Commit graph

43 commits

Author SHA1 Message Date
Dr. Stephen Henson
d16bb406d4 Detect symmetric crypto errors in PKCS7_decrypt.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-27 15:22:41 +00:00
Dr. Stephen Henson
237d7b6cae Fix from stable branch. 2009-03-15 13:37:34 +00:00
Dr. Stephen Henson
d0c3628834 Set memory BIOs up properly when stripping text headers from S/MIME messages. 2008-11-21 18:18:13 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
710069c19e Fix warnings. 2007-08-12 17:44:32 +00:00
Dr. Stephen Henson
eeec060df0 Don't finalize signerinfo if reuse and partial both set. 2007-04-13 16:41:52 +00:00
Nils Larsch
c209a35820 remove dead code 2007-02-26 18:21:19 +00:00
Nils Larsch
689f9faba4 fix potential memory leaks
PR: 1462
2007-02-03 09:55:42 +00:00
Dr. Stephen Henson
11d8cdc6ad Experimental streaming PKCS#7 support.
I thought it was about time I dusted this off. This stuff had been sitting on
my hard drive for *ages* (2003 in fact). Hasn't been tested well and may not
work properly.

Nothing uses it at present which is just as well.

Think of this as a traditional Christmas present which looks far more
impressive in the adverts and on the box, some of the bits are missing and
falls to bits if you play with it too much.
2006-12-24 16:22:56 +00:00
Dr. Stephen Henson
067707e367 Set detached flag in PKCS7 structure earlier to avoid eating up memory.
PR: 1071
2006-07-09 12:02:08 +00:00
Dr. Stephen Henson
61e5ec4b1e Add AES and GOST S/MIME capabilities if algorithms are supported. 2006-06-06 12:35:05 +00:00
Dr. Stephen Henson
994df5a248 Flush p7bio when all data has been copied. 2006-05-26 17:14:23 +00:00
Dr. Stephen Henson
0e3453536e Fix warnings. 2006-05-24 13:29:32 +00:00
Dr. Stephen Henson
5531192151 Add -resign and -md options to smime command to support resigning an
existing structure and using alternative digest for signing.
2006-05-18 23:44:44 +00:00
Dr. Stephen Henson
76fa8f1838 More S/MIME tidy. Place some common attribute operations in utility
functions.
2006-05-18 17:20:23 +00:00
Dr. Stephen Henson
60f20632e2 Tidy up of S/MIME code and add new functions which will make is easier
to create S/MIME signed data with multiple signers.
2006-05-17 17:17:01 +00:00
Dr. Stephen Henson
3d47929968 Update S/MIME code to use default digest. 2006-05-07 17:22:58 +00:00
Dr. Stephen Henson
8f2e4fdf86 Allow PKCS7_decrypt() to work if no cert supplied. 2005-08-04 22:15:22 +00:00
Nils Larsch
7f246621b5 fix potential memory leak
Submitted by: Goetz Babin-Ebell
2005-05-19 22:10:40 +00:00
Bodo Möller
f468e3824a fix memory leak (BIO_free_all needs pointer to first BIO)
PR: 1070
2005-05-17 05:52:24 +00:00
Dr. Stephen Henson
9d10b15ef9 Fix possible memory leak. 2005-02-14 21:53:24 +00:00
Dr. Stephen Henson
fcd5cca418 PKCS7_verify() performance optimization. When the content is large and a
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:52:24 +00:00
Dr. Stephen Henson
e1a27eb34a Allow CRLs to be passed into X509_STORE_CTX. This is useful when the
verified structure can contain its own CRLs (such as PKCS#7 signedData).

Tidy up some of the verify code.
2004-03-27 22:49:28 +00:00
Dr. Stephen Henson
e9ec63961b Fix indefinite length encoding so EOC correctly updates
the buffer pointer.

Rename PKCS7_PARTSIGN to PKCS7_STREAM.

Guess what that's for :-)
2003-02-25 19:03:31 +00:00
Dr. Stephen Henson
27068df7e0 Single pass processing to cleartext S/MIME signing. 2003-02-15 00:50:55 +00:00
Geoff Thorpe
79aa04ef27 Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
2001-09-01 20:02:13 +00:00
Dr. Stephen Henson
1358835050 Change the EVP_somecipher() and EVP_somedigest()
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.
2001-03-09 02:51:02 +00:00
Dr. Stephen Henson
db4a465974 Stop PKCS7_verify() core dumping with unknown public
key algorithms and leaking if the signature verify
fails.
2001-02-24 01:38:56 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Dr. Stephen Henson
730e37edb6 Work around for Netscape PKCS#7 signedData bug. 2000-09-18 12:30:57 +00:00
Richard Levitte
62324627aa Use sk_*_new_null() instead of sk_*_new(NULL), since that takes care
of complaints from the compiler about data pointers and function
pointers not being compatible with each other.
2000-09-17 18:21:27 +00:00
Dr. Stephen Henson
f50c11ca40 Ugh, BIO_find_type() cannot be passed a NULL.
Fix doc example, and fix BIO_find_type().

Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
2000-09-07 17:42:25 +00:00
Dr. Stephen Henson
34216c0422 Keep a not of original encoding in certificate requests.
Add new option to PKCS7_sign to exclude S/MIME capabilities.
2000-09-05 13:27:57 +00:00
Ben Laurie
371acb22e6 Typesafe Thought Police part 4. 2000-05-16 23:01:19 +00:00
Ulf Möller
0e1c06128a Get rid of more non-ANSI declarations. 2000-05-15 22:54:43 +00:00
Dr. Stephen Henson
82b931860a Ouch! PKCS7_encrypt() was heading MIME text headers twice
because it added them manually and as part of SMIME_crlf_copy().
Removed the manual add.
2000-02-28 14:11:19 +00:00
Dr. Stephen Henson
c7cb16a8ff Rename functions for new convention. 2000-02-26 01:55:33 +00:00
Dr. Stephen Henson
1887988497 Delete an unused variable and make the PKCS#12 keygen debugging code work
again.
1999-12-15 02:36:48 +00:00
Dr. Stephen Henson
3fc9635ea7 Fix the S/MIME code to use canonical MIME format for
encrypted mail. Also update the smime docs.
1999-12-15 01:26:17 +00:00
Dr. Stephen Henson
b216664f66 Various S/MIME fixes. 1999-12-11 20:04:06 +00:00
Dr. Stephen Henson
e3775a33c1 Make the PKCS#7 S/MIME functions check for passed NULL pointers.
Fix the usage message of smime utility and sanitise the return
codes.

Add some documentation.
1999-12-09 01:31:32 +00:00
Dr. Stephen Henson
55ec5861c8 Modify S/MIME application so the -signer option writes the signer(s)
to a file if we are verifying.
1999-12-07 02:35:52 +00:00
Dr. Stephen Henson
5a9a4b299c Merge in my S/MIME library and utility. 1999-12-05 00:40:59 +00:00