diff options
Diffstat (limited to 'src/lib/libcrypto/pkcs7/pk7_smime.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/pk7_smime.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c index 3d3214f5ee..f0d071e282 100644 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ b/src/lib/libcrypto/pkcs7/pk7_smime.c | |||
| @@ -115,17 +115,17 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, | |||
| 115 | PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); | 115 | PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); |
| 116 | return NULL; | 116 | return NULL; |
| 117 | } | 117 | } |
| 118 | #ifndef NO_DES | 118 | #ifndef OPENSSL_NO_DES |
| 119 | PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1); | 119 | PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1); |
| 120 | #endif | 120 | #endif |
| 121 | #ifndef NO_RC2 | 121 | #ifndef OPENSSL_NO_RC2 |
| 122 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128); | 122 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128); |
| 123 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64); | 123 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64); |
| 124 | #endif | 124 | #endif |
| 125 | #ifndef NO_DES | 125 | #ifndef OPENSSL_NO_DES |
| 126 | PKCS7_simple_smimecap (smcap, NID_des_cbc, -1); | 126 | PKCS7_simple_smimecap (smcap, NID_des_cbc, -1); |
| 127 | #endif | 127 | #endif |
| 128 | #ifndef NO_RC2 | 128 | #ifndef OPENSSL_NO_RC2 |
| 129 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40); | 129 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40); |
| 130 | #endif | 130 | #endif |
| 131 | PKCS7_add_attrib_smimecap (si, smcap); | 131 | PKCS7_add_attrib_smimecap (si, smcap); |
| @@ -201,11 +201,20 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, | |||
| 201 | if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) { | 201 | if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) { |
| 202 | signer = sk_X509_value (signers, k); | 202 | signer = sk_X509_value (signers, k); |
| 203 | if (!(flags & PKCS7_NOCHAIN)) { | 203 | if (!(flags & PKCS7_NOCHAIN)) { |
| 204 | X509_STORE_CTX_init(&cert_ctx, store, signer, | 204 | if(!X509_STORE_CTX_init(&cert_ctx, store, signer, |
| 205 | p7->d.sign->cert); | 205 | p7->d.sign->cert)) |
| 206 | { | ||
| 207 | PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB); | ||
| 208 | sk_X509_free(signers); | ||
| 209 | return 0; | ||
| 210 | } | ||
| 206 | X509_STORE_CTX_set_purpose(&cert_ctx, | 211 | X509_STORE_CTX_set_purpose(&cert_ctx, |
| 207 | X509_PURPOSE_SMIME_SIGN); | 212 | X509_PURPOSE_SMIME_SIGN); |
| 208 | } else X509_STORE_CTX_init (&cert_ctx, store, signer, NULL); | 213 | } else if(!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) { |
| 214 | PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB); | ||
| 215 | sk_X509_free(signers); | ||
| 216 | return 0; | ||
| 217 | } | ||
| 209 | i = X509_verify_cert(&cert_ctx); | 218 | i = X509_verify_cert(&cert_ctx); |
| 210 | if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx); | 219 | if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx); |
| 211 | X509_STORE_CTX_cleanup(&cert_ctx); | 220 | X509_STORE_CTX_cleanup(&cert_ctx); |
| @@ -327,7 +336,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | |||
| 327 | 336 | ||
| 328 | /* Build a complete PKCS#7 enveloped data */ | 337 | /* Build a complete PKCS#7 enveloped data */ |
| 329 | 338 | ||
| 330 | PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, | 339 | PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, |
| 331 | int flags) | 340 | int flags) |
| 332 | { | 341 | { |
| 333 | PKCS7 *p7; | 342 | PKCS7 *p7; |