diff options
Diffstat (limited to 'src/lib/libcrypto/pkcs7/pk7_lib.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/pk7_lib.c | 477 |
1 files changed, 477 insertions, 0 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c new file mode 100644 index 0000000000..c00ed6833a --- /dev/null +++ b/src/lib/libcrypto/pkcs7/pk7_lib.c | |||
| @@ -0,0 +1,477 @@ | |||
| 1 | /* crypto/pkcs7/pk7_lib.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/objects.h> | ||
| 62 | #include <openssl/x509.h> | ||
| 63 | |||
| 64 | long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) | ||
| 65 | { | ||
| 66 | int nid; | ||
| 67 | long ret; | ||
| 68 | |||
| 69 | nid=OBJ_obj2nid(p7->type); | ||
| 70 | |||
| 71 | switch (cmd) | ||
| 72 | { | ||
| 73 | case PKCS7_OP_SET_DETACHED_SIGNATURE: | ||
| 74 | if (nid == NID_pkcs7_signed) | ||
| 75 | { | ||
| 76 | ret=p7->detached=(int)larg; | ||
| 77 | } | ||
| 78 | else | ||
| 79 | { | ||
| 80 | PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); | ||
| 81 | ret=0; | ||
| 82 | } | ||
| 83 | break; | ||
| 84 | case PKCS7_OP_GET_DETACHED_SIGNATURE: | ||
| 85 | if (nid == NID_pkcs7_signed) | ||
| 86 | { | ||
| 87 | if(!p7->d.sign || !p7->d.sign->contents->d.ptr) | ||
| 88 | ret = 1; | ||
| 89 | else ret = 0; | ||
| 90 | |||
| 91 | p7->detached = ret; | ||
| 92 | } | ||
| 93 | else | ||
| 94 | { | ||
| 95 | PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); | ||
| 96 | ret=0; | ||
| 97 | } | ||
| 98 | |||
| 99 | break; | ||
| 100 | default: | ||
| 101 | PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION); | ||
| 102 | ret=0; | ||
| 103 | } | ||
| 104 | return(ret); | ||
| 105 | } | ||
| 106 | |||
| 107 | int PKCS7_content_new(PKCS7 *p7, int type) | ||
| 108 | { | ||
| 109 | PKCS7 *ret=NULL; | ||
| 110 | |||
| 111 | if ((ret=PKCS7_new()) == NULL) goto err; | ||
| 112 | if (!PKCS7_set_type(ret,type)) goto err; | ||
| 113 | if (!PKCS7_set_content(p7,ret)) goto err; | ||
| 114 | |||
| 115 | return(1); | ||
| 116 | err: | ||
| 117 | if (ret != NULL) PKCS7_free(ret); | ||
| 118 | return(0); | ||
| 119 | } | ||
| 120 | |||
| 121 | int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) | ||
| 122 | { | ||
| 123 | int i; | ||
| 124 | |||
| 125 | i=OBJ_obj2nid(p7->type); | ||
| 126 | switch (i) | ||
| 127 | { | ||
| 128 | case NID_pkcs7_signed: | ||
| 129 | if (p7->d.sign->contents != NULL) | ||
| 130 | PKCS7_free(p7->d.sign->contents); | ||
| 131 | p7->d.sign->contents=p7_data; | ||
| 132 | break; | ||
| 133 | case NID_pkcs7_digest: | ||
| 134 | case NID_pkcs7_data: | ||
| 135 | case NID_pkcs7_enveloped: | ||
| 136 | case NID_pkcs7_signedAndEnveloped: | ||
| 137 | case NID_pkcs7_encrypted: | ||
| 138 | default: | ||
| 139 | PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); | ||
| 140 | goto err; | ||
| 141 | } | ||
| 142 | return(1); | ||
| 143 | err: | ||
| 144 | return(0); | ||
| 145 | } | ||
| 146 | |||
| 147 | int PKCS7_set_type(PKCS7 *p7, int type) | ||
| 148 | { | ||
| 149 | ASN1_OBJECT *obj; | ||
| 150 | |||
| 151 | /*PKCS7_content_free(p7);*/ | ||
| 152 | obj=OBJ_nid2obj(type); /* will not fail */ | ||
| 153 | |||
| 154 | switch (type) | ||
| 155 | { | ||
| 156 | case NID_pkcs7_signed: | ||
| 157 | p7->type=obj; | ||
| 158 | if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL) | ||
| 159 | goto err; | ||
| 160 | ASN1_INTEGER_set(p7->d.sign->version,1); | ||
| 161 | break; | ||
| 162 | case NID_pkcs7_data: | ||
| 163 | p7->type=obj; | ||
| 164 | if ((p7->d.data=M_ASN1_OCTET_STRING_new()) == NULL) | ||
| 165 | goto err; | ||
| 166 | break; | ||
| 167 | case NID_pkcs7_signedAndEnveloped: | ||
| 168 | p7->type=obj; | ||
| 169 | if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) | ||
| 170 | == NULL) goto err; | ||
| 171 | ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1); | ||
| 172 | p7->d.signed_and_enveloped->enc_data->content_type | ||
| 173 | = OBJ_nid2obj(NID_pkcs7_data); | ||
| 174 | break; | ||
| 175 | case NID_pkcs7_enveloped: | ||
| 176 | p7->type=obj; | ||
| 177 | if ((p7->d.enveloped=PKCS7_ENVELOPE_new()) | ||
| 178 | == NULL) goto err; | ||
| 179 | ASN1_INTEGER_set(p7->d.enveloped->version,0); | ||
| 180 | p7->d.enveloped->enc_data->content_type | ||
| 181 | = OBJ_nid2obj(NID_pkcs7_data); | ||
| 182 | break; | ||
| 183 | case NID_pkcs7_encrypted: | ||
| 184 | p7->type=obj; | ||
| 185 | if ((p7->d.encrypted=PKCS7_ENCRYPT_new()) | ||
| 186 | == NULL) goto err; | ||
| 187 | ASN1_INTEGER_set(p7->d.encrypted->version,0); | ||
| 188 | p7->d.encrypted->enc_data->content_type | ||
| 189 | = OBJ_nid2obj(NID_pkcs7_data); | ||
| 190 | break; | ||
| 191 | |||
| 192 | case NID_pkcs7_digest: | ||
| 193 | default: | ||
| 194 | PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); | ||
| 195 | goto err; | ||
| 196 | } | ||
| 197 | return(1); | ||
| 198 | err: | ||
| 199 | return(0); | ||
| 200 | } | ||
| 201 | |||
| 202 | int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) | ||
| 203 | { | ||
| 204 | int i,j,nid; | ||
| 205 | X509_ALGOR *alg; | ||
| 206 | STACK_OF(PKCS7_SIGNER_INFO) *signer_sk; | ||
| 207 | STACK_OF(X509_ALGOR) *md_sk; | ||
| 208 | |||
| 209 | i=OBJ_obj2nid(p7->type); | ||
| 210 | switch (i) | ||
| 211 | { | ||
| 212 | case NID_pkcs7_signed: | ||
| 213 | signer_sk= p7->d.sign->signer_info; | ||
| 214 | md_sk= p7->d.sign->md_algs; | ||
| 215 | break; | ||
| 216 | case NID_pkcs7_signedAndEnveloped: | ||
| 217 | signer_sk= p7->d.signed_and_enveloped->signer_info; | ||
| 218 | md_sk= p7->d.signed_and_enveloped->md_algs; | ||
| 219 | break; | ||
| 220 | default: | ||
| 221 | PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE); | ||
| 222 | return(0); | ||
| 223 | } | ||
| 224 | |||
| 225 | nid=OBJ_obj2nid(psi->digest_alg->algorithm); | ||
| 226 | |||
| 227 | /* If the digest is not currently listed, add it */ | ||
| 228 | j=0; | ||
| 229 | for (i=0; i<sk_X509_ALGOR_num(md_sk); i++) | ||
| 230 | { | ||
| 231 | alg=sk_X509_ALGOR_value(md_sk,i); | ||
| 232 | if (OBJ_obj2nid(alg->algorithm) == nid) | ||
| 233 | { | ||
| 234 | j=1; | ||
| 235 | break; | ||
| 236 | } | ||
| 237 | } | ||
| 238 | if (!j) /* we need to add another algorithm */ | ||
| 239 | { | ||
| 240 | if(!(alg=X509_ALGOR_new()) | ||
| 241 | || !(alg->parameter = ASN1_TYPE_new())) { | ||
| 242 | PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE); | ||
| 243 | return(0); | ||
| 244 | } | ||
| 245 | alg->algorithm=OBJ_nid2obj(nid); | ||
| 246 | alg->parameter->type = V_ASN1_NULL; | ||
| 247 | sk_X509_ALGOR_push(md_sk,alg); | ||
| 248 | } | ||
| 249 | |||
| 250 | sk_PKCS7_SIGNER_INFO_push(signer_sk,psi); | ||
| 251 | return(1); | ||
| 252 | } | ||
| 253 | |||
| 254 | int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) | ||
| 255 | { | ||
| 256 | int i; | ||
| 257 | STACK_OF(X509) **sk; | ||
| 258 | |||
| 259 | i=OBJ_obj2nid(p7->type); | ||
| 260 | switch (i) | ||
| 261 | { | ||
| 262 | case NID_pkcs7_signed: | ||
| 263 | sk= &(p7->d.sign->cert); | ||
| 264 | break; | ||
| 265 | case NID_pkcs7_signedAndEnveloped: | ||
| 266 | sk= &(p7->d.signed_and_enveloped->cert); | ||
| 267 | break; | ||
| 268 | default: | ||
| 269 | PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE); | ||
| 270 | return(0); | ||
| 271 | } | ||
| 272 | |||
| 273 | if (*sk == NULL) | ||
| 274 | *sk=sk_X509_new_null(); | ||
| 275 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | ||
| 276 | sk_X509_push(*sk,x509); | ||
| 277 | return(1); | ||
| 278 | } | ||
| 279 | |||
| 280 | int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) | ||
| 281 | { | ||
| 282 | int i; | ||
| 283 | STACK_OF(X509_CRL) **sk; | ||
| 284 | |||
| 285 | i=OBJ_obj2nid(p7->type); | ||
| 286 | switch (i) | ||
| 287 | { | ||
| 288 | case NID_pkcs7_signed: | ||
| 289 | sk= &(p7->d.sign->crl); | ||
| 290 | break; | ||
| 291 | case NID_pkcs7_signedAndEnveloped: | ||
| 292 | sk= &(p7->d.signed_and_enveloped->crl); | ||
| 293 | break; | ||
| 294 | default: | ||
| 295 | PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE); | ||
| 296 | return(0); | ||
| 297 | } | ||
| 298 | |||
| 299 | if (*sk == NULL) | ||
| 300 | *sk=sk_X509_CRL_new_null(); | ||
| 301 | |||
| 302 | CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); | ||
| 303 | sk_X509_CRL_push(*sk,crl); | ||
| 304 | return(1); | ||
| 305 | } | ||
| 306 | |||
| 307 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, | ||
| 308 | const EVP_MD *dgst) | ||
| 309 | { | ||
| 310 | char is_dsa; | ||
| 311 | if (pkey->type == EVP_PKEY_DSA) is_dsa = 1; | ||
| 312 | else is_dsa = 0; | ||
| 313 | /* We now need to add another PKCS7_SIGNER_INFO entry */ | ||
| 314 | ASN1_INTEGER_set(p7i->version,1); | ||
| 315 | X509_NAME_set(&p7i->issuer_and_serial->issuer, | ||
| 316 | X509_get_issuer_name(x509)); | ||
| 317 | |||
| 318 | /* because ASN1_INTEGER_set is used to set a 'long' we will do | ||
| 319 | * things the ugly way. */ | ||
| 320 | M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | ||
| 321 | p7i->issuer_and_serial->serial= | ||
| 322 | M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); | ||
| 323 | |||
| 324 | /* lets keep the pkey around for a while */ | ||
| 325 | CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); | ||
| 326 | p7i->pkey=pkey; | ||
| 327 | |||
| 328 | /* Set the algorithms */ | ||
| 329 | if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); | ||
| 330 | else | ||
| 331 | p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); | ||
| 332 | |||
| 333 | if (p7i->digest_alg->parameter != NULL) | ||
| 334 | ASN1_TYPE_free(p7i->digest_alg->parameter); | ||
| 335 | if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) | ||
| 336 | goto err; | ||
| 337 | p7i->digest_alg->parameter->type=V_ASN1_NULL; | ||
| 338 | |||
| 339 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type)); | ||
| 340 | |||
| 341 | if (p7i->digest_enc_alg->parameter != NULL) | ||
| 342 | ASN1_TYPE_free(p7i->digest_enc_alg->parameter); | ||
| 343 | if(is_dsa) p7i->digest_enc_alg->parameter = NULL; | ||
| 344 | else { | ||
| 345 | if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | ||
| 346 | goto err; | ||
| 347 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | ||
| 348 | } | ||
| 349 | |||
| 350 | return(1); | ||
| 351 | err: | ||
| 352 | return(0); | ||
| 353 | } | ||
| 354 | |||
| 355 | PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, | ||
| 356 | const EVP_MD *dgst) | ||
| 357 | { | ||
| 358 | PKCS7_SIGNER_INFO *si; | ||
| 359 | |||
| 360 | if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; | ||
| 361 | if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; | ||
| 362 | if (!PKCS7_add_signer(p7,si)) goto err; | ||
| 363 | return(si); | ||
| 364 | err: | ||
| 365 | return(NULL); | ||
| 366 | } | ||
| 367 | |||
| 368 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) | ||
| 369 | { | ||
| 370 | if (PKCS7_type_is_signed(p7)) | ||
| 371 | { | ||
| 372 | return(p7->d.sign->signer_info); | ||
| 373 | } | ||
| 374 | else if (PKCS7_type_is_signedAndEnveloped(p7)) | ||
| 375 | { | ||
| 376 | return(p7->d.signed_and_enveloped->signer_info); | ||
| 377 | } | ||
| 378 | else | ||
| 379 | return(NULL); | ||
| 380 | } | ||
| 381 | |||
| 382 | PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) | ||
| 383 | { | ||
| 384 | PKCS7_RECIP_INFO *ri; | ||
| 385 | |||
| 386 | if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; | ||
| 387 | if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; | ||
| 388 | if (!PKCS7_add_recipient_info(p7,ri)) goto err; | ||
| 389 | return(ri); | ||
| 390 | err: | ||
| 391 | return(NULL); | ||
| 392 | } | ||
| 393 | |||
| 394 | int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) | ||
| 395 | { | ||
| 396 | int i; | ||
| 397 | STACK_OF(PKCS7_RECIP_INFO) *sk; | ||
| 398 | |||
| 399 | i=OBJ_obj2nid(p7->type); | ||
| 400 | switch (i) | ||
| 401 | { | ||
| 402 | case NID_pkcs7_signedAndEnveloped: | ||
| 403 | sk= p7->d.signed_and_enveloped->recipientinfo; | ||
| 404 | break; | ||
| 405 | case NID_pkcs7_enveloped: | ||
| 406 | sk= p7->d.enveloped->recipientinfo; | ||
| 407 | break; | ||
| 408 | default: | ||
| 409 | PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE); | ||
| 410 | return(0); | ||
| 411 | } | ||
| 412 | |||
| 413 | sk_PKCS7_RECIP_INFO_push(sk,ri); | ||
| 414 | return(1); | ||
| 415 | } | ||
| 416 | |||
| 417 | int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) | ||
| 418 | { | ||
| 419 | ASN1_INTEGER_set(p7i->version,0); | ||
| 420 | X509_NAME_set(&p7i->issuer_and_serial->issuer, | ||
| 421 | X509_get_issuer_name(x509)); | ||
| 422 | |||
| 423 | M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | ||
| 424 | p7i->issuer_and_serial->serial= | ||
| 425 | M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); | ||
| 426 | |||
| 427 | X509_ALGOR_free(p7i->key_enc_algor); | ||
| 428 | p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor); | ||
| 429 | |||
| 430 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | ||
| 431 | p7i->cert=x509; | ||
| 432 | |||
| 433 | return(1); | ||
| 434 | } | ||
| 435 | |||
| 436 | X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) | ||
| 437 | { | ||
| 438 | if (PKCS7_type_is_signed(p7)) | ||
| 439 | return(X509_find_by_issuer_and_serial(p7->d.sign->cert, | ||
| 440 | si->issuer_and_serial->issuer, | ||
| 441 | si->issuer_and_serial->serial)); | ||
| 442 | else | ||
| 443 | return(NULL); | ||
| 444 | } | ||
| 445 | |||
| 446 | int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) | ||
| 447 | { | ||
| 448 | int i; | ||
| 449 | ASN1_OBJECT *objtmp; | ||
| 450 | PKCS7_ENC_CONTENT *ec; | ||
| 451 | |||
| 452 | i=OBJ_obj2nid(p7->type); | ||
| 453 | switch (i) | ||
| 454 | { | ||
| 455 | case NID_pkcs7_signedAndEnveloped: | ||
| 456 | ec=p7->d.signed_and_enveloped->enc_data; | ||
| 457 | break; | ||
| 458 | case NID_pkcs7_enveloped: | ||
| 459 | ec=p7->d.enveloped->enc_data; | ||
| 460 | break; | ||
| 461 | default: | ||
| 462 | PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); | ||
| 463 | return(0); | ||
| 464 | } | ||
| 465 | |||
| 466 | /* Check cipher OID exists and has data in it*/ | ||
| 467 | i = EVP_CIPHER_type(cipher); | ||
| 468 | if(i == NID_undef) { | ||
| 469 | PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); | ||
| 470 | return(0); | ||
| 471 | } | ||
| 472 | objtmp = OBJ_nid2obj(i); | ||
| 473 | |||
| 474 | ec->cipher = cipher; | ||
| 475 | return 1; | ||
| 476 | } | ||
| 477 | |||