OpenSSL: openssl/crypto/cms/ cms.h cms_enc.c cms_err.c cms_lcl.h...

  OpenSSL CVS Repository
  http://cvs.openssl.org/
 
____________________________________________________________
________________

  Server: cvs.openssl.org                  Name:   Dr.
Stephen Henson
  Root:   /v/openssl/cvs                   Email:  steveopenssl.org
  Module: openssl                          Date:  
14-Mar-2008 20:37:56
  Branch: HEAD                             Handle:
2008031419375501

  Modified files:
    openssl/crypto/cms      cms.h cms_enc.c cms_err.c
cms_lcl.h cms_lib.c
                            cms_smime.c

  Log:
    Reorganise encrypted content info code to avoid
duplication and be more
    consistent with other content types.

  Summary:
    Revision    Changes     Path
    1.4         +10 -1      openssl/crypto/cms/cms.h
    1.3         +112 -83    openssl/crypto/cms/cms_enc.c
    1.4         +9  -0      openssl/crypto/cms/cms_err.c
    1.4         +8  -6      openssl/crypto/cms/cms_lcl.h
    1.3         +1  -7      openssl/crypto/cms/cms_lib.c
    1.3         +24 -3      openssl/crypto/cms/cms_smime.c
 
____________________________________________________________
________________

  patch -p0 <<' .'
  Index: openssl/crypto/cms/cms.h
 
============================================================
================
  $ cvs diff -u -r1.3 -r1.4 cms.h
  --- openssl/crypto/cms/cms.h	14 Mar 2008 13:21:47
-0000	1.3
  +++ openssl/crypto/cms/cms.h	14 Mar 2008 19:37:55
-0000	1.4
   -142,7 +142,7 
   				const unsigned char *key, size_t keylen,
   				BIO *dcont, BIO *out, unsigned int flags);
   
  -int CMS_EncryptedData_set1_key(BIO *b, CMS_ContentInfo
*cms,
  +int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms,
const EVP_CIPHER *ciph,
   				const unsigned char *key, size_t keylen);
   
   int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509)
*certs,
   -249,6 +249,7 
   #define CMS_F_CMS_ADD1_SIGNER				 100
   #define CMS_F_CMS_ADD1_SIGNINGTIME			 101
   #define CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT		 137
  +#define CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT_BIO		 142
   #define CMS_F_CMS_COMPRESS				 102
   #define CMS_F_CMS_COMPRESSEDDATA_CREATE			 103
   #define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO		 104
   -257,12 +258,19 
   #define CMS_F_CMS_DATA					 107
   #define CMS_F_CMS_DATAFINAL				 108
   #define CMS_F_CMS_DATAINIT				 109
  +#define CMS_F_CMS_DECRYPTEDCONTENT_DECRYPT_BIO		 145
  +#define CMS_F_CMS_DECRYPTEDCONTENT_ENCRYPT_BIO		 143
   #define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX		 110
   #define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO		 111
   #define CMS_F_CMS_DIGESTEDDATA_DO_FINAL			 112
   #define CMS_F_CMS_DIGEST_VERIFY				 113
  +#define CMS_F_CMS_ENCRYPTEDCONTENT_DECRYPT_BIO		 146
  +#define CMS_F_CMS_ENCRYPTEDCONTENT_ENCRYPT_BIO		 144
  +#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO		 148
   #define CMS_F_CMS_ENCRYPTEDCONTENT_TO_BIO		 138
   #define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT			 140
  +#define CMS_F_CMS_ENCRYPTEDDATA_INIT_BIO		 147
  +#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY		 141
   #define CMS_F_CMS_ENCRYPTED_DATA_DECRYPT		 139
   #define CMS_F_CMS_ENVELOPED_DATA_INIT			 114
   #define CMS_F_CMS_FINAL					 115
   -307,6 +315,7 
   #define CMS_R_MD_BIO_INIT_ERROR				 111
   #define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH	 112
   #define CMS_R_MESSAGEDIGEST_WRONG_LENGTH		 113
  +#define CMS_R_NOT_ENCRYPTED_DATA			 143
   #define CMS_R_NOT_KEY_TRANSPORT				 114
   #define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE		 115
   #define CMS_R_NO_CONTENT				 116
   .
  patch -p0 <<' .'
  Index: openssl/crypto/cms/cms_enc.c
 
============================================================
================
  $ cvs diff -u -r1.2 -r1.3 cms_enc.c
  --- openssl/crypto/cms/cms_enc.c	14 Mar 2008 13:21:47
-0000	1.2
  +++ openssl/crypto/cms/cms_enc.c	14 Mar 2008 19:37:55
-0000	1.3
   -63,135 +63,164 
   
   /* CMS EncryptedData Utilities */
   
  -/* Set up EncryptedContentInfo based on supplied cipher
bio */
  +DECLARE_ASN1_ITEM(CMS_EncryptedData)
   
  -int cms_bio_to_EncryptedContent(CMS_EncryptedContentInfo
*ec,
  -					const unsigned char *key, int keylen,
  -					BIO *b)
  +/* Return BIO based on EncryptedContentInfo and key */
  +
  +BIO
*cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo
*ec)
   	{
  -	EVP_CIPHER_CTX *ctx = NULL;
  -	unsigned char iv[EVP_MAX_IV_LENGTH], *piv;
  -	int ivlen;
  +	BIO *b;
  +	EVP_CIPHER_CTX *ctx;
  +	const EVP_CIPHER *ciph;
  +	X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
  +	unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
   
  -	BIO_get_cipher_ctx(b, &ctx);
  +	int enc;
   
  -	/* If necessary set key length */
  +	enc = ec->cipher ? 1 : 0;
   
  -	if (keylen != EVP_CIPHER_CTX_key_length(ctx))
  +	b = BIO_new(BIO_f_cipher());
  +	if (!b)
   		{
  -		if (EVP_CIPHER_CTX_set_key_length(ctx, keylen) <=
0)
  -			{
  -			CMSerr(CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT,
  -				CMS_R_INVALID_KEY_LENGTH);
  -			return 0;
  -			}
  +		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
  +							ERR_R_MALLOC_FAILURE);
  +		return NULL;
   		}
   
  -	/* Generate a random IV if we need one */
  +	BIO_get_cipher_ctx(b, &ctx);
   
  -	ivlen = EVP_CIPHER_CTX_iv_length(ctx);
  -	if (ivlen > 0)
  -		{
  -		if (RAND_pseudo_bytes(iv, ivlen) <= 0)
  -			return 0;
  -		piv = iv;
  -		}
  +	if (enc)
  +		calg->algorithm =
OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
   	else
  -		piv = NULL;
  -
  -	if (EVP_CipherInit_ex(ctx, NULL, NULL, key, piv, 1)
<= 0)
   		{
  -		CMSerr(CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT,
  -				CMS_R_CIPHER_INITIALISATION_ERROR);
  -		return 0;
  -		}
  +		ciph = EVP_get_cipherbyobj(calg->algorithm);
   
  -	ec->contentEncryptionAlgorithm->algorithm =
  -			OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
  -
  -	if (piv)
  -		{
  -		ec->contentEncryptionAlgorithm->parameter =
ASN1_TYPE_new();
  -		if (!ec->contentEncryptionAlgorithm->parameter)
  -			{
  -			CMSerr(CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT,
  -							ERR_R_MALLOC_FAILURE);
  -			return 0;
  -			}
  -		if (EVP_CIPHER_param_to_asn1(ctx, 
  -			ec->contentEncryptionAlgorithm->parameter) <=
0)
  +		if (!ciph)
   			{
  -			CMSerr(CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT,
  -				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
  -			return 0;
  +			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
  +							CMS_R_UNKNOWN_CIPHER);
  +			goto err;
   			}
   		}
   
  -	return 1;
  -	}
  -
  -/* Return BIO based on EncryptedContentInfo and key */
  -
  -int cms_EncryptedContent_to_bio(BIO *b,
CMS_EncryptedContentInfo *ec,
  -					const unsigned char *key, int keylen)
  -	{
  -	EVP_CIPHER_CTX *ctx;
  -	const EVP_CIPHER *ciph;
  -	BIO_get_cipher_ctx(b, &ctx);
  -
  -	ciph =
EVP_get_cipherbyobj(ec->contentEncryptionAlgorithm->al
gorithm);
  -
  -	if (!ciph)
  +	if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc)
<= 0)
   		{
  -		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_TO_BIO,
CMS_R_UNKNOWN_CIPHER);
  -		goto err;
  -		}
  -
  -	if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, 0)
<= 0)
  -		{
  -		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_TO_BIO,
  +		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
   				CMS_R_CIPHER_INITIALISATION_ERROR);
   		goto err;
   		}
   
   	/* If necessary set key length */
   
  -	if (keylen != EVP_CIPHER_CTX_key_length(ctx))
  +	if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
   		{
  -		if (EVP_CIPHER_CTX_set_key_length(ctx, keylen) <=
0)
  +		if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen)
<= 0)
   			{
  -			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_TO_BIO,
  +			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
   				CMS_R_INVALID_KEY_LENGTH);
   			goto err;
   			}
   		}
   
  -	if (EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, 0)
<= 0)
  +	if (enc)
  +		{
  +		int ivlen;
  +		/* Generate a random IV if we need one */
  +		ivlen = EVP_CIPHER_CTX_iv_length(ctx);
  +		if (ivlen > 0)
  +			{
  +			if (RAND_pseudo_bytes(iv, ivlen) <= 0)
  +				goto err;
  +			piv = iv;
  +			}
  +		}
  +	else if (EVP_CIPHER_asn1_to_param(ctx,
calg->parameter) <= 0)
  +			{
  +			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
  +				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
  +			goto err;
  +			}
  +
  +	if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv,
enc) <= 0)
   		{
  -		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_TO_BIO,
  +		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
   				CMS_R_CIPHER_INITIALISATION_ERROR);
   		goto err;
   		}
   
  -	if (EVP_CIPHER_asn1_to_param(ctx, 
  -			ec->contentEncryptionAlgorithm->parameter) <=
0)
  +	if (piv)
  +		{
  +		calg->parameter = ASN1_TYPE_new();
  +		if (!calg->parameter)
  +			{
  +			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
  +							ERR_R_MALLOC_FAILURE);
  +			goto err;
  +			}
  +		if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter)
<= 0)
   			{
  -			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_TO_BIO,
  +			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
   				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
   			goto err;
   			}
  -	return 1;
  +		}
  +	return b;
   
   	err:
  -	return 0;
  +	BIO_free(b);
  +	return NULL;
   	}
   
  -int CMS_EncryptedData_set1_key(BIO *b, CMS_ContentInfo
*cms,
  +int cms_EncryptedContent_init(CMS_EncryptedContentInfo
*ec, 
  +				const EVP_CIPHER *cipher,
  +				const unsigned char *key, size_t keylen)
  +	{
  +	ec->cipher = cipher;
  +	ec->key = OPENSSL_malloc(keylen);
  +	if (!ec->key)
  +		return 0;
  +	if (cipher)
  +		ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
  +	memcpy(ec->key, key, keylen);
  +	ec->keylen = keylen;
  +	return 1;
  +	}
  +
  +int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms,
const EVP_CIPHER *ciph,
   				const unsigned char *key, size_t keylen)
   	{
   	CMS_EncryptedContentInfo *ec;
  -	if (OBJ_obj2nid(cms->contentType) !=
NID_pkcs7_encrypted)
  +	if (ciph)
  +		{
  +		cms->d.encryptedData =
M_ASN1_new_of(CMS_EncryptedData);
  +		if (!cms->d.encryptedData)
  +			{
  +			CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
  +				ERR_R_MALLOC_FAILURE);
  +			return 0;
  +			}
  +		cms->contentType =
OBJ_nid2obj(NID_pkcs7_encrypted);
  +		cms->d.encryptedData->version = 0;
  +		}
  +	else if (OBJ_obj2nid(cms->contentType) !=
NID_pkcs7_encrypted)
  +		{
  +		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
  +						CMS_R_NOT_ENCRYPTED_DATA);
   		return 0;
  +		}
  +	ec = cms->d.encryptedData->encryptedContentInfo;
  +	return cms_EncryptedContent_init(ec, ciph, key,
keylen);
  +	}
  +
  +BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
  +	{
  +	CMS_EncryptedContentInfo *ec;
  +	if (OBJ_obj2nid(cms->contentType) !=
NID_pkcs7_encrypted)
  +		{
  +		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_INIT_BIO,
  +						CMS_R_NOT_ENCRYPTED_DATA);
  +		return NULL;
  +		}
   	ec = cms->d.encryptedData->encryptedContentInfo;
  -	return cms_EncryptedContent_to_bio(b, ec, key, keylen);
  +	return cms_EncryptedContent_init_bio(ec);
   	}
   .
  patch -p0 <<' .'
  Index: openssl/crypto/cms/cms_err.c
 
============================================================
================
  $ cvs diff -u -r1.3 -r1.4 cms_err.c
  --- openssl/crypto/cms/cms_err.c	14 Mar 2008 13:21:47
-0000	1.3
  +++ openssl/crypto/cms/cms_err.c	14 Mar 2008 19:37:55
-0000	1.4
   -74,6 +74,7 
  
{ERR_FUNC(CMS_F_CMS_ADD1_SIGNER),	"CMS_add1_signer"
;},
  
{ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME),	"CMS_ADD1_SIGNIN
GTIME"},
  
{ERR_FUNC(CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT),	"CMS_BIO_
TO_ENCRYPTEDCONTENT"},
 
+{ERR_FUNC(CMS_F_CMS_BIO_TO_ENCRYPTEDCONTENT_BIO),	"CMS
_BIO_TO_ENCRYPTEDCONTENT_BIO"},
  
{ERR_FUNC(CMS_F_CMS_COMPRESS),	"CMS_compress"},
  
{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_CREATE),	"CMS_COMPRE
SSEDDATA_CREATE"},
  
{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO),	"CMS_COMP
RESSEDDATA_INIT_BIO"},
   -82,12 +83,19 
   {ERR_FUNC(CMS_F_CMS_DATA),	"CMS_data"},
  
{ERR_FUNC(CMS_F_CMS_DATAFINAL),	"CMS_dataFinal"},
  
{ERR_FUNC(CMS_F_CMS_DATAINIT),	"CMS_dataInit"},
 
+{ERR_FUNC(CMS_F_CMS_DECRYPTEDCONTENT_DECRYPT_BIO),	"CM
S_DECRYPTEDCONTENT_DECRYPT_BIO"},
 
+{ERR_FUNC(CMS_F_CMS_DECRYPTEDCONTENT_ENCRYPT_BIO),	"CM
S_DECRYPTEDCONTENT_ENCRYPT_BIO"},
  
{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX),	"CMS_DIG
ESTALGORITHM_FIND_CTX"},
  
{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO),	"CMS_DIG
ESTALGORITHM_INIT_BIO"},
  
{ERR_FUNC(CMS_F_CMS_DIGESTEDDATA_DO_FINAL),	"CMS_DIGEST
EDDATA_DO_FINAL"},
  
{ERR_FUNC(CMS_F_CMS_DIGEST_VERIFY),	"CMS_digest_verify&
quot;},
 
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_DECRYPT_BIO),	"CM
S_ENCRYPTEDCONTENT_DECRYPT_BIO"},
 
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_ENCRYPT_BIO),	"CM
S_ENCRYPTEDCONTENT_ENCRYPT_BIO"},
 
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO),	"CMS_E
NCRYPTEDCONTENT_INIT_BIO"},
  
{ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_TO_BIO),	"CMS_ENCR
YPTEDCONTENT_TO_BIO"},
  
{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT),	"CMS_Encryp
tedData_decrypt"},
 
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_INIT_BIO),	"CMS_ENCR
YPTEDDATA_INIT_BIO"},
 
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY),	"CMS_Encr
yptedData_set1_key"},
  
{ERR_FUNC(CMS_F_CMS_ENCRYPTED_DATA_DECRYPT),	"CMS_ENCRY
PTED_DATA_DECRYPT"},
  
{ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT),	"CMS_ENVELOPE
D_DATA_INIT"},
   {ERR_FUNC(CMS_F_CMS_FINAL),	"CMS_final"},
   -135,6 +143,7 
   {ERR_REASON(CMS_R_MD_BIO_INIT_ERROR)     ,"md bio
init error"},
  
{ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),&quo
t;messagedigest attribute wrong length"},
  
{ERR_REASON(CMS_R_MESSAGEDIGEST_WRONG_LENGTH),"messaged
igest wrong length"},
  +{ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA)    ,"not
encrypted data"},
   {ERR_REASON(CMS_R_NOT_KEY_TRANSPORT)     ,"not key
transport"},
  
{ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"not
supported for this key type"},
   {ERR_REASON(CMS_R_NO_CONTENT)            ,"no
content"},
   .
  patch -p0 <<' .'
  Index: openssl/crypto/cms/cms_lcl.h
 
============================================================
================
  $ cvs diff -u -r1.3 -r1.4 cms_lcl.h
  --- openssl/crypto/cms/cms_lcl.h	14 Mar 2008 13:21:47
-0000	1.3
  +++ openssl/crypto/cms/cms_lcl.h	14 Mar 2008 19:37:56
-0000	1.4
   -169,6 +169,10 
   	ASN1_OBJECT *contentType;
   	X509_ALGOR *contentEncryptionAlgorithm;
   	ASN1_OCTET_STRING *encryptedContent;
  +	/* Content encryption algorithm and key */
  +	const EVP_CIPHER *cipher;
  +	unsigned char *key;
  +	size_t keylen;
   	};
   
   struct CMS_RecipientInfo_st
   -255,7 +259,7 
    	CMS_KEKIdentifier *kekid;
    	X509_ALGOR *keyEncryptionAlgorithm;
    	ASN1_OCTET_STRING *encryptedKey;
  -	/* Extra Info symmetric key to use */
  +	/* Extra info: symmetric key to use */
   	unsigned char *key;
   	size_t keylen;
   	};
   -412,11 +416,9 
   int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO
*chain,
   					X509_ALGOR *mdalg);
   
  -int cms_bio_to_EncryptedContent(CMS_EncryptedContentInfo
*ec,
  -					const unsigned char *key, int keylen,
  -					BIO *b);
  -int cms_EncryptedContent_to_bio(BIO *b,
CMS_EncryptedContentInfo *ec,
  -					const unsigned char *key, int keylen);
  +BIO
*cms_EncryptedContent_encrypt_bio(CMS_EncryptedContentInfo
*ec);
  +BIO
*cms_EncryptedContent_decrypt_bio(CMS_EncryptedContentInfo
*ec);
  +BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
   	
   #ifdef  __cplusplus
   }
   .
  patch -p0 <<' .'
  Index: openssl/crypto/cms/cms_lib.c
 
============================================================
================
  $ cvs diff -u -r1.2 -r1.3 cms_lib.c
  --- openssl/crypto/cms/cms_lib.c	14 Mar 2008 13:21:47
-0000	1.2
  +++ openssl/crypto/cms/cms_lib.c	14 Mar 2008 19:37:56
-0000	1.3
   -68,12 +68,6 
   DECLARE_STACK_OF(CMS_CertificateChoices)
   DECLARE_STACK_OF(CMS_RevocationInfoChoice)
   
  -#if 0
  -IMPLEMENT_ASN1_ALLOC_FUNCTIONS(CMS_CertificateChoices)
  -IMPLEMENT_ASN1_ALLOC_FUNCTIONS(CMS_RevocationInfoChoice)
  -#endif
  -
  -
   const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms)
   	{
   	return cms->contentType;
   -140,7 +134,7 
   #endif
   
   		case NID_pkcs7_encrypted:
  -		cmsbio = BIO_new(BIO_f_cipher());
  +		cmsbio = cms_EncryptedData_init_bio(cms);
   		break;
   
   		default:
   .
  patch -p0 <<' .'
  Index: openssl/crypto/cms/cms_smime.c
 
============================================================
================
  $ cvs diff -u -r1.2 -r1.3 cms_smime.c
  --- openssl/crypto/cms/cms_smime.c	14 Mar 2008 13:21:48
-0000	1.2
  +++ openssl/crypto/cms/cms_smime.c	14 Mar 2008 19:37:56
-0000	1.3
   -212,16 +212,37 
   			}
   		}
   
  +	if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen)
<= 0)
  +		return 0;
   	cont = CMS_dataInit(cms, dcont);
   	if (!cont)
   		return 0;
  -	r = CMS_EncryptedData_set1_key(cont, cms, key, keylen);
  -	if (r)
  -		r = cms_copy_content(out, cont, flags);
  +	r = cms_copy_content(out, cont, flags);
   	BIO_free_all(cont);
   	return r;
   	}
   
  +CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const
EVP_CIPHER *cipher,
  +					const unsigned char *key, size_t keylen,
  +					unsigned int flags)
  +	{
  +	CMS_ContentInfo *cms;
  +	cms = CMS_ContentInfo_new();
  +	if (!cms)
  +		return NULL;
  +	if (!CMS_EncryptedData_set1_key(cms, cipher, key,
keylen))
  +		return NULL;
  +
  +	if(!(flags & CMS_DETACHED))
  +		CMS_set_detached(cms, 0);
  +
  +	if ((flags & (CMS_STREAM|CMS_PARTIAL)) ||
CMS_final(cms, in, flags))
  +		return cms;
  +
  +	CMS_ContentInfo_free(cms);
  +	return NULL;
  +	}
  +
   static int cms_signerinfo_verify_cert(CMS_SignerInfo
*si,
   					X509_STORE *store,
   					STACK_OF(X509) *certs,
   .
____________________________________________________________
__________
OpenSSL Project                                 http://www.openssl.org
CVS Repository Commit List                    
openssl-cvsopenssl.org
Automated List Manager                          
majordomoopenssl.org