diff options
Diffstat (limited to 'src/lib/libcrypto/pkcs7/pk7_lib.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/pk7_lib.c | 208 |
1 files changed, 118 insertions, 90 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c index 7d14ad1173..c00ed6833a 100644 --- a/src/lib/libcrypto/pkcs7/pk7_lib.c +++ b/src/lib/libcrypto/pkcs7/pk7_lib.c | |||
| @@ -58,14 +58,10 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include "objects.h" | 61 | #include <openssl/objects.h> |
| 62 | #include "x509.h" | 62 | #include <openssl/x509.h> |
| 63 | 63 | ||
| 64 | long PKCS7_ctrl(p7,cmd,larg,parg) | 64 | long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) |
| 65 | PKCS7 *p7; | ||
| 66 | int cmd; | ||
| 67 | long larg; | ||
| 68 | char *parg; | ||
| 69 | { | 65 | { |
| 70 | int nid; | 66 | int nid; |
| 71 | long ret; | 67 | long ret; |
| @@ -88,7 +84,11 @@ char *parg; | |||
| 88 | case PKCS7_OP_GET_DETACHED_SIGNATURE: | 84 | case PKCS7_OP_GET_DETACHED_SIGNATURE: |
| 89 | if (nid == NID_pkcs7_signed) | 85 | if (nid == NID_pkcs7_signed) |
| 90 | { | 86 | { |
| 91 | ret=p7->detached; | 87 | if(!p7->d.sign || !p7->d.sign->contents->d.ptr) |
| 88 | ret = 1; | ||
| 89 | else ret = 0; | ||
| 90 | |||
| 91 | p7->detached = ret; | ||
| 92 | } | 92 | } |
| 93 | else | 93 | else |
| 94 | { | 94 | { |
| @@ -98,14 +98,13 @@ char *parg; | |||
| 98 | 98 | ||
| 99 | break; | 99 | break; |
| 100 | default: | 100 | default: |
| 101 | abort(); | 101 | PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION); |
| 102 | ret=0; | ||
| 102 | } | 103 | } |
| 103 | return(ret); | 104 | return(ret); |
| 104 | } | 105 | } |
| 105 | 106 | ||
| 106 | int PKCS7_content_new(p7,type) | 107 | int PKCS7_content_new(PKCS7 *p7, int type) |
| 107 | PKCS7 *p7; | ||
| 108 | int type; | ||
| 109 | { | 108 | { |
| 110 | PKCS7 *ret=NULL; | 109 | PKCS7 *ret=NULL; |
| 111 | 110 | ||
| @@ -119,9 +118,7 @@ err: | |||
| 119 | return(0); | 118 | return(0); |
| 120 | } | 119 | } |
| 121 | 120 | ||
| 122 | int PKCS7_set_content(p7,p7_data) | 121 | int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) |
| 123 | PKCS7 *p7; | ||
| 124 | PKCS7 *p7_data; | ||
| 125 | { | 122 | { |
| 126 | int i; | 123 | int i; |
| 127 | 124 | ||
| @@ -130,7 +127,7 @@ PKCS7 *p7_data; | |||
| 130 | { | 127 | { |
| 131 | case NID_pkcs7_signed: | 128 | case NID_pkcs7_signed: |
| 132 | if (p7->d.sign->contents != NULL) | 129 | if (p7->d.sign->contents != NULL) |
| 133 | PKCS7_content_free(p7->d.sign->contents); | 130 | PKCS7_free(p7->d.sign->contents); |
| 134 | p7->d.sign->contents=p7_data; | 131 | p7->d.sign->contents=p7_data; |
| 135 | break; | 132 | break; |
| 136 | case NID_pkcs7_digest: | 133 | case NID_pkcs7_digest: |
| @@ -147,13 +144,11 @@ err: | |||
| 147 | return(0); | 144 | return(0); |
| 148 | } | 145 | } |
| 149 | 146 | ||
| 150 | int PKCS7_set_type(p7,type) | 147 | int PKCS7_set_type(PKCS7 *p7, int type) |
| 151 | PKCS7 *p7; | ||
| 152 | int type; | ||
| 153 | { | 148 | { |
| 154 | ASN1_OBJECT *obj; | 149 | ASN1_OBJECT *obj; |
| 155 | 150 | ||
| 156 | PKCS7_content_free(p7); | 151 | /*PKCS7_content_free(p7);*/ |
| 157 | obj=OBJ_nid2obj(type); /* will not fail */ | 152 | obj=OBJ_nid2obj(type); /* will not fail */ |
| 158 | 153 | ||
| 159 | switch (type) | 154 | switch (type) |
| @@ -166,19 +161,35 @@ int type; | |||
| 166 | break; | 161 | break; |
| 167 | case NID_pkcs7_data: | 162 | case NID_pkcs7_data: |
| 168 | p7->type=obj; | 163 | p7->type=obj; |
| 169 | if ((p7->d.data=ASN1_OCTET_STRING_new()) == NULL) | 164 | if ((p7->d.data=M_ASN1_OCTET_STRING_new()) == NULL) |
| 170 | goto err; | 165 | goto err; |
| 171 | break; | 166 | break; |
| 172 | case NID_pkcs7_signedAndEnveloped: | 167 | case NID_pkcs7_signedAndEnveloped: |
| 173 | p7->type=obj; | 168 | p7->type=obj; |
| 174 | if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) | 169 | if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) |
| 175 | == NULL) | 170 | == NULL) goto err; |
| 176 | goto err; | 171 | ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1); |
| 177 | ASN1_INTEGER_set(p7->d.sign->version,1); | 172 | p7->d.signed_and_enveloped->enc_data->content_type |
| 173 | = OBJ_nid2obj(NID_pkcs7_data); | ||
| 178 | break; | 174 | break; |
| 179 | case NID_pkcs7_digest: | ||
| 180 | case NID_pkcs7_enveloped: | 175 | case NID_pkcs7_enveloped: |
| 176 | p7->type=obj; | ||
| 177 | if ((p7->d.enveloped=PKCS7_ENVELOPE_new()) | ||
| 178 | == NULL) goto err; | ||
| 179 | ASN1_INTEGER_set(p7->d.enveloped->version,0); | ||
| 180 | p7->d.enveloped->enc_data->content_type | ||
| 181 | = OBJ_nid2obj(NID_pkcs7_data); | ||
| 182 | break; | ||
| 181 | case NID_pkcs7_encrypted: | 183 | case NID_pkcs7_encrypted: |
| 184 | p7->type=obj; | ||
| 185 | if ((p7->d.encrypted=PKCS7_ENCRYPT_new()) | ||
| 186 | == NULL) goto err; | ||
| 187 | ASN1_INTEGER_set(p7->d.encrypted->version,0); | ||
| 188 | p7->d.encrypted->enc_data->content_type | ||
| 189 | = OBJ_nid2obj(NID_pkcs7_data); | ||
| 190 | break; | ||
| 191 | |||
| 192 | case NID_pkcs7_digest: | ||
| 182 | default: | 193 | default: |
| 183 | PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); | 194 | PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); |
| 184 | goto err; | 195 | goto err; |
| @@ -188,14 +199,12 @@ err: | |||
| 188 | return(0); | 199 | return(0); |
| 189 | } | 200 | } |
| 190 | 201 | ||
| 191 | int PKCS7_add_signer(p7,psi) | 202 | int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) |
| 192 | PKCS7 *p7; | ||
| 193 | PKCS7_SIGNER_INFO *psi; | ||
| 194 | { | 203 | { |
| 195 | int i,j,nid; | 204 | int i,j,nid; |
| 196 | X509_ALGOR *alg; | 205 | X509_ALGOR *alg; |
| 197 | STACK *signer_sk; | 206 | STACK_OF(PKCS7_SIGNER_INFO) *signer_sk; |
| 198 | STACK *md_sk; | 207 | STACK_OF(X509_ALGOR) *md_sk; |
| 199 | 208 | ||
| 200 | i=OBJ_obj2nid(p7->type); | 209 | i=OBJ_obj2nid(p7->type); |
| 201 | switch (i) | 210 | switch (i) |
| @@ -217,9 +226,9 @@ PKCS7_SIGNER_INFO *psi; | |||
| 217 | 226 | ||
| 218 | /* If the digest is not currently listed, add it */ | 227 | /* If the digest is not currently listed, add it */ |
| 219 | j=0; | 228 | j=0; |
| 220 | for (i=0; i<sk_num(md_sk); i++) | 229 | for (i=0; i<sk_X509_ALGOR_num(md_sk); i++) |
| 221 | { | 230 | { |
| 222 | alg=(X509_ALGOR *)sk_value(md_sk,i); | 231 | alg=sk_X509_ALGOR_value(md_sk,i); |
| 223 | if (OBJ_obj2nid(alg->algorithm) == nid) | 232 | if (OBJ_obj2nid(alg->algorithm) == nid) |
| 224 | { | 233 | { |
| 225 | j=1; | 234 | j=1; |
| @@ -228,21 +237,24 @@ PKCS7_SIGNER_INFO *psi; | |||
| 228 | } | 237 | } |
| 229 | if (!j) /* we need to add another algorithm */ | 238 | if (!j) /* we need to add another algorithm */ |
| 230 | { | 239 | { |
| 231 | alg=X509_ALGOR_new(); | 240 | if(!(alg=X509_ALGOR_new()) |
| 241 | || !(alg->parameter = ASN1_TYPE_new())) { | ||
| 242 | PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE); | ||
| 243 | return(0); | ||
| 244 | } | ||
| 232 | alg->algorithm=OBJ_nid2obj(nid); | 245 | alg->algorithm=OBJ_nid2obj(nid); |
| 233 | sk_push(md_sk,(char *)alg); | 246 | alg->parameter->type = V_ASN1_NULL; |
| 247 | sk_X509_ALGOR_push(md_sk,alg); | ||
| 234 | } | 248 | } |
| 235 | 249 | ||
| 236 | sk_push(signer_sk,(char *)psi); | 250 | sk_PKCS7_SIGNER_INFO_push(signer_sk,psi); |
| 237 | return(1); | 251 | return(1); |
| 238 | } | 252 | } |
| 239 | 253 | ||
| 240 | int PKCS7_add_certificate(p7,x509) | 254 | int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) |
| 241 | PKCS7 *p7; | ||
| 242 | X509 *x509; | ||
| 243 | { | 255 | { |
| 244 | int i; | 256 | int i; |
| 245 | STACK **sk; | 257 | STACK_OF(X509) **sk; |
| 246 | 258 | ||
| 247 | i=OBJ_obj2nid(p7->type); | 259 | i=OBJ_obj2nid(p7->type); |
| 248 | switch (i) | 260 | switch (i) |
| @@ -259,18 +271,16 @@ X509 *x509; | |||
| 259 | } | 271 | } |
| 260 | 272 | ||
| 261 | if (*sk == NULL) | 273 | if (*sk == NULL) |
| 262 | *sk=sk_new_null(); | 274 | *sk=sk_X509_new_null(); |
| 263 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | 275 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
| 264 | sk_push(*sk,(char *)x509); | 276 | sk_X509_push(*sk,x509); |
| 265 | return(1); | 277 | return(1); |
| 266 | } | 278 | } |
| 267 | 279 | ||
| 268 | int PKCS7_add_crl(p7,crl) | 280 | int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) |
| 269 | PKCS7 *p7; | ||
| 270 | X509_CRL *crl; | ||
| 271 | { | 281 | { |
| 272 | int i; | 282 | int i; |
| 273 | STACK **sk; | 283 | STACK_OF(X509_CRL) **sk; |
| 274 | 284 | ||
| 275 | i=OBJ_obj2nid(p7->type); | 285 | i=OBJ_obj2nid(p7->type); |
| 276 | switch (i) | 286 | switch (i) |
| @@ -287,19 +297,19 @@ X509_CRL *crl; | |||
| 287 | } | 297 | } |
| 288 | 298 | ||
| 289 | if (*sk == NULL) | 299 | if (*sk == NULL) |
| 290 | *sk=sk_new_null(); | 300 | *sk=sk_X509_CRL_new_null(); |
| 291 | 301 | ||
| 292 | CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); | 302 | CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); |
| 293 | sk_push(*sk,(char *)crl); | 303 | sk_X509_CRL_push(*sk,crl); |
| 294 | return(1); | 304 | return(1); |
| 295 | } | 305 | } |
| 296 | 306 | ||
| 297 | int PKCS7_SIGNER_INFO_set(p7i,x509,pkey,dgst) | 307 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, |
| 298 | PKCS7_SIGNER_INFO *p7i; | 308 | const EVP_MD *dgst) |
| 299 | X509 *x509; | ||
| 300 | EVP_PKEY *pkey; | ||
| 301 | EVP_MD *dgst; | ||
| 302 | { | 309 | { |
| 310 | char is_dsa; | ||
| 311 | if (pkey->type == EVP_PKEY_DSA) is_dsa = 1; | ||
| 312 | else is_dsa = 0; | ||
| 303 | /* We now need to add another PKCS7_SIGNER_INFO entry */ | 313 | /* We now need to add another PKCS7_SIGNER_INFO entry */ |
| 304 | ASN1_INTEGER_set(p7i->version,1); | 314 | ASN1_INTEGER_set(p7i->version,1); |
| 305 | X509_NAME_set(&p7i->issuer_and_serial->issuer, | 315 | X509_NAME_set(&p7i->issuer_and_serial->issuer, |
| @@ -307,36 +317,43 @@ EVP_MD *dgst; | |||
| 307 | 317 | ||
| 308 | /* because ASN1_INTEGER_set is used to set a 'long' we will do | 318 | /* because ASN1_INTEGER_set is used to set a 'long' we will do |
| 309 | * things the ugly way. */ | 319 | * things the ugly way. */ |
| 310 | ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | 320 | M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
| 311 | p7i->issuer_and_serial->serial= | 321 | p7i->issuer_and_serial->serial= |
| 312 | ASN1_INTEGER_dup(X509_get_serialNumber(x509)); | 322 | M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); |
| 313 | 323 | ||
| 314 | /* lets keep the pkey around for a while */ | 324 | /* lets keep the pkey around for a while */ |
| 315 | CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); | 325 | CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); |
| 316 | p7i->pkey=pkey; | 326 | p7i->pkey=pkey; |
| 317 | 327 | ||
| 318 | /* Set the algorithms */ | 328 | /* Set the algorithms */ |
| 319 | p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); | 329 | if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); |
| 320 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_MD_pkey_type(dgst)); | 330 | else |
| 331 | p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); | ||
| 332 | |||
| 333 | if (p7i->digest_alg->parameter != NULL) | ||
| 334 | ASN1_TYPE_free(p7i->digest_alg->parameter); | ||
| 335 | if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) | ||
| 336 | goto err; | ||
| 337 | p7i->digest_alg->parameter->type=V_ASN1_NULL; | ||
| 338 | |||
| 339 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type)); | ||
| 321 | 340 | ||
| 322 | #if 1 | ||
| 323 | if (p7i->digest_enc_alg->parameter != NULL) | 341 | if (p7i->digest_enc_alg->parameter != NULL) |
| 324 | ASN1_TYPE_free(p7i->digest_enc_alg->parameter); | 342 | ASN1_TYPE_free(p7i->digest_enc_alg->parameter); |
| 325 | if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL) | 343 | if(is_dsa) p7i->digest_enc_alg->parameter = NULL; |
| 326 | goto err; | 344 | else { |
| 327 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | 345 | if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) |
| 328 | #endif | 346 | goto err; |
| 347 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | ||
| 348 | } | ||
| 329 | 349 | ||
| 330 | return(1); | 350 | return(1); |
| 331 | err: | 351 | err: |
| 332 | return(0); | 352 | return(0); |
| 333 | } | 353 | } |
| 334 | 354 | ||
| 335 | PKCS7_SIGNER_INFO *PKCS7_add_signature(p7,x509,pkey,dgst) | 355 | PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, |
| 336 | PKCS7 *p7; | 356 | const EVP_MD *dgst) |
| 337 | X509 *x509; | ||
| 338 | EVP_PKEY *pkey; | ||
| 339 | EVP_MD *dgst; | ||
| 340 | { | 357 | { |
| 341 | PKCS7_SIGNER_INFO *si; | 358 | PKCS7_SIGNER_INFO *si; |
| 342 | 359 | ||
| @@ -348,20 +365,21 @@ err: | |||
| 348 | return(NULL); | 365 | return(NULL); |
| 349 | } | 366 | } |
| 350 | 367 | ||
| 351 | STACK *PKCS7_get_signer_info(p7) | 368 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) |
| 352 | PKCS7 *p7; | ||
| 353 | { | 369 | { |
| 354 | if (PKCS7_type_is_signed(p7)) | 370 | if (PKCS7_type_is_signed(p7)) |
| 355 | { | 371 | { |
| 356 | return(p7->d.sign->signer_info); | 372 | return(p7->d.sign->signer_info); |
| 357 | } | 373 | } |
| 374 | else if (PKCS7_type_is_signedAndEnveloped(p7)) | ||
| 375 | { | ||
| 376 | return(p7->d.signed_and_enveloped->signer_info); | ||
| 377 | } | ||
| 358 | else | 378 | else |
| 359 | return(NULL); | 379 | return(NULL); |
| 360 | } | 380 | } |
| 361 | 381 | ||
| 362 | PKCS7_RECIP_INFO *PKCS7_add_recipient(p7,x509) | 382 | PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) |
| 363 | PKCS7 *p7; | ||
| 364 | X509 *x509; | ||
| 365 | { | 383 | { |
| 366 | PKCS7_RECIP_INFO *ri; | 384 | PKCS7_RECIP_INFO *ri; |
| 367 | 385 | ||
| @@ -373,12 +391,10 @@ err: | |||
| 373 | return(NULL); | 391 | return(NULL); |
| 374 | } | 392 | } |
| 375 | 393 | ||
| 376 | int PKCS7_add_recipient_info(p7,ri) | 394 | int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) |
| 377 | PKCS7 *p7; | ||
| 378 | PKCS7_RECIP_INFO *ri; | ||
| 379 | { | 395 | { |
| 380 | int i; | 396 | int i; |
| 381 | STACK *sk; | 397 | STACK_OF(PKCS7_RECIP_INFO) *sk; |
| 382 | 398 | ||
| 383 | i=OBJ_obj2nid(p7->type); | 399 | i=OBJ_obj2nid(p7->type); |
| 384 | switch (i) | 400 | switch (i) |
| @@ -386,26 +402,30 @@ PKCS7_RECIP_INFO *ri; | |||
| 386 | case NID_pkcs7_signedAndEnveloped: | 402 | case NID_pkcs7_signedAndEnveloped: |
| 387 | sk= p7->d.signed_and_enveloped->recipientinfo; | 403 | sk= p7->d.signed_and_enveloped->recipientinfo; |
| 388 | break; | 404 | break; |
| 405 | case NID_pkcs7_enveloped: | ||
| 406 | sk= p7->d.enveloped->recipientinfo; | ||
| 407 | break; | ||
| 389 | default: | 408 | default: |
| 390 | PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE); | 409 | PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE); |
| 391 | return(0); | 410 | return(0); |
| 392 | } | 411 | } |
| 393 | 412 | ||
| 394 | sk_push(sk,(char *)ri); | 413 | sk_PKCS7_RECIP_INFO_push(sk,ri); |
| 395 | return(1); | 414 | return(1); |
| 396 | } | 415 | } |
| 397 | 416 | ||
| 398 | int PKCS7_RECIP_INFO_set(p7i,x509) | 417 | int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) |
| 399 | PKCS7_RECIP_INFO *p7i; | ||
| 400 | X509 *x509; | ||
| 401 | { | 418 | { |
| 402 | ASN1_INTEGER_set(p7i->version,0); | 419 | ASN1_INTEGER_set(p7i->version,0); |
| 403 | X509_NAME_set(&p7i->issuer_and_serial->issuer, | 420 | X509_NAME_set(&p7i->issuer_and_serial->issuer, |
| 404 | X509_get_issuer_name(x509)); | 421 | X509_get_issuer_name(x509)); |
| 405 | 422 | ||
| 406 | ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | 423 | M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
| 407 | p7i->issuer_and_serial->serial= | 424 | p7i->issuer_and_serial->serial= |
| 408 | ASN1_INTEGER_dup(X509_get_serialNumber(x509)); | 425 | M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); |
| 426 | |||
| 427 | X509_ALGOR_free(p7i->key_enc_algor); | ||
| 428 | p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor); | ||
| 409 | 429 | ||
| 410 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | 430 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
| 411 | p7i->cert=x509; | 431 | p7i->cert=x509; |
| @@ -413,9 +433,7 @@ X509 *x509; | |||
| 413 | return(1); | 433 | return(1); |
| 414 | } | 434 | } |
| 415 | 435 | ||
| 416 | X509 *PKCS7_cert_from_signer_info(p7,si) | 436 | X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) |
| 417 | PKCS7 *p7; | ||
| 418 | PKCS7_SIGNER_INFO *si; | ||
| 419 | { | 437 | { |
| 420 | if (PKCS7_type_is_signed(p7)) | 438 | if (PKCS7_type_is_signed(p7)) |
| 421 | return(X509_find_by_issuer_and_serial(p7->d.sign->cert, | 439 | return(X509_find_by_issuer_and_serial(p7->d.sign->cert, |
| @@ -425,11 +443,10 @@ PKCS7_SIGNER_INFO *si; | |||
| 425 | return(NULL); | 443 | return(NULL); |
| 426 | } | 444 | } |
| 427 | 445 | ||
| 428 | int PKCS7_set_cipher(p7,cipher) | 446 | int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) |
| 429 | PKCS7 *p7; | ||
| 430 | EVP_CIPHER *cipher; | ||
| 431 | { | 447 | { |
| 432 | int i; | 448 | int i; |
| 449 | ASN1_OBJECT *objtmp; | ||
| 433 | PKCS7_ENC_CONTENT *ec; | 450 | PKCS7_ENC_CONTENT *ec; |
| 434 | 451 | ||
| 435 | i=OBJ_obj2nid(p7->type); | 452 | i=OBJ_obj2nid(p7->type); |
| @@ -438,12 +455,23 @@ EVP_CIPHER *cipher; | |||
| 438 | case NID_pkcs7_signedAndEnveloped: | 455 | case NID_pkcs7_signedAndEnveloped: |
| 439 | ec=p7->d.signed_and_enveloped->enc_data; | 456 | ec=p7->d.signed_and_enveloped->enc_data; |
| 440 | break; | 457 | break; |
| 458 | case NID_pkcs7_enveloped: | ||
| 459 | ec=p7->d.enveloped->enc_data; | ||
| 460 | break; | ||
| 441 | default: | 461 | default: |
| 442 | PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); | 462 | PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); |
| 443 | return(0); | 463 | return(0); |
| 444 | } | 464 | } |
| 445 | 465 | ||
| 446 | ec->algorithm->algorithm=OBJ_nid2obj(EVP_CIPHER_nid(cipher)); | 466 | /* Check cipher OID exists and has data in it*/ |
| 447 | return(ec->algorithm->algorithm != NULL); | 467 | i = EVP_CIPHER_type(cipher); |
| 468 | if(i == NID_undef) { | ||
| 469 | PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); | ||
| 470 | return(0); | ||
| 471 | } | ||
| 472 | objtmp = OBJ_nid2obj(i); | ||
| 473 | |||
| 474 | ec->cipher = cipher; | ||
| 475 | return 1; | ||
| 448 | } | 476 | } |
| 449 | 477 | ||