientInfo_set0_key(ri, key, keylen); 658 CMS_RecipientInfo_set0_key(ri, key, keylen);
689 r = CMS_RecipientInfo_decrypt(cms, ri); 659 r = CMS_RecipientInfo_decrypt(cms, ri);
690 CMS_RecipientInfo_set0_key(ri, NULL, 0); 660 CMS_RecipientInfo_set0_key(ri, NULL, 0);
691 if (r > 0) 661 if (r > 0)
692 return 1; 662 return 1;
693 if (id) 663 if (id) {
694 {
695 CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, 664 CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY,
696 CMS_R_DECRYPT_ERROR); 665 CMS_R_DECRYPT_ERROR);
697 return 0; 666 return 0;
698 }
699 ERR_clear_error();
700 } 667 }
668 ERR_clear_error();
701 } 669 }
670 }
702 671
703 CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT); 672 CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT);
704 return 0; 673 return 0;
674}
705 675
706 } 676int
707 677CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass,
708int CMS_decrypt_set1_password(CMS_ContentInfo *cms, 678 ssize_t passlen)
709 unsigned char *pass, ssize_t passlen) 679{
710 {
711 STACK_OF(CMS_RecipientInfo) *ris; 680 STACK_OF(CMS_RecipientInfo) *ris;
712 CMS_RecipientInfo *ri; 681 CMS_RecipientInfo *ri;
713 int i, r; 682 int i, r;
683
714 ris = CMS_get0_RecipientInfos(cms); 684 ris = CMS_get0_RecipientInfos(cms);
715 for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) 685 for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
716 {
717 ri = sk_CMS_RecipientInfo_value(ris, i); 686 ri = sk_CMS_RecipientInfo_value(ris, i);
718 if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS) 687 if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
719 continue; 688 continue;
720 CMS_RecipientInfo_set0_password(ri, pass, passlen); 689 CMS_RecipientInfo_set0_password(ri, pass, passlen);
721 r = CMS_RecipientInfo_decrypt(cms, ri); 690 r = CMS_RecipientInfo_decrypt(cms, ri);
722 CMS_RecipientInfo_set0_password(ri, NULL, 0); 691 CMS_RecipientInfo_set0_password(ri, NULL, 0);
723 if (r > 0) 692 if (r > 0)
724 return 1; 693 return 1;
725 } 694 }
726 695
727 CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT); 696 CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
728 return 0; 697 return 0;
698}
729 699
730 } 700int
731 701CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, BIO *dcont,
732int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, 702 BIO *out, unsigned int flags)
733 BIO *dcont, BIO *out, 703{
734 unsigned int flags)
735 {
736 int r; 704 int r;
737 BIO *cont; 705 BIO *cont;
738 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) 706
739 { 707 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) {
740 CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA); 708 CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA);
741 return 0; 709 return 0;
742 } 710 }
743 if (!dcont && !check_content(cms)) 711 if (!dcont && !check_content(cms))
744 return 0; 712 return 0;
745 if (flags & CMS_DEBUG_DECRYPT) 713 if (flags & CMS_DEBUG_DECRYPT)
@@ -756,51 +724,50 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
756 r = cms_copy_content(out, cont, flags); 724 r = cms_copy_content(out, cont, flags);
757 do_free_upto(cont, dcont); 725 do_free_upto(cont, dcont);
758 return r; 726 return r;
759 } 727}
760 728
761int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags) 729int
762 { 730CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
731{
763 BIO *cmsbio; 732 BIO *cmsbio;
764 int ret = 0; 733 int ret = 0;
765 if (!(cmsbio = CMS_dataInit(cms, dcont))) 734
766 { 735 if (!(cmsbio = CMS_dataInit(cms, dcont))) {
767 CMSerr(CMS_F_CMS_FINAL,ERR_R_MALLOC_FAILURE); 736 CMSerr(CMS_F_CMS_FINAL, ERR_R_MALLOC_FAILURE);
768 return 0; 737 return 0;
769 } 738 }
770 739
771 SMIME_crlf_copy(data, cmsbio, flags); 740 SMIME_crlf_copy(data, cmsbio, flags);
772 741
773 (void)BIO_flush(cmsbio); 742 (void)BIO_flush(cmsbio);
774 743
775 744
776 if (!CMS_dataFinal(cms, cmsbio)) 745 if (!CMS_dataFinal(cms, cmsbio)) {
777 { 746 CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_DATAFINAL_ERROR);
778 CMSerr(CMS_F_CMS_FINAL,CMS_R_CMS_DATAFINAL_ERROR);
779 goto err; 747 goto err;
780 } 748 }
781 749
782 ret = 1; 750 ret = 1;
783 751
784 err: 752err:
785 do_free_upto(cmsbio, dcont); 753 do_free_upto(cmsbio, dcont);
786 754
787 return ret; 755 return ret;
788 756}
789 }
790 757
791#ifdef ZLIB 758#ifdef ZLIB
792 759
793int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, 760int
794 unsigned int flags) 761CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags)
795 { 762{
796 BIO *cont; 763 BIO *cont;
797 int r; 764 int r;
798 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) 765
799 { 766 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) {
800 CMSerr(CMS_F_CMS_UNCOMPRESS, 767 CMSerr(CMS_F_CMS_UNCOMPRESS,
801 CMS_R_TYPE_NOT_COMPRESSED_DATA); 768 CMS_R_TYPE_NOT_COMPRESSED_DATA);
802 return 0; 769 return 0;
803 } 770 }
804 771
805 if (!dcont && !check_content(cms)) 772 if (!dcont && !check_content(cms))
806 return 0; 773 return 0;
@@ -811,18 +778,20 @@ int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
811 r = cms_copy_content(out, cont, flags); 778 r = cms_copy_content(out, cont, flags);
812 do_free_upto(cont, dcont); 779 do_free_upto(cont, dcont);
813 return r; 780 return r;
814 } 781}
815 782
816CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags) 783CMS_ContentInfo *
817 { 784CMS_compress(BIO *in, int comp_nid, unsigned int flags)
785{
818 CMS_ContentInfo *cms; 786 CMS_ContentInfo *cms;
787
819 if (comp_nid <= 0) 788 if (comp_nid <= 0)
820 comp_nid = NID_zlib_compression; 789 comp_nid = NID_zlib_compression;
821 cms = cms_CompressedData_create(comp_nid); 790 cms = cms_CompressedData_create(comp_nid);
822 if (!cms) 791 if (!cms)
823 return NULL; 792 return NULL;
824 793
825 if(!(flags & CMS_DETACHED)) 794 if (!(flags & CMS_DETACHED))
826 CMS_set_detached(cms, 0); 795 CMS_set_detached(cms, 0);
827 796
828 if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags)) 797 if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
@@ -830,21 +799,22 @@ CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
830 799
831 CMS_ContentInfo_free(cms); 800 CMS_ContentInfo_free(cms);
832 return NULL; 801 return NULL;
833 } 802}
834 803
835#else 804#else
836 805
837int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, 806int
838 unsigned int flags) 807CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags)
839 { 808{
840 CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM); 809 CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
841 return 0; 810 return 0;
842 } 811}
843 812
844CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags) 813CMS_ContentInfo *
845 { 814CMS_compress(BIO *in, int comp_nid, unsigned int flags)
815{
846 CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM); 816 CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
847 return NULL; 817 return NULL;
848 } 818}
849 819
850#endif 820#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-14 12:10:32 +0000