Commit graph

55 commits

Author SHA1 Message Date
Dr. Stephen Henson
618265e645 Fix CVE-2010-1633 and CVE-2010-0742. 2010-06-01 13:17:06 +00:00
Dr. Stephen Henson
45acdd6f6d tolerate broken CMS/PKCS7 implementations using signature OID instead of digest 2010-02-02 14:26:32 +00:00
Dr. Stephen Henson
43f21e62aa PR: 2058
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_DigestVerifyFinal error handling.
2009-09-30 23:50:10 +00:00
Dr. Stephen Henson
80afb40ae3 Submitted by: Julia Lawall <julia@diku.dk>
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:27:27 +00:00
Dr. Stephen Henson
73ba116e96 Update from stable branch. 2009-03-25 12:54:14 +00:00
Dr. Stephen Henson
54571ba004 Use correct ctx name. 2009-03-15 14:03:47 +00:00
Dr. Stephen Henson
237d7b6cae Fix from stable branch. 2009-03-15 13:37:34 +00:00
Dr. Stephen Henson
d0c3628834 Set memory BIOs up properly when stripping text headers from S/MIME messages. 2008-11-21 18:18:13 +00:00
Dr. Stephen Henson
6d6c47980e Correctly handle errors in CMS I/O code. 2008-08-05 15:55:53 +00:00
Dr. Stephen Henson
19048b5c8d New function CMS_add1_crl(). 2008-05-02 17:27:01 +00:00
Dr. Stephen Henson
e6ef05d5f3 Make certs argument work in CMS_sign() add test case.
PR:1664
2008-04-18 11:18:20 +00:00
Dr. Stephen Henson
852bd35065 Fix prototype for CMS_decrypt(), don't free up detached content. 2008-04-11 23:45:52 +00:00
Dr. Stephen Henson
a5db50d005 Revert argument swap change... oops CMS_uncompress() was consistent... 2008-04-11 23:23:18 +00:00
Dr. Stephen Henson
529d329ce1 Make CMS_uncompress() argument order consistent with other functions. 2008-04-11 17:34:13 +00:00
Dr. Stephen Henson
c02b6b6b21 Fix for compression and updated CMS_final(). 2008-04-11 17:07:01 +00:00
Dr. Stephen Henson
e0fbd07309 Add additional parameter to CMS_final() to handle detached content. 2008-04-10 11:22:14 +00:00
Dr. Stephen Henson
eaee098e1f Ignore nonsensical flags for signed receipts. 2008-04-10 11:12:42 +00:00
Dr. Stephen Henson
853eae51e0 Implement CMS_NOCRL. 2008-04-07 11:00:44 +00:00
Dr. Stephen Henson
ff80280b01 Set contentType attribute just before signing to allow encapsulated content
type to be set at any time in applications.
2008-04-06 16:29:47 +00:00
Dr. Stephen Henson
e45641bd17 Fix typo and add header files to err library. 2008-04-06 15:53:29 +00:00
Dr. Stephen Henson
d5a37b0293 Give consistent return value and add error code for duplicate certificates. 2008-04-06 15:41:25 +00:00
Dr. Stephen Henson
a5cdb7d5bd Avoid warnings. 2008-04-01 16:29:42 +00:00
Dr. Stephen Henson
2e86f0d8d7 Use correct headers for signed receipts. Use consistent naming.
Update cms-test.pl to support OpenSSL 0.9.8.
2008-03-31 15:03:55 +00:00
Dr. Stephen Henson
e2a29d49ca Update dependencies. 2008-03-29 21:11:25 +00:00
Dr. Stephen Henson
b99674103d Remove unnecessary header. 2008-03-29 21:08:37 +00:00
Dr. Stephen Henson
36309aa2be Signed receipt generation code. 2008-03-28 19:43:16 +00:00
Dr. Stephen Henson
eb9d8d8cd4 Support for verification of signed receipts. 2008-03-28 13:15:39 +00:00
Dr. Stephen Henson
f5e2354c9d Add support for signed receipt request printout and generation. 2008-03-26 17:40:22 +00:00
Dr. Stephen Henson
f4cc56f494 Signed Receipt Request utility functions and option on CMS utility to
print out receipt requests.
2008-03-26 13:10:21 +00:00
Dr. Stephen Henson
be86c7fc87 Add signed receipt ASN1 structures. Initial GENERAL_NAME utility functions. 2008-03-24 22:14:02 +00:00
Dr. Stephen Henson
fe591284be Update dependencies. 2008-03-22 18:52:03 +00:00
Geoff Thorpe
5ffba305c8 Comment out a (currently) unused CMS function. (Sorry Steve, but I need
-Werror right now to help me code-by-domino :-)
2008-03-19 23:08:20 +00:00
Dr. Stephen Henson
054307e7ed Allow alternate eContentType oids to be set in cms utility.
Add id-ct-asciiTextWithCRLF OID.

Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
2008-03-19 19:34:30 +00:00
Dr. Stephen Henson
8cd358bef8 Rebuild CMS error codes. 2008-03-19 18:42:02 +00:00
Dr. Stephen Henson
eeb9cdfc94 Add support for KEK decrypt in cms utility. 2008-03-19 18:39:51 +00:00
Dr. Stephen Henson
ab12438030 Add support for KEKRecipientInfo in cms application. 2008-03-19 13:53:52 +00:00
Dr. Stephen Henson
f7e85c371e Uninitialized variable bug fix. 2008-03-18 18:18:25 +00:00
Dr. Stephen Henson
e4f0e40eac Various tidies/fixes:
Make streaming support in cms cleaner.

Note errors in various S/MIME functions if CMS_final() fails.

Add streaming support for enveloped data.
2008-03-18 13:45:43 +00:00
Dr. Stephen Henson
6e3bc4f073 More support for KEK RecipientInfo.
Generalise RecipientInfo and enveloped data handling so applications can
add their own key lookup routines as well as using the standard ones.
2008-03-18 01:00:38 +00:00
Dr. Stephen Henson
c36e936b60 Partial support for KEKRecipientInfo type. 2008-03-17 18:11:27 +00:00
Dr. Stephen Henson
761ffa729f Preliminary support for enveloped data content type creation.
Fix signed data creation so versions are only corrected if structure is
being created.
2008-03-17 13:38:51 +00:00
Geoff Thorpe
1e26a8baed Fix a variety of warnings generated by some elevated compiler-fascism,
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
7c337e00d2 Fix some warnings. 2008-03-16 20:59:10 +00:00
Dr. Stephen Henson
deb21fbae9 Remove deleted function from header file, update mkfiles.pl 2008-03-16 18:41:20 +00:00
Dr. Stephen Henson
a981e2adbc Add support for random key generation: this will be needed by enveloped data. 2008-03-16 13:05:03 +00:00
Dr. Stephen Henson
4f1aa191b3 Initial support for enveloped data decrypt. Extent runex.pl to cover these
examples. All RFC4134 examples can not be processed.
2008-03-15 23:21:33 +00:00
Dr. Stephen Henson
e540d1cd77 Check for cipher BIO errors and set key length after parameter decode. 2008-03-15 13:37:32 +00:00
Dr. Stephen Henson
fd47c36136 Return error if no cipher set for encrypted data type.
Update CHANGES.
2008-03-15 00:02:23 +00:00
Dr. Stephen Henson
d9f5f07e28 Initial support for Encrypted Data type generation. 2008-03-14 23:30:56 +00:00
Dr. Stephen Henson
320bfc1be7 Reorganise encrypted content info code to avoid duplication and be more
consistent with other content types.
2008-03-14 19:37:56 +00:00