Update S/MIME code to use default digest.

author Dr. Stephen Henson <steve@openssl.org>

Sun, 7 May 2006 17:22:58 +0000 (17:22 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sun, 7 May 2006 17:22:58 +0000 (17:22 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sun, 7 May 2006 17:22:58 +0000 (17:22 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sun, 7 May 2006 17:22:58 +0000 (17:22 +0000)
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c

index 2962eb4f3a10ee43ba24eb23cfd60265c083cd2f..92d033fe0269b5e449814837cc110d1721b9fa47 100644 (file)
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -390,6 +390,20 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
         {
         PKCS7_SIGNER_INFO *si;
  
+       if (dgst == NULL)
+               {
+               int def_nid;
+               if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
+                       goto err;
+               dgst = EVP_get_digestbynid(def_nid);
+               if (dgst == NULL)
+                       {
+                       PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE,
+                                               PKCS7_R_NO_DEFAULT_DIGEST);
+                       goto err;
+                       }
+               }
+
         if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
         if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
         if (!PKCS7_add_signer(p7,si)) goto err;
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c

index 1f4a0a17952fa7cc03994bbc5d8f0f515ffe183a..664725da2cb4f065f6a814daa44de072b6ace4f8 100644 (file)
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -86,7 +86,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
  
         PKCS7_content_new(p7, NID_pkcs7_data);
  
-       if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {
+       if (!(si = PKCS7_add_signature(p7,signcert,pkey,NULL))) {
                 PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
                 PKCS7_free(p7);
                 return NULL;
diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h

index 9a45bb18722eb25ad422e6d7a1181ec53f12b6c1..180aefb23ec5ad0b37e625138635b86247615e8e 100644 (file)
--- a/crypto/pkcs7/pkcs7.h
+++ b/crypto/pkcs7/pkcs7.h
@@ -394,6 +394,7 @@ void ERR_load_PKCS7_strings(void);
  #define PKCS7_F_PKCS7_ADD_CERTIFICATE                   100
  #define PKCS7_F_PKCS7_ADD_CRL                           101
  #define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                102
+#define PKCS7_F_PKCS7_ADD_SIGNATURE                     131
  #define PKCS7_F_PKCS7_ADD_SIGNER                        103
  #define PKCS7_F_PKCS7_BIO_ADD_DIGEST                    125
  #define PKCS7_F_PKCS7_CTRL                              104
@@ -440,6 +441,7 @@ void ERR_load_PKCS7_strings(void);
  #define PKCS7_R_MISSING_CERIPEND_INFO                   103
  #define PKCS7_R_NO_CONTENT                              122
  #define PKCS7_R_NO_CONTENT_TYPE                                 135
+#define PKCS7_R_NO_DEFAULT_DIGEST                       151
  #define PKCS7_R_NO_MULTIPART_BODY_FAILURE               136
  #define PKCS7_R_NO_MULTIPART_BOUNDARY                   137
  #define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE        115
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c

index 659e0f1a087b06e51de726d4fefff3b70f3ddabf..e7950698b6e029fbe5863b211178c88dac9cd655 100644 (file)
--- a/crypto/pkcs7/pkcs7err.c
+++ b/crypto/pkcs7/pkcs7err.c
@@ -76,6 +76,7 @@ static ERR_STRING_DATA PKCS7_str_functs[]=
  {ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE),      "PKCS7_add_certificate"},
  {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL),      "PKCS7_add_crl"},
  {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO),   "PKCS7_add_recipient_info"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE),        "PKCS7_add_signature"},
  {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER),   "PKCS7_add_signer"},
  {ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST),       "PKCS7_BIO_ADD_DIGEST"},
  {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_CTRL"},
@@ -125,6 +126,7 @@ static ERR_STRING_DATA PKCS7_str_reasons[]=
  {ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO),"missing ceripend info"},
  {ERR_REASON(PKCS7_R_NO_CONTENT)          ,"no content"},
  {ERR_REASON(PKCS7_R_NO_CONTENT_TYPE)     ,"no content type"},
+{ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST)   ,"no default digest"},
  {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"},
  {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"},
  {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"},
author	Dr. Stephen Henson <steve@openssl.org>
	Sun, 7 May 2006 17:22:58 +0000 (17:22 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sun, 7 May 2006 17:22:58 +0000 (17:22 +0000)
crypto/pkcs7/pk7_lib.c		patch \| blob \| history
crypto/pkcs7/pk7_smime.c		patch \| blob \| history
crypto/pkcs7/pkcs7.h		patch \| blob \| history
crypto/pkcs7/pkcs7err.c		patch \| blob \| history