#include "cms_lcl.h"
#include "asn1_locl.h"
+static BIO *cms_get_text_bio(BIO *out, unsigned int flags)
+{
+ BIO *rbio;
+ if (out == NULL)
+ rbio = BIO_new(BIO_s_null());
+ else if (flags & CMS_TEXT)
+ {
+ rbio = BIO_new(BIO_s_mem());
+ BIO_set_mem_eof_return(rbio, 0);
+ }
+ else
+ rbio = out;
+ return rbio;
+}
+
static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
{
unsigned char buf[4096];
int r = 0, i;
- BIO *tmpout = NULL;
+ BIO *tmpout;
- if (out == NULL)
- tmpout = BIO_new(BIO_s_null());
- else if (flags & CMS_TEXT) {
- tmpout = BIO_new(BIO_s_mem());
- BIO_set_mem_eof_return(tmpout, 0);
- } else
- tmpout = out;
+ tmpout = cms_get_text_bio(out, flags);
if (!tmpout) {
CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE);
STACK_OF(X509_CRL) *crls = NULL;
X509 *signer;
int i, scount = 0, ret = 0;
- BIO *cmsbio = NULL, *tmpin = NULL;
+ BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL;
if (!dcont && !check_content(cms))
return 0;
tmpin = BIO_new_mem_buf(ptr, len);
if (tmpin == NULL) {
CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
- goto err2;
+ return 0;
}
} else
tmpin = dcont;
+ /* If not binary mode and detached generate digests by *writing*
+ * through the BIO. That makes it possible to canonicalise the
+ * input.
+ */
+ if (!(flags & SMIME_BINARY) && dcont)
+ {
+ /* Create output BIO so we can either handle text or to
+ * ensure included content doesn't override detached content.
+ */
+ tmpout = cms_get_text_bio(out, flags);
+ if(!tmpout)
+ {
+ CMSerr(CMS_F_CMS_VERIFY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ cmsbio = CMS_dataInit(cms, tmpout);
+ if (!cmsbio)
+ goto err;
+ /* Don't use SMIME_TEXT for verify: it adds headers and
+ * we want to remove them.
+ */
+ SMIME_crlf_copy(dcont, cmsbio, flags & ~SMIME_TEXT);
- cmsbio = CMS_dataInit(cms, tmpin);
- if (!cmsbio)
- goto err;
+ if(flags & CMS_TEXT)
+ {
+ if (!SMIME_text(tmpout, out))
+ {
+ CMSerr(CMS_F_CMS_VERIFY,CMS_R_SMIME_TEXT_ERROR);
+ goto err;
+ }
+ }
+ }
+ else
+ {
+ cmsbio=CMS_dataInit(cms, tmpin);
+ if (!cmsbio)
+ goto err;
- if (!cms_copy_content(out, cmsbio, flags))
- goto err;
+ if (!cms_copy_content(out, cmsbio, flags))
+ goto err;
+ }
if (!(flags & CMS_NO_CONTENT_VERIFY)) {
for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
si = sk_CMS_SignerInfo_value(sinfos, i);
ret = 1;
err:
-
- if (dcont && (tmpin == dcont))
- do_free_upto(cmsbio, dcont);
+ if (!(flags & SMIME_BINARY) && dcont)
+ {
+ do_free_upto(cmsbio, tmpout);
+ if (tmpin != dcont)
+ BIO_free(tmpin);
+ }
else
- BIO_free_all(cmsbio);
+ {
+
+ if (dcont && (tmpin == dcont))
+ do_free_upto(cmsbio, dcont);
+ else
+ BIO_free_all(cmsbio);
+ }
+
+ if (tmpout && out != tmpout)
+ BIO_free_all(tmpout);
- err2:
if (cms_certs)
sk_X509_pop_free(cms_certs, X509_free);
if (crls)
projects / platform / upstream / nodejs.git / commitdiff