diff options
Diffstat (limited to 'nss/lib/smime/smimemessage.c')
-rw-r--r-- | nss/lib/smime/smimemessage.c | 71 |
1 files changed, 35 insertions, 36 deletions
diff --git a/nss/lib/smime/smimemessage.c b/nss/lib/smime/smimemessage.c index ec69b44..774b9f3 100644 --- a/nss/lib/smime/smimemessage.c +++ b/nss/lib/smime/smimemessage.c @@ -18,7 +18,6 @@ #include "prtime.h" #include "secerr.h" - #if 0 /* * NSS_SMIMEMessage_CreateEncrypted - start an S/MIME encrypting context. @@ -39,10 +38,10 @@ */ NSSCMSMessage * NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert, - CERTCertificate **rcerts, - CERTCertDBHandle *certdb, - PK11PasswordFunc pwfn, - void *pwfn_arg) + CERTCertificate **rcerts, + CERTCertDBHandle *certdb, + PK11PasswordFunc pwfn, + void *pwfn_arg) { NSSCMSMessage *cmsg; long cipher; @@ -52,11 +51,11 @@ NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert, cipher = smime_choose_cipher (scert, rcerts); if (cipher < 0) - return NULL; + return NULL; mapi = smime_mapi_by_cipher (cipher); if (mapi < 0) - return NULL; + return NULL; /* * XXX This is stretching it -- CreateEnvelopedData should probably @@ -69,22 +68,22 @@ NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert, encalg = smime_cipher_map[mapi].algtag; keysize = smime_keysize_by_cipher (cipher); if (keysize < 0) - return NULL; + return NULL; cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient, - certdb, encalg, keysize, - pwfn, pwfn_arg); + certdb, encalg, keysize, + pwfn, pwfn_arg); if (cinfo == NULL) - return NULL; + return NULL; for (rci = 0; rcerts[rci] != NULL; rci++) { - if (rcerts[rci] == scert) - continue; - if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient, - NULL) != SECSuccess) { - SEC_PKCS7DestroyContentInfo (cinfo); - return NULL; - } + if (rcerts[rci] == scert) + continue; + if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient, + NULL) != SECSuccess) { + SEC_PKCS7DestroyContentInfo (cinfo); + return NULL; + } } return cinfo; @@ -103,7 +102,7 @@ NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert, * * "certdb" is the cert database to use for verifying the cert. * It can be NULL if a default database is available (like in the client). - * + * * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1). * XXX There should be SECMIME functions for hashing, or the hashing should * be built into this interface, which we would like because we would @@ -123,12 +122,12 @@ NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert, NSSCMSMessage * NSS_SMIMEMessage_CreateSigned(CERTCertificate *scert, - CERTCertificate *ecert, - CERTCertDBHandle *certdb, - SECOidTag digestalgtag, - SECItem *digest, - PK11PasswordFunc pwfn, - void *pwfn_arg) + CERTCertificate *ecert, + CERTCertDBHandle *certdb, + SECOidTag digestalgtag, + SECItem *digest, + PK11PasswordFunc pwfn, + void *pwfn_arg) { NSSCMSMessage *cmsg; NSSCMSSignedData *sigd; @@ -139,46 +138,46 @@ NSS_SMIMEMessage_CreateSigned(CERTCertificate *scert, cmsg = NSS_CMSMessage_Create(NULL); if (cmsg == NULL) - return NULL; + return NULL; sigd = NSS_CMSSignedData_Create(cmsg); if (sigd == NULL) - goto loser; + goto loser; /* create just one signerinfo */ signerinfo = NSS_CMSSignerInfo_Create(cmsg, scert, digestalgtag); if (signerinfo == NULL) - goto loser; + goto loser; /* Add the signing time to the signerinfo. */ if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now()) != SECSuccess) - goto loser; - + goto loser; + /* and add the SMIME profile */ if (NSS_SMIMESignerInfo_AddSMIMEProfile(signerinfo, scert) != SECSuccess) - goto loser; + goto loser; /* now add the signerinfo to the signeddata */ if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess) - goto loser; + goto loser; /* include the signing cert and its entire chain */ /* note that there are no checks for duplicate certs in place, as all the */ /* essential data structures (like set of certificate) are not there */ if (NSS_CMSSignedData_AddCertChain(sigd, scert) != SECSuccess) - goto loser; + goto loser; /* If the encryption cert and the signing cert differ, then include * the encryption cert too. */ if ( ( ecert != NULL ) && ( ecert != scert ) ) { - if (NSS_CMSSignedData_AddCertificate(sigd, ecert) != SECSuccess) - goto loser; + if (NSS_CMSSignedData_AddCertificate(sigd, ecert) != SECSuccess) + goto loser; } return cmsg; loser: if (cmsg) - NSS_CMSMessage_Destroy(cmsg); + NSS_CMSMessage_Destroy(cmsg); return NULL; } #endif |