CMS support for key agreeement recipient info.
Add hooks to support key agreement recipient info type (KARI) using
algorithm specific code in the relevant public key ASN1 method.
(cherry picked from commit 17c2764d2e)
This commit is contained in:
Dr. Stephen Henson
@@ -54,6 +54,7 @@
|
||||
#include "cryptlib.h"
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/cms.h>
|
||||
@@ -212,29 +213,13 @@ int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
|
||||
switch(type)
|
||||
{
|
||||
case CMS_SIGNERINFO_ISSUER_SERIAL:
|
||||
sid->d.issuerAndSerialNumber =
|
||||
M_ASN1_new_of(CMS_IssuerAndSerialNumber);
|
||||
if (!sid->d.issuerAndSerialNumber)
|
||||
goto merr;
|
||||
if (!X509_NAME_set(&sid->d.issuerAndSerialNumber->issuer,
|
||||
X509_get_issuer_name(cert)))
|
||||
goto merr;
|
||||
if (!ASN1_STRING_copy(
|
||||
sid->d.issuerAndSerialNumber->serialNumber,
|
||||
X509_get_serialNumber(cert)))
|
||||
goto merr;
|
||||
if (!cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
|
||||
return 0;
|
||||
break;
|
||||
|
||||
case CMS_SIGNERINFO_KEYIDENTIFIER:
|
||||
if (!cert->skid)
|
||||
{
|
||||
CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER,
|
||||
CMS_R_CERTIFICATE_HAS_NO_KEYID);
|
||||
if (!cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
|
||||
return 0;
|
||||
}
|
||||
sid->d.subjectKeyIdentifier = ASN1_STRING_dup(cert->skid);
|
||||
if (!sid->d.subjectKeyIdentifier)
|
||||
goto merr;
|
||||
break;
|
||||
|
||||
default:
|
||||
@@ -245,11 +230,6 @@ int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
|
||||
sid->type = type;
|
||||
|
||||
return 1;
|
||||
|
||||
merr:
|
||||
CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
|
||||
}
|
||||
|
||||
int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
|
||||
@@ -275,24 +255,10 @@ int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
|
||||
|
||||
int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
|
||||
{
|
||||
int ret;
|
||||
if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL)
|
||||
{
|
||||
ret = X509_NAME_cmp(sid->d.issuerAndSerialNumber->issuer,
|
||||
X509_get_issuer_name(cert));
|
||||
if (ret)
|
||||
return ret;
|
||||
return ASN1_INTEGER_cmp(sid->d.issuerAndSerialNumber->serialNumber,
|
||||
X509_get_serialNumber(cert));
|
||||
}
|
||||
return cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
|
||||
else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
|
||||
{
|
||||
X509_check_purpose(cert, -1, -1);
|
||||
if (!cert->skid)
|
||||
return -1;
|
||||
return ASN1_OCTET_STRING_cmp(sid->d.subjectKeyIdentifier,
|
||||
cert->skid);
|
||||
}
|
||||
return cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
|
||||
else
|
||||
return -1;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user