aboutsummaryrefslogtreecommitdiff
path: root/deps/openssl/openssl/crypto/cms
diff options
context:
space:
mode:
Diffstat (limited to 'deps/openssl/openssl/crypto/cms')
-rw-r--r--deps/openssl/openssl/crypto/cms/Makefile305
-rw-r--r--deps/openssl/openssl/crypto/cms/build.info5
-rw-r--r--deps/openssl/openssl/crypto/cms/cms.h555
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_asn1.c126
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_att.c65
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_cd.c74
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_dd.c84
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_enc.c78
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_env.c144
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_err.c103
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_ess.c81
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_io.c63
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_kari.c111
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_lcl.h79
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_lib.c133
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_pwri.c173
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_sd.c194
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_smime.c212
18 files changed, 516 insertions, 2069 deletions
diff --git a/deps/openssl/openssl/crypto/cms/Makefile b/deps/openssl/openssl/crypto/cms/Makefile
deleted file mode 100644
index 6f3a832026..0000000000
--- a/deps/openssl/openssl/crypto/cms/Makefile
+++ /dev/null
@@ -1,305 +0,0 @@
-#
-# OpenSSL/crypto/cms/Makefile
-#
-
-DIR= cms
-TOP= ../..
-CC= cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
- cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
- cms_pwri.c cms_kari.c
-LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
- cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
- cms_pwri.o cms_kari.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= cms.h
-HEADER= cms_lcl.h $(EXHEADER)
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:
-
-all: lib
-
-lib: $(LIBOBJ)
- $(AR) $(LIB) $(LIBOBJ)
- $(RANLIB) $(LIB) || echo Never mind.
- @touch lib
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-links:
- @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
- @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-
-tags:
- ctags $(SRC)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-update: depend
-
-depend:
- @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-cms_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-cms_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-cms_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-cms_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-cms_asn1.o: ../../include/openssl/opensslconf.h
-cms_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_asn1.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-cms_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-cms_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-cms_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_asn1.o: cms.h cms_asn1.c cms_lcl.h
-cms_att.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-cms_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-cms_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-cms_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-cms_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-cms_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_att.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-cms_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-cms_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-cms_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_att.o: cms.h cms_att.c cms_lcl.h
-cms_cd.o: ../../e_os.h ../../include/openssl/asn1.h
-cms_cd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-cms_cd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-cms_cd.o: ../../include/openssl/comp.h ../../include/openssl/conf.h
-cms_cd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-cms_cd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-cms_cd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-cms_cd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-cms_cd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-cms_cd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-cms_cd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-cms_cd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-cms_cd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-cms_cd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cms_cd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-cms_cd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_cd.c cms_lcl.h
-cms_dd.o: ../../e_os.h ../../include/openssl/asn1.h
-cms_dd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-cms_dd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-cms_dd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_dd.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_dd.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_dd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-cms_dd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-cms_dd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-cms_dd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_dd.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_dd.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-cms_dd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-cms_dd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-cms_dd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_dd.o: ../cryptlib.h cms_dd.c cms_lcl.h
-cms_enc.o: ../../e_os.h ../../include/openssl/asn1.h
-cms_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-cms_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-cms_enc.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-cms_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-cms_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-cms_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_enc.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-cms_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-cms_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cms_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-cms_enc.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_enc.c cms_lcl.h
-cms_env.o: ../../e_os.h ../../include/openssl/aes.h
-cms_env.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-cms_env.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-cms_env.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
-cms_env.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-cms_env.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-cms_env.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-cms_env.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-cms_env.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-cms_env.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-cms_env.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-cms_env.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-cms_env.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-cms_env.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-cms_env.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-cms_env.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_env.o: ../asn1/asn1_locl.h ../cryptlib.h cms_env.c cms_lcl.h
-cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-cms_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-cms_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-cms_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-cms_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-cms_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-cms_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-cms_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-cms_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cms_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-cms_err.o: cms_err.c
-cms_ess.o: ../../e_os.h ../../include/openssl/asn1.h
-cms_ess.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-cms_ess.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-cms_ess.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_ess.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_ess.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_ess.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-cms_ess.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-cms_ess.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-cms_ess.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_ess.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_ess.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-cms_ess.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-cms_ess.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cms_ess.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-cms_ess.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_ess.c cms_lcl.h
-cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-cms_io.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-cms_io.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-cms_io.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-cms_io.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-cms_io.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-cms_io.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-cms_io.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-cms_io.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-cms_io.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cms_io.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h
-cms_io.o: cms_io.c cms_lcl.h
-cms_kari.o: ../../e_os.h ../../include/openssl/aes.h
-cms_kari.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-cms_kari.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-cms_kari.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
-cms_kari.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-cms_kari.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-cms_kari.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-cms_kari.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-cms_kari.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-cms_kari.o: ../../include/openssl/opensslconf.h
-cms_kari.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_kari.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_kari.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-cms_kari.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-cms_kari.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cms_kari.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-cms_kari.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
-cms_kari.o: cms_kari.c cms_lcl.h
-cms_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-cms_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-cms_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-cms_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-cms_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-cms_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-cms_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-cms_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-cms_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_lib.o: cms.h cms_lcl.h cms_lib.c
-cms_pwri.o: ../../e_os.h ../../include/openssl/aes.h
-cms_pwri.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-cms_pwri.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-cms_pwri.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
-cms_pwri.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-cms_pwri.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-cms_pwri.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-cms_pwri.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-cms_pwri.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-cms_pwri.o: ../../include/openssl/opensslconf.h
-cms_pwri.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_pwri.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_pwri.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-cms_pwri.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-cms_pwri.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cms_pwri.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-cms_pwri.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
-cms_pwri.o: cms_lcl.h cms_pwri.c
-cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
-cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-cms_sd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_sd.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_sd.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_sd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-cms_sd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-cms_sd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-cms_sd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_sd.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-cms_sd.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-cms_sd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-cms_sd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-cms_sd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_sd.o: ../asn1/asn1_locl.h ../cryptlib.h cms_lcl.h cms_sd.c
-cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h
-cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-cms_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-cms_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-cms_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-cms_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-cms_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-cms_smime.o: ../../include/openssl/objects.h
-cms_smime.o: ../../include/openssl/opensslconf.h
-cms_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-cms_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-cms_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-cms_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-cms_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_smime.o: ../asn1/asn1_locl.h ../cryptlib.h cms_lcl.h cms_smime.c
diff --git a/deps/openssl/openssl/crypto/cms/build.info b/deps/openssl/openssl/crypto/cms/build.info
new file mode 100644
index 0000000000..cb675436ef
--- /dev/null
+++ b/deps/openssl/openssl/crypto/cms/build.info
@@ -0,0 +1,5 @@
+LIBS=../../libcrypto
+SOURCE[../../libcrypto]= \
+ cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
+ cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+ cms_pwri.c cms_kari.c
diff --git a/deps/openssl/openssl/crypto/cms/cms.h b/deps/openssl/openssl/crypto/cms/cms.h
deleted file mode 100644
index e6c7f964bf..0000000000
--- a/deps/openssl/openssl/crypto/cms/cms.h
+++ /dev/null
@@ -1,555 +0,0 @@
-/* crypto/cms/cms.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMS_H
-# define HEADER_CMS_H
-
-# include <openssl/x509.h>
-
-# ifdef OPENSSL_NO_CMS
-# error CMS is disabled.
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct CMS_ContentInfo_st CMS_ContentInfo;
-typedef struct CMS_SignerInfo_st CMS_SignerInfo;
-typedef struct CMS_CertificateChoices CMS_CertificateChoices;
-typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
-typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
-typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
-typedef struct CMS_Receipt_st CMS_Receipt;
-typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
-typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
-
-DECLARE_STACK_OF(CMS_SignerInfo)
-DECLARE_STACK_OF(GENERAL_NAMES)
-DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
-DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
-DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-
-# define CMS_SIGNERINFO_ISSUER_SERIAL 0
-# define CMS_SIGNERINFO_KEYIDENTIFIER 1
-
-# define CMS_RECIPINFO_NONE -1
-# define CMS_RECIPINFO_TRANS 0
-# define CMS_RECIPINFO_AGREE 1
-# define CMS_RECIPINFO_KEK 2
-# define CMS_RECIPINFO_PASS 3
-# define CMS_RECIPINFO_OTHER 4
-
-/* S/MIME related flags */
-
-# define CMS_TEXT 0x1
-# define CMS_NOCERTS 0x2
-# define CMS_NO_CONTENT_VERIFY 0x4
-# define CMS_NO_ATTR_VERIFY 0x8
-# define CMS_NOSIGS \
- (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
-# define CMS_NOINTERN 0x10
-# define CMS_NO_SIGNER_CERT_VERIFY 0x20
-# define CMS_NOVERIFY 0x20
-# define CMS_DETACHED 0x40
-# define CMS_BINARY 0x80
-# define CMS_NOATTR 0x100
-# define CMS_NOSMIMECAP 0x200
-# define CMS_NOOLDMIMETYPE 0x400
-# define CMS_CRLFEOL 0x800
-# define CMS_STREAM 0x1000
-# define CMS_NOCRL 0x2000
-# define CMS_PARTIAL 0x4000
-# define CMS_REUSE_DIGEST 0x8000
-# define CMS_USE_KEYID 0x10000
-# define CMS_DEBUG_DECRYPT 0x20000
-# define CMS_KEY_PARAM 0x40000
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
-
-BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
-int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
-
-ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
-int CMS_is_detached(CMS_ContentInfo *cms);
-int CMS_set_detached(CMS_ContentInfo *cms, int detached);
-
-# ifdef HEADER_PEM_H
-DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
-# endif
-int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
-CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
-int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
-
-BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
-int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
-int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
- int flags);
-CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
-int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
-
-int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
- unsigned int flags);
-
-CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data,
- unsigned int flags);
-
-CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
- X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, unsigned int flags);
-
-int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
-CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
-
-int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
- unsigned int flags);
-CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
- unsigned int flags);
-
-int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
- const unsigned char *key, size_t keylen,
- BIO *dcont, BIO *out, unsigned int flags);
-
-CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
- const unsigned char *key,
- size_t keylen, unsigned int flags);
-
-int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
- const unsigned char *key, size_t keylen);
-
-int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
- X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
- STACK_OF(X509) *certs,
- X509_STORE *store, unsigned int flags);
-
-STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
- const EVP_CIPHER *cipher, unsigned int flags);
-
-int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
- BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
-int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
- unsigned char *key, size_t keylen,
- unsigned char *id, size_t idlen);
-int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
- unsigned char *pass, ossl_ssize_t passlen);
-
-STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
-int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
-EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
-CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
-CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
- X509 *recip, unsigned int flags);
-int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
-int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
-int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
- EVP_PKEY **pk, X509 **recip,
- X509_ALGOR **palg);
-int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer,
- ASN1_INTEGER **sno);
-
-CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
- unsigned char *key, size_t keylen,
- unsigned char *id, size_t idlen,
- ASN1_GENERALIZEDTIME *date,
- ASN1_OBJECT *otherTypeId,
- ASN1_TYPE *otherType);
-
-int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
- X509_ALGOR **palg,
- ASN1_OCTET_STRING **pid,
- ASN1_GENERALIZEDTIME **pdate,
- ASN1_OBJECT **potherid,
- ASN1_TYPE **pothertype);
-
-int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
- unsigned char *key, size_t keylen);
-
-int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
- const unsigned char *id, size_t idlen);
-
-int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
- unsigned char *pass,
- ossl_ssize_t passlen);
-
-CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
- int iter, int wrap_nid,
- int pbe_nid,
- unsigned char *pass,
- ossl_ssize_t passlen,
- const EVP_CIPHER *kekciph);
-
-int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-
-int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
- unsigned int flags);
-CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
-
-int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
-const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
-
-CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
-int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
-int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
-STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
-
-CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
-int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
-
-int CMS_SignedData_init(CMS_ContentInfo *cms);
-CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
- X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
- unsigned int flags);
-EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
-EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
-STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
-
-void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
-int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
-int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
- unsigned int flags);
-void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
- X509 **signer, X509_ALGOR **pdig,
- X509_ALGOR **psig);
-ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
-int CMS_SignerInfo_sign(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
-
-int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
-int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
- int algnid, int keysize);
-int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
-
-int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
-int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
- int lastpos);
-int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
- const ASN1_OBJECT *obj, int type,
- const void *bytes, int len);
-int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
- int nid, int type,
- const void *bytes, int len);
-int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
- const char *attrname, int type,
- const void *bytes, int len);
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
- int lastpos, int type);
-
-int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
-int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
- int lastpos);
-int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
- const ASN1_OBJECT *obj, int type,
- const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
- int nid, int type,
- const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
- const char *attrname, int type,
- const void *bytes, int len);
-void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
- int lastpos, int type);
-
-# ifdef HEADER_X509V3_H
-
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
- int allorfirst,
- STACK_OF(GENERAL_NAMES)
- *receiptList, STACK_OF(GENERAL_NAMES)
- *receiptsTo);
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
- ASN1_STRING **pcid,
- int *pallorfirst,
- STACK_OF(GENERAL_NAMES) **plist,
- STACK_OF(GENERAL_NAMES) **prto);
-# endif
-int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
- X509_ALGOR **palg,
- ASN1_OCTET_STRING **pukm);
-STACK_OF(CMS_RecipientEncryptedKey)
-*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
-
-int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
- X509_ALGOR **pubalg,
- ASN1_BIT_STRING **pubkey,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer,
- ASN1_INTEGER **sno);
-
-int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
-
-int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
- ASN1_OCTET_STRING **keyid,
- ASN1_GENERALIZEDTIME **tm,
- CMS_OtherKeyAttribute **other,
- X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
- X509 *cert);
-int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
-EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
-int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
- CMS_RecipientInfo *ri,
- CMS_RecipientEncryptedKey *rek);
-
-int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
- ASN1_OCTET_STRING *ukm, int keylen);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CMS_strings(void);
-
-/* Error codes for the CMS functions. */
-
-/* Function codes. */
-# define CMS_F_CHECK_CONTENT 99
-# define CMS_F_CMS_ADD0_CERT 164
-# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
-# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
-# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
-# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
-# define CMS_F_CMS_ADD1_SIGNER 102
-# define CMS_F_CMS_ADD1_SIGNINGTIME 103
-# define CMS_F_CMS_COMPRESS 104
-# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
-# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
-# define CMS_F_CMS_COPY_CONTENT 107
-# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
-# define CMS_F_CMS_DATA 109
-# define CMS_F_CMS_DATAFINAL 110
-# define CMS_F_CMS_DATAINIT 111
-# define CMS_F_CMS_DECRYPT 112
-# define CMS_F_CMS_DECRYPT_SET1_KEY 113
-# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
-# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
-# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
-# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
-# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
-# define CMS_F_CMS_DIGEST_VERIFY 118
-# define CMS_F_CMS_ENCODE_RECEIPT 161
-# define CMS_F_CMS_ENCRYPT 119
-# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
-# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
-# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
-# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
-# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
-# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
-# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
-# define CMS_F_CMS_ENV_ASN1_CTRL 171
-# define CMS_F_CMS_FINAL 127
-# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
-# define CMS_F_CMS_GET0_CONTENT 129
-# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
-# define CMS_F_CMS_GET0_ENVELOPED 131
-# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
-# define CMS_F_CMS_GET0_SIGNED 133
-# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
-# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
-# define CMS_F_CMS_RECEIPT_VERIFY 160
-# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
-# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
-# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
-# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
-# define CMS_F_CMS_SD_ASN1_CTRL 170
-# define CMS_F_CMS_SET1_IAS 176
-# define CMS_F_CMS_SET1_KEYID 177
-# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
-# define CMS_F_CMS_SET_DETACHED 147
-# define CMS_F_CMS_SIGN 148
-# define CMS_F_CMS_SIGNED_DATA_INIT 149
-# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
-# define CMS_F_CMS_SIGNERINFO_SIGN 151
-# define CMS_F_CMS_SIGNERINFO_VERIFY 152
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
-# define CMS_F_CMS_SIGN_RECEIPT 163
-# define CMS_F_CMS_STREAM 155
-# define CMS_F_CMS_UNCOMPRESS 156
-# define CMS_F_CMS_VERIFY 157
-
-/* Reason codes. */
-# define CMS_R_ADD_SIGNER_ERROR 99
-# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
-# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
-# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
-# define CMS_R_CIPHER_INITIALISATION_ERROR 101
-# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
-# define CMS_R_CMS_DATAFINAL_ERROR 103
-# define CMS_R_CMS_LIB 104
-# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
-# define CMS_R_CONTENT_NOT_FOUND 105
-# define CMS_R_CONTENT_TYPE_MISMATCH 171
-# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
-# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
-# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
-# define CMS_R_CONTENT_VERIFY_ERROR 109
-# define CMS_R_CTRL_ERROR 110
-# define CMS_R_CTRL_FAILURE 111
-# define CMS_R_DECRYPT_ERROR 112
-# define CMS_R_DIGEST_ERROR 161
-# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
-# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
-# define CMS_R_ERROR_SETTING_KEY 115
-# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
-# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
-# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
-# define CMS_R_INVALID_KEY_LENGTH 118
-# define CMS_R_MD_BIO_INIT_ERROR 119
-# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
-# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
-# define CMS_R_MSGSIGDIGEST_ERROR 172
-# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
-# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
-# define CMS_R_NEED_ONE_SIGNER 164
-# define CMS_R_NOT_A_SIGNED_RECEIPT 165
-# define CMS_R_NOT_ENCRYPTED_DATA 122
-# define CMS_R_NOT_KEK 123
-# define CMS_R_NOT_KEY_AGREEMENT 181
-# define CMS_R_NOT_KEY_TRANSPORT 124
-# define CMS_R_NOT_PWRI 177
-# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
-# define CMS_R_NO_CIPHER 126
-# define CMS_R_NO_CONTENT 127
-# define CMS_R_NO_CONTENT_TYPE 173
-# define CMS_R_NO_DEFAULT_DIGEST 128
-# define CMS_R_NO_DIGEST_SET 129
-# define CMS_R_NO_KEY 130
-# define CMS_R_NO_KEY_OR_CERT 174
-# define CMS_R_NO_MATCHING_DIGEST 131
-# define CMS_R_NO_MATCHING_RECIPIENT 132
-# define CMS_R_NO_MATCHING_SIGNATURE 166
-# define CMS_R_NO_MSGSIGDIGEST 167
-# define CMS_R_NO_PASSWORD 178
-# define CMS_R_NO_PRIVATE_KEY 133
-# define CMS_R_NO_PUBLIC_KEY 134
-# define CMS_R_NO_RECEIPT_REQUEST 168
-# define CMS_R_NO_SIGNERS 135
-# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
-# define CMS_R_RECEIPT_DECODE_ERROR 169
-# define CMS_R_RECIPIENT_ERROR 137
-# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
-# define CMS_R_SIGNFINAL_ERROR 139
-# define CMS_R_SMIME_TEXT_ERROR 140
-# define CMS_R_STORE_INIT_ERROR 141
-# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
-# define CMS_R_TYPE_NOT_DATA 143
-# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
-# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
-# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
-# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
-# define CMS_R_UNKNOWN_CIPHER 148
-# define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
-# define CMS_R_UNKNOWN_ID 150
-# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
-# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
-# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
-# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
-# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
-# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
-# define CMS_R_UNSUPPORTED_TYPE 156
-# define CMS_R_UNWRAP_ERROR 157
-# define CMS_R_UNWRAP_FAILURE 180
-# define CMS_R_VERIFICATION_FAILURE 158
-# define CMS_R_WRAP_ERROR 159
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/deps/openssl/openssl/crypto/cms/cms_asn1.c b/deps/openssl/openssl/crypto/cms/cms_asn1.c
index 81a3407f12..0a594f41d9 100644
--- a/deps/openssl/openssl/crypto/cms/cms_asn1.c
+++ b/deps/openssl/openssl/crypto/cms/cms_asn1.c
@@ -1,61 +1,16 @@
-/* crypto/cms/cms_asn1.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
-#include "cms.h"
+#include <openssl/cms.h>
#include "cms_lcl.h"
@@ -67,7 +22,7 @@ ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {
ASN1_SEQUENCE(CMS_OtherCertificateFormat) = {
ASN1_SIMPLE(CMS_OtherCertificateFormat, otherCertFormat, ASN1_OBJECT),
ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY)
-} ASN1_SEQUENCE_END(CMS_OtherCertificateFormat)
+} static_ASN1_SEQUENCE_END(CMS_OtherCertificateFormat)
ASN1_CHOICE(CMS_CertificateChoices) = {
ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509),
@@ -80,12 +35,12 @@ ASN1_CHOICE(CMS_CertificateChoices) = {
ASN1_CHOICE(CMS_SignerIdentifier) = {
ASN1_SIMPLE(CMS_SignerIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0)
-} ASN1_CHOICE_END(CMS_SignerIdentifier)
+} static_ASN1_CHOICE_END(CMS_SignerIdentifier)
ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = {
ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT),
ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0)
-} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
+} static_ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
/* Minor tweak to operation: free up signer key, cert */
static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -93,12 +48,9 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
{
if (operation == ASN1_OP_FREE_POST) {
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
- if (si->pkey)
- EVP_PKEY_free(si->pkey);
- if (si->signer)
- X509_free(si->signer);
- if (si->pctx)
- EVP_MD_CTX_cleanup(&si->mctx);
+ EVP_PKEY_free(si->pkey);
+ X509_free(si->signer);
+ EVP_MD_CTX_free(si->mctx);
}
return 1;
}
@@ -116,7 +68,7 @@ ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {
ASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = {
ASN1_SIMPLE(CMS_OtherRevocationInfoFormat, otherRevInfoFormat, ASN1_OBJECT),
ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY)
-} ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat)
+} static_ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat)
ASN1_CHOICE(CMS_RevocationInfoChoice) = {
ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL),
@@ -135,13 +87,13 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
ASN1_SEQUENCE(CMS_OriginatorInfo) = {
ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0),
ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
-} ASN1_SEQUENCE_END(CMS_OriginatorInfo)
+} static_ASN1_SEQUENCE_END(CMS_OriginatorInfo)
ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT),
ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR),
ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0)
-} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
+} static_ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, LONG),
@@ -164,15 +116,14 @@ ASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = {
ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {
ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
-} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
+} static_ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg)
{
CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval;
if (operation == ASN1_OP_FREE_POST) {
- if (rek->pkey)
- EVP_PKEY_free(rek->pkey);
+ EVP_PKEY_free(rek->pkey);
}
return 1;
}
@@ -191,20 +142,21 @@ ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
-} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
+} static_ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg)
{
CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval;
if (operation == ASN1_OP_NEW_POST) {
- EVP_CIPHER_CTX_init(&kari->ctx);
- EVP_CIPHER_CTX_set_flags(&kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
+ kari->ctx = EVP_CIPHER_CTX_new();
+ if (kari->ctx == NULL)
+ return 0;
+ EVP_CIPHER_CTX_set_flags(kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
kari->pctx = NULL;
} else if (operation == ASN1_OP_FREE_POST) {
- if (kari->pctx)
- EVP_PKEY_CTX_free(kari->pctx);
- EVP_CIPHER_CTX_cleanup(&kari->ctx);
+ EVP_PKEY_CTX_free(kari->pctx);
+ EVP_CIPHER_CTX_free(kari->ctx);
}
return 1;
}
@@ -221,7 +173,7 @@ ASN1_SEQUENCE(CMS_KEKIdentifier) = {
ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING),
ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME),
ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute)
-} ASN1_SEQUENCE_END(CMS_KEKIdentifier)
+} static_ASN1_SEQUENCE_END(CMS_KEKIdentifier)
ASN1_SEQUENCE(CMS_KEKRecipientInfo) = {
ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG),
@@ -240,7 +192,7 @@ ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
-} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
+} static_ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
/* Free up RecipientInfo additional data */
static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -250,24 +202,15 @@ static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
if (ri->type == CMS_RECIPINFO_TRANS) {
CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
- if (ktri->pkey)
- EVP_PKEY_free(ktri->pkey);
- if (ktri->recip)
- X509_free(ktri->recip);
- if (ktri->pctx)
- EVP_PKEY_CTX_free(ktri->pctx);
+ EVP_PKEY_free(ktri->pkey);
+ X509_free(ktri->recip);
+ EVP_PKEY_CTX_free(ktri->pctx);
} else if (ri->type == CMS_RECIPINFO_KEK) {
CMS_KEKRecipientInfo *kekri = ri->d.kekri;
- if (kekri->key) {
- OPENSSL_cleanse(kekri->key, kekri->keylen);
- OPENSSL_free(kekri->key);
- }
+ OPENSSL_clear_free(kekri->key, kekri->keylen);
} else if (ri->type == CMS_RECIPINFO_PASS) {
CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
- if (pwri->pass) {
- OPENSSL_cleanse(pwri->pass, pwri->passlen);
- OPENSSL_free(pwri->pass);
- }
+ OPENSSL_clear_free(pwri->pass, pwri->passlen);
}
}
return 1;
@@ -312,7 +255,7 @@ ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = {
ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, authAttrs, X509_ALGOR, 2),
ASN1_SIMPLE(CMS_AuthenticatedData, mac, ASN1_OCTET_STRING),
ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3)
-} ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
+} static_ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
ASN1_NDEF_SEQUENCE(CMS_CompressedData) = {
ASN1_SIMPLE(CMS_CompressedData, version, LONG),
@@ -349,6 +292,7 @@ static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
case ASN1_OP_STREAM_PRE:
if (CMS_stream(&sarg->boundary, cms) <= 0)
return 0;
+ /* fall thru */
case ASN1_OP_DETACHED_PRE:
sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
if (!sarg->ndef_bio)
@@ -396,7 +340,7 @@ ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
ASN1_CHOICE(CMS_ReceiptsFrom) = {
ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
-} ASN1_CHOICE_END(CMS_ReceiptsFrom)
+} static_ASN1_CHOICE_END(CMS_ReceiptsFrom)
ASN1_SEQUENCE(CMS_ReceiptRequest) = {
ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
@@ -426,7 +370,7 @@ ASN1_SEQUENCE(CMS_SharedInfo) = {
ASN1_SIMPLE(CMS_SharedInfo, keyInfo, X509_ALGOR),
ASN1_EXP_OPT(CMS_SharedInfo, entityUInfo, ASN1_OCTET_STRING, 0),
ASN1_EXP_OPT(CMS_SharedInfo, suppPubInfo, ASN1_OCTET_STRING, 2),
-} ASN1_SEQUENCE_END(CMS_SharedInfo)
+} static_ASN1_SEQUENCE_END(CMS_SharedInfo)
int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
ASN1_OCTET_STRING *ukm, int keylen)
diff --git a/deps/openssl/openssl/crypto/cms/cms_att.c b/deps/openssl/openssl/crypto/cms/cms_att.c
index f79a49d518..664e64971b 100644
--- a/deps/openssl/openssl/crypto/cms/cms_att.c
+++ b/deps/openssl/openssl/crypto/cms/cms_att.c
@@ -1,62 +1,17 @@
-/* crypto/cms/cms_att.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
-#include "cms.h"
+#include <openssl/cms.h>
#include "cms_lcl.h"
/* CMS SignedData Attribute utilities */
@@ -71,7 +26,7 @@ int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos)
return X509at_get_attr_by_NID(si->signedAttrs, nid, lastpos);
}
-int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj,
int lastpos)
{
return X509at_get_attr_by_OBJ(si->signedAttrs, obj, lastpos);
@@ -120,7 +75,7 @@ int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
return 0;
}
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid,
int lastpos, int type)
{
return X509at_get0_data_by_OBJ(si->signedAttrs, oid, lastpos, type);
@@ -137,8 +92,8 @@ int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
return X509at_get_attr_by_NID(si->unsignedAttrs, nid, lastpos);
}
-int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
- int lastpos)
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int lastpos)
{
return X509at_get_attr_by_OBJ(si->unsignedAttrs, obj, lastpos);
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_cd.c b/deps/openssl/openssl/crypto/cms/cms_cd.c
index aa3238f584..f05e308418 100644
--- a/deps/openssl/openssl/crypto/cms/cms_cd.c
+++ b/deps/openssl/openssl/crypto/cms/cms_cd.c
@@ -1,71 +1,22 @@
-/* crypto/cms/cms_cd.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/bio.h>
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
+#include <openssl/comp.h>
#include "cms_lcl.h"
-DECLARE_ASN1_ITEM(CMS_CompressedData)
-
#ifdef ZLIB
/* CMS CompressedData Utilities */
@@ -84,12 +35,12 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
return NULL;
}
cms = CMS_ContentInfo_new();
- if (!cms)
+ if (cms == NULL)
return NULL;
cd = M_ASN1_new_of(CMS_CompressedData);
- if (!cd)
+ if (cd == NULL)
goto err;
cms->contentType = OBJ_nid2obj(NID_id_smime_ct_compressedData);
@@ -105,17 +56,14 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
return cms;
err:
-
- if (cms)
- CMS_ContentInfo_free(cms);
-
+ CMS_ContentInfo_free(cms);
return NULL;
}
BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms)
{
CMS_CompressedData *cd;
- ASN1_OBJECT *compoid;
+ const ASN1_OBJECT *compoid;
if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData) {
CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
diff --git a/deps/openssl/openssl/crypto/cms/cms_dd.c b/deps/openssl/openssl/crypto/cms/cms_dd.c
index 23e9f2d3a4..5da6802fcd 100644
--- a/deps/openssl/openssl/crypto/cms/cms_dd.c
+++ b/deps/openssl/openssl/crypto/cms/cms_dd.c
@@ -1,58 +1,13 @@
-/* crypto/cms/cms_dd.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
@@ -60,8 +15,6 @@
#include <openssl/cms.h>
#include "cms_lcl.h"
-DECLARE_ASN1_ITEM(CMS_DigestedData)
-
/* CMS DigestedData Utilities */
CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
@@ -69,12 +22,12 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
CMS_ContentInfo *cms;
CMS_DigestedData *dd;
cms = CMS_ContentInfo_new();
- if (!cms)
+ if (cms == NULL)
return NULL;
dd = M_ASN1_new_of(CMS_DigestedData);
- if (!dd)
+ if (dd == NULL)
goto err;
cms->contentType = OBJ_nid2obj(NID_pkcs7_digest);
@@ -83,15 +36,12 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
dd->version = 0;
dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
- cms_DigestAlgorithm_set(dd->digestAlgorithm, md);
+ X509_ALGOR_set_md(dd->digestAlgorithm, md);
return cms;
err:
-
- if (cms)
- CMS_ContentInfo_free(cms);
-
+ CMS_ContentInfo_free(cms);
return NULL;
}
@@ -104,19 +54,23 @@ BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms)
int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_new();
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
int r = 0;
CMS_DigestedData *dd;
- EVP_MD_CTX_init(&mctx);
+
+ if (mctx == NULL) {
+ CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
dd = cms->d.digestedData;
- if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
+ if (!cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm))
goto err;
- if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
+ if (EVP_DigestFinal_ex(mctx, md, &mdlen) <= 0)
goto err;
if (verify) {
@@ -138,7 +92,7 @@ int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
}
err:
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_free(mctx);
return r;
diff --git a/deps/openssl/openssl/crypto/cms/cms_enc.c b/deps/openssl/openssl/crypto/cms/cms_enc.c
index 90b1fcc750..ed913426bc 100644
--- a/deps/openssl/openssl/crypto/cms/cms_enc.c
+++ b/deps/openssl/openssl/crypto/cms/cms_enc.c
@@ -1,58 +1,13 @@
-/* crypto/cms/cms_enc.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
@@ -63,8 +18,6 @@
/* CMS EncryptedData Utilities */
-DECLARE_ASN1_ITEM(CMS_EncryptedData)
-
/* Return BIO based on EncryptedContentInfo and key */
BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
@@ -84,7 +37,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
enc = ec->cipher ? 1 : 0;
b = BIO_new(BIO_f_cipher());
- if (!b) {
+ if (b == NULL) {
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
return NULL;
}
@@ -132,7 +85,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
/* Generate random session key */
if (!enc || !ec->key) {
tkey = OPENSSL_malloc(tkeylen);
- if (!tkey) {
+ if (tkey == NULL) {
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -164,8 +117,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
goto err;
} else {
/* Use random key */
- OPENSSL_cleanse(ec->key, ec->keylen);
- OPENSSL_free(ec->key);
+ OPENSSL_clear_free(ec->key, ec->keylen);
ec->key = tkey;
ec->keylen = tkeylen;
tkey = NULL;
@@ -199,15 +151,11 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
ok = 1;
err:
- if (ec->key && (!keep_key || !ok)) {
- OPENSSL_cleanse(ec->key, ec->keylen);
- OPENSSL_free(ec->key);
+ if (!keep_key || !ok) {
+ OPENSSL_clear_free(ec->key, ec->keylen);
ec->key = NULL;
}
- if (tkey) {
- OPENSSL_cleanse(tkey, tkeylen);
- OPENSSL_free(tkey);
- }
+ OPENSSL_clear_free(tkey, tkeylen);
if (ok)
return b;
BIO_free(b);
@@ -221,7 +169,7 @@ int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
ec->cipher = cipher;
if (key) {
ec->key = OPENSSL_malloc(keylen);
- if (!ec->key)
+ if (ec->key == NULL)
return 0;
memcpy(ec->key, key, keylen);
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_env.c b/deps/openssl/openssl/crypto/cms/cms_env.c
index 93c06cb00a..8d45943530 100644
--- a/deps/openssl/openssl/crypto/cms/cms_env.c
+++ b/deps/openssl/openssl/crypto/cms/cms_env.c
@@ -1,77 +1,25 @@
-/* crypto/cms/cms_env.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include <openssl/rand.h>
#include <openssl/aes.h>
#include "cms_lcl.h"
-#include "asn1_locl.h"
+#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
/* CMS EnvelopedData Utilities */
-DECLARE_ASN1_ITEM(CMS_EnvelopedData)
-DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
-
-DECLARE_STACK_OF(CMS_RecipientInfo)
-
CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
@@ -158,18 +106,17 @@ CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
CMS_ContentInfo *cms;
CMS_EnvelopedData *env;
cms = CMS_ContentInfo_new();
- if (!cms)
+ if (cms == NULL)
goto merr;
env = cms_enveloped_data_init(cms);
- if (!env)
+ if (env == NULL)
goto merr;
if (!cms_EncryptedContent_init(env->encryptedContentInfo,
cipher, NULL, 0))
goto merr;
return cms;
merr:
- if (cms)
- CMS_ContentInfo_free(cms);
+ CMS_ContentInfo_free(cms);
CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
return NULL;
}
@@ -207,14 +154,15 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype))
return 0;
- CRYPTO_add(&recip->references, 1, CRYPTO_LOCK_X509);
- CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ X509_up_ref(recip);
+ EVP_PKEY_up_ref(pk);
+
ktri->pkey = pk;
ktri->recip = recip;
if (flags & CMS_KEY_PARAM) {
ktri->pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
- if (!ktri->pctx)
+ if (ktri->pctx == NULL)
return 0;
if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
return 0;
@@ -242,7 +190,7 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
if (!ri)
goto merr;
- pk = X509_get_pubkey(recip);
+ pk = X509_get0_pubkey(recip);
if (!pk) {
CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, CMS_R_ERROR_GETTING_PUBLIC_KEY);
goto err;
@@ -270,17 +218,12 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
goto merr;
- EVP_PKEY_free(pk);
-
return ri;
merr:
CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE);
err:
- if (ri)
- M_ASN1_free_of(ri, CMS_RecipientInfo);
- if (pk)
- EVP_PKEY_free(pk);
+ M_ASN1_free_of(ri, CMS_RecipientInfo);
return NULL;
}
@@ -370,7 +313,7 @@ static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
goto err;
} else {
pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
- if (!pctx)
+ if (pctx == NULL)
return 0;
if (EVP_PKEY_encrypt_init(pctx) <= 0)
@@ -402,12 +345,9 @@ static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
ret = 1;
err:
- if (pctx) {
- EVP_PKEY_CTX_free(pctx);
- ktri->pctx = NULL;
- }
- if (ek)
- OPENSSL_free(ek);
+ EVP_PKEY_CTX_free(pctx);
+ ktri->pctx = NULL;
+ OPENSSL_free(ek);
return ret;
}
@@ -431,7 +371,7 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
}
ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (!ktri->pctx)
+ if (ktri->pctx == NULL)
return 0;
if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0)
@@ -467,20 +407,14 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
ret = 1;
- if (ec->key) {
- OPENSSL_cleanse(ec->key, ec->keylen);
- OPENSSL_free(ec->key);
- }
-
+ OPENSSL_clear_free(ec->key, ec->keylen);
ec->key = ek;
ec->keylen = eklen;
err:
- if (ktri->pctx) {
- EVP_PKEY_CTX_free(ktri->pctx);
- ktri->pctx = NULL;
- }
- if (!ret && ek)
+ EVP_PKEY_CTX_free(ktri->pctx);
+ ktri->pctx = NULL;
+ if (!ret)
OPENSSL_free(ek);
return ret;
@@ -619,8 +553,7 @@ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
merr:
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE);
err:
- if (ri)
- M_ASN1_free_of(ri, CMS_RecipientInfo);
+ M_ASN1_free_of(ri, CMS_RecipientInfo);
return NULL;
}
@@ -703,7 +636,7 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms,
wkey = OPENSSL_malloc(ec->keylen + 8);
- if (!wkey) {
+ if (wkey == NULL) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -721,7 +654,7 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms,
err:
- if (!r && wkey)
+ if (!r)
OPENSSL_free(wkey);
OPENSSL_cleanse(&actx, sizeof(actx));
@@ -773,7 +706,7 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8);
- if (!ukey) {
+ if (ukey == NULL) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -794,7 +727,7 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
err:
- if (!r && ukey)
+ if (!r)
OPENSSL_free(ukey);
OPENSSL_cleanse(&actx, sizeof(actx));
@@ -832,11 +765,9 @@ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
case CMS_RECIPINFO_KEK:
return cms_RecipientInfo_kekri_encrypt(cms, ri);
- break;
case CMS_RECIPINFO_PASS:
return cms_RecipientInfo_pwri_crypt(cms, ri, 1);
- break;
default:
CMSerr(CMS_F_CMS_RECIPIENTINFO_ENCRYPT,
@@ -901,10 +832,10 @@ static void cms_env_set_version(CMS_EnvelopedData *env)
env->version = 2;
}
}
- if (env->version == 2)
- return;
if (env->originatorInfo || env->unprotectedAttrs)
env->version = 2;
+ if (env->version == 2)
+ return;
env->version = 0;
}
@@ -944,12 +875,9 @@ BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
err:
ec->cipher = NULL;
- if (ec->key) {
- OPENSSL_cleanse(ec->key, ec->keylen);
- OPENSSL_free(ec->key);
- ec->key = NULL;
- ec->keylen = 0;
- }
+ OPENSSL_clear_free(ec->key, ec->keylen);
+ ec->key = NULL;
+ ec->keylen = 0;
if (ok)
return ret;
BIO_free(ret);
diff --git a/deps/openssl/openssl/crypto/cms/cms_err.c b/deps/openssl/openssl/crypto/cms/cms_err.c
index 15572ea348..c6df1b5afe 100644
--- a/deps/openssl/openssl/crypto/cms/cms_err.c
+++ b/deps/openssl/openssl/crypto/cms/cms_err.c
@@ -1,62 +1,11 @@
-/* crypto/cms/cms_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2013 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
@@ -70,7 +19,7 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason)
static ERR_STRING_DATA CMS_str_functs[] = {
- {ERR_FUNC(CMS_F_CHECK_CONTENT), "CHECK_CONTENT"},
+ {ERR_FUNC(CMS_F_CHECK_CONTENT), "check_content"},
{ERR_FUNC(CMS_F_CMS_ADD0_CERT), "CMS_add0_cert"},
{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY), "CMS_add0_recipient_key"},
{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD),
@@ -78,13 +27,13 @@ static ERR_STRING_DATA CMS_str_functs[] = {
{ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST), "CMS_add1_ReceiptRequest"},
{ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT), "CMS_add1_recipient_cert"},
{ERR_FUNC(CMS_F_CMS_ADD1_SIGNER), "CMS_add1_signer"},
- {ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME), "CMS_ADD1_SIGNINGTIME"},
+ {ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME), "cms_add1_signingTime"},
{ERR_FUNC(CMS_F_CMS_COMPRESS), "CMS_compress"},
{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_CREATE), "cms_CompressedData_create"},
{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO),
"cms_CompressedData_init_bio"},
- {ERR_FUNC(CMS_F_CMS_COPY_CONTENT), "CMS_COPY_CONTENT"},
- {ERR_FUNC(CMS_F_CMS_COPY_MESSAGEDIGEST), "CMS_COPY_MESSAGEDIGEST"},
+ {ERR_FUNC(CMS_F_CMS_COPY_CONTENT), "cms_copy_content"},
+ {ERR_FUNC(CMS_F_CMS_COPY_MESSAGEDIGEST), "cms_copy_messageDigest"},
{ERR_FUNC(CMS_F_CMS_DATA), "CMS_data"},
{ERR_FUNC(CMS_F_CMS_DATAFINAL), "CMS_dataFinal"},
{ERR_FUNC(CMS_F_CMS_DATAINIT), "CMS_dataInit"},
@@ -109,17 +58,17 @@ static ERR_STRING_DATA CMS_str_functs[] = {
{ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_CREATE), "CMS_EnvelopedData_create"},
{ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO),
"cms_EnvelopedData_init_bio"},
- {ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT), "CMS_ENVELOPED_DATA_INIT"},
+ {ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT), "cms_enveloped_data_init"},
{ERR_FUNC(CMS_F_CMS_ENV_ASN1_CTRL), "cms_env_asn1_ctrl"},
{ERR_FUNC(CMS_F_CMS_FINAL), "CMS_final"},
{ERR_FUNC(CMS_F_CMS_GET0_CERTIFICATE_CHOICES),
- "CMS_GET0_CERTIFICATE_CHOICES"},
+ "cms_get0_certificate_choices"},
{ERR_FUNC(CMS_F_CMS_GET0_CONTENT), "CMS_get0_content"},
- {ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE), "CMS_GET0_ECONTENT_TYPE"},
+ {ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE), "cms_get0_econtent_type"},
{ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "cms_get0_enveloped"},
{ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),
- "CMS_GET0_REVOCATION_CHOICES"},
- {ERR_FUNC(CMS_F_CMS_GET0_SIGNED), "CMS_GET0_SIGNED"},
+ "cms_get0_revocation_choices"},
+ {ERR_FUNC(CMS_F_CMS_GET0_SIGNED), "cms_get0_signed"},
{ERR_FUNC(CMS_F_CMS_MSGSIGDIGEST_ADD1), "cms_msgSigDigest_add1"},
{ERR_FUNC(CMS_F_CMS_RECEIPTREQUEST_CREATE0),
"CMS_ReceiptRequest_create0"},
@@ -137,9 +86,9 @@ static ERR_STRING_DATA CMS_str_functs[] = {
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP),
"CMS_RecipientInfo_kari_orig_id_cmp"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT),
- "CMS_RECIPIENTINFO_KEKRI_DECRYPT"},
+ "cms_RecipientInfo_kekri_decrypt"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT),
- "CMS_RECIPIENTINFO_KEKRI_ENCRYPT"},
+ "cms_RecipientInfo_kekri_encrypt"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID),
"CMS_RecipientInfo_kekri_get0_id"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP),
@@ -147,9 +96,9 @@ static ERR_STRING_DATA CMS_str_functs[] = {
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP),
"CMS_RecipientInfo_ktri_cert_cmp"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT),
- "CMS_RECIPIENTINFO_KTRI_DECRYPT"},
+ "cms_RecipientInfo_ktri_decrypt"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT),
- "CMS_RECIPIENTINFO_KTRI_ENCRYPT"},
+ "cms_RecipientInfo_ktri_encrypt"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS),
"CMS_RecipientInfo_ktri_get0_algs"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID),
@@ -162,19 +111,19 @@ static ERR_STRING_DATA CMS_str_functs[] = {
"CMS_RecipientInfo_set0_password"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY),
"CMS_RecipientInfo_set0_pkey"},
- {ERR_FUNC(CMS_F_CMS_SD_ASN1_CTRL), "CMS_SD_ASN1_CTRL"},
+ {ERR_FUNC(CMS_F_CMS_SD_ASN1_CTRL), "cms_sd_asn1_ctrl"},
{ERR_FUNC(CMS_F_CMS_SET1_IAS), "cms_set1_ias"},
{ERR_FUNC(CMS_F_CMS_SET1_KEYID), "cms_set1_keyid"},
{ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER), "cms_set1_SignerIdentifier"},
{ERR_FUNC(CMS_F_CMS_SET_DETACHED), "CMS_set_detached"},
{ERR_FUNC(CMS_F_CMS_SIGN), "CMS_sign"},
- {ERR_FUNC(CMS_F_CMS_SIGNED_DATA_INIT), "CMS_SIGNED_DATA_INIT"},
+ {ERR_FUNC(CMS_F_CMS_SIGNED_DATA_INIT), "cms_signed_data_init"},
{ERR_FUNC(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN),
- "CMS_SIGNERINFO_CONTENT_SIGN"},
+ "cms_SignerInfo_content_sign"},
{ERR_FUNC(CMS_F_CMS_SIGNERINFO_SIGN), "CMS_SignerInfo_sign"},
{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY), "CMS_SignerInfo_verify"},
{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CERT),
- "CMS_SIGNERINFO_VERIFY_CERT"},
+ "cms_signerinfo_verify_cert"},
{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),
"CMS_SignerInfo_verify_content"},
{ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT), "CMS_sign_receipt"},
@@ -210,7 +159,6 @@ static ERR_STRING_DATA CMS_str_reasons[] = {
{ERR_REASON(CMS_R_CTRL_ERROR), "ctrl error"},
{ERR_REASON(CMS_R_CTRL_FAILURE), "ctrl failure"},
{ERR_REASON(CMS_R_DECRYPT_ERROR), "decrypt error"},
- {ERR_REASON(CMS_R_DIGEST_ERROR), "digest error"},
{ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"},
{ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
"error reading messagedigest attribute"},
@@ -297,7 +245,7 @@ static ERR_STRING_DATA CMS_str_reasons[] = {
#endif
-void ERR_load_CMS_strings(void)
+int ERR_load_CMS_strings(void)
{
#ifndef OPENSSL_NO_ERR
@@ -306,4 +254,5 @@ void ERR_load_CMS_strings(void)
ERR_load_strings(0, CMS_str_reasons);
}
#endif
+ return 1;
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_ess.c b/deps/openssl/openssl/crypto/cms/cms_ess.c
index 8212560628..4780231c22 100644
--- a/deps/openssl/openssl/crypto/cms/cms_ess.c
+++ b/deps/openssl/openssl/crypto/cms/cms_ess.c
@@ -1,58 +1,13 @@
-/* crypto/cms/cms_ess.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
@@ -61,9 +16,6 @@
#include <openssl/cms.h>
#include "cms_lcl.h"
-DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
-DECLARE_ASN1_ITEM(CMS_Receipt)
-
IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
/* ESS services: for now just Signed Receipt related */
@@ -100,7 +52,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
CMS_ReceiptRequest *rr = NULL;
rr = CMS_ReceiptRequest_new();
- if (!rr)
+ if (rr == NULL)
goto merr;
if (id)
ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
@@ -128,9 +80,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
err:
- if (rr)
- CMS_ReceiptRequest_free(rr);
-
+ CMS_ReceiptRequest_free(rr);
return NULL;
}
@@ -154,8 +104,7 @@ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
if (!r)
CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
- if (rrder)
- OPENSSL_free(rrder);
+ OPENSSL_free(rrder);
return r;
@@ -338,11 +287,8 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
r = 1;
err:
- if (rr)
- CMS_ReceiptRequest_free(rr);
- if (rct)
- M_ASN1_free_of(rct, CMS_Receipt);
-
+ CMS_ReceiptRequest_free(rr);
+ M_ASN1_free_of(rct, CMS_Receipt);
return r;
}
@@ -386,9 +332,6 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
err:
- if (rr)
- CMS_ReceiptRequest_free(rr);
-
+ CMS_ReceiptRequest_free(rr);
return os;
-
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_io.c b/deps/openssl/openssl/crypto/cms/cms_io.c
index ec51f8e680..d18f980a97 100644
--- a/deps/openssl/openssl/crypto/cms/cms_io.c
+++ b/deps/openssl/openssl/crypto/cms/cms_io.c
@@ -1,73 +1,28 @@
-/* crypto/cms/cms_io.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/err.h>
#include <openssl/pem.h>
-#include "cms.h"
+#include <openssl/cms.h>
#include "cms_lcl.h"
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
{
ASN1_OCTET_STRING **pos;
pos = CMS_get0_content(cms);
- if (!pos)
+ if (pos == NULL)
return 0;
- if (!*pos)
+ if (*pos == NULL)
*pos = ASN1_OCTET_STRING_new();
- if (*pos) {
+ if (*pos != NULL) {
(*pos)->flags |= ASN1_STRING_FLAG_NDEF;
(*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
*boundary = &(*pos)->data;
diff --git a/deps/openssl/openssl/crypto/cms/cms_kari.c b/deps/openssl/openssl/crypto/cms/cms_kari.c
index ee283172d3..3bc46febf6 100644
--- a/deps/openssl/openssl/crypto/cms/cms_kari.c
+++ b/deps/openssl/openssl/crypto/cms/cms_kari.c
@@ -1,72 +1,21 @@
-/* crypto/cms/cms_kari.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include <openssl/rand.h>
#include <openssl/aes.h>
#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-DECLARE_ASN1_ITEM(CMS_KeyAgreeRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_RecipientEncryptedKey)
-DECLARE_ASN1_ITEM(CMS_OriginatorPublicKey)
-DECLARE_ASN1_ITEM(CMS_RecipientKeyIdentifier)
+#include "internal/asn1_int.h"
/* Key Agreement Recipient Info (KARI) routines */
@@ -207,10 +156,9 @@ int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
{
EVP_PKEY_CTX *pctx;
CMS_KeyAgreeRecipientInfo *kari = ri->d.kari;
- if (kari->pctx) {
- EVP_PKEY_CTX_free(kari->pctx);
- kari->pctx = NULL;
- }
+
+ EVP_PKEY_CTX_free(kari->pctx);
+ kari->pctx = NULL;
if (!pk)
return 1;
pctx = EVP_PKEY_CTX_new(pk, NULL);
@@ -219,15 +167,14 @@ int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
kari->pctx = pctx;
return 1;
err:
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
+ EVP_PKEY_CTX_free(pctx);
return 0;
}
EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri)
{
if (ri->type == CMS_RECIPINFO_AGREE)
- return &ri->d.kari->ctx;
+ return ri->d.kari->ctx;
return NULL;
}
@@ -246,22 +193,22 @@ static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
int rv = 0;
unsigned char *out = NULL;
int outlen;
- keklen = EVP_CIPHER_CTX_key_length(&kari->ctx);
+ keklen = EVP_CIPHER_CTX_key_length(kari->ctx);
if (keklen > EVP_MAX_KEY_LENGTH)
return 0;
/* Derive KEK */
if (EVP_PKEY_derive(kari->pctx, kek, &keklen) <= 0)
goto err;
/* Set KEK in context */
- if (!EVP_CipherInit_ex(&kari->ctx, NULL, NULL, kek, NULL, enc))
+ if (!EVP_CipherInit_ex(kari->ctx, NULL, NULL, kek, NULL, enc))
goto err;
/* obtain output length of ciphered key */
- if (!EVP_CipherUpdate(&kari->ctx, NULL, &outlen, in, inlen))
+ if (!EVP_CipherUpdate(kari->ctx, NULL, &outlen, in, inlen))
goto err;
out = OPENSSL_malloc(outlen);
- if (!out)
+ if (out == NULL)
goto err;
- if (!EVP_CipherUpdate(&kari->ctx, out, &outlen, in, inlen))
+ if (!EVP_CipherUpdate(kari->ctx, out, &outlen, in, inlen))
goto err;
*pout = out;
*poutlen = (size_t)outlen;
@@ -269,9 +216,10 @@ static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
err:
OPENSSL_cleanse(kek, keklen);
- if (!rv && out)
+ if (!rv)
OPENSSL_free(out);
- EVP_CIPHER_CTX_cleanup(&kari->ctx);
+ EVP_CIPHER_CTX_reset(kari->ctx);
+ /* FIXME: WHY IS kari->pctx freed here? /RL */
EVP_PKEY_CTX_free(kari->pctx);
kari->pctx = NULL;
return rv;
@@ -295,17 +243,13 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
if (!cms_kek_cipher(&cek, &ceklen, enckey, enckeylen, ri->d.kari, 0))
goto err;
ec = cms->d.envelopedData->encryptedContentInfo;
- if (ec->key) {
- OPENSSL_cleanse(ec->key, ec->keylen);
- OPENSSL_free(ec->key);
- }
+ OPENSSL_clear_free(ec->key, ec->keylen);
ec->key = cek;
ec->keylen = ceklen;
cek = NULL;
rv = 1;
err:
- if (cek)
- OPENSSL_free(cek);
+ OPENSSL_free(cek);
return rv;
}
@@ -332,10 +276,9 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
kari->pctx = pctx;
rv = 1;
err:
- if (!rv && pctx)
+ if (!rv)
EVP_PKEY_CTX_free(pctx);
- if (ekey)
- EVP_PKEY_free(ekey);
+ EVP_PKEY_free(ekey);
return rv;
}
@@ -378,7 +321,7 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
if (!cms_kari_create_ephemeral_key(kari, pk))
return 0;
- CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_up_ref(pk);
rek->pkey = pk;
return 1;
}
@@ -386,7 +329,7 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
const EVP_CIPHER *cipher)
{
- EVP_CIPHER_CTX *ctx = &kari->ctx;
+ EVP_CIPHER_CTX *ctx = kari->ctx;
const EVP_CIPHER *kekcipher;
int keylen = EVP_CIPHER_key_length(cipher);
/* If a suitable wrap algorithm is already set nothing to do */
@@ -437,7 +380,7 @@ int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
if (!cms_wrap_init(kari, ec->cipher))
return 0;
/*
- * If no orignator key set up initialise for ephemeral key the public key
+ * If no originator key set up initialise for ephemeral key the public key
* ASN1 structure will set the actual public key value.
*/
if (kari->originator->type == -1) {
diff --git a/deps/openssl/openssl/crypto/cms/cms_lcl.h b/deps/openssl/openssl/crypto/cms/cms_lcl.h
index 20f2c25f5a..d0c0e81363 100644
--- a/deps/openssl/openssl/crypto/cms/cms_lcl.h
+++ b/deps/openssl/openssl/crypto/cms/cms_lcl.h
@@ -1,55 +1,10 @@
-/* crypto/cms/cms_lcl.h */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#ifndef HEADER_CMS_LCL_H
@@ -109,6 +64,8 @@ struct CMS_ContentInfo_st {
} d;
};
+DEFINE_STACK_OF(CMS_CertificateChoices)
+
struct CMS_SignedData_st {
long version;
STACK_OF(X509_ALGOR) *digestAlgorithms;
@@ -137,7 +94,7 @@ struct CMS_SignerInfo_st {
X509 *signer;
EVP_PKEY *pkey;
/* Digest and public key context for alternative parameters */
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx;
EVP_PKEY_CTX *pctx;
};
@@ -208,7 +165,7 @@ struct CMS_KeyAgreeRecipientInfo_st {
/* Public key context associated with current operation */
EVP_PKEY_CTX *pctx;
/* Cipher context for CEK wrapping */
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
};
struct CMS_OriginatorIdentifierOrKey_st {
@@ -431,7 +388,6 @@ int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
-void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md);
BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
X509_ALGOR *mdalg);
@@ -465,6 +421,23 @@ int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
int en_de);
+DECLARE_ASN1_ITEM(CMS_CertificateChoices)
+DECLARE_ASN1_ITEM(CMS_DigestedData)
+DECLARE_ASN1_ITEM(CMS_EncryptedData)
+DECLARE_ASN1_ITEM(CMS_EnvelopedData)
+DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_KeyAgreeRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_OriginatorPublicKey)
+DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
+DECLARE_ASN1_ITEM(CMS_Receipt)
+DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
+DECLARE_ASN1_ITEM(CMS_RecipientEncryptedKey)
+DECLARE_ASN1_ITEM(CMS_RecipientKeyIdentifier)
+DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
+DECLARE_ASN1_ITEM(CMS_SignedData)
+DECLARE_ASN1_ITEM(CMS_CompressedData)
+
#ifdef __cplusplus
}
#endif
diff --git a/deps/openssl/openssl/crypto/cms/cms_lib.c b/deps/openssl/openssl/crypto/cms/cms_lib.c
index 6d27c4969b..7395684b61 100644
--- a/deps/openssl/openssl/crypto/cms/cms_lib.c
+++ b/deps/openssl/openssl/crypto/cms/cms_lib.c
@@ -1,55 +1,10 @@
-/* crypto/cms/cms_lib.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <openssl/asn1t.h>
@@ -58,18 +13,13 @@
#include <openssl/pem.h>
#include <openssl/bio.h>
#include <openssl/asn1.h>
-#include "cms.h"
+#include <openssl/cms.h>
#include "cms_lcl.h"
IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-DECLARE_ASN1_ITEM(CMS_CertificateChoices)
-DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
-DECLARE_STACK_OF(CMS_CertificateChoices)
-DECLARE_STACK_OF(CMS_RevocationInfoChoice)
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms)
+const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms)
{
return cms->contentType;
}
@@ -78,7 +28,7 @@ CMS_ContentInfo *cms_Data_create(void)
{
CMS_ContentInfo *cms;
cms = CMS_ContentInfo_new();
- if (cms) {
+ if (cms != NULL) {
cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
/* Never detached */
CMS_set_detached(cms, 0);
@@ -159,7 +109,7 @@ int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
if (!pos)
return 0;
- /* If ebmedded content find memory BIO and set content */
+ /* If embedded content find memory BIO and set content */
if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT)) {
BIO *mbio;
unsigned char *cont;
@@ -314,15 +264,13 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached)
if (!pos)
return 0;
if (detached) {
- if (*pos) {
- ASN1_OCTET_STRING_free(*pos);
- *pos = NULL;
- }
+ ASN1_OCTET_STRING_free(*pos);
+ *pos = NULL;
return 1;
}
- if (!*pos)
+ if (*pos == NULL)
*pos = ASN1_OCTET_STRING_new();
- if (*pos) {
+ if (*pos != NULL) {
/*
* NB: special flag to show content is created and not read in.
*/
@@ -333,27 +281,12 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached)
return 0;
}
-/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
-
-void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md)
-{
- int param_type;
-
- if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
- param_type = V_ASN1_UNDEF;
- else
- param_type = V_ASN1_NULL;
-
- X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
-
-}
-
/* Create a digest BIO from an X509_ALGOR structure */
BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
{
BIO *mdbio = NULL;
- ASN1_OBJECT *digestoid;
+ const ASN1_OBJECT *digestoid;
const EVP_MD *digest;
X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
digest = EVP_get_digestbyobj(digestoid);
@@ -363,14 +296,13 @@ BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
goto err;
}
mdbio = BIO_new(BIO_f_md());
- if (!mdbio || !BIO_set_md(mdbio, digest)) {
+ if (mdbio == NULL || !BIO_set_md(mdbio, digest)) {
CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, CMS_R_MD_BIO_INIT_ERROR);
goto err;
}
return mdbio;
err:
- if (mdbio)
- BIO_free(mdbio);
+ BIO_free(mdbio);
return NULL;
}
@@ -380,7 +312,7 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
X509_ALGOR *mdalg)
{
int nid;
- ASN1_OBJECT *mdoid;
+ const ASN1_OBJECT *mdoid;
X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg);
nid = OBJ_obj2nid(mdoid);
/* Look for digest type to match signature */
@@ -477,7 +409,7 @@ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
int r;
r = CMS_add0_cert(cms, cert);
if (r > 0)
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cert);
return r;
}
@@ -539,7 +471,7 @@ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
int r;
r = CMS_add0_crl(cms, crl);
if (r > 0)
- CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(crl);
return r;
}
@@ -564,7 +496,7 @@ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
sk_X509_pop_free(certs, X509_free);
return NULL;
}
- CRYPTO_add(&cch->d.certificate->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cch->d.certificate);
}
}
return certs;
@@ -592,7 +524,7 @@ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms)
sk_X509_CRL_pop_free(crls, X509_CRL_free);
return NULL;
}
- CRYPTO_add(&rch->d.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(rch->d.crl);
}
}
return crls;
@@ -609,10 +541,11 @@ int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
{
- X509_check_purpose(cert, -1, -1);
- if (!cert->skid)
+ const ASN1_OCTET_STRING *cert_keyid = X509_get0_subject_key_id(cert);
+
+ if (cert_keyid == NULL)
return -1;
- return ASN1_OCTET_STRING_cmp(keyid, cert->skid);
+ return ASN1_OCTET_STRING_cmp(keyid, cert_keyid);
}
int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
@@ -625,13 +558,11 @@ int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
goto err;
if (!ASN1_STRING_copy(ias->serialNumber, X509_get_serialNumber(cert)))
goto err;
- if (*pias)
- M_ASN1_free_of(*pias, CMS_IssuerAndSerialNumber);
+ M_ASN1_free_of(*pias, CMS_IssuerAndSerialNumber);
*pias = ias;
return 1;
err:
- if (ias)
- M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber);
+ M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber);
CMSerr(CMS_F_CMS_SET1_IAS, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -639,18 +570,18 @@ int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
{
ASN1_OCTET_STRING *keyid = NULL;
- X509_check_purpose(cert, -1, -1);
- if (!cert->skid) {
+ const ASN1_OCTET_STRING *cert_keyid;
+ cert_keyid = X509_get0_subject_key_id(cert);
+ if (cert_keyid == NULL) {
CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID);
return 0;
}
- keyid = ASN1_STRING_dup(cert->skid);
+ keyid = ASN1_STRING_dup(cert_keyid);
if (!keyid) {
CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE);
return 0;
}
- if (*pkeyid)
- ASN1_OCTET_STRING_free(*pkeyid);
+ ASN1_OCTET_STRING_free(*pkeyid);
*pkeyid = keyid;
return 1;
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_pwri.c b/deps/openssl/openssl/crypto/cms/cms_pwri.c
index 5c817caf2f..0571bb8026 100644
--- a/deps/openssl/openssl/crypto/cms/cms_pwri.c
+++ b/deps/openssl/openssl/crypto/cms/cms_pwri.c
@@ -1,58 +1,13 @@
-/* crypto/cms/cms_pwri.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2009 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
@@ -61,7 +16,7 @@
#include <openssl/rand.h>
#include <openssl/aes.h>
#include "cms_lcl.h"
-#include "asn1_locl.h"
+#include "internal/asn1_int.h"
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
unsigned char *pass, ossl_ssize_t passlen)
@@ -90,7 +45,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
CMS_RecipientInfo *ri = NULL;
CMS_EnvelopedData *env;
CMS_PasswordRecipientInfo *pwri;
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx = NULL;
X509_ALGOR *encalg = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
int ivlen;
@@ -124,19 +79,19 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
if (encalg == NULL) {
goto merr;
}
- EVP_CIPHER_CTX_init(&ctx);
+ ctx = EVP_CIPHER_CTX_new();
- if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
+ if (EVP_EncryptInit_ex(ctx, kekciph, NULL, NULL, NULL) <= 0) {
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
goto err;
}
- ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
+ ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) {
if (RAND_bytes(iv, ivlen) <= 0)
goto err;
- if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
+ if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) {
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
goto err;
}
@@ -145,24 +100,25 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0) {
+ if (EVP_CIPHER_param_to_asn1(ctx, encalg->parameter) <= 0) {
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err;
}
}
- encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
+ encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* Initialize recipient info */
ri = M_ASN1_new_of(CMS_RecipientInfo);
- if (!ri)
+ if (ri == NULL)
goto merr;
ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
- if (!ri->d.pwri)
+ if (ri->d.pwri == NULL)
goto merr;
ri->type = CMS_RECIPINFO_PASS;
@@ -170,11 +126,11 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
/* Since this is overwritten, free up empty structure already there */
X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
- if (!pwri->keyEncryptionAlgorithm)
+ if (pwri->keyEncryptionAlgorithm == NULL)
goto merr;
pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
- if (!pwri->keyEncryptionAlgorithm->parameter)
+ if (pwri->keyEncryptionAlgorithm->parameter == NULL)
goto merr;
if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
@@ -204,11 +160,10 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
merr:
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
err:
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
if (ri)
M_ASN1_free_of(ri, CMS_RecipientInfo);
- if (encalg)
- X509_ALGOR_free(encalg);
+ X509_ALGOR_free(encalg);
return NULL;
}
@@ -234,24 +189,26 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
return 0;
}
tmp = OPENSSL_malloc(inlen);
- if (!tmp)
+ if (tmp == NULL)
return 0;
/* setup IV by decrypting last two blocks */
- EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
- in + inlen - 2 * blocklen, blocklen * 2);
- /*
- * Do a decrypt of last decrypted block to set IV to correct value output
- * it to start of buffer so we don't corrupt decrypted block this works
- * because buffer is at least two block lengths long.
- */
- EVP_DecryptUpdate(ctx, tmp, &outl, tmp + inlen - blocklen, blocklen);
- /* Can now decrypt first n - 1 blocks */
- EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
-
- /* Reset IV to original value */
- EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
- /* Decrypt again */
- EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
+ if (!EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
+ in + inlen - 2 * blocklen, blocklen * 2)
+ /*
+ * Do a decrypt of last decrypted block to set IV to correct value
+ * output it to start of buffer so we don't corrupt decrypted block
+ * this works because buffer is at least two block lengths long.
+ */
+ || !EVP_DecryptUpdate(ctx, tmp, &outl,
+ tmp + inlen - blocklen, blocklen)
+ /* Can now decrypt first n - 1 blocks */
+ || !EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen)
+
+ /* Reset IV to original value */
+ || !EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL)
+ /* Decrypt again */
+ || !EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen))
+ goto err;
/* Check check bytes */
if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) {
/* Check byte failure */
@@ -265,8 +222,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
memcpy(out, tmp + 4, *outlen);
rv = 1;
err:
- OPENSSL_cleanse(tmp, inlen);
- OPENSSL_free(tmp);
+ OPENSSL_clear_free(tmp, inlen);
return rv;
}
@@ -304,8 +260,9 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
&& RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
return 0;
/* Encrypt twice */
- EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
- EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+ if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen)
+ || !EVP_EncryptUpdate(ctx, out, &dummy, out, olen))
+ return 0;
}
*outlen = olen;
@@ -320,11 +277,9 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
{
CMS_EncryptedContentInfo *ec;
CMS_PasswordRecipientInfo *pwri;
- const unsigned char *p = NULL;
- int plen;
int r = 0;
X509_ALGOR *algtmp, *kekalg = NULL;
- EVP_CIPHER_CTX kekctx;
+ EVP_CIPHER_CTX *kekctx = NULL;
const EVP_CIPHER *kekcipher;
unsigned char *key = NULL;
size_t keylen;
@@ -332,7 +287,6 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
ec = cms->d.envelopedData->encryptedContentInfo;
pwri = ri->d.pwri;
- EVP_CIPHER_CTX_init(&kekctx);
if (!pwri->pass) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
@@ -346,11 +300,9 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
return 0;
}
- if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
- p = algtmp->parameter->value.sequence->data;
- plen = algtmp->parameter->value.sequence->length;
- kekalg = d2i_X509_ALGOR(NULL, &p, plen);
- }
+ kekalg = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(X509_ALGOR),
+ algtmp->parameter);
+
if (kekalg == NULL) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
@@ -361,14 +313,19 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
if (!kekcipher) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
- goto err;
+ return 0;
}
+ kekctx = EVP_CIPHER_CTX_new();
+ if (kekctx == NULL) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
/* Fixup cipher based on AlgorithmIdentifier to set IV etc */
- if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
+ if (!EVP_CipherInit_ex(kekctx, kekcipher, NULL, NULL, NULL, en_de))
goto err;
- EVP_CIPHER_CTX_set_padding(&kekctx, 0);
- if (EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0) {
+ EVP_CIPHER_CTX_set_padding(kekctx, 0);
+ if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) < 0) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err;
@@ -380,7 +337,7 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
if (EVP_PBE_CipherInit(algtmp->algorithm,
(char *)pwri->pass, pwri->passlen,
- algtmp->parameter, &kekctx, en_de) < 0) {
+ algtmp->parameter, kekctx, en_de) < 0) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
goto err;
}
@@ -389,28 +346,28 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
if (en_de) {
- if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
+ if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, kekctx))
goto err;
key = OPENSSL_malloc(keylen);
- if (!key)
+ if (key == NULL)
goto err;
- if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
+ if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, kekctx))
goto err;
pwri->encryptedKey->data = key;
pwri->encryptedKey->length = keylen;
} else {
key = OPENSSL_malloc(pwri->encryptedKey->length);
- if (!key) {
+ if (key == NULL) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!kek_unwrap_key(key, &keylen,
pwri->encryptedKey->data,
- pwri->encryptedKey->length, &kekctx)) {
+ pwri->encryptedKey->length, kekctx)) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNWRAP_FAILURE);
goto err;
}
@@ -424,9 +381,9 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
err:
- EVP_CIPHER_CTX_cleanup(&kekctx);
+ EVP_CIPHER_CTX_free(kekctx);
- if (!r && key)
+ if (!r)
OPENSSL_free(key);
X509_ALGOR_free(kekalg);
diff --git a/deps/openssl/openssl/crypto/cms/cms_sd.c b/deps/openssl/openssl/crypto/cms/cms_sd.c
index a41aca8e12..4108fe7082 100644
--- a/deps/openssl/openssl/crypto/cms/cms_sd.c
+++ b/deps/openssl/openssl/crypto/cms/cms_sd.c
@@ -1,58 +1,13 @@
-/* crypto/cms/cms_sd.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
@@ -60,12 +15,11 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include "cms_lcl.h"
-#include "asn1_locl.h"
+#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
/* CMS SignedData Utilities */
-DECLARE_ASN1_ITEM(CMS_SignedData)
-
static CMS_SignedData *cms_get0_signed(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed) {
@@ -94,7 +48,7 @@ static CMS_SignedData *cms_signed_data_init(CMS_ContentInfo *cms)
return cms_get0_signed(cms);
}
-/* Just initialize SignedData e.g. for certs only structure */
+/* Just initialise SignedData e.g. for certs only structure */
int CMS_SignedData_init(CMS_ContentInfo *cms)
{
@@ -282,16 +236,22 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
si = M_ASN1_new_of(CMS_SignerInfo);
if (!si)
goto merr;
+ /* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(signer, -1, -1);
- CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
- CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(signer);
+ EVP_PKEY_up_ref(pk);
si->pkey = pk;
si->signer = signer;
- EVP_MD_CTX_init(&si->mctx);
+ si->mctx = EVP_MD_CTX_new();
si->pctx = NULL;
+ if (si->mctx == NULL) {
+ CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
if (flags & CMS_USE_KEYID) {
si->version = 3;
if (sd->version < 3)
@@ -321,11 +281,11 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
goto err;
}
- cms_DigestAlgorithm_set(si->digestAlgorithm, md);
+ X509_ALGOR_set_md(si->digestAlgorithm, md);
/* See if digest is present in digestAlgorithms */
for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
- ASN1_OBJECT *aoid;
+ const ASN1_OBJECT *aoid;
alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
X509_ALGOR_get0(&aoid, NULL, NULL, alg);
if (OBJ_obj2nid(aoid) == EVP_MD_type(md))
@@ -334,9 +294,9 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
if (i == sk_X509_ALGOR_num(sd->digestAlgorithms)) {
alg = X509_ALGOR_new();
- if (!alg)
+ if (alg == NULL)
goto merr;
- cms_DigestAlgorithm_set(alg, md);
+ X509_ALGOR_set_md(alg, md);
if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg)) {
X509_ALGOR_free(alg);
goto merr;
@@ -347,7 +307,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
goto err;
if (!(flags & CMS_NOATTR)) {
/*
- * Initialialize signed attributes strutucture so other attributes
+ * Initialize signed attributes structure so other attributes
* such as signing time etc are added later even if we add none here.
*/
if (!si->signedAttrs) {
@@ -383,13 +343,13 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
if (flags & CMS_KEY_PARAM) {
if (flags & CMS_NOATTR) {
si->pctx = EVP_PKEY_CTX_new(si->pkey, NULL);
- if (!si->pctx)
+ if (si->pctx == NULL)
goto err;
if (EVP_PKEY_sign_init(si->pctx) <= 0)
goto err;
if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
goto err;
- } else if (EVP_DigestSignInit(&si->mctx, &si->pctx, md, NULL, pk) <=
+ } else if (EVP_DigestSignInit(si->mctx, &si->pctx, md, NULL, pk) <=
0)
goto err;
}
@@ -404,8 +364,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
merr:
CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
err:
- if (si)
- M_ASN1_free_of(si, CMS_SignerInfo);
+ M_ASN1_free_of(si, CMS_SignerInfo);
return NULL;
}
@@ -447,7 +406,7 @@ EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si)
EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si)
{
- return &si->mctx;
+ return si->mctx;
}
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms)
@@ -486,13 +445,11 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
{
if (signer) {
- CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
- if (si->pkey)
- EVP_PKEY_free(si->pkey);
+ X509_up_ref(signer);
+ EVP_PKEY_free(si->pkey);
si->pkey = X509_get_pubkey(signer);
}
- if (si->signer)
- X509_free(si->signer);
+ X509_free(si->signer);
si->signer = signer;
}
@@ -576,19 +533,23 @@ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si)
static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
CMS_SignerInfo *si, BIO *chain)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_new();
int r = 0;
EVP_PKEY_CTX *pctx = NULL;
- EVP_MD_CTX_init(&mctx);
+
+ if (mctx == NULL) {
+ CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
if (!si->pkey) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
- return 0;
+ goto err;
}
- if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+ if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
- /* Set SignerInfo algortihm details if we used custom parametsr */
+ /* Set SignerInfo algorithm details if we used custom parameter */
if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
goto err;
@@ -601,7 +562,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
cms->d.signedData->encapContentInfo->eContentType;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
- if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+ if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
goto err;
if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING, md, mdlen))
@@ -618,26 +579,28 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
pctx = si->pctx;
- if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+ if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
goto err;
siglen = EVP_PKEY_size(si->pkey);
sig = OPENSSL_malloc(siglen);
- if (!sig) {
+ if (sig == NULL) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0)
+ if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0) {
+ OPENSSL_free(sig);
goto err;
+ }
ASN1_STRING_set0(si->signature, sig, siglen);
} else {
unsigned char *sig;
unsigned int siglen;
sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey));
- if (!sig) {
+ if (sig == NULL) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) {
+ if (!EVP_SignFinal(mctx, sig, &siglen, si->pkey)) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
goto err;
@@ -648,9 +611,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
r = 1;
err:
- EVP_MD_CTX_cleanup(&mctx);
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
+ EVP_MD_CTX_free(mctx);
+ EVP_PKEY_CTX_free(pctx);
return r;
}
@@ -672,7 +634,7 @@ int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
int CMS_SignerInfo_sign(CMS_SignerInfo *si)
{
- EVP_MD_CTX *mctx = &si->mctx;
+ EVP_MD_CTX *mctx = si->mctx;
EVP_PKEY_CTX *pctx;
unsigned char *abuf = NULL;
int alen;
@@ -691,7 +653,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
if (si->pctx)
pctx = si->pctx;
else {
- EVP_MD_CTX_init(mctx);
+ EVP_MD_CTX_reset(mctx);
if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
goto err;
}
@@ -712,7 +674,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
goto err;
OPENSSL_free(abuf);
abuf = OPENSSL_malloc(siglen);
- if (!abuf)
+ if (abuf == NULL)
goto err;
if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
goto err;
@@ -723,23 +685,22 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
goto err;
}
- EVP_MD_CTX_cleanup(mctx);
+ EVP_MD_CTX_reset(mctx);
ASN1_STRING_set0(si->signature, abuf, siglen);
return 1;
err:
- if (abuf)
- OPENSSL_free(abuf);
- EVP_MD_CTX_cleanup(mctx);
+ OPENSSL_free(abuf);
+ EVP_MD_CTX_reset(mctx);
return 0;
}
int CMS_SignerInfo_verify(CMS_SignerInfo *si)
{
- EVP_MD_CTX *mctx = &si->mctx;
+ EVP_MD_CTX *mctx = NULL;
unsigned char *abuf = NULL;
int alen, r = -1;
const EVP_MD *md = NULL;
@@ -752,7 +713,11 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
if (md == NULL)
return -1;
- EVP_MD_CTX_init(mctx);
+ if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) {
+ CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ mctx = si->mctx;
if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
goto err;
@@ -774,7 +739,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
if (r <= 0)
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
err:
- EVP_MD_CTX_cleanup(mctx);
+ EVP_MD_CTX_reset(mctx);
return r;
}
@@ -804,20 +769,23 @@ BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
}
return chain;
err:
- if (chain)
- BIO_free_all(chain);
+ BIO_free_all(chain);
return NULL;
}
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
{
ASN1_OCTET_STRING *os = NULL;
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_new();
EVP_PKEY_CTX *pkctx = NULL;
int r = -1;
unsigned char mval[EVP_MAX_MD_SIZE];
unsigned int mlen;
- EVP_MD_CTX_init(&mctx);
+
+ if (mctx == NULL) {
+ CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
/* If we have any signed attributes look for messageDigest value */
if (CMS_signed_get_attr_count(si) >= 0) {
os = CMS_signed_get0_data_by_OBJ(si,
@@ -830,10 +798,10 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
}
}
- if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+ if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
- if (EVP_DigestFinal_ex(&mctx, mval, &mlen) <= 0) {
+ if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
goto err;
@@ -855,7 +823,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
} else
r = 1;
} else {
- const EVP_MD *md = EVP_MD_CTX_md(&mctx);
+ const EVP_MD *md = EVP_MD_CTX_md(mctx);
pkctx = EVP_PKEY_CTX_new(si->pkey, NULL);
if (pkctx == NULL)
goto err;
@@ -876,9 +844,8 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
}
err:
- if (pkctx)
- EVP_PKEY_CTX_free(pkctx);
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_PKEY_CTX_free(pkctx);
+ EVP_MD_CTX_free(mctx);
return r;
}
@@ -903,21 +870,20 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
ASN1_INTEGER *key = NULL;
if (keysize > 0) {
key = ASN1_INTEGER_new();
- if (!key || !ASN1_INTEGER_set(key, keysize))
+ if (key == NULL || !ASN1_INTEGER_set(key, keysize))
return 0;
}
alg = X509_ALGOR_new();
- if (!alg) {
- if (key)
- ASN1_INTEGER_free(key);
+ if (alg == NULL) {
+ ASN1_INTEGER_free(key);
return 0;
}
X509_ALGOR_set0(alg, OBJ_nid2obj(algnid),
key ? V_ASN1_INTEGER : V_ASN1_UNDEF, key);
- if (!*algs)
+ if (*algs == NULL)
*algs = sk_X509_ALGOR_new_null();
- if (!*algs || !sk_X509_ALGOR_push(*algs, alg)) {
+ if (*algs == NULL || !sk_X509_ALGOR_push(*algs, alg)) {
X509_ALGOR_free(alg);
return 0;
}
@@ -943,6 +909,8 @@ static int cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap)
{
if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
+ || !cms_add_digest_smcap(smcap, NID_id_GostR3411_2012_256, -1)
+ || !cms_add_digest_smcap(smcap, NID_id_GostR3411_2012_512, -1)
|| !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
|| !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
|| !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
diff --git a/deps/openssl/openssl/crypto/cms/cms_smime.c b/deps/openssl/openssl/crypto/cms/cms_smime.c
index 07e3472e10..7e7b6e5d4f 100644
--- a/deps/openssl/openssl/crypto/cms/cms_smime.c
+++ b/deps/openssl/openssl/crypto/cms/cms_smime.c
@@ -1,81 +1,43 @@
-/* crypto/cms/cms_smime.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
#include "cms_lcl.h"
-#include "asn1_locl.h"
+#include "internal/asn1_int.h"
+
+static BIO *cms_get_text_bio(BIO *out, unsigned int flags)
+{
+ BIO *rbio;
+ if (out == NULL)
+ rbio = BIO_new(BIO_s_null());
+ else if (flags & CMS_TEXT) {
+ rbio = BIO_new(BIO_s_mem());
+ BIO_set_mem_eof_return(rbio, 0);
+ } else
+ rbio = out;
+ return rbio;
+}
static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
{
unsigned char buf[4096];
int r = 0, i;
- BIO *tmpout = NULL;
+ BIO *tmpout;
- if (out == NULL)
- tmpout = BIO_new(BIO_s_null());
- else if (flags & CMS_TEXT) {
- tmpout = BIO_new(BIO_s_mem());
- BIO_set_mem_eof_return(tmpout, 0);
- } else
- tmpout = out;
+ tmpout = cms_get_text_bio(out, flags);
- if (!tmpout) {
+ if (tmpout == NULL) {
CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -107,7 +69,7 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
r = 1;
err:
- if (tmpout && (tmpout != out))
+ if (tmpout != out)
BIO_free(tmpout);
return r;
@@ -246,7 +208,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
return NULL;
}
cms = CMS_ContentInfo_new();
- if (!cms)
+ if (cms == NULL)
return NULL;
if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
return NULL;
@@ -265,24 +227,28 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
X509_STORE *store,
STACK_OF(X509) *certs,
- STACK_OF(X509_CRL) *crls,
- unsigned int flags)
+ STACK_OF(X509_CRL) *crls)
{
- X509_STORE_CTX ctx;
+ X509_STORE_CTX *ctx = X509_STORE_CTX_new();
X509 *signer;
int i, j, r = 0;
+
+ if (ctx == NULL) {
+ CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
- if (!X509_STORE_CTX_init(&ctx, store, signer, certs)) {
+ if (!X509_STORE_CTX_init(ctx, store, signer, certs)) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, CMS_R_STORE_INIT_ERROR);
goto err;
}
- X509_STORE_CTX_set_default(&ctx, "smime_sign");
+ X509_STORE_CTX_set_default(ctx, "smime_sign");
if (crls)
- X509_STORE_CTX_set0_crls(&ctx, crls);
+ X509_STORE_CTX_set0_crls(ctx, crls);
- i = X509_verify_cert(&ctx);
+ i = X509_verify_cert(ctx);
if (i <= 0) {
- j = X509_STORE_CTX_get_error(&ctx);
+ j = X509_STORE_CTX_get_error(ctx);
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
CMS_R_CERTIFICATE_VERIFY_ERROR);
ERR_add_error_data(2, "Verify error:",
@@ -291,7 +257,7 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
}
r = 1;
err:
- X509_STORE_CTX_cleanup(&ctx);
+ X509_STORE_CTX_free(ctx);
return r;
}
@@ -305,10 +271,15 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
STACK_OF(X509_CRL) *crls = NULL;
X509 *signer;
int i, scount = 0, ret = 0;
- BIO *cmsbio = NULL, *tmpin = NULL;
+ BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL;
if (!dcont && !check_content(cms))
return 0;
+ if (dcont && !(flags & CMS_BINARY)) {
+ const ASN1_OBJECT *coid = CMS_get0_eContentType(cms);
+ if (OBJ_obj2nid(coid) == NID_id_ct_asciiTextWithCRLF)
+ flags |= CMS_ASCIICRLF;
+ }
/* Attempt to find all signer certificates */
@@ -342,8 +313,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
crls = CMS_get1_crls(cms);
for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
si = sk_CMS_SignerInfo_value(sinfos, i);
- if (!cms_signerinfo_verify_cert(si, store,
- cms_certs, crls, flags))
+ if (!cms_signerinfo_verify_cert(si, store, cms_certs, crls))
goto err;
}
}
@@ -378,14 +348,44 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
}
} else
tmpin = dcont;
+ /*
+ * If not binary mode and detached generate digests by *writing* through
+ * the BIO. That makes it possible to canonicalise the input.
+ */
+ if (!(flags & SMIME_BINARY) && dcont) {
+ /*
+ * Create output BIO so we can either handle text or to ensure
+ * included content doesn't override detached content.
+ */
+ tmpout = cms_get_text_bio(out, flags);
+ if (!tmpout) {
+ CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ cmsbio = CMS_dataInit(cms, tmpout);
+ if (!cmsbio)
+ goto err;
+ /*
+ * Don't use SMIME_TEXT for verify: it adds headers and we want to
+ * remove them.
+ */
+ SMIME_crlf_copy(dcont, cmsbio, flags & ~SMIME_TEXT);
- cmsbio = CMS_dataInit(cms, tmpin);
- if (!cmsbio)
- goto err;
+ if (flags & CMS_TEXT) {
+ if (!SMIME_text(tmpout, out)) {
+ CMSerr(CMS_F_CMS_VERIFY, CMS_R_SMIME_TEXT_ERROR);
+ goto err;
+ }
+ }
+ } else {
+ cmsbio = CMS_dataInit(cms, tmpin);
+ if (!cmsbio)
+ goto err;
- if (!cms_copy_content(out, cmsbio, flags))
- goto err;
+ if (!cms_copy_content(out, cmsbio, flags))
+ goto err;
+ }
if (!(flags & CMS_NO_CONTENT_VERIFY)) {
for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
si = sk_CMS_SignerInfo_value(sinfos, i);
@@ -399,17 +399,23 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
ret = 1;
err:
+ if (!(flags & SMIME_BINARY) && dcont) {
+ do_free_upto(cmsbio, tmpout);
+ if (tmpin != dcont)
+ BIO_free(tmpin);
+ } else {
+ if (dcont && (tmpin == dcont))
+ do_free_upto(cmsbio, dcont);
+ else
+ BIO_free_all(cmsbio);
+ }
- if (dcont && (tmpin == dcont))
- do_free_upto(cmsbio, dcont);
- else
- BIO_free_all(cmsbio);
+ if (out != tmpout)
+ BIO_free_all(tmpout);
err2:
- if (cms_certs)
- sk_X509_pop_free(cms_certs, X509_free);
- if (crls)
- sk_X509_CRL_pop_free(crls, X509_CRL_free);
+ sk_X509_pop_free(cms_certs, X509_free);
+ sk_X509_CRL_pop_free(crls, X509_CRL_free);
return ret;
}
@@ -434,8 +440,12 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
int i;
cms = CMS_ContentInfo_new();
- if (!cms || !CMS_SignedData_init(cms))
+ if (cms == NULL || !CMS_SignedData_init(cms))
goto merr;
+ if (flags & CMS_ASCIICRLF
+ && !CMS_set1_eContentType(cms,
+ OBJ_nid2obj(NID_id_ct_asciiTextWithCRLF)))
+ goto err;
if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
@@ -461,8 +471,7 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
err:
- if (cms)
- CMS_ContentInfo_free(cms);
+ CMS_ContentInfo_free(cms);
return NULL;
}
@@ -526,8 +535,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
r = 1;
err:
- if (rct_cont)
- BIO_free(rct_cont);
+ BIO_free(rct_cont);
if (r)
return cms;
CMS_ContentInfo_free(cms);
@@ -564,8 +572,7 @@ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
merr:
CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
err:
- if (cms)
- CMS_ContentInfo_free(cms);
+ CMS_ContentInfo_free(cms);
return NULL;
}
@@ -576,19 +583,17 @@ static int cms_kari_set1_pkey(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
STACK_OF(CMS_RecipientEncryptedKey) *reks;
CMS_RecipientEncryptedKey *rek;
reks = CMS_RecipientInfo_kari_get0_reks(ri);
- if (!cert)
- return 0;
for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
int rv;
rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
- if (CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
+ if (cert != NULL && CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
continue;
CMS_RecipientInfo_kari_set0_pkey(ri, pk);
rv = CMS_RecipientInfo_kari_decrypt(cms, ri, rek);
CMS_RecipientInfo_kari_set0_pkey(ri, NULL);
if (rv > 0)
return 1;
- return -1;
+ return cert == NULL ? 0 : -1;
}
return 0;
}
@@ -652,8 +657,8 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
return 1;
}
}
- /* If no cert and not debugging always return success */
- if (match_ri && !cert && !debug) {
+ /* If no cert, key transport and not debugging always return success */
+ if (cert == NULL && ri_type == CMS_RECIPINFO_TRANS && match_ri && !debug) {
ERR_clear_error();
return 1;
}
@@ -665,7 +670,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
unsigned char *key, size_t keylen,
- unsigned char *id, size_t idlen)
+ const unsigned char *id, size_t idlen)
{
STACK_OF(CMS_RecipientInfo) *ris;
CMS_RecipientInfo *ri;
@@ -753,7 +758,8 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
{
BIO *cmsbio;
int ret = 0;
- if (!(cmsbio = CMS_dataInit(cms, dcont))) {
+
+ if ((cmsbio = CMS_dataInit(cms, dcont)) == NULL) {
CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_LIB);
return 0;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-13 00:27:57 +0000