mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-04-06 20:20:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix external symbols for cms.

Browse Source 
Partial fix for #12964

This adds ossl_ names for symbols related to cms_* and ess_*

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14241)
This commit is contained in:
Shane Lontis 2021-02-18 14:03:25 +10:00
parent 937a62323b
commit 53155f1c81
22 changed files with 376 additions and 357 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/cms/cms_cd.c
View File

@ -21,8 +21,9 @@
/* CMS CompressedData Utilities */
CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OSSL_LIB_CTX *libctx,
const char *propq)
CMS_ContentInfo *ossl_cms_CompressedData_create(int comp_nid,
OSSL_LIB_CTX *libctx,
const char *propq)
{
CMS_ContentInfo *cms;
CMS_CompressedData *cd;
@ -61,7 +62,7 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OSSL_LIB_CTX *libctx,
return NULL;
}
BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms)
BIO *ossl_cms_CompressedData_init_bio(const CMS_ContentInfo *cms)
{
CMS_CompressedData *cd;
const ASN1_OBJECT *compoid;

16
crypto/cms/cms_dd.c
View File

@ -17,9 +17,9 @@
/* CMS DigestedData Utilities */
CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
OSSL_LIB_CTX *libctx,
const char *propq)
CMS_ContentInfo *ossl_cms_DigestedData_create(const EVP_MD *md,
OSSL_LIB_CTX *libctx,
const char *propq)
{
CMS_ContentInfo *cms;
CMS_DigestedData *dd;
@ -48,14 +48,16 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
return NULL;
}
BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms)
BIO *ossl_cms_DigestedData_init_bio(const CMS_ContentInfo *cms)
{
CMS_DigestedData *dd = cms->d.digestedData;
return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm, cms_get0_cmsctx(cms));
return ossl_cms_DigestAlgorithm_init_bio(dd->digestAlgorithm,
ossl_cms_get0_cmsctx(cms));
}
int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify)
int ossl_cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain,
int verify)
{
EVP_MD_CTX *mctx = EVP_MD_CTX_new();
unsigned char md[EVP_MAX_MD_SIZE];
@ -70,7 +72,7 @@ int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify
dd = cms->d.digestedData;
if (!cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm))
if (!ossl_cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm))
goto err;
if (EVP_DigestFinal_ex(mctx, md, &mdlen) <= 0)

2
crypto/cms/cms_dh.c
View File

@ -327,7 +327,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
return rv;
}
int cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt)
int ossl_cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt)
{
assert(decrypt == 0 || decrypt == 1);

4
crypto/cms/cms_ec.c
View File

@ -370,7 +370,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
return rv;
}
int cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt)
int ossl_cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt)
{
assert(decrypt == 0 || decrypt == 1);
@ -385,7 +385,7 @@ int cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt)
}
/* ECDSA and DSA implementation is the same */
int cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify)
int ossl_cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify)
{
assert(verify == 0 || verify == 1);

25
crypto/cms/cms_enc.c
View File

@ -21,8 +21,8 @@
/* Return BIO based on EncryptedContentInfo and key */
BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
const CMS_CTX *cms_ctx)
BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
const CMS_CTX *cms_ctx)
{
BIO *b;
EVP_CIPHER_CTX *ctx;
@ -37,8 +37,8 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
size_t tkeylen = 0;
int ok = 0;
int enc, keep_key = 0;
OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(cms_ctx);
const char *propq = cms_ctx_get0_propq(cms_ctx);
OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(cms_ctx);
const char *propq = ossl_cms_ctx_get0_propq(cms_ctx);
enc = ec->cipher ? 1 : 0;
@ -193,10 +193,10 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
return NULL;
}
int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
const EVP_CIPHER *cipher,
const unsigned char *key, size_t keylen,
const CMS_CTX *cms_ctx)
int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
const EVP_CIPHER *cipher,
const unsigned char *key, size_t keylen,
const CMS_CTX *cms_ctx)
{
ec->cipher = cipher;
if (key) {
@ -234,14 +234,15 @@ int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
return 0;
}
ec = cms->d.encryptedData->encryptedContentInfo;
return cms_EncryptedContent_init(ec, ciph, key, keylen, cms_get0_cmsctx(cms));
return ossl_cms_EncryptedContent_init(ec, ciph, key, keylen,
ossl_cms_get0_cmsctx(cms));
}
BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms)
BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms)
{
CMS_EncryptedData *enc = cms->d.encryptedData;
if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
enc->version = 2;
return cms_EncryptedContent_init_bio(enc->encryptedContentInfo,
cms_get0_cmsctx(cms));
return ossl_cms_EncryptedContent_init_bio(enc->encryptedContentInfo,
ossl_cms_get0_cmsctx(cms));
}

122
crypto/cms/cms_env.c
View File

@ -42,7 +42,7 @@ static int cms_get_enveloped_type(const CMS_ContentInfo *cms)
}
}
CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
@ -51,7 +51,7 @@ CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
return cms->d.envelopedData;
}
CMS_AuthEnvelopedData *cms_get0_auth_enveloped(CMS_ContentInfo *cms)
CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_authEnvelopedData) {
ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
@ -75,7 +75,7 @@ static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms)
cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
return cms->d.envelopedData;
}
return cms_get0_enveloped(cms);
return ossl_cms_get0_enveloped(cms);
}
static CMS_AuthEnvelopedData *
@ -95,10 +95,10 @@ cms_auth_enveloped_data_init(CMS_ContentInfo *cms)
cms->contentType = OBJ_nid2obj(NID_id_smime_ct_authEnvelopedData);
return cms->d.authEnvelopedData;
}
return cms_get0_auth_enveloped(cms);
return ossl_cms_get0_auth_enveloped(cms);
}
int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
int ossl_cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
{
EVP_PKEY *pkey;
int i;
@ -116,11 +116,11 @@ int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
return 0;
if (EVP_PKEY_is_a(pkey, "DHX") || EVP_PKEY_is_a(pkey, "DH"))
return cms_dh_envelope(ri, cmd);
return ossl_cms_dh_envelope(ri, cmd);
else if (EVP_PKEY_is_a(pkey, "EC"))
return cms_ecdh_envelope(ri, cmd);
return ossl_cms_ecdh_envelope(ri, cmd);
else if (EVP_PKEY_is_a(pkey, "RSA"))
return cms_rsa_envelope(ri, cmd);
return ossl_cms_rsa_envelope(ri, cmd);
/* Something else? We'll give engines etc a chance to handle this */
if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL)
@ -137,7 +137,7 @@ int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
return 1;
}
CMS_EncryptedContentInfo* cms_get0_env_enc_content(const CMS_ContentInfo *cms)
CMS_EncryptedContentInfo* ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms)
{
switch (cms_get_enveloped_type(cms)) {
case CMS_ENVELOPED_STANDARD:
@ -165,11 +165,11 @@ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms)
}
}
void cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms)
void ossl_cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms)
{
int i;
CMS_RecipientInfo *ri;
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
STACK_OF(CMS_RecipientInfo) *rinfos = CMS_get0_RecipientInfos(cms);
for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
@ -181,8 +181,9 @@ void cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms)
break;
case CMS_RECIPINFO_TRANS:
ri->d.ktri->cms_ctx = ctx;
x509_set0_libctx(ri->d.ktri->recip, cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx));
x509_set0_libctx(ri->d.ktri->recip,
ossl_cms_ctx_get0_libctx(ctx),
ossl_cms_ctx_get0_propq(ctx));
break;
case CMS_RECIPINFO_KEK:
ri->d.kekri->cms_ctx = ctx;
@ -225,8 +226,8 @@ CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher,
if (env == NULL)
goto merr;
if (!cms_EncryptedContent_init(env->encryptedContentInfo, cipher, NULL, 0,
cms_get0_cmsctx(cms)))
if (!ossl_cms_EncryptedContent_init(env->encryptedContentInfo, cipher, NULL,
0, ossl_cms_get0_cmsctx(cms)))
goto merr;
return cms;
merr:
@ -253,8 +254,9 @@ CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx,
aenv = cms_auth_enveloped_data_init(cms);
if (aenv == NULL)
goto merr;
if (!cms_EncryptedContent_init(aenv->authEncryptedContentInfo,
cipher, NULL, 0, cms_get0_cmsctx(cms)))
if (!ossl_cms_EncryptedContent_init(aenv->authEncryptedContentInfo,
cipher, NULL, 0,
ossl_cms_get0_cmsctx(cms)))
goto merr;
return cms;
merr:
@ -301,7 +303,7 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
* structure.
*/
if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype, ctx))
if (!ossl_cms_set1_SignerIdentifier(ktri->rid, recip, idtype, ctx))
return 0;
X509_up_ref(recip);
@ -311,14 +313,14 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
ktri->recip = recip;
if (flags & CMS_KEY_PARAM) {
ktri->pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx),
ktri->pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
ktri->pkey,
cms_ctx_get0_propq(ctx));
ossl_cms_ctx_get0_propq(ctx));
if (ktri->pctx == NULL)
return 0;
if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
return 0;
} else if (!cms_env_asn1_ctrl(ri, 0))
} else if (!ossl_cms_env_asn1_ctrl(ri, 0))
return 0;
return 1;
}
@ -334,7 +336,7 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
CMS_RecipientInfo *ri = NULL;
STACK_OF(CMS_RecipientInfo) *ris;
EVP_PKEY *pk = NULL;
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
ris = CMS_get0_RecipientInfos(cms);
if (ris == NULL)
@ -351,7 +353,7 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
goto err;
}
switch (cms_pkey_get_ri_type(pk)) {
switch (ossl_cms_pkey_get_ri_type(pk)) {
case CMS_RECIPINFO_TRANS:
if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags, ctx))
@ -359,8 +361,8 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
break;
case CMS_RECIPINFO_AGREE:
if (!cms_RecipientInfo_kari_init(ri, recip, pk, originator,
originatorPrivKey, flags, ctx))
if (!ossl_cms_RecipientInfo_kari_init(ri, recip, pk, originator,
originatorPrivKey, flags, ctx))
goto err;
break;
@ -422,7 +424,8 @@ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
}
ktri = ri->d.ktri;
return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer, sno);
return ossl_cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer,
sno);
}
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
@ -431,7 +434,7 @@ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
ERR_raise(ERR_LIB_CMS, CMS_R_NOT_KEY_TRANSPORT);
return -2;
}
return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
return ossl_cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
}
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
@ -455,7 +458,7 @@ static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms,
EVP_PKEY_CTX *pctx;
unsigned char *ek = NULL;
size_t eklen;
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
int ret = 0;
@ -464,16 +467,17 @@ static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms,
return 0;
}
ktri = ri->d.ktri;
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
pctx = ktri->pctx;
if (pctx) {
if (!cms_env_asn1_ctrl(ri, 0))
if (!ossl_cms_env_asn1_ctrl(ri, 0))
goto err;
} else {
pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx), ktri->pkey,
cms_ctx_get0_propq(ctx));
pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
ktri->pkey,
ossl_cms_ctx_get0_propq(ctx));
if (pctx == NULL)
return 0;
@ -526,11 +530,11 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
const EVP_CIPHER *cipher = NULL;
EVP_CIPHER *fetched_cipher = NULL;
CMS_EncryptedContentInfo *ec;
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
const char *propq = cms_ctx_get0_propq(ctx);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
const char *propq = ossl_cms_ctx_get0_propq(ctx);
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
if (ktri->pkey == NULL) {
ERR_raise(ERR_LIB_CMS, CMS_R_NO_PRIVATE_KEY);
@ -567,7 +571,7 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0)
goto err;
if (!cms_env_asn1_ctrl(ri, 1))
if (!ossl_cms_env_asn1_ctrl(ri, 1))
goto err;
if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT,
@ -813,8 +817,8 @@ static EVP_CIPHER *cms_get_key_wrap_cipher(size_t keylen, const CMS_CTX *ctx)
default:
return NULL;
}
return EVP_CIPHER_fetch(cms_ctx_get0_libctx(ctx), alg,
cms_ctx_get0_propq(ctx));
return EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(ctx), alg,
ossl_cms_ctx_get0_propq(ctx));
}
@ -831,9 +835,9 @@ static int cms_RecipientInfo_kekri_encrypt(const CMS_ContentInfo *cms,
EVP_CIPHER *cipher = NULL;
int outlen = 0;
EVP_CIPHER_CTX *ctx = NULL;
const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
if (ec == NULL)
return 0;
@ -902,9 +906,9 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
EVP_CIPHER *cipher = NULL;
int outlen = 0;
EVP_CIPHER_CTX *ctx = NULL;
const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
if (ec == NULL)
return 0;
@ -980,7 +984,7 @@ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
return cms_RecipientInfo_kekri_decrypt(cms, ri);
case CMS_RECIPINFO_PASS:
return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
return ossl_cms_RecipientInfo_pwri_crypt(cms, ri, 0);
default:
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE);
@ -995,13 +999,13 @@ int CMS_RecipientInfo_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
return cms_RecipientInfo_ktri_encrypt(cms, ri);
case CMS_RECIPINFO_AGREE:
return cms_RecipientInfo_kari_encrypt(cms, ri);
return ossl_cms_RecipientInfo_kari_encrypt(cms, ri);
case CMS_RECIPINFO_KEK:
return cms_RecipientInfo_kekri_encrypt(cms, ri);
case CMS_RECIPINFO_PASS:
return cms_RecipientInfo_pwri_crypt(cms, ri, 1);
return ossl_cms_RecipientInfo_pwri_crypt(cms, ri, 1);
default:
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
@ -1097,7 +1101,8 @@ static void cms_env_clear_ec(CMS_EncryptedContentInfo *ec)
static BIO *cms_EnvelopedData_Decryption_init_bio(CMS_ContentInfo *cms)
{
CMS_EncryptedContentInfo *ec = cms->d.envelopedData->encryptedContentInfo;
BIO *contentBio = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
BIO *contentBio = ossl_cms_EncryptedContent_init_bio(ec,
ossl_cms_get0_cmsctx(cms));
EVP_CIPHER_CTX *ctx = NULL;
if (contentBio == NULL)
@ -1112,7 +1117,8 @@ static BIO *cms_EnvelopedData_Decryption_init_bio(CMS_ContentInfo *cms)
* If the selected cipher supports unprotected attributes,
* deal with it using special ctrl function
*/
if ((EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_CIPHER_WITH_MAC)
if ((EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx))
& EVP_CIPH_FLAG_CIPHER_WITH_MAC)
&& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_PROCESS_UNPROTECTED, 0,
cms->d.envelopedData->unprotectedAttrs) <= 0) {
BIO_free(contentBio);
@ -1132,7 +1138,7 @@ static BIO *cms_EnvelopedData_Encryption_init_bio(CMS_ContentInfo *cms)
/* Get BIO first to set up key */
ec = env->encryptedContentInfo;
ret = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms));
/* If error end of processing */
if (!ret)
@ -1158,7 +1164,7 @@ static BIO *cms_EnvelopedData_Encryption_init_bio(CMS_ContentInfo *cms)
return NULL;
}
BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
{
if (cms->d.envelopedData->encryptedContentInfo->cipher != NULL) {
/* If cipher is set it's encryption */
@ -1169,7 +1175,7 @@ BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
return cms_EnvelopedData_Decryption_init_bio(cms);
}
BIO *cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms)
BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms)
{
CMS_EncryptedContentInfo *ec;
STACK_OF(CMS_RecipientInfo) *rinfos;
@ -1184,7 +1190,7 @@ BIO *cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms)
ec->tag = aenv->mac->data;
ec->taglen = aenv->mac->length;
}
ret = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms));
/* If error or no cipher end of processing */
if (ret == NULL || ec->cipher == NULL)
@ -1210,13 +1216,13 @@ BIO *cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms)
return NULL;
}
int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
{
CMS_EnvelopedData *env = NULL;
EVP_CIPHER_CTX *ctx = NULL;
BIO *mbio = BIO_find_type(chain, BIO_TYPE_CIPHER);
env = cms_get0_enveloped(cms);
env = ossl_cms_get0_enveloped(cms);
if (env == NULL)
return 0;
@ -1251,7 +1257,7 @@ int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
return 1;
}
int cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio)
int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio)
{
EVP_CIPHER_CTX *ctx;
unsigned char *tag = NULL;
@ -1289,7 +1295,7 @@ err:
* retain compatibility with previous behaviour if the ctrl value isn't
* supported we assume key transport.
*/
int cms_pkey_get_ri_type(EVP_PKEY *pk)
int ossl_cms_pkey_get_ri_type(EVP_PKEY *pk)
{
/* Check types that we know about */
if (EVP_PKEY_is_a(pk, "DH"))
@ -1316,7 +1322,7 @@ int cms_pkey_get_ri_type(EVP_PKEY *pk)
return CMS_RECIPINFO_TRANS;
}
int cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type)
int ossl_cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type)
{
int supportedRiType;
@ -1329,7 +1335,7 @@ int cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type)
return r;
}
supportedRiType = cms_pkey_get_ri_type(pk);
supportedRiType = ossl_cms_pkey_get_ri_type(pk);
if (supportedRiType < 0)
return 0;

29
crypto/cms/cms_ess.c
View File

@ -52,18 +52,19 @@ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
the |cert_ids|(Hash+IssuerID) list from this ESS_SIGNING_CERT.
Derived from ts_check_signing_certs()
*/
int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
int ossl_ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
{
ESS_SIGNING_CERT *ss = NULL;
ESS_SIGNING_CERT_V2 *ssv2 = NULL;
X509 *cert;
int i = 0, ret = 0;
if (cms_signerinfo_get_signing_cert(si, &ss) > 0 && ss->cert_ids != NULL) {
if (ossl_cms_signerinfo_get_signing_cert(si, &ss) > 0
&& ss->cert_ids != NULL) {
STACK_OF(ESS_CERT_ID) *cert_ids = ss->cert_ids;
cert = sk_X509_value(chain, 0);
if (ess_find_cert(cert_ids, cert) != 0)
if (ossl_ess_find_cert(cert_ids, cert) != 0)
goto err;
/*
@ -74,16 +75,16 @@ int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
/* for each chain cert, try to find its cert id */
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
if (ess_find_cert(cert_ids, cert) < 0)
if (ossl_ess_find_cert(cert_ids, cert) < 0)
goto err;
}
}
} else if (cms_signerinfo_get_signing_cert_v2(si, &ssv2) > 0
} else if (ossl_cms_signerinfo_get_signing_cert_v2(si, &ssv2) > 0
&& ssv2->cert_ids!= NULL) {
STACK_OF(ESS_CERT_ID_V2) *cert_ids_v2 = ssv2->cert_ids;
cert = sk_X509_value(chain, 0);
if (ess_find_cert_v2(cert_ids_v2, cert) != 0)
if (ossl_ess_find_cert_v2(cert_ids_v2, cert) != 0)
goto err;
/*
@ -94,7 +95,7 @@ int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
/* for each chain cert, try to find its cert id */
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
if (ess_find_cert_v2(cert_ids_v2, cert) < 0)
if (ossl_ess_find_cert_v2(cert_ids_v2, cert) < 0)
goto err;
}
}
@ -220,15 +221,15 @@ static int cms_msgSigDigest(CMS_SignerInfo *si,
return 0;
if (!asn1_item_digest_ex(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
si->signedAttrs, dig, diglen,
cms_ctx_get0_libctx(si->cms_ctx),
cms_ctx_get0_propq(si->cms_ctx)))
ossl_cms_ctx_get0_libctx(si->cms_ctx),
ossl_cms_ctx_get0_propq(si->cms_ctx)))
return 0;
return 1;
}
/* Add a msgSigDigest attribute to a SignerInfo */
int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
int ossl_cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
{
unsigned char dig[EVP_MAX_MD_SIZE];
unsigned int diglen;
@ -247,7 +248,7 @@ int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
/* Verify signed receipt after it has already passed normal CMS verify */
int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
int ossl_cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
{
int r = 0, i;
CMS_ReceiptRequest *rr = NULL;
@ -376,7 +377,7 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
* SignedData ContentInfo.
*/
ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
ASN1_OCTET_STRING *ossl_cms_encode_Receipt(CMS_SignerInfo *si)
{
CMS_Receipt rct;
CMS_ReceiptRequest *rr = NULL;
@ -418,7 +419,7 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
* Add signer certificate's V2 digest |sc| to a SignerInfo structure |si|
*/
int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc)
int ossl_cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;
@ -450,7 +451,7 @@ int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc)
* Add signer certificate's digest |sc| to a SignerInfo structure |si|
*/
int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
int ossl_cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;

10
crypto/cms/cms_io.c
View File

@ -39,7 +39,7 @@ CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
ci = ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
if (ci != NULL)
cms_resolve_libctx(ci);
ossl_cms_resolve_libctx(ci);
return ci;
}
@ -76,7 +76,7 @@ int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
STACK_OF(X509_ALGOR) *mdalgs;
int ctype_nid = OBJ_obj2nid(cms->contentType);
int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms));
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (ctype_nid == NID_pkcs7_signed)
mdalgs = cms->d.signedData->digestAlgorithms;
@ -86,8 +86,8 @@ int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)cms, data, flags, ctype_nid,
econt_nid, mdalgs,
ASN1_ITEM_rptr(CMS_ContentInfo),
cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx));
ossl_cms_ctx_get0_libctx(ctx),
ossl_cms_ctx_get0_propq(ctx));
}
CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **cms)
@ -98,7 +98,7 @@ CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **cms)
ASN1_ITEM_rptr(CMS_ContentInfo),
(ASN1_VALUE **)cms);
if (ci != NULL)
cms_resolve_libctx(ci);
ossl_cms_resolve_libctx(ci);
return ci;
}

57
crypto/cms/cms_kari.c
View File

@ -104,9 +104,9 @@ int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
}
oik = ri->d.kari->originator;
if (oik->type == CMS_OIK_ISSUER_SERIAL)
return cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
return ossl_cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
else if (oik->type == CMS_OIK_KEYIDENTIFIER)
return cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
return ossl_cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
return -1;
}
@ -151,14 +151,16 @@ int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
if (rid->type == CMS_REK_ISSUER_SERIAL)
return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
return ossl_cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
else if (rid->type == CMS_REK_KEYIDENTIFIER)
return cms_keyid_cert_cmp(rid->d.rKeyId->subjectKeyIdentifier, cert);
return ossl_cms_keyid_cert_cmp(rid->d.rKeyId->subjectKeyIdentifier,
cert);
else
return -1;
}
int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri, EVP_PKEY *pk, X509 *peer)
int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri,
EVP_PKEY *pk, X509 *peer)
{
EVP_PKEY_CTX *pctx;
CMS_KeyAgreeRecipientInfo *kari = ri->d.kari;
@ -168,8 +170,9 @@ int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri, EVP_PKEY *p
if (pk == NULL)
return 1;
pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(kari->cms_ctx), pk,
cms_ctx_get0_propq(kari->cms_ctx));
pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(kari->cms_ctx),
pk,
ossl_cms_ctx_get0_propq(kari->cms_ctx));
if (pctx == NULL || EVP_PKEY_derive_init(pctx) <= 0)
goto err;
@ -260,12 +263,12 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
enckeylen = rek->encryptedKey->length;
enckey = rek->encryptedKey->data;
/* Setup all parameters to derive KEK */
if (!cms_env_asn1_ctrl(ri, 1))
if (!ossl_cms_env_asn1_ctrl(ri, 1))
goto err;
/* Attempt to decrypt CEK */
if (!cms_kek_cipher(&cek, &ceklen, enckey, enckeylen, ri->d.kari, 0))
goto err;
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
OPENSSL_clear_free(ec->key, ec->keylen);
ec->key = cek;
ec->keylen = ceklen;
@ -284,8 +287,8 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
EVP_PKEY *ekey = NULL;
int rv = 0;
const CMS_CTX *ctx = kari->cms_ctx;
OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
const char *propq = cms_ctx_get0_propq(ctx);
OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
const char *propq = ossl_cms_ctx_get0_propq(ctx);
pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pk, propq);
if (pctx == NULL)
@ -317,9 +320,9 @@ static int cms_kari_set_originator_private_key(CMS_KeyAgreeRecipientInfo *kari,
int rv = 0;
const CMS_CTX *ctx = kari->cms_ctx;
pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx),
pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
originatorPrivKey,
cms_ctx_get0_propq(ctx));
ossl_cms_ctx_get0_propq(ctx));
if (pctx == NULL)
goto err;
if (EVP_PKEY_derive_init(pctx) <= 0)
@ -335,10 +338,10 @@ static int cms_kari_set_originator_private_key(CMS_KeyAgreeRecipientInfo *kari,
/* Initialise a kari based on passed certificate and key */
int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
EVP_PKEY *recipPubKey, X509 *originator,
EVP_PKEY *originatorPrivKey, unsigned int flags,
const CMS_CTX *ctx)
int ossl_cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
EVP_PKEY *recipPubKey, X509 *originator,
EVP_PKEY *originatorPrivKey,
unsigned int flags, const CMS_CTX *ctx)
{
CMS_KeyAgreeRecipientInfo *kari;
CMS_RecipientEncryptedKey *rek = NULL;
@ -366,11 +369,11 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
rek->rid->d.rKeyId = M_ASN1_new_of(CMS_RecipientKeyIdentifier);
if (rek->rid->d.rKeyId == NULL)
return 0;
if (!cms_set1_keyid(&rek->rid->d.rKeyId->subjectKeyIdentifier, recip))
if (!ossl_cms_set1_keyid(&rek->rid->d.rKeyId->subjectKeyIdentifier, recip))
return 0;
} else {
rek->rid->type = CMS_REK_ISSUER_SERIAL;
if (!cms_set1_ias(&rek->rid->d.issuerAndSerialNumber, recip))
if (!ossl_cms_set1_ias(&rek->rid->d.issuerAndSerialNumber, recip))
return 0;
}
@ -390,11 +393,11 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
oik->d.subjectKeyIdentifier = ASN1_OCTET_STRING_new();
if (oik->d.subjectKeyIdentifier == NULL)
return 0;
if (!cms_set1_keyid(&oik->d.subjectKeyIdentifier, originator))
if (!ossl_cms_set1_keyid(&oik->d.subjectKeyIdentifier, originator))
return 0;
} else {
oik->type = CMS_REK_ISSUER_SERIAL;
if (!cms_set1_ias(&oik->d.issuerAndSerialNumber, originator))
if (!ossl_cms_set1_ias(&oik->d.issuerAndSerialNumber, originator))
return 0;
}
@ -459,9 +462,9 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
else
kekcipher_name = SN_id_aes256_wrap;
enc:
fetched_kekcipher = EVP_CIPHER_fetch(cms_ctx_get0_libctx(cms_ctx),
fetched_kekcipher = EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(cms_ctx),
kekcipher_name,
cms_ctx_get0_propq(cms_ctx));
ossl_cms_ctx_get0_propq(cms_ctx));
if (fetched_kekcipher == NULL)
return 0;
ret = EVP_EncryptInit_ex(ctx, fetched_kekcipher, NULL, NULL, NULL);
@ -471,8 +474,8 @@ enc:
/* Encrypt content key in key agreement recipient info */
int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri)
int ossl_cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri)
{
CMS_KeyAgreeRecipientInfo *kari;
CMS_EncryptedContentInfo *ec;
@ -486,7 +489,7 @@ int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
}
kari = ri->d.kari;
reks = kari->recipientEncryptedKeys;
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
/* Initialise wrap algorithm parameters */
if (!cms_wrap_init(kari, ec->cipher))
return 0;
@ -502,7 +505,7 @@ int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
return 0;
}
/* Initialise KDF algorithm */
if (!cms_env_asn1_ctrl(ri, 0))
if (!ossl_cms_env_asn1_ctrl(ri, 0))
return 0;
/* For each rek, derive KEK, encrypt CEK */
for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {

66
crypto/cms/cms_lib.c
View File

@ -31,7 +31,7 @@ CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a,
ci = (CMS_ContentInfo *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
(CMS_ContentInfo_it()));
if (ci != NULL)
cms_resolve_libctx(ci);
ossl_cms_resolve_libctx(ci);
return ci;
}
@ -73,32 +73,32 @@ void CMS_ContentInfo_free(CMS_ContentInfo *cms)
}
}
const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms)
const CMS_CTX *ossl_cms_get0_cmsctx(const CMS_ContentInfo *cms)
{
return cms != NULL ? &cms->ctx : NULL;
}
OSSL_LIB_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx)
OSSL_LIB_CTX *ossl_cms_ctx_get0_libctx(const CMS_CTX *ctx)
{
return ctx != NULL ? ctx->libctx : NULL;
}
const char *cms_ctx_get0_propq(const CMS_CTX *ctx)
const char *ossl_cms_ctx_get0_propq(const CMS_CTX *ctx)
{
return ctx != NULL ? ctx->propq : NULL;
}
void cms_resolve_libctx(CMS_ContentInfo *ci)
void ossl_cms_resolve_libctx(CMS_ContentInfo *ci)
{
int i;
CMS_CertificateChoices *cch;
STACK_OF(CMS_CertificateChoices) **pcerts;
const CMS_CTX *ctx = cms_get0_cmsctx(ci);
OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
const char *propq = cms_ctx_get0_propq(ctx);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(ci);
OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
const char *propq = ossl_cms_ctx_get0_propq(ctx);
cms_SignerInfos_set_cmsctx(ci);
cms_RecipientInfos_set_cmsctx(ci);
ossl_cms_SignerInfos_set_cmsctx(ci);
ossl_cms_RecipientInfos_set_cmsctx(ci);
pcerts = cms_get0_certificate_choices(ci);
if (pcerts != NULL) {
@ -115,7 +115,7 @@ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms)
return cms->contentType;
}
CMS_ContentInfo *cms_Data_create(OSSL_LIB_CTX *libctx, const char *propq)
CMS_ContentInfo *ossl_cms_Data_create(OSSL_LIB_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms = CMS_ContentInfo_new_ex(libctx, propq);
@ -127,7 +127,7 @@ CMS_ContentInfo *cms_Data_create(OSSL_LIB_CTX *libctx, const char *propq)
return cms;
}
BIO *cms_content_bio(CMS_ContentInfo *cms)
BIO *ossl_cms_content_bio(CMS_ContentInfo *cms)
{
ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
@ -151,7 +151,7 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
if (icont)
cont = icont;
else
cont = cms_content_bio(cms);
cont = ossl_cms_content_bio(cms);
if (!cont) {
ERR_raise(ERR_LIB_CMS, CMS_R_NO_CONTENT);
return NULL;
@ -162,28 +162,28 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
return cont;
case NID_pkcs7_signed:
cmsbio = cms_SignedData_init_bio(cms);
cmsbio = ossl_cms_SignedData_init_bio(cms);
break;
case NID_pkcs7_digest:
cmsbio = cms_DigestedData_init_bio(cms);
cmsbio = ossl_cms_DigestedData_init_bio(cms);
break;
#ifdef ZLIB
case NID_id_smime_ct_compressedData:
cmsbio = cms_CompressedData_init_bio(cms);
cmsbio = ossl_cms_CompressedData_init_bio(cms);
break;
#endif
case NID_pkcs7_encrypted:
cmsbio = cms_EncryptedData_init_bio(cms);
cmsbio = ossl_cms_EncryptedData_init_bio(cms);
break;
case NID_pkcs7_enveloped:
cmsbio = cms_EnvelopedData_init_bio(cms);
cmsbio = ossl_cms_EnvelopedData_init_bio(cms);
break;
case NID_id_smime_ct_authEnvelopedData:
cmsbio = cms_AuthEnvelopedData_init_bio(cms);
cmsbio = ossl_cms_AuthEnvelopedData_init_bio(cms);
break;
default:
@ -234,16 +234,16 @@ int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
return 1;
case NID_pkcs7_enveloped:
return cms_EnvelopedData_final(cms, cmsbio);
return ossl_cms_EnvelopedData_final(cms, cmsbio);
case NID_id_smime_ct_authEnvelopedData:
return cms_AuthEnvelopedData_final(cms, cmsbio);
return ossl_cms_AuthEnvelopedData_final(cms, cmsbio);
case NID_pkcs7_signed:
return cms_SignedData_final(cms, cmsbio);
return ossl_cms_SignedData_final(cms, cmsbio);
case NID_pkcs7_digest:
return cms_DigestedData_do_final(cms, cmsbio, 0);
return ossl_cms_DigestedData_do_final(cms, cmsbio, 0);
default:
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_TYPE);
@ -396,8 +396,8 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached)
/* Create a digest BIO from an X509_ALGOR structure */
BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
const CMS_CTX *ctx)
BIO *ossl_cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
const CMS_CTX *ctx)
{
BIO *mdbio = NULL;
const ASN1_OBJECT *digestoid;
@ -409,8 +409,8 @@ BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
alg = OBJ_nid2sn(OBJ_obj2nid(digestoid));
(void)ERR_set_mark();
fetched_digest = EVP_MD_fetch(cms_ctx_get0_libctx(ctx), alg,
cms_ctx_get0_propq(ctx));
fetched_digest = EVP_MD_fetch(ossl_cms_ctx_get0_libctx(ctx), alg,
ossl_cms_ctx_get0_propq(ctx));
if (fetched_digest != NULL)
digest = fetched_digest;
@ -438,8 +438,8 @@ BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
/* Locate a message digest content from a BIO chain based on SignerInfo */
int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
X509_ALGOR *mdalg)
int ossl_cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
X509_ALGOR *mdalg)
{
int nid;
const ASN1_OBJECT *mdoid;
@ -666,7 +666,7 @@ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms)
return crls;
}
int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
int ossl_cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
{
int ret;
ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert));
@ -675,7 +675,7 @@ int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
return ASN1_INTEGER_cmp(ias->serialNumber, X509_get0_serialNumber(cert));
}
int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
int ossl_cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
{
const ASN1_OCTET_STRING *cert_keyid = X509_get0_subject_key_id(cert);
@ -684,7 +684,7 @@ int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
return ASN1_OCTET_STRING_cmp(keyid, cert_keyid);
}
int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
{
CMS_IssuerAndSerialNumber *ias;
ias = M_ASN1_new_of(CMS_IssuerAndSerialNumber);
@ -703,7 +703,7 @@ int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
return 0;
}
int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
{
ASN1_OCTET_STRING *keyid = NULL;
const ASN1_OCTET_STRING *cert_keyid;

136
crypto/cms/cms_local.h
View File

@ -388,96 +388,98 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
# define CMS_OIK_KEYIDENTIFIER 1
# define CMS_OIK_PUBKEY 2
BIO *cms_content_bio(CMS_ContentInfo *cms);
const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms);
OSSL_LIB_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx);
const char *cms_ctx_get0_propq(const CMS_CTX *ctx);
void cms_resolve_libctx(CMS_ContentInfo *ci);
BIO *ossl_cms_content_bio(CMS_ContentInfo *cms);
const CMS_CTX *ossl_cms_get0_cmsctx(const CMS_ContentInfo *cms);
OSSL_LIB_CTX *ossl_cms_ctx_get0_libctx(const CMS_CTX *ctx);
const char *ossl_cms_ctx_get0_propq(const CMS_CTX *ctx);
void ossl_cms_resolve_libctx(CMS_ContentInfo *ci);
CMS_ContentInfo *cms_Data_create(OSSL_LIB_CTX *ctx, const char *propq);
CMS_ContentInfo *ossl_cms_Data_create(OSSL_LIB_CTX *ctx, const char *propq);
CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
OSSL_LIB_CTX *libctx,
const char *propq);
BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms);
int cms_DigestedData_do_final(const CMS_ContentInfo *cms,
BIO *chain, int verify);
CMS_ContentInfo *ossl_cms_DigestedData_create(const EVP_MD *md,
OSSL_LIB_CTX *libctx,
const char *propq);
BIO *ossl_cms_DigestedData_init_bio(const CMS_ContentInfo *cms);
int ossl_cms_DigestedData_do_final(const CMS_ContentInfo *cms,
BIO *chain, int verify);
BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
int type, const CMS_CTX *ctx);
int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer,
ASN1_INTEGER **sno);
int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
BIO *ossl_cms_SignedData_init_bio(CMS_ContentInfo *cms);
int ossl_cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
int ossl_cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
int type, const CMS_CTX *ctx);
int ossl_cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer,
ASN1_INTEGER **sno);
int ossl_cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OSSL_LIB_CTX *libctx,
const char *propq);
BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms);
CMS_ContentInfo *ossl_cms_CompressedData_create(int comp_nid,
OSSL_LIB_CTX *libctx,
const char *propq);
BIO *ossl_cms_CompressedData_init_bio(const CMS_ContentInfo *cms);
BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
const CMS_CTX *ctx);
int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
X509_ALGOR *mdalg);
BIO *ossl_cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
const CMS_CTX *ctx);
int ossl_cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
X509_ALGOR *mdalg);
int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
int ossl_cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
int ossl_cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
const CMS_CTX *ctx);
BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms);
int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
const EVP_CIPHER *cipher,
const unsigned char *key, size_t keylen,
const CMS_CTX *ctx);
BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms);
int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
const EVP_CIPHER *cipher,
const unsigned char *key, size_t keylen,
const CMS_CTX *ctx);
int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
int ossl_cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
int ossl_cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
ASN1_OCTET_STRING *ossl_cms_encode_Receipt(CMS_SignerInfo *si);
BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
BIO *cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
int cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
CMS_AuthEnvelopedData *cms_get0_auth_enveloped(CMS_ContentInfo *cms);
CMS_EncryptedContentInfo* cms_get0_env_enc_content(const CMS_ContentInfo *cms);
BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms);
CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms);
CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms);
/* RecipientInfo routines */
int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
int cms_pkey_get_ri_type(EVP_PKEY *pk);
int cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type);
int ossl_cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
int ossl_cms_pkey_get_ri_type(EVP_PKEY *pk);
int ossl_cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type);
void cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms);
void ossl_cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms);
/* KARI routines */
int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
EVP_PKEY *recipPubKey, X509 *originator,
EVP_PKEY *originatorPrivKey, unsigned int flags,
const CMS_CTX *ctx);
int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri);
int ossl_cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
EVP_PKEY *recipPubKey, X509 *originator,
EVP_PKEY *originatorPrivKey,
unsigned int flags,
const CMS_CTX *ctx);
int ossl_cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri);
/* PWRI routines */
int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri, int en_de);
int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri, int en_de);
/* SignerInfo routines */
int CMS_si_check_attributes(const CMS_SignerInfo *si);
void cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms);
void ossl_cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms);
/* ESS routines */
int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain);
int ossl_ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain);
int cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt);
int cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt);
int cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt);
int cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify);
int cms_rsa_sign(CMS_SignerInfo *si, int verify);
int ossl_cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt);
int ossl_cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt);
int ossl_cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt);
int ossl_cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify);
int ossl_cms_rsa_sign(CMS_SignerInfo *si, int verify);
DECLARE_ASN1_ITEM(CMS_CertificateChoices)
DECLARE_ASN1_ITEM(CMS_DigestedData)

20
crypto/cms/cms_pwri.c
View File

@ -50,9 +50,9 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
X509_ALGOR *encalg = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
int ivlen;
const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
if (ec == NULL)
return NULL;
ris = CMS_get0_RecipientInfos(cms);
@ -93,7 +93,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) {
if (RAND_bytes_ex(cms_ctx_get0_libctx(cms_ctx), iv, ivlen) <= 0)
if (RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), iv, ivlen) <= 0)
goto err;
if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) {
ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
@ -262,7 +262,7 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
memcpy(out + 4, in, inlen);
/* Add random padding to end */
if (olen > inlen + 4
&& RAND_bytes_ex(cms_ctx_get0_libctx(cms_ctx), out + 4 + inlen,
&& RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), out + 4 + inlen,
olen - 4 - inlen) <= 0)
return 0;
/* Encrypt twice */
@ -278,8 +278,8 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
/* Encrypt/Decrypt content key in PWRI recipient info */
int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri, int en_de)
int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
CMS_RecipientInfo *ri, int en_de)
{
CMS_EncryptedContentInfo *ec;
CMS_PasswordRecipientInfo *pwri;
@ -290,9 +290,9 @@ int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
EVP_CIPHER *kekcipher;
unsigned char *key = NULL;
size_t keylen;
const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
ec = cms_get0_env_enc_content(cms);
ec = ossl_cms_get0_env_enc_content(cms);
pwri = ri->d.pwri;
@ -316,8 +316,8 @@ int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
}
name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
kekcipher = EVP_CIPHER_fetch(cms_ctx_get0_libctx(cms_ctx), name,
cms_ctx_get0_propq(cms_ctx));
kekcipher = EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(cms_ctx), name,
ossl_cms_ctx_get0_propq(cms_ctx));
if (kekcipher == NULL) {
ERR_raise(ERR_LIB_CMS, CMS_R_UNKNOWN_CIPHER);

4
crypto/cms/cms_rsa.c
View File

@ -172,7 +172,7 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
return rv;
}
int cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt)
int ossl_cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt)
{
assert(decrypt == 0 || decrypt == 1);
@ -238,7 +238,7 @@ static int rsa_cms_verify(CMS_SignerInfo *si)
return 0;
}
int cms_rsa_sign(CMS_SignerInfo *si, int verify)
int ossl_cms_rsa_sign(CMS_SignerInfo *si, int verify)
{
assert(verify == 0 || verify == 1);

90
crypto/cms/cms_sd.c
View File

@ -175,17 +175,17 @@ static int cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
return 0;
}
int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type,
const CMS_CTX *ctx)
int ossl_cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
int type, const CMS_CTX *ctx)
{
switch (type) {
case CMS_SIGNERINFO_ISSUER_SERIAL:
if (!cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
if (!ossl_cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
return 0;
break;
case CMS_SIGNERINFO_KEYIDENTIFIER:
if (!cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
if (!ossl_cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
return 0;
break;
@ -199,10 +199,10 @@ int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type,
return 1;
}
int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer,
ASN1_INTEGER **sno)
int ossl_cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer,
ASN1_INTEGER **sno)
{
if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) {
if (issuer)
@ -217,12 +217,12 @@ int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
return 1;
}
int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
int ossl_cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
{
if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL)
return cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
return ossl_cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
return cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
return ossl_cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
else
return -1;
}
@ -233,9 +233,9 @@ static int cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd)
int i;
if (EVP_PKEY_is_a(pkey, "DSA") || EVP_PKEY_is_a(pkey, "EC"))
return cms_ecdsa_dsa_sign(si, cmd);
return ossl_cms_ecdsa_dsa_sign(si, cmd);
else if (EVP_PKEY_is_a(pkey, "RSA") || EVP_PKEY_is_a(pkey, "RSA-PSS"))
return cms_rsa_sign(si, cmd);
return ossl_cms_rsa_sign(si, cmd);
/* Something else? We'll give engines etc a chance to handle this */
if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL)
@ -260,7 +260,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
CMS_SignerInfo *si = NULL;
X509_ALGOR *alg;
int i, type;
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (!X509_check_private_key(signer, pk)) {
ERR_raise(ERR_LIB_CMS, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
@ -299,7 +299,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
si->version = 1;
}
if (!cms_set1_SignerIdentifier(si->sid, signer, type, ctx))
if (!ossl_cms_set1_SignerIdentifier(si->sid, signer, type, ctx))
goto err;
if (md == NULL) {
@ -373,16 +373,16 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
int add_sc;
if (md == EVP_sha1() || md == NULL) {
if ((sc = ESS_SIGNING_CERT_new_init(signer,
NULL, 1)) == NULL)
if ((sc = ossl_ess_signing_cert_new_init(signer,
NULL, 1)) == NULL)
goto err;
add_sc = cms_add1_signing_cert(si, sc);
add_sc = ossl_cms_add1_signing_cert(si, sc);
ESS_SIGNING_CERT_free(sc);
} else {
if ((sc2 = ESS_SIGNING_CERT_V2_new_init(md, signer,
NULL, 1)) == NULL)
if ((sc2 = ossl_ess_signing_cert_v2_new_init(md, signer,
NULL, 1)) == NULL)
goto err;
add_sc = cms_add1_signing_cert_v2(si, sc2);
add_sc = ossl_cms_add1_signing_cert_v2(si, sc2);
ESS_SIGNING_CERT_V2_free(sc2);
}
if (!add_sc)
@ -407,9 +407,9 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
if (flags & CMS_KEY_PARAM) {
if (flags & CMS_NOATTR) {
si->pctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx),
si->pctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
si->pkey,
cms_ctx_get0_propq(ctx));
ossl_cms_ctx_get0_propq(ctx));
if (si->pctx == NULL)
goto err;
if (EVP_PKEY_sign_init(si->pctx) <= 0)
@ -417,8 +417,9 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
goto err;
} else if (EVP_DigestSignInit_ex(si->mctx, &si->pctx, EVP_MD_name(md),
cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx), pk) <= 0) {
ossl_cms_ctx_get0_libctx(ctx),
ossl_cms_ctx_get0_propq(ctx),
pk) <= 0) {
goto err;
}
}
@ -438,12 +439,12 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
}
void cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms)
void ossl_cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms)
{
int i;
CMS_SignerInfo *si;
STACK_OF(CMS_SignerInfo) *sinfos = CMS_get0_SignerInfos(cms);
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
si = sk_CMS_SignerInfo_value(sinfos, i);
@ -534,12 +535,12 @@ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer, ASN1_INTEGER **sno)
{
return cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
return ossl_cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
}
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert)
{
return cms_SignerIdentifier_cert_cmp(si->sid, cert);
return ossl_cms_SignerIdentifier_cert_cmp(si->sid, cert);
}
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
@ -614,7 +615,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
EVP_MD_CTX *mctx = EVP_MD_CTX_new();
int r = 0;
EVP_PKEY_CTX *pctx = NULL;
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (mctx == NULL) {
ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
@ -626,7 +627,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
goto err;
}
if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
if (!ossl_cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
/* Set SignerInfo algorithm details if we used custom parameter */
if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
@ -681,8 +682,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
goto err;
}
if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey,
cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx))) {
ossl_cms_ctx_get0_libctx(ctx),
ossl_cms_ctx_get0_propq(ctx))) {
ERR_raise(ERR_LIB_CMS, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
goto err;
@ -699,7 +700,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
}
int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
int ossl_cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
{
STACK_OF(CMS_SignerInfo) *sinfos;
CMS_SignerInfo *si;
@ -740,8 +741,9 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
pctx = si->pctx;
else {
EVP_MD_CTX_reset(mctx);
if (EVP_DigestSignInit_ex(mctx, &pctx, md_name, cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx), si->pkey) <= 0)
if (EVP_DigestSignInit_ex(mctx, &pctx, md_name,
ossl_cms_ctx_get0_libctx(ctx),
ossl_cms_ctx_get0_propq(ctx), si->pkey) <= 0)
goto err;
si->pctx = pctx;
}
@ -818,8 +820,8 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
const EVP_MD *md;
EVP_MD *fetched_md = NULL;
const CMS_CTX *ctx = si->cms_ctx;
OSSL_LIB_CTX *libctx = cms_ctx_get0_libctx(ctx);
const char *propq = cms_ctx_get0_propq(ctx);
OSSL_LIB_CTX *libctx = ossl_cms_ctx_get0_libctx(ctx);
const char *propq = ossl_cms_ctx_get0_propq(ctx);
if (si->pkey == NULL) {
ERR_raise(ERR_LIB_CMS, CMS_R_NO_PUBLIC_KEY);
@ -879,7 +881,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
/* Create a chain of digest BIOs from a CMS ContentInfo */
BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
BIO *ossl_cms_SignedData_init_bio(CMS_ContentInfo *cms)
{
int i;
CMS_SignedData *sd;
@ -895,7 +897,8 @@ BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
BIO *mdbio;
digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm, cms_get0_cmsctx(cms));
mdbio = ossl_cms_DigestAlgorithm_init_bio(digestAlgorithm,
ossl_cms_get0_cmsctx(cms));
if (mdbio == NULL)
goto err;
if (chain != NULL)
@ -933,7 +936,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
}
}
if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
if (!ossl_cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) {
@ -958,8 +961,9 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
const EVP_MD *md = EVP_MD_CTX_md(mctx);
const CMS_CTX *ctx = si->cms_ctx;
pkctx = EVP_PKEY_CTX_new_from_pkey(cms_ctx_get0_libctx(ctx), si->pkey,
cms_ctx_get0_propq(ctx));
pkctx = EVP_PKEY_CTX_new_from_pkey(ossl_cms_ctx_get0_libctx(ctx),
si->pkey,
ossl_cms_ctx_get0_propq(ctx));
if (pkctx == NULL)
goto err;
if (EVP_PKEY_verify_init(pkctx) <= 0)

41
crypto/cms/cms_smime.c
View File

@ -121,7 +121,7 @@ int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
OSSL_LIB_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms = cms_Data_create(libctx, propq);
CMS_ContentInfo *cms = ossl_cms_Data_create(libctx, propq);
if (cms == NULL)
return NULL;
@ -158,7 +158,7 @@ int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
r = cms_copy_content(out, cont, flags);
if (r)
r = cms_DigestedData_do_final(cms, cont, 1);
r = ossl_cms_DigestedData_do_final(cms, cont, 1);
do_free_upto(cont, dcont);
return r;
}
@ -171,7 +171,7 @@ CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
if (md == NULL)
md = EVP_sha1();
cms = cms_DigestedData_create(md, ctx, propq);
cms = ossl_cms_DigestedData_create(md, ctx, propq);
if (cms == NULL)
return NULL;
@ -264,8 +264,8 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
X509 *signer;
int i, j, r = 0;
ctx = X509_STORE_CTX_new_ex(cms_ctx_get0_libctx(cms_ctx),
cms_ctx_get0_propq(cms_ctx));
ctx = X509_STORE_CTX_new_ex(ossl_cms_ctx_get0_libctx(cms_ctx),
ossl_cms_ctx_get0_propq(cms_ctx));
if (ctx == NULL) {
ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
goto err;
@ -309,7 +309,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
int i, scount = 0, ret = 0;
BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL;
int cadesVerify = (flags & CMS_CADES) != 0;
const CMS_CTX *ctx = cms_get0_cmsctx(cms);
const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms);
if (dcont == NULL && !check_content(cms))
return 0;
@ -381,7 +381,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
if (cadesVerify) {
STACK_OF(X509) *si_chain = si_chains ? si_chains[i] : NULL;
if (ess_check_signing_certs(si, si_chain) <= 0)
if (ossl_ess_check_signing_certs(si, si_chain) <= 0)
goto err;
}
}
@ -493,7 +493,7 @@ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
if (r <= 0)
return r;
return cms_Receipt_verify(rcms, ocms);
return ossl_cms_Receipt_verify(rcms, ocms);
}
CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
@ -568,8 +568,9 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
/* Initialize signed data */
cms = CMS_sign_ex(NULL, NULL, certs, NULL, flags, cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx));
cms = CMS_sign_ex(NULL, NULL, certs, NULL, flags,
ossl_cms_ctx_get0_libctx(ctx),
ossl_cms_ctx_get0_propq(ctx));
if (cms == NULL)
goto err;
@ -583,7 +584,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
goto err;
}
os = cms_encode_Receipt(si);
os = ossl_cms_encode_Receipt(si);
if (os == NULL)
goto err;
@ -594,7 +595,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
/* Add msgSigDigest attribute */
if (!cms_msgSigDigest_add1(rct_si, si))
if (!ossl_cms_msgSigDigest_add1(rct_si, si))
goto err;
/* Finalize structure */
@ -700,9 +701,9 @@ int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk,
ris = CMS_get0_RecipientInfos(cms);
if (ris != NULL)
debug = cms_get0_env_enc_content(cms)->debug;
debug = ossl_cms_get0_env_enc_content(cms)->debug;
cms_pkey_ri_type = cms_pkey_get_ri_type(pk);
cms_pkey_ri_type = ossl_cms_pkey_get_ri_type(pk);
if (cms_pkey_ri_type == CMS_RECIPINFO_NONE) {
ERR_raise(ERR_LIB_CMS, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
return 0;
@ -713,7 +714,7 @@ int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk,
ri = sk_CMS_RecipientInfo_value(ris, i);
ri_type = CMS_RecipientInfo_type(ri);
if (!cms_pkey_is_ri_type_supported(pk, ri_type))
if (!ossl_cms_pkey_is_ri_type_supported(pk, ri_type))
continue;
match_ri = 1;
if (ri_type == CMS_RECIPINFO_AGREE) {
@ -846,13 +847,13 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
if (dcont == NULL && !check_content(cms))
return 0;
if (flags & CMS_DEBUG_DECRYPT)
cms_get0_env_enc_content(cms)->debug = 1;
ossl_cms_get0_env_enc_content(cms)->debug = 1;
else
cms_get0_env_enc_content(cms)->debug = 0;
ossl_cms_get0_env_enc_content(cms)->debug = 0;
if (cert == NULL)
cms_get0_env_enc_content(cms)->havenocert = 1;
ossl_cms_get0_env_enc_content(cms)->havenocert = 1;
else
cms_get0_env_enc_content(cms)->havenocert = 0;
ossl_cms_get0_env_enc_content(cms)->havenocert = 0;
if (pk == NULL && cert == NULL && dcont == NULL && out == NULL)
return 1;
if (pk != NULL && !CMS_decrypt_set1_pkey(cms, pk, cert))
@ -920,7 +921,7 @@ CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
if (comp_nid <= 0)
comp_nid = NID_zlib_compression;
cms = cms_CompressedData_create(comp_nid, NULL, NULL);
cms = ossl_cms_CompressedData_create(comp_nid, NULL, NULL);
if (cms == NULL)
return NULL;

10
crypto/ess/ess_asn1.c
View File

@ -1,5 +1,5 @@
/*
* Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -65,8 +65,8 @@ IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2)
* Returns < 0 if attribute is not found, 1 if found, or
* -1 on attribute parsing failure.
*/
int cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
ESS_SIGNING_CERT_V2 **psc)
int ossl_cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
ESS_SIGNING_CERT_V2 **psc)
{
ASN1_STRING *str;
ESS_SIGNING_CERT_V2 *sc;
@ -92,8 +92,8 @@ int cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
* Returns < 0 if attribute is not found, 1 if found, or
* -1 on attribute parsing failure.
*/
int cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
ESS_SIGNING_CERT **psc)
int ossl_cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
ESS_SIGNING_CERT **psc)
{
ASN1_STRING *str;
ESS_SIGNING_CERT *sc;

28
crypto/ess/ess_lib.c
View File

@ -18,9 +18,9 @@ static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed);
static ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new_init(const EVP_MD *hash_alg,
X509 *cert, int issuer_needed);
ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed)
ESS_SIGNING_CERT *ossl_ess_signing_cert_new_init(X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed)
{
ESS_CERT_ID *cid = NULL;
ESS_SIGNING_CERT *sc;
@ -96,10 +96,10 @@ static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
return NULL;
}
ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed)
ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_new_init(const EVP_MD *hash_alg,
X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed)
{
ESS_CERT_ID_V2 *cid = NULL;
ESS_SIGNING_CERT_V2 *sc;
@ -192,7 +192,7 @@ static ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new_init(const EVP_MD *hash_alg,
return NULL;
}
ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si)
ESS_SIGNING_CERT *ossl_ess_signing_cert_get(PKCS7_SIGNER_INFO *si)
{
ASN1_TYPE *attr;
const unsigned char *p;
@ -204,7 +204,7 @@ ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si)
return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
}
ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si)
ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_get(PKCS7_SIGNER_INFO *si)
{
ASN1_TYPE *attr;
const unsigned char *p;
@ -216,7 +216,7 @@ ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si)
return d2i_ESS_SIGNING_CERT_V2(NULL, &p, attr->value.sequence->length);
}
int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
int ossl_ess_signing_cert_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;
@ -245,8 +245,7 @@ int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
return 0;
}
int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si,
ESS_SIGNING_CERT_V2 *sc)
int ossl_ess_signing_cert_v2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc)
{
ASN1_STRING *seq = NULL;
unsigned char *p, *pp = NULL;
@ -291,7 +290,7 @@ static int ess_issuer_serial_cmp(const ESS_ISSUER_SERIAL *is, const X509 *cert)
}
/* Returns < 0 if certificate is not found, certificate index otherwise. */
int ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
int ossl_ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
{
int i;
unsigned char cert_sha1[SHA_DIGEST_LENGTH];
@ -324,7 +323,8 @@ int ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
}
/* Returns < 0 if certificate is not found, certificate index otherwise. */
int ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids, const X509 *cert)
int ossl_ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids,
const X509 *cert)
{
int i;
unsigned char cert_digest[EVP_MAX_MD_SIZE];

11
crypto/ts/ts_rsp_sign.c
View File

@ -664,20 +664,21 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx)
certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
if (ctx->ess_cert_id_digest == NULL
|| ctx->ess_cert_id_digest == EVP_sha1()) {
if ((sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs, 0)) == NULL)
if ((sc = ossl_ess_signing_cert_new_init(ctx->signer_cert,
certs, 0)) == NULL)
goto err;
if (!ESS_SIGNING_CERT_add(si, sc)) {
if (!ossl_ess_signing_cert_add(si, sc)) {
ERR_raise(ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
goto err;
}
} else {
sc2 = ESS_SIGNING_CERT_V2_new_init(ctx->ess_cert_id_digest,
ctx->signer_cert, certs, 0);
sc2 = ossl_ess_signing_cert_v2_new_init(ctx->ess_cert_id_digest,
ctx->signer_cert, certs, 0);
if (sc2 == NULL)
goto err;
if (!ESS_SIGNING_CERT_V2_add(si, sc2)) {
if (!ossl_ess_signing_cert_v2_add(si, sc2)) {
ERR_raise(ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR);
goto err;
}

12
crypto/ts/ts_rsp_verify.c
View File

@ -197,9 +197,9 @@ end:
static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
STACK_OF(X509) *chain)
{
ESS_SIGNING_CERT *ss = ESS_SIGNING_CERT_get(si);
ESS_SIGNING_CERT *ss = ossl_ess_signing_cert_get(si);
STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
ESS_SIGNING_CERT_V2 *ssv2 = ESS_SIGNING_CERT_V2_get(si);
ESS_SIGNING_CERT_V2 *ssv2 = ossl_ess_signing_cert_v2_get(si);
STACK_OF(ESS_CERT_ID_V2) *cert_ids_v2 = NULL;
X509 *cert;
int i = 0;
@ -208,7 +208,7 @@ static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
if (ss != NULL) {
cert_ids = ss->cert_ids;
cert = sk_X509_value(chain, 0);
if (ess_find_cert(cert_ids, cert) != 0)
if (ossl_ess_find_cert(cert_ids, cert) != 0)
goto err;
/*
@ -218,14 +218,14 @@ static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
if (ess_find_cert(cert_ids, cert) < 0)
if (ossl_ess_find_cert(cert_ids, cert) < 0)
goto err;
}
}
} else if (ssv2 != NULL) {
cert_ids_v2 = ssv2->cert_ids;
cert = sk_X509_value(chain, 0);
if (ess_find_cert_v2(cert_ids_v2, cert) != 0)
if (ossl_ess_find_cert_v2(cert_ids_v2, cert) != 0)
goto err;
/*
@ -235,7 +235,7 @@ static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
if (sk_ESS_CERT_ID_V2_num(cert_ids_v2) > 1) {
for (i = 1; i < sk_X509_num(chain); ++i) {
cert = sk_X509_value(chain, i);
if (ess_find_cert_v2(cert_ids_v2, cert) < 0)
if (ossl_ess_find_cert_v2(cert_ids_v2, cert) < 0)
goto err;
}
}

12
include/crypto/cms.h
View File

@ -15,13 +15,13 @@
/* internal CMS-ESS related stuff */
int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);
int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc);
int ossl_cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);
int ossl_cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc);
int cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
ESS_SIGNING_CERT_V2 **psc);
int cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
ESS_SIGNING_CERT **psc);
int ossl_cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
ESS_SIGNING_CERT_V2 **psc);
int ossl_cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
ESS_SIGNING_CERT **psc);
# endif /* OPENSSL_NO_CMS */
#endif

27
include/crypto/ess.h
View File

@ -13,24 +13,25 @@
/* internal ESS related stuff */
ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si);
int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
ESS_SIGNING_CERT *ossl_ess_signing_cert_get(PKCS7_SIGNER_INFO *si);
int ossl_ess_signing_cert_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed);
ESS_SIGNING_CERT *ossl_ess_signing_cert_new_init(X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed);
ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si);
int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);
ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_get(PKCS7_SIGNER_INFO *si);
int ossl_ess_signing_cert_v2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);
ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed);
ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_new_init(const EVP_MD *hash_alg,
X509 *signcert,
STACK_OF(X509) *certs,
int issuer_needed);
/* Returns < 0 if certificate is not found, certificate index otherwise. */
int ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids, const X509 *cert);
int ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
int ossl_ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids,
const X509 *cert);
int ossl_ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
/*-
* IssuerSerial ::= SEQUENCE {

4
include/openssl/symhacks.h
View File

@ -34,10 +34,6 @@
# undef i2d_ECPKPARAMETERS
# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
/* This one clashes with CMS_data_create */
# undef cms_Data_create
# define cms_Data_create priv_cms_Data_create
# endif
#endif /* ! defined HEADER_VMS_IDHACKS_H */