generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow alternate eContentType oids to be set in cms utility.

Browse Source 
Add id-ct-asciiTextWithCRLF OID.

Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
This commit is contained in:
Dr. Stephen Henson 2008-03-19 19:34:30 +00:00
parent 8cd358bef8
commit 054307e7ed
8 changed files with 43 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
apps/cms.c
View File

@ -125,6 +125,8 @@ int MAIN(int argc, char **argv)
unsigned char *secret_key = NULL, *secret_keyid = NULL; unsigned char *secret_key = NULL, *secret_keyid = NULL;
size_t secret_keylen = 0, secret_keyidlen = 0; size_t secret_keylen = 0, secret_keyidlen = 0;
ASN1_OBJECT *econtent_type = NULL;
X509_VERIFY_PARAM *vpm = NULL; X509_VERIFY_PARAM *vpm = NULL;
args = argv + 1; args = argv + 1;
@ -268,6 +270,18 @@ int MAIN(int argc, char **argv)
} }
secret_keyidlen = (size_t)ltmp; secret_keyidlen = (size_t)ltmp;
} }
else if (!strcmp(*args,"-econtent_type"))
{
if (!args[1])
goto argerr;
args++;
econtent_type = OBJ_txt2obj(*args, 0);
if (!econtent_type)
{
BIO_printf(bio_err, "Invalid OID %s\n", *args);
goto argerr;
}
}
else if (!strcmp(*args,"-rand")) else if (!strcmp(*args,"-rand"))
{ {
if (!args[1]) if (!args[1])
@ -797,6 +811,8 @@ int MAIN(int argc, char **argv)
} }
flags |= CMS_PARTIAL; flags |= CMS_PARTIAL;
cms = CMS_sign(NULL, NULL, other, in, flags); cms = CMS_sign(NULL, NULL, other, in, flags);
if (econtent_type)
CMS_set1_eContentType(cms, econtent_type);
if (!cms) if (!cms)
goto end; goto end;
} }
@ -965,6 +981,8 @@ end:
OPENSSL_free(secret_key); OPENSSL_free(secret_key);
if (secret_keyid) if (secret_keyid)
OPENSSL_free(secret_keyid); OPENSSL_free(secret_keyid);
if (econtent_type)
ASN1_OBJECT_free(econtent_type);
X509_STORE_free(store); X509_STORE_free(store);
X509_free(cert); X509_free(cert);
X509_free(recip); X509_free(recip);

1
crypto/cms/cms.h
View File

@ -352,6 +352,7 @@ void ERR_load_CMS_strings(void);
/* Reason codes. */ /* Reason codes. */
#define CMS_R_ADD_SIGNER_ERROR 99 #define CMS_R_ADD_SIGNER_ERROR 99
#define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
#define CMS_R_CERTIFICATE_VERIFY_ERROR 100 #define CMS_R_CERTIFICATE_VERIFY_ERROR 100
#define CMS_R_CIPHER_INITIALISATION_ERROR 101 #define CMS_R_CIPHER_INITIALISATION_ERROR 101
#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102 #define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102

1
crypto/cms/cms_err.c
View File

@ -135,6 +135,7 @@ static ERR_STRING_DATA CMS_str_functs[]=
static ERR_STRING_DATA CMS_str_reasons[]= static ERR_STRING_DATA CMS_str_reasons[]=
{ {
{ERR_REASON(CMS_R_ADD_SIGNER_ERROR) ,"add signer error"}, {ERR_REASON(CMS_R_ADD_SIGNER_ERROR) ,"add signer error"},
{ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID),"certificate has no keyid"},
{ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"}, {ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
{ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),"cipher initialisation error"}, {ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),"cipher initialisation error"},
{ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),"cipher parameter initialisation error"}, {ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),"cipher parameter initialisation error"},

6
crypto/cms/cms_sd.c
View File

@ -226,6 +226,12 @@ int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
break; break;
case CMS_SIGNERINFO_KEYIDENTIFIER: case CMS_SIGNERINFO_KEYIDENTIFIER:
if (!cert->skid)
{
CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER,
CMS_R_CERTIFICATE_HAS_NO_KEYID);
return 0;
}
sid->d.subjectKeyIdentifier = ASN1_STRING_dup(cert->skid); sid->d.subjectKeyIdentifier = ASN1_STRING_dup(cert->skid);
if (!sid->d.subjectKeyIdentifier) if (!sid->d.subjectKeyIdentifier)
goto merr; goto merr;

16
crypto/objects/obj_dat.h
View File

@ -62,12 +62,12 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
#define NUM_NID 855 #define NUM_NID 856
#define NUM_SN 848 #define NUM_SN 849
#define NUM_LN 848 #define NUM_LN 849
#define NUM_OBJ 802 #define NUM_OBJ 803
static const unsigned char lvalues[5691]={ static const unsigned char lvalues[5702]={
0x00, /* [ 0] OBJ_undef */ 0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@ -870,6 +870,7 @@ static const unsigned char lvalues[5691]={
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5663] OBJ_id_aes128_wrap */ 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5663] OBJ_id_aes128_wrap */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5672] OBJ_id_aes192_wrap */ 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5672] OBJ_id_aes192_wrap */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5681] OBJ_id_aes256_wrap */ 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5681] OBJ_id_aes256_wrap */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5690] OBJ_id_ct_asciiTextWithCRLF */
}; };
static const ASN1_OBJECT nid_objs[NUM_NID]={ static const ASN1_OBJECT nid_objs[NUM_NID]={
@ -2250,6 +2251,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
&(lvalues[5672]),0}, &(lvalues[5672]),0},
{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, {"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
&(lvalues[5681]),0}, &(lvalues[5681]),0},
{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5690]),0},
}; };
static const unsigned int sn_objs[NUM_SN]={ static const unsigned int sn_objs[NUM_SN]={
@ -2636,6 +2639,7 @@ static const unsigned int sn_objs[NUM_SN]={
332, /* "id-cmc-senderNonce" */ 332, /* "id-cmc-senderNonce" */
327, /* "id-cmc-statusInfo" */ 327, /* "id-cmc-statusInfo" */
331, /* "id-cmc-transactionId" */ 331, /* "id-cmc-transactionId" */
855, /* "id-ct-asciiTextWithCRLF" */
408, /* "id-ecPublicKey" */ 408, /* "id-ecPublicKey" */
508, /* "id-hex-multipart-message" */ 508, /* "id-hex-multipart-message" */
507, /* "id-hex-partial-message" */ 507, /* "id-hex-partial-message" */
@ -3482,6 +3486,7 @@ static const unsigned int ln_objs[NUM_LN]={
332, /* "id-cmc-senderNonce" */ 332, /* "id-cmc-senderNonce" */
327, /* "id-cmc-statusInfo" */ 327, /* "id-cmc-statusInfo" */
331, /* "id-cmc-transactionId" */ 331, /* "id-cmc-transactionId" */
855, /* "id-ct-asciiTextWithCRLF" */
408, /* "id-ecPublicKey" */ 408, /* "id-ecPublicKey" */
508, /* "id-hex-multipart-message" */ 508, /* "id-hex-multipart-message" */
507, /* "id-hex-partial-message" */ 507, /* "id-hex-partial-message" */
@ -4704,6 +4709,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
210, /* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */ 210, /* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */
211, /* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */ 211, /* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
851, /* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */ 851, /* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */
855, /* OBJ_id_ct_asciiTextWithCRLF 1 2 840 113549 1 9 16 1 27 */
212, /* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */ 212, /* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */
213, /* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */ 213, /* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */
214, /* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */ 214, /* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */

4
crypto/objects/obj_mac.h
View File

@ -833,6 +833,10 @@
#define NID_id_smime_ct_compressedData 851 #define NID_id_smime_ct_compressedData 851
#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L #define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L
#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF"
#define NID_id_ct_asciiTextWithCRLF 855
#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L
#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest" #define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
#define NID_id_smime_aa_receiptRequest 212 #define NID_id_smime_aa_receiptRequest 212
#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L #define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L

1
crypto/objects/obj_mac.num
View File

@ -852,3 +852,4 @@ id_smime_ct_compressedData 851
id_aes128_wrap 852 id_aes128_wrap 852
id_aes192_wrap 853 id_aes192_wrap 853
id_aes256_wrap 854 id_aes256_wrap 854
id_ct_asciiTextWithCRLF 855

1
crypto/objects/objects.txt
View File

@ -252,6 +252,7 @@ id-smime-ct 6 : id-smime-ct-contentInfo
id-smime-ct 7 : id-smime-ct-DVCSRequestData id-smime-ct 7 : id-smime-ct-DVCSRequestData
id-smime-ct 8 : id-smime-ct-DVCSResponseData id-smime-ct 8 : id-smime-ct-DVCSResponseData
id-smime-ct 9 : id-smime-ct-compressedData id-smime-ct 9 : id-smime-ct-compressedData
id-smime-ct 27 : id-ct-asciiTextWithCRLF
# S/MIME Attributes # S/MIME Attributes
id-smime-aa 1 : id-smime-aa-receiptRequest id-smime-aa 1 : id-smime-aa-receiptRequest