diff options
| author | chrisk%netscape.com <devnull@localhost> | 2000-06-06 23:34:59 +0000 |
|---|---|---|
| committer | chrisk%netscape.com <devnull@localhost> | 2000-06-06 23:34:59 +0000 |
| commit | db6c47cf83c0ca55cf00783e9621f4fb18cdd281 (patch) | |
| tree | b97be57d83ee1fbb5c38c424639c440feb5840fa | |
| parent | d3377b0d7c5b44910a0915d94d287fbee50dc7f3 (diff) | |
| download | nss-hg-db6c47cf83c0ca55cf00783e9621f4fb18cdd281.tar.gz | |
Got rid of warnings on Linux (-Wall)
| -rw-r--r-- | security/nss/lib/smime/cms.h | 155 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsattr.c | 2 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmscinfo.c | 3 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmscipher.c | 6 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsdecode.c | 5 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsdigest.c | 1 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsencdata.c | 3 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsencode.c | 10 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsenvdata.c | 2 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsmessage.c | 5 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmspubkey.c | 5 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsrecinfo.c | 9 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsreclist.c | 68 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmssigdata.c | 3 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmssiginfo.c | 17 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsutil.c | 2 | ||||
| -rw-r--r-- | security/nss/lib/smime/smimemessage.c | 1 | ||||
| -rw-r--r-- | security/nss/lib/smime/smimeutil.c | 48 |
18 files changed, 230 insertions, 115 deletions
diff --git a/security/nss/lib/smime/cms.h b/security/nss/lib/smime/cms.h index 2b18ba35f..091e96ea9 100644 --- a/security/nss/lib/smime/cms.h +++ b/security/nss/lib/smime/cms.h @@ -824,7 +824,7 @@ NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd); extern NSSCMSRecipientInfo * NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert); -extern SECStatus +extern void NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri); extern int @@ -845,6 +845,159 @@ NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex, CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag); /************************************************************************ + * cmsencdata.c - CMS encryptedData methods + ************************************************************************/ +/* + * NSS_CMSEncryptedData_Create - create an empty encryptedData object. + * + * "algorithm" specifies the bulk encryption algorithm to use. + * "keysize" is the key size. + * + * An error results in a return value of NULL and an error set. + * (Retrieve specific errors via PORT_GetError()/XP_GetError().) + */ +extern NSSCMSEncryptedData * +NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize); + +/* + * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object + */ +extern void +NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd); + +/* + * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo + */ +extern NSSCMSContentInfo * +NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd); + +/* + * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData + * before encoding begins. + * + * In particular: + * - set the correct version value. + * - get the encryption key + */ +extern SECStatus +NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd); + +/* + * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption + */ +extern SECStatus +NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd); + +/* + * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding + */ +extern SECStatus +NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd); + +/* + * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption + */ +extern SECStatus +NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd); + +/* + * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content + */ +extern SECStatus +NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd); + +/* + * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData + */ +extern SECStatus +NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd); + +/************************************************************************ + * cmsdigdata.c - CMS encryptedData methods + ************************************************************************/ +/* + * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding) + * + * version will be set by NSS_CMSDigestedData_Encode_BeforeStart + * digestAlg is passed as parameter + * contentInfo must be filled by the user + * digest will be calculated while encoding + */ +extern NSSCMSDigestedData * +NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg); + +/* + * NSS_CMSDigestedData_Destroy - destroy a digestedData object + */ +extern void +NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd); + +/* + * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo + */ +extern NSSCMSContentInfo * +NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd); + +/* + * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData + * before encoding begins. + * + * In particular: + * - set the right version number. The contentInfo's content type must be set up already. + */ +extern SECStatus +NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd); + +/* + * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData + * before the encapsulated data is passed through the encoder. + * + * In detail: + * - set up the digests if necessary + */ +extern SECStatus +NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd); + +/* + * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData + * after all the encapsulated data was passed through the encoder. + * + * In detail: + * - finish the digests + */ +extern SECStatus +NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd); + +/* + * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData + * before the encapsulated data is passed through the encoder. + * + * In detail: + * - set up the digests if necessary + */ +extern SECStatus +NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd); + +/* + * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData + * after all the encapsulated data was passed through the encoder. + * + * In detail: + * - finish the digests + */ +extern SECStatus +NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd); + +/* + * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData. + * + * In detail: + * - check the digests for equality + */ +extern SECStatus +NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd); + +/************************************************************************ * cmsdigest.c - digestion routines ************************************************************************/ diff --git a/security/nss/lib/smime/cmsattr.c b/security/nss/lib/smime/cmsattr.c index 2816ec0d7..e0433fd18 100644 --- a/security/nss/lib/smime/cmsattr.c +++ b/security/nss/lib/smime/cmsattr.c @@ -143,7 +143,6 @@ SECOidTag NSS_CMSAttribute_GetType(NSSCMSAttribute *attr) { SECOidData *typetag; - SECOidTag type; typetag = SECOID_FindOID(&(attr->type)); if (typetag == NULL) @@ -387,7 +386,6 @@ SECStatus NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr) { NSSCMSAttribute *oattr; - SECItem stime; void *mark; SECOidTag type; diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c index dfc717458..9e4a2dc5e 100644 --- a/security/nss/lib/smime/cmscinfo.c +++ b/security/nss/lib/smime/cmscinfo.c @@ -323,8 +323,5 @@ NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo) int NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo) { - if (cinfo->bulkkey == NULL) - return NULL; - return cinfo->keysize; } diff --git a/security/nss/lib/smime/cmscipher.c b/security/nss/lib/smime/cmscipher.c index dbe481e95..27e5668aa 100644 --- a/security/nss/lib/smime/cmscipher.c +++ b/security/nss/lib/smime/cmscipher.c @@ -43,6 +43,7 @@ #include "secitem.h" #include "pk11func.h" #include "secerr.h" +#include "secpkcs5.h" /* * ------------------------------------------------------------------- @@ -82,7 +83,6 @@ NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid) CK_MECHANISM_TYPE mechanism; SECItem *param; PK11SlotInfo *slot; - PRBool dummy; SECOidTag algtag; algtag = SECOID_GetAlgorithmTag(algid); @@ -90,7 +90,7 @@ NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid) /* set param and mechanism */ if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) { CK_MECHANISM pbeMech, cryptoMech; - SECItem *pbeParams, *pwitem; + SECItem *pbeParams; SEC_PKCS5KeyAndPassword *keyPwd; PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM)); @@ -184,7 +184,7 @@ NSS_CMSCipherContext_StartEncrypt(PRArenaPool *poolp, PK11SymKey *key, SECAlgori /* set param and mechanism */ if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) { CK_MECHANISM pbeMech, cryptoMech; - SECItem *pbeParams, *pwitem; + SECItem *pbeParams; SEC_PKCS5KeyAndPassword *keyPwd; PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM)); diff --git a/security/nss/lib/smime/cmsdecode.c b/security/nss/lib/smime/cmsdecode.c index ee6ff1cac..c1b78cc3e 100644 --- a/security/nss/lib/smime/cmsdecode.c +++ b/security/nss/lib/smime/cmsdecode.c @@ -82,7 +82,6 @@ nss_cms_decoder_notify(void *arg, PRBool before, void *dest, int depth) NSSCMSDecoderContext *p7dcx; NSSCMSContentInfo *rootcinfo, *cinfo; PRBool after = !before; - SECStatus rv; p7dcx = (NSSCMSDecoderContext *)arg; rootcinfo = &(p7dcx->cmsg->contentInfo); @@ -204,8 +203,6 @@ nss_cms_before_data(NSSCMSDecoderContext *p7dcx) { SECStatus rv; SECOidTag childtype; - void *childmsg; - PK11SymKey *bulkkey; PLArenaPool *poolp; NSSCMSDecoderContext *childp7dcx; NSSCMSContentInfo *cinfo; @@ -415,7 +412,6 @@ nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, unsigned int offset; SECStatus rv; SECItem *storage; - int i; /* * We should really have data to process, or we should be trying @@ -672,7 +668,6 @@ NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx) cmsg = NULL; } -loser: PORT_Free(p7dcx); return cmsg; } diff --git a/security/nss/lib/smime/cmsdigest.c b/security/nss/lib/smime/cmsdigest.c index 1c14699fd..ce3f59228 100644 --- a/security/nss/lib/smime/cmsdigest.c +++ b/security/nss/lib/smime/cmsdigest.c @@ -66,7 +66,6 @@ NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs) SECHashObject *digobj; void *digcx; int digcnt; - void *mark; int i; digcnt = (digestalgs == NULL) ? 0 : NSS_CMSArray_Count((void **)digestalgs); diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c index d441ad692..0dc23a317 100644 --- a/security/nss/lib/smime/cmsencdata.c +++ b/security/nss/lib/smime/cmsencdata.c @@ -215,9 +215,6 @@ SECStatus NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd) { PK11SymKey *bulkkey = NULL; - SECOidTag bulkalgtag; - PK11SlotInfo *slot; - int i, bulkLength = 0; NSSCMSContentInfo *cinfo; SECAlgorithmID *bulkalg; SECStatus rv = SECFailure; diff --git a/security/nss/lib/smime/cmsencode.c b/security/nss/lib/smime/cmsencode.c index 2fe9046c7..cc0303cd6 100644 --- a/security/nss/lib/smime/cmsencode.c +++ b/security/nss/lib/smime/cmsencode.c @@ -221,9 +221,7 @@ nss_cms_before_data(NSSCMSEncoderContext *p7ecx) { SECStatus rv; SECOidTag childtype; - void *childmsg; NSSCMSContentInfo *cinfo; - PK11SymKey *bulkkey; PLArenaPool *poolp; NSSCMSEncoderContext *childp7ecx; const SEC_ASN1Template *template; @@ -339,10 +337,8 @@ nss_cms_before_data(NSSCMSEncoderContext *p7ecx) /* this will kick off the encoding process & encode everything up to the content bytes, * at which point the notify function sets streaming mode (and possibly creates * another child encoder). */ - if (SEC_ASN1EncoderUpdate(childp7ecx->ecx, NULL, 0) != SECSuccess) { - PORT_Free (p7ecx); - return NULL; - } + if (SEC_ASN1EncoderUpdate(childp7ecx->ecx, NULL, 0) != SECSuccess) + goto loser; p7ecx->childp7ecx = childp7ecx; break; @@ -360,6 +356,8 @@ nss_cms_before_data(NSSCMSEncoderContext *p7ecx) loser: if (childp7ecx) { + if (childp7ecx->ecx) + SEC_ASN1EncoderFinish(childp7ecx->ecx); PORT_Free(childp7ecx); } return SECFailure; diff --git a/security/nss/lib/smime/cmsenvdata.c b/security/nss/lib/smime/cmsenvdata.c index 93c2e5265..d6e45a10a 100644 --- a/security/nss/lib/smime/cmsenvdata.c +++ b/security/nss/lib/smime/cmsenvdata.c @@ -56,7 +56,6 @@ NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysiz void *mark; NSSCMSEnvelopedData *envd; PLArenaPool *poolp; - SECAlgorithmID *pbe_algid; SECStatus rv; poolp = cmsg->poolp; @@ -314,7 +313,6 @@ NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd) PK11SymKey *bulkkey = NULL; SECOidTag bulkalgtag; SECAlgorithmID *bulkalg; - int i, bulkLength = 0; SECStatus rv = SECFailure; NSSCMSContentInfo *cinfo; NSSCMSRecipient **recipient_list; diff --git a/security/nss/lib/smime/cmsmessage.c b/security/nss/lib/smime/cmsmessage.c index dd4503a2a..a25445627 100644 --- a/security/nss/lib/smime/cmsmessage.c +++ b/security/nss/lib/smime/cmsmessage.c @@ -43,6 +43,7 @@ #include "secasn1.h" #include "secitem.h" #include "secoid.h" +#include "pk11func.h" #include "secerr.h" /* @@ -221,9 +222,6 @@ NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n) PRBool NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg) { - SECOidTag kind; - SECItem **certs; - CERTSignedCrl **crls; NSSCMSContentInfo *cinfo; /* descend into CMS message */ @@ -256,6 +254,7 @@ NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg) break; } } + return PR_FALSE; } /* diff --git a/security/nss/lib/smime/cmspubkey.c b/security/nss/lib/smime/cmspubkey.c index eaf6188f1..9654ef26c 100644 --- a/security/nss/lib/smime/cmspubkey.c +++ b/security/nss/lib/smime/cmspubkey.c @@ -124,9 +124,8 @@ NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11S { SECOidTag certalgtag; /* the certificate's encryption algorithm */ SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */ - SECStatus rv = SECFailure, ret; + SECStatus rv = SECFailure; SECItem *params = NULL; - int data_len; SECStatus err; PK11SymKey *tek; CERTCertificate *ourCert; @@ -387,7 +386,7 @@ NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11Sy publickey = CERT_ExtractPublicKey(cert); if (publickey == NULL) goto loser; - /* XXXX generate a DH key pair on a PKCS11 module (XXX which parameters???) */ + /* XXXX generate a DH key pair on a PKCS11 module (XXX which parameters?) */ /* XXXX */ourCert = PK11_FindBestKEAMatch(cert, wincx); if (ourCert == NULL) goto loser; diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c index f5be4c5e9..45ac16658 100644 --- a/security/nss/lib/smime/cmsrecinfo.c +++ b/security/nss/lib/smime/cmsrecinfo.c @@ -191,7 +191,7 @@ loser: return NULL; } -SECStatus +void NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri) { /* version was allocated on the pool, so no need to destroy it */ @@ -273,11 +273,8 @@ SECStatus NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey, SECOidTag bulkalgtag) { CERTCertificate *cert; - SECOidTag certalgtag, encalgtag; + SECOidTag certalgtag; SECStatus rv; - int data_len; - unsigned long version; - SECItem *dummy; SECItem *params = NULL; NSSCMSRecipientEncryptedKey *rek; NSSCMSOriginatorIdentifierOrKey *oiok; @@ -351,8 +348,6 @@ NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey, S rv = SECFailure; break; } - -loser: return rv; } diff --git a/security/nss/lib/smime/cmsreclist.c b/security/nss/lib/smime/cmsreclist.c index 59c821536..b6fc62ee4 100644 --- a/security/nss/lib/smime/cmsreclist.c +++ b/security/nss/lib/smime/cmsreclist.c @@ -48,39 +48,7 @@ #include "prtime.h" #include "secerr.h" -NSSCMSRecipient ** -nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos) -{ - int count, rv; - NSSCMSRecipient **recipient_list; - - /* count the number of recipient identifiers */ - count = nss_cms_recipients_traverse(recipientinfos, NULL); - if (count <= 0) { - /* no recipients? */ - PORT_SetError(SEC_ERROR_BAD_DATA); -#if 0 - PORT_SetErrorString("Cannot find recipient data in envelope."); -#endif - return NULL; - } - - /* allocate an array of pointers */ - recipient_list = (NSSCMSRecipient **) - PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *)); - if (recipient_list == NULL) - return NULL; - - /* now fill in the recipient_list */ - rv = nss_cms_recipients_traverse(recipientinfos, recipient_list); - if (rv < 0) { - nss_cms_recipient_list_destroy(recipient_list); - return NULL; - } - return recipient_list; -} - -int +static int nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos, NSSCMSRecipient **recipient_list) { int count = 0; @@ -161,6 +129,38 @@ nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos, NSSCMSRecipien } } +NSSCMSRecipient ** +nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos) +{ + int count, rv; + NSSCMSRecipient **recipient_list; + + /* count the number of recipient identifiers */ + count = nss_cms_recipients_traverse(recipientinfos, NULL); + if (count <= 0) { + /* no recipients? */ + PORT_SetError(SEC_ERROR_BAD_DATA); +#if 0 + PORT_SetErrorString("Cannot find recipient data in envelope."); +#endif + return NULL; + } + + /* allocate an array of pointers */ + recipient_list = (NSSCMSRecipient **) + PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *)); + if (recipient_list == NULL) + return NULL; + + /* now fill in the recipient_list */ + rv = nss_cms_recipients_traverse(recipientinfos, recipient_list); + if (rv < 0) { + nss_cms_recipient_list_destroy(recipient_list); + return NULL; + } + return recipient_list; +} + void nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list) { @@ -183,7 +183,5 @@ nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list) NSSCMSRecipientEncryptedKey * NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp) { - NSSCMSRecipientEncryptedKey *rek; - return (NSSCMSRecipientEncryptedKey *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientEncryptedKey)); } diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c index 4ca72bce3..9b39871cd 100644 --- a/security/nss/lib/smime/cmssigdata.c +++ b/security/nss/lib/smime/cmssigdata.c @@ -496,7 +496,6 @@ NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i, NSSCMSSignerInfo *signerinfo; NSSCMSContentInfo *cinfo; SECOidData *algiddata; - SECStatus rv = SECFailure; SECItem *contentType, *digest; cinfo = &(sigd->contentInfo); @@ -699,7 +698,6 @@ NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd, SECItem *digestdata) { SECItem *digest = NULL; - SECAlgorithmID *digestalg; PLArenaPool *poolp; void *mark; int n; @@ -743,7 +741,6 @@ NSS_CMSSignedData_AddDigest(PRArenaPool *poolp, { SECAlgorithmID *digestalg; void *mark; - int n; mark = PORT_ArenaMark(poolp); diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c index d78798e51..0e361ae12 100644 --- a/security/nss/lib/smime/cmssiginfo.c +++ b/security/nss/lib/smime/cmssiginfo.c @@ -47,6 +47,7 @@ #include "pk11func.h" #include "prtime.h" #include "secerr.h" +#include "cryptohi.h" /* ============================================================================= * SIGNERINFO @@ -144,9 +145,7 @@ NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *c signalgtag = PK11_FortezzaMapSig(signalgtag); if (signerinfo->authAttr != NULL) { - NSSCMSAttribute *attr; SECItem encoded_attrs; - SECItem *dummy; /* find and fill in the message digest attribute. */ rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), SEC_OID_PKCS9_MESSAGE_DIGEST, digest, PR_FALSE); @@ -262,7 +261,6 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem { SECKEYPublicKey *publickey = NULL; NSSCMSAttribute *attr; - SECItem *value; SECItem encoded_attrs; CERTCertificate *cert; NSSCMSVerificationStatus vs = NSSCMSVS_Unverified; @@ -371,10 +369,7 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */ } else { - SECItem *sig; - SECItem holder; - SECStatus rv; /* No authenticated attributes. The signature is based on the plain message digest. */ sig = &(signerinfo->encDigest); @@ -482,10 +477,12 @@ NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime) SECItem *value; if (sinfo == NULL) - return NULL; + return SECFailure; - if (sinfo->signingTime != 0) - return sinfo->signingTime; /* cached copy */ + if (sinfo->signingTime != 0) { + *stime = sinfo->signingTime; /* cached copy */ + return SECSuccess; + } attr = NSS_CMSAttributeArray_FindAttrByOidTag(sinfo->authAttr, SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE); /* XXXX multi-valued attributes NIH */ @@ -620,7 +617,7 @@ NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *a SECStatus NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t) { - NSSCMSAttribute *attr, *oattr; + NSSCMSAttribute *attr; SECItem stime; void *mark; PLArenaPool *poolp; diff --git a/security/nss/lib/smime/cmsutil.c b/security/nss/lib/smime/cmsutil.c index e994fbd06..c71d144f6 100644 --- a/security/nss/lib/smime/cmsutil.c +++ b/security/nss/lib/smime/cmsutil.c @@ -109,7 +109,7 @@ NSS_CMSUtil_DERCompare(void *a, void *b) { SECItem *der1 = (SECItem *)a; SECItem *der2 = (SECItem *)b; - int i, j; + int j; /* * Find the lowest (lexigraphically) encoding. One that is diff --git a/security/nss/lib/smime/smimemessage.c b/security/nss/lib/smime/smimemessage.c index 4e645565b..cd6d079d6 100644 --- a/security/nss/lib/smime/smimemessage.c +++ b/security/nss/lib/smime/smimemessage.c @@ -183,7 +183,6 @@ NSS_SMIMEMessage_CreateSigned(CERTCertificate *scert, NSSCMSMessage *cmsg; NSSCMSSignedData *sigd; NSSCMSSignerInfo *signerinfo; - SECStatus rv; /* See note in header comment above about digestalg. */ PORT_Assert (digestalgtag == SEC_OID_SHA1); diff --git a/security/nss/lib/smime/smimeutil.c b/security/nss/lib/smime/smimeutil.c index 5d27bf044..849dc703c 100644 --- a/security/nss/lib/smime/smimeutil.c +++ b/security/nss/lib/smime/smimeutil.c @@ -235,7 +235,6 @@ nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key, uns static PRBool nss_smime_cipher_allowed(unsigned long which) { - unsigned long mask; int mapi; mapi = smime_mapi_by_cipher(which); @@ -367,8 +366,7 @@ smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts) for (rcount = 0; rcerts[rcount] != NULL; rcount++) { SECItem *profile; NSSSMIMECapability **caps; - int capi, pref; - SECStatus dstat; + int pref; /* the first cipher that matches in the user's SMIME profile gets * "smime_cipher_map_count" votes; the next one gets "smime_cipher_map_count" - 1 @@ -466,27 +464,6 @@ done: } /* - * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients - * - * it would be great for UI purposes if there would be a way to find out which recipients - * prevented a strong cipher from being used... - */ -SECStatus -NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize) -{ - unsigned long cipher; - int mapi; - - cipher = smime_choose_cipher(NULL, rcerts); - mapi = smime_mapi_by_cipher(cipher); - - *bulkalgtag = smime_cipher_map[mapi].algtag; - *keysize = smime_keysize_by_cipher(smime_cipher_map[mapi].algtag); - - return SECSuccess; -} - -/* * XXX This is a hack for now to satisfy our current interface. * Eventually, with more parameters needing to be specified, just * looking up the keysize is not going to be sufficient. @@ -523,6 +500,27 @@ smime_keysize_by_cipher (unsigned long which) return keysize; } +/* + * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients + * + * it would be great for UI purposes if there would be a way to find out which recipients + * prevented a strong cipher from being used... + */ +SECStatus +NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize) +{ + unsigned long cipher; + int mapi; + + cipher = smime_choose_cipher(NULL, rcerts); + mapi = smime_mapi_by_cipher(cipher); + + *bulkalgtag = smime_cipher_map[mapi].algtag; + *keysize = smime_keysize_by_cipher(smime_cipher_map[mapi].algtag); + + return SECSuccess; +} + static SECStatus smime_init_caps(PRBool isFortezza) { @@ -581,8 +579,6 @@ smime_init_caps(PRBool isFortezza) */ capIndex = 0; for (i = 0; i < smime_cipher_map_count; i++) { - int mapi; - /* Find the corresponding entry in the cipher map. */ map = &(smime_cipher_map[i]); |