summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs7
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/pkcs7')
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_mime.c24
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_smime.c6
-rw-r--r--src/lib/libcrypto/pkcs7/pkcs7err.c146
3 files changed, 99 insertions, 77 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_mime.c b/src/lib/libcrypto/pkcs7/pk7_mime.c
index 5d2a97839d..927b88c3e7 100644
--- a/src/lib/libcrypto/pkcs7/pk7_mime.c
+++ b/src/lib/libcrypto/pkcs7/pk7_mime.c
@@ -3,7 +3,7 @@
3 * project 1999. 3 * project 1999.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -152,11 +152,12 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
152{ 152{
153 char bound[33], c; 153 char bound[33], c;
154 int i; 154 int i;
155 char *mime_prefix, *mime_eol; 155 char *mime_prefix, *mime_eol, *msg_type=NULL;
156 if (flags & PKCS7_NOOLDMIMETYPE) 156 if (flags & PKCS7_NOOLDMIMETYPE)
157 mime_prefix = "application/pkcs7-"; 157 mime_prefix = "application/pkcs7-";
158 else 158 else
159 mime_prefix = "application/x-pkcs7-"; 159 mime_prefix = "application/x-pkcs7-";
160
160 if (flags & PKCS7_CRLFEOL) 161 if (flags & PKCS7_CRLFEOL)
161 mime_eol = "\r\n"; 162 mime_eol = "\r\n";
162 else 163 else
@@ -198,11 +199,30 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
198 mime_eol, mime_eol); 199 mime_eol, mime_eol);
199 return 1; 200 return 1;
200 } 201 }
202
203 /* Determine smime-type header */
204
205 if (PKCS7_type_is_enveloped(p7))
206 msg_type = "enveloped-data";
207 else if (PKCS7_type_is_signed(p7))
208 {
209 /* If we have any signers it is signed-data othewise
210 * certs-only.
211 */
212 STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
213 sinfos = PKCS7_get_signer_info(p7);
214 if (sk_PKCS7_SIGNER_INFO_num(sinfos) > 0)
215 msg_type = "signed-data";
216 else
217 msg_type = "certs-only";
218 }
201 /* MIME headers */ 219 /* MIME headers */
202 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); 220 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
203 BIO_printf(bio, "Content-Disposition: attachment;"); 221 BIO_printf(bio, "Content-Disposition: attachment;");
204 BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol); 222 BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol);
205 BIO_printf(bio, "Content-Type: %smime;", mime_prefix); 223 BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
224 if (msg_type)
225 BIO_printf(bio, " smime-type=%s;", msg_type);
206 BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol); 226 BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol);
207 BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s", 227 BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
208 mime_eol, mime_eol); 228 mime_eol, mime_eol);
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c
index a852b49235..99a0d63f38 100644
--- a/src/lib/libcrypto/pkcs7/pk7_smime.c
+++ b/src/lib/libcrypto/pkcs7/pk7_smime.c
@@ -296,11 +296,9 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
296 296
297 if (tmpin == indata) 297 if (tmpin == indata)
298 { 298 {
299 if(indata) BIO_pop(p7bio); 299 if (indata) BIO_pop(p7bio);
300 BIO_free_all(p7bio);
301 } 300 }
302 else 301 BIO_free_all(p7bio);
303 BIO_free_all(tmpin);
304 302
305 sk_X509_free(signers); 303 sk_X509_free(signers);
306 304
diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c
index 5e51527a40..19894c80a4 100644
--- a/src/lib/libcrypto/pkcs7/pkcs7err.c
+++ b/src/lib/libcrypto/pkcs7/pkcs7err.c
@@ -1,6 +1,6 @@
1/* crypto/pkcs7/pkcs7err.c */ 1/* crypto/pkcs7/pkcs7err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,81 +64,85 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
70
67static ERR_STRING_DATA PKCS7_str_functs[]= 71static ERR_STRING_DATA PKCS7_str_functs[]=
68 { 72 {
69{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0), "B64_READ_PKCS7"}, 73{ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"},
70{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0), "B64_WRITE_PKCS7"}, 74{ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"},
71{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0), "PKCS7_add_attrib_smimecap"}, 75{ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP), "PKCS7_add_attrib_smimecap"},
72{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"}, 76{ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
73{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"}, 77{ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
74{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"}, 78{ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
75{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"}, 79{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"},
76{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"}, 80{ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"},
77{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0), "PKCS7_dataDecode"}, 81{ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
78{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"}, 82{ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"},
79{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_DATASIGN"}, 83{ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"},
80{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"}, 84{ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
81{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0), "PKCS7_decrypt"}, 85{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
82{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0), "PKCS7_encrypt"}, 86{ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"},
83{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0), "PKCS7_get0_signers"}, 87{ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"},
84{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"}, 88{ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"},
85{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"}, 89{ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"},
86{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"}, 90{ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"},
87{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0), "PKCS7_sign"}, 91{ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"},
88{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0), "PKCS7_signatureVerify"}, 92{ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"},
89{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0), "PKCS7_simple_smimecap"}, 93{ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
90{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0), "PKCS7_verify"}, 94{ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
91{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0), "SMIME_read_PKCS7"}, 95{ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"},
92{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0), "SMIME_text"}, 96{ERR_FUNC(PKCS7_F_SMIME_TEXT), "SMIME_text"},
93{0,NULL} 97{0,NULL}
94 }; 98 };
95 99
96static ERR_STRING_DATA PKCS7_str_reasons[]= 100static ERR_STRING_DATA PKCS7_str_reasons[]=
97 { 101 {
98{PKCS7_R_CERTIFICATE_VERIFY_ERROR ,"certificate verify error"}, 102{ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
99{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"}, 103{ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
100{PKCS7_R_CIPHER_NOT_INITIALIZED ,"cipher not initialized"}, 104{ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED),"cipher not initialized"},
101{PKCS7_R_CONTENT_AND_DATA_PRESENT ,"content and data present"}, 105{ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),"content and data present"},
102{PKCS7_R_DECODE_ERROR ,"decode error"}, 106{ERR_REASON(PKCS7_R_DECODE_ERROR) ,"decode error"},
103{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH ,"decrypted key is wrong length"}, 107{ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),"decrypted key is wrong length"},
104{PKCS7_R_DECRYPT_ERROR ,"decrypt error"}, 108{ERR_REASON(PKCS7_R_DECRYPT_ERROR) ,"decrypt error"},
105{PKCS7_R_DIGEST_FAILURE ,"digest failure"}, 109{ERR_REASON(PKCS7_R_DIGEST_FAILURE) ,"digest failure"},
106{PKCS7_R_ERROR_ADDING_RECIPIENT ,"error adding recipient"}, 110{ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT),"error adding recipient"},
107{PKCS7_R_ERROR_SETTING_CIPHER ,"error setting cipher"}, 111{ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER),"error setting cipher"},
108{PKCS7_R_INVALID_MIME_TYPE ,"invalid mime type"}, 112{ERR_REASON(PKCS7_R_INVALID_MIME_TYPE) ,"invalid mime type"},
109{PKCS7_R_INVALID_NULL_POINTER ,"invalid null pointer"}, 113{ERR_REASON(PKCS7_R_INVALID_NULL_POINTER),"invalid null pointer"},
110{PKCS7_R_MIME_NO_CONTENT_TYPE ,"mime no content type"}, 114{ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE),"mime no content type"},
111{PKCS7_R_MIME_PARSE_ERROR ,"mime parse error"}, 115{ERR_REASON(PKCS7_R_MIME_PARSE_ERROR) ,"mime parse error"},
112{PKCS7_R_MIME_SIG_PARSE_ERROR ,"mime sig parse error"}, 116{ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR),"mime sig parse error"},
113{PKCS7_R_MISSING_CERIPEND_INFO ,"missing ceripend info"}, 117{ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO),"missing ceripend info"},
114{PKCS7_R_NO_CONTENT ,"no content"}, 118{ERR_REASON(PKCS7_R_NO_CONTENT) ,"no content"},
115{PKCS7_R_NO_CONTENT_TYPE ,"no content type"}, 119{ERR_REASON(PKCS7_R_NO_CONTENT_TYPE) ,"no content type"},
116{PKCS7_R_NO_MULTIPART_BODY_FAILURE ,"no multipart body failure"}, 120{ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"},
117{PKCS7_R_NO_MULTIPART_BOUNDARY ,"no multipart boundary"}, 121{ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"},
118{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"}, 122{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"},
119{PKCS7_R_NO_SIGNATURES_ON_DATA ,"no signatures on data"}, 123{ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA),"no signatures on data"},
120{PKCS7_R_NO_SIGNERS ,"no signers"}, 124{ERR_REASON(PKCS7_R_NO_SIGNERS) ,"no signers"},
121{PKCS7_R_NO_SIG_CONTENT_TYPE ,"no sig content type"}, 125{ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"},
122{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"}, 126{ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"},
123{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR ,"pkcs7 add signature error"}, 127{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"},
124{PKCS7_R_PKCS7_DATAFINAL_ERROR ,"pkcs7 datafinal error"}, 128{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"},
125{PKCS7_R_PKCS7_DATASIGN ,"pkcs7 datasign"}, 129{ERR_REASON(PKCS7_R_PKCS7_DATASIGN) ,"pkcs7 datasign"},
126{PKCS7_R_PKCS7_PARSE_ERROR ,"pkcs7 parse error"}, 130{ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR) ,"pkcs7 parse error"},
127{PKCS7_R_PKCS7_SIG_PARSE_ERROR ,"pkcs7 sig parse error"}, 131{ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR),"pkcs7 sig parse error"},
128{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"}, 132{ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
129{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"}, 133{ERR_REASON(PKCS7_R_SIGNATURE_FAILURE) ,"signature failure"},
130{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND ,"signer certificate not found"}, 134{ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
131{PKCS7_R_SIG_INVALID_MIME_TYPE ,"sig invalid mime type"}, 135{ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"},
132{PKCS7_R_SMIME_TEXT_ERROR ,"smime text error"}, 136{ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR) ,"smime text error"},
133{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"}, 137{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),"unable to find certificate"},
134{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"}, 138{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO),"unable to find mem bio"},
135{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"}, 139{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),"unable to find message digest"},
136{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"}, 140{ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE) ,"unknown digest type"},
137{PKCS7_R_UNKNOWN_OPERATION ,"unknown operation"}, 141{ERR_REASON(PKCS7_R_UNKNOWN_OPERATION) ,"unknown operation"},
138{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"}, 142{ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE),"unsupported cipher type"},
139{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"}, 143{ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),"unsupported content type"},
140{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"}, 144{ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE) ,"wrong content type"},
141{PKCS7_R_WRONG_PKCS7_TYPE ,"wrong pkcs7 type"}, 145{ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE) ,"wrong pkcs7 type"},
142{0,NULL} 146{0,NULL}
143 }; 147 };
144 148
@@ -152,8 +156,8 @@ void ERR_load_PKCS7_strings(void)
152 { 156 {
153 init=0; 157 init=0;
154#ifndef OPENSSL_NO_ERR 158#ifndef OPENSSL_NO_ERR
155 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs); 159 ERR_load_strings(0,PKCS7_str_functs);
156 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons); 160 ERR_load_strings(0,PKCS7_str_reasons);
157#endif 161#endif
158 162
159 } 163 }