Commit graph

35 commits

Author SHA1 Message Date
Dr. Stephen Henson
25d5d15fd5 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:01:44 +00:00
Dr. Stephen Henson
29d0c13e97 Detect symmetric crypto errors in PKCS7_decrypt.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-27 15:23:20 +00:00
Dr. Stephen Henson
37afdc953e Don't force S/MIME signing purpose: allow it to be overridden by store
settings.

Don't set default values in X509_VERIFY_PARAM_new(): it stops parameters
being inherited properly.
2009-03-15 13:36:01 +00:00
Dr. Stephen Henson
14d4074ee1 Update from HEAD. 2008-11-21 18:18:28 +00:00
Dr. Stephen Henson
3795297af8 Change old obsolete email address... 2008-11-05 18:36:57 +00:00
Dr. Stephen Henson
14346b3456 Fix warnings: C++ comments and computed value not used. 2007-07-04 12:56:33 +00:00
Nils Larsch
923df53e25 fix potential memory leaks
PR: 1462
Submitted by: Charles Hardin <chardin@2wire.com>
2007-02-03 09:51:59 +00:00
Dr. Stephen Henson
eb499b2854 Oops... 2006-07-09 12:07:22 +00:00
Dr. Stephen Henson
65a82ef6d7 Fix from HEAD. 2006-07-09 12:03:02 +00:00
Dr. Stephen Henson
1682e8fb12 Allow PKCS7_decrypt() to work if no cert supplied. 2005-08-04 22:10:05 +00:00
Nils Larsch
f32e0035a3 fix potential memory leak
Submitted by: Goetz Babin-Ebell
2005-05-19 22:11:22 +00:00
Bodo Möller
f468e3824a fix memory leak (BIO_free_all needs pointer to first BIO)
PR: 1070
2005-05-17 05:52:24 +00:00
Dr. Stephen Henson
9d10b15ef9 Fix possible memory leak. 2005-02-14 21:53:24 +00:00
Dr. Stephen Henson
fcd5cca418 PKCS7_verify() performance optimization. When the content is large and a
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:52:24 +00:00
Dr. Stephen Henson
e1a27eb34a Allow CRLs to be passed into X509_STORE_CTX. This is useful when the
verified structure can contain its own CRLs (such as PKCS#7 signedData).

Tidy up some of the verify code.
2004-03-27 22:49:28 +00:00
Dr. Stephen Henson
e9ec63961b Fix indefinite length encoding so EOC correctly updates
the buffer pointer.

Rename PKCS7_PARTSIGN to PKCS7_STREAM.

Guess what that's for :-)
2003-02-25 19:03:31 +00:00
Dr. Stephen Henson
27068df7e0 Single pass processing to cleartext S/MIME signing. 2003-02-15 00:50:55 +00:00
Geoff Thorpe
79aa04ef27 Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
2001-09-01 20:02:13 +00:00
Dr. Stephen Henson
1358835050 Change the EVP_somecipher() and EVP_somedigest()
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.
2001-03-09 02:51:02 +00:00
Dr. Stephen Henson
db4a465974 Stop PKCS7_verify() core dumping with unknown public
key algorithms and leaking if the signature verify
fails.
2001-02-24 01:38:56 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Dr. Stephen Henson
730e37edb6 Work around for Netscape PKCS#7 signedData bug. 2000-09-18 12:30:57 +00:00
Richard Levitte
62324627aa Use sk_*_new_null() instead of sk_*_new(NULL), since that takes care
of complaints from the compiler about data pointers and function
pointers not being compatible with each other.
2000-09-17 18:21:27 +00:00
Dr. Stephen Henson
f50c11ca40 Ugh, BIO_find_type() cannot be passed a NULL.
Fix doc example, and fix BIO_find_type().

Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
2000-09-07 17:42:25 +00:00
Dr. Stephen Henson
34216c0422 Keep a not of original encoding in certificate requests.
Add new option to PKCS7_sign to exclude S/MIME capabilities.
2000-09-05 13:27:57 +00:00
Ben Laurie
371acb22e6 Typesafe Thought Police part 4. 2000-05-16 23:01:19 +00:00
Ulf Möller
0e1c06128a Get rid of more non-ANSI declarations. 2000-05-15 22:54:43 +00:00
Dr. Stephen Henson
82b931860a Ouch! PKCS7_encrypt() was heading MIME text headers twice
because it added them manually and as part of SMIME_crlf_copy().
Removed the manual add.
2000-02-28 14:11:19 +00:00
Dr. Stephen Henson
c7cb16a8ff Rename functions for new convention. 2000-02-26 01:55:33 +00:00
Dr. Stephen Henson
1887988497 Delete an unused variable and make the PKCS#12 keygen debugging code work
again.
1999-12-15 02:36:48 +00:00
Dr. Stephen Henson
3fc9635ea7 Fix the S/MIME code to use canonical MIME format for
encrypted mail. Also update the smime docs.
1999-12-15 01:26:17 +00:00
Dr. Stephen Henson
b216664f66 Various S/MIME fixes. 1999-12-11 20:04:06 +00:00
Dr. Stephen Henson
e3775a33c1 Make the PKCS#7 S/MIME functions check for passed NULL pointers.
Fix the usage message of smime utility and sanitise the return
codes.

Add some documentation.
1999-12-09 01:31:32 +00:00
Dr. Stephen Henson
55ec5861c8 Modify S/MIME application so the -signer option writes the signer(s)
to a file if we are verifying.
1999-12-07 02:35:52 +00:00
Dr. Stephen Henson
5a9a4b299c Merge in my S/MIME library and utility. 1999-12-05 00:40:59 +00:00