diff options
author | nectar <nectar@FreeBSD.org> | 2003-10-01 12:32:41 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2003-10-01 12:32:41 +0000 |
commit | ee25ce74b3f6742c1079590363995e56ff51b014 (patch) | |
tree | 69b3ffc611270d72c473248fe700c2942eb5e6b5 /crypto/openssl/crypto/pkcs7 | |
parent | 5d79b842c13e718f85a9f2e1676e361b6fc55367 (diff) | |
download | FreeBSD-src-ee25ce74b3f6742c1079590363995e56ff51b014.zip FreeBSD-src-ee25ce74b3f6742c1079590363995e56ff51b014.tar.gz |
Vendor import of OpenSSL 0.9.7c
Diffstat (limited to 'crypto/openssl/crypto/pkcs7')
-rw-r--r-- | crypto/openssl/crypto/pkcs7/pk7_doit.c | 5 | ||||
-rw-r--r-- | crypto/openssl/crypto/pkcs7/pk7_mime.c | 105 | ||||
-rw-r--r-- | crypto/openssl/crypto/pkcs7/pk7_smime.c | 2 | ||||
-rw-r--r-- | crypto/openssl/crypto/pkcs7/pkcs7.h | 2 |
4 files changed, 75 insertions, 39 deletions
diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c index 0060a2e..190ca0e 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_doit.c +++ b/crypto/openssl/crypto/pkcs7/pk7_doit.c @@ -767,6 +767,11 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, } if (EVP_MD_CTX_type(mdc) == md_type) break; + /* Workaround for some broken clients that put the signature + * OID instead of the digest OID in digest_alg->algorithm + */ + if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type) + break; btmp=BIO_next(btmp); } diff --git a/crypto/openssl/crypto/pkcs7/pk7_mime.c b/crypto/openssl/crypto/pkcs7/pk7_mime.c index 086d394..5d2a978 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_mime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_mime.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -101,7 +101,7 @@ static int mime_param_cmp(const MIME_PARAM * const *a, static void mime_param_free(MIME_PARAM *param); static int mime_bound_check(char *line, int linelen, char *bound, int blen); static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret); -static int iscrlf(char c); +static int strip_eol(char *linebuf, int *plen); static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name); static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name); static void mime_hdr_free(MIME_HEADER *hdr); @@ -150,9 +150,17 @@ static PKCS7 *B64_read_PKCS7(BIO *bio) int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) { - char linebuf[MAX_SMLEN]; char bound[33], c; int i; + char *mime_prefix, *mime_eol; + if (flags & PKCS7_NOOLDMIMETYPE) + mime_prefix = "application/pkcs7-"; + else + mime_prefix = "application/x-pkcs7-"; + if (flags & PKCS7_CRLFEOL) + mime_eol = "\r\n"; + else + mime_eol = "\n"; if((flags & PKCS7_DETACHED) && data) { /* We want multipart/signed */ /* Generate a random boundary */ @@ -164,34 +172,42 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) bound[i] = c; } bound[32] = 0; - BIO_printf(bio, "MIME-Version: 1.0\n"); + BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); BIO_printf(bio, "Content-Type: multipart/signed;"); - BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";"); - BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound); - BIO_printf(bio, "This is an S/MIME signed message\n\n"); + BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix); + BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"%s%s", + bound, mime_eol, mime_eol); + BIO_printf(bio, "This is an S/MIME signed message%s%s", + mime_eol, mime_eol); /* Now write out the first part */ - BIO_printf(bio, "------%s\n", bound); - if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n"); - while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0) - BIO_write(bio, linebuf, i); - BIO_printf(bio, "\n------%s\n", bound); + BIO_printf(bio, "------%s%s", bound, mime_eol); + SMIME_crlf_copy(data, bio, flags); + BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol); /* Headers for signature */ - BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n"); + BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix); + BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol); + BIO_printf(bio, "Content-Transfer-Encoding: base64%s", + mime_eol); + BIO_printf(bio, "Content-Disposition: attachment;"); + BIO_printf(bio, " filename=\"smime.p7s\"%s%s", + mime_eol, mime_eol); B64_write_PKCS7(bio, p7); - BIO_printf(bio,"\n------%s--\n\n", bound); + BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound, + mime_eol, mime_eol); return 1; } /* MIME headers */ - BIO_printf(bio, "MIME-Version: 1.0\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n"); - BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n"); + BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); + BIO_printf(bio, "Content-Disposition: attachment;"); + BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol); + BIO_printf(bio, "Content-Type: %smime;", mime_prefix); + BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol); + BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s", + mime_eol, mime_eol); B64_write_PKCS7(bio, p7); - BIO_printf(bio, "\n"); + BIO_printf(bio, "%s", mime_eol); return 1; } @@ -316,12 +332,9 @@ int SMIME_crlf_copy(BIO *in, BIO *out, int flags) } if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) { - eol = 0; - while(iscrlf(linebuf[len - 1])) { - len--; - eol = 1; - } - BIO_write(out, linebuf, len); + eol = strip_eol(linebuf, &len); + if (len) + BIO_write(out, linebuf, len); if(eol) BIO_write(out, "\r\n", 2); } return 1; @@ -364,6 +377,7 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) { char linebuf[MAX_SMLEN]; int len, blen; + int eol = 0, next_eol = 0; BIO *bpart = NULL; STACK_OF(BIO) *parts; char state, part, first; @@ -383,26 +397,23 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) sk_BIO_push(parts, bpart); return 1; } else if(part) { + /* Strip CR+LF from linebuf */ + next_eol = strip_eol(linebuf, &len); if(first) { first = 0; if(bpart) sk_BIO_push(parts, bpart); bpart = BIO_new(BIO_s_mem()); - - } else BIO_write(bpart, "\r\n", 2); - /* Strip CR+LF from linebuf */ - while(iscrlf(linebuf[len - 1])) len--; - BIO_write(bpart, linebuf, len); + BIO_set_mem_eof_return(bpart, 0); + } else if (eol) + BIO_write(bpart, "\r\n", 2); + eol = next_eol; + if (len) + BIO_write(bpart, linebuf, len); } } return 0; } -static int iscrlf(char c) -{ - if(c == '\r' || c == '\n') return 1; - return 0; -} - /* This is the big one: parse MIME header lines up to message body */ #define MIME_INVALID 0 @@ -683,3 +694,21 @@ static int mime_bound_check(char *line, int linelen, char *bound, int blen) } return 0; } + +static int strip_eol(char *linebuf, int *plen) + { + int len = *plen; + char *p, c; + int is_eol = 0; + p = linebuf + len - 1; + for (p = linebuf + len - 1; len > 0; len--, p--) + { + c = *p; + if (c == '\n') + is_eol = 1; + else if (c != '\r') + break; + } + *plen = len; + return is_eol; + } diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index f0d071e..6e5735d 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/crypto/openssl/crypto/pkcs7/pkcs7.h b/crypto/openssl/crypto/pkcs7/pkcs7.h index 5819700..15372e1 100644 --- a/crypto/openssl/crypto/pkcs7/pkcs7.h +++ b/crypto/openssl/crypto/pkcs7/pkcs7.h @@ -260,6 +260,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7) #define PKCS7_BINARY 0x80 #define PKCS7_NOATTR 0x100 #define PKCS7_NOSMIMECAP 0x200 +#define PKCS7_NOOLDMIMETYPE 0x400 +#define PKCS7_CRLFEOL 0x800 /* Flags: for compatibility with older code */ |