Commit c6c34506 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Fix PKCS7_ENC_CONTENT_new() to include a sensible default content type and add 

support for encrypted content type in PKCS7_set_content().
parent 2cfa6921

CHANGES

+8 −0
Original line number Diff line number Diff line
@@ -4,6 +4,14 @@ 


 Changes between 0.9.4 and 0.9.5  [xx XXX 1999]



  *) The PKCS7_ENC_CONTENT_new() function was setting the content type as

     NID_pkcs7_encrypted by default: this was wrong since this should almost

     always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle

     the encrypted data type: this is a more sensible place to put it and it

     allows the PKCS#12 code to be tidied up that duplicated this

     functionality.

     [Steve Henson]



  *) Changed obj_dat.pl script so it takes its input and output files on

     the command line. This should avoid shell escape redirection problems

     under Win32.

crypto/asn1/p7_enc_c.c

+2 −1
Original line number Diff line number Diff line
@@ -101,7 +101,8 @@ PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void) 


	M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);

	/* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */

	ret->content_type=OBJ_nid2obj(NID_pkcs7_encrypted);

	/* We will almost always want this: so make it the default */

	ret->content_type=OBJ_nid2obj(NID_pkcs7_data);

	M_ASN1_New(ret->algorithm,X509_ALGOR_new);

	ret->enc_data=NULL;

	return(ret);

crypto/pkcs12/p12_add.c

+3 −5
Original line number Diff line number Diff line
@@ -157,13 +157,11 @@ PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen, 
		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);

		return NULL;

	}

	p7->type = OBJ_nid2obj(NID_pkcs7_encrypted);

	if (!(p7->d.encrypted = PKCS7_ENCRYPT_new ())) {

		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);

	if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {

		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,

				PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);

		return NULL;

	}

	ASN1_INTEGER_set (p7->d.encrypted->version, 0);

	p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);

	if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {

		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);

		return NULL;

crypto/pkcs12/pk12err.c

+1 −0
Original line number Diff line number Diff line
@@ -99,6 +99,7 @@ static ERR_STRING_DATA PKCS12_str_reasons[]= 
{PKCS12_R_DECODE_ERROR                   ,"decode error"},

{PKCS12_R_ENCODE_ERROR                   ,"encode error"},

{PKCS12_R_ENCRYPT_ERROR                  ,"encrypt error"},

{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},

{PKCS12_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},

{PKCS12_R_INVALID_NULL_PKCS12_POINTER    ,"invalid null pkcs12 pointer"},

{PKCS12_R_IV_GEN_ERROR                   ,"iv gen error"},

crypto/pkcs12/pkcs12.h

+1 −0
Original line number Diff line number Diff line
@@ -313,6 +313,7 @@ PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); 
#define PKCS12_R_DECODE_ERROR				 101

#define PKCS12_R_ENCODE_ERROR				 102

#define PKCS12_R_ENCRYPT_ERROR				 103

#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE	 120

#define PKCS12_R_INVALID_NULL_ARGUMENT			 104

#define PKCS12_R_INVALID_NULL_PKCS12_POINTER		 105

#define PKCS12_R_IV_GEN_ERROR				 106