]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* crypto/pkcs7/pk7_lib.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
60 | #include "cryptlib.h" | |
ec577822 BM |
61 | #include <openssl/objects.h> |
62 | #include <openssl/x509.h> | |
d02b48c6 | 63 | |
6b691a5c | 64 | long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) |
d02b48c6 RE |
65 | { |
66 | int nid; | |
67 | long ret; | |
68 | ||
69 | nid=OBJ_obj2nid(p7->type); | |
70 | ||
71 | switch (cmd) | |
72 | { | |
73 | case PKCS7_OP_SET_DETACHED_SIGNATURE: | |
74 | if (nid == NID_pkcs7_signed) | |
75 | { | |
76 | ret=p7->detached=(int)larg; | |
48921e00 | 77 | if (ret && PKCS7_type_is_data(p7->d.sign->contents)) |
f8049301 DSH |
78 | { |
79 | ASN1_OCTET_STRING *os; | |
80 | os=p7->d.sign->contents->d.data; | |
81 | ASN1_OCTET_STRING_free(os); | |
82 | p7->d.sign->contents->d.data = NULL; | |
83 | } | |
d02b48c6 RE |
84 | } |
85 | else | |
86 | { | |
87 | PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); | |
88 | ret=0; | |
89 | } | |
90 | break; | |
91 | case PKCS7_OP_GET_DETACHED_SIGNATURE: | |
92 | if (nid == NID_pkcs7_signed) | |
93 | { | |
9d6b1ce6 DSH |
94 | if(!p7->d.sign || !p7->d.sign->contents->d.ptr) |
95 | ret = 1; | |
96 | else ret = 0; | |
97 | ||
98 | p7->detached = ret; | |
d02b48c6 RE |
99 | } |
100 | else | |
101 | { | |
102 | PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); | |
103 | ret=0; | |
104 | } | |
105 | ||
106 | break; | |
107 | default: | |
dfeab068 RE |
108 | PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION); |
109 | ret=0; | |
d02b48c6 RE |
110 | } |
111 | return(ret); | |
112 | } | |
113 | ||
6b691a5c | 114 | int PKCS7_content_new(PKCS7 *p7, int type) |
d02b48c6 RE |
115 | { |
116 | PKCS7 *ret=NULL; | |
117 | ||
118 | if ((ret=PKCS7_new()) == NULL) goto err; | |
119 | if (!PKCS7_set_type(ret,type)) goto err; | |
120 | if (!PKCS7_set_content(p7,ret)) goto err; | |
121 | ||
122 | return(1); | |
123 | err: | |
124 | if (ret != NULL) PKCS7_free(ret); | |
125 | return(0); | |
126 | } | |
127 | ||
6b691a5c | 128 | int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) |
d02b48c6 RE |
129 | { |
130 | int i; | |
131 | ||
132 | i=OBJ_obj2nid(p7->type); | |
133 | switch (i) | |
134 | { | |
135 | case NID_pkcs7_signed: | |
136 | if (p7->d.sign->contents != NULL) | |
d8223efd | 137 | PKCS7_free(p7->d.sign->contents); |
d02b48c6 RE |
138 | p7->d.sign->contents=p7_data; |
139 | break; | |
140 | case NID_pkcs7_digest: | |
141 | case NID_pkcs7_data: | |
142 | case NID_pkcs7_enveloped: | |
143 | case NID_pkcs7_signedAndEnveloped: | |
144 | case NID_pkcs7_encrypted: | |
145 | default: | |
146 | PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); | |
147 | goto err; | |
148 | } | |
149 | return(1); | |
150 | err: | |
151 | return(0); | |
152 | } | |
153 | ||
6b691a5c | 154 | int PKCS7_set_type(PKCS7 *p7, int type) |
d02b48c6 RE |
155 | { |
156 | ASN1_OBJECT *obj; | |
157 | ||
9d6b1ce6 | 158 | /*PKCS7_content_free(p7);*/ |
d02b48c6 RE |
159 | obj=OBJ_nid2obj(type); /* will not fail */ |
160 | ||
161 | switch (type) | |
162 | { | |
163 | case NID_pkcs7_signed: | |
164 | p7->type=obj; | |
165 | if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL) | |
166 | goto err; | |
167 | ASN1_INTEGER_set(p7->d.sign->version,1); | |
168 | break; | |
169 | case NID_pkcs7_data: | |
170 | p7->type=obj; | |
08e9c1af | 171 | if ((p7->d.data=M_ASN1_OCTET_STRING_new()) == NULL) |
d02b48c6 RE |
172 | goto err; |
173 | break; | |
58964a49 RE |
174 | case NID_pkcs7_signedAndEnveloped: |
175 | p7->type=obj; | |
176 | if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) | |
dfeab068 RE |
177 | == NULL) goto err; |
178 | ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1); | |
a43cf9fa DSH |
179 | p7->d.signed_and_enveloped->enc_data->content_type |
180 | = OBJ_nid2obj(NID_pkcs7_data); | |
58964a49 | 181 | break; |
d02b48c6 | 182 | case NID_pkcs7_enveloped: |
dfeab068 RE |
183 | p7->type=obj; |
184 | if ((p7->d.enveloped=PKCS7_ENVELOPE_new()) | |
185 | == NULL) goto err; | |
186 | ASN1_INTEGER_set(p7->d.enveloped->version,0); | |
a43cf9fa DSH |
187 | p7->d.enveloped->enc_data->content_type |
188 | = OBJ_nid2obj(NID_pkcs7_data); | |
dfeab068 | 189 | break; |
d02b48c6 | 190 | case NID_pkcs7_encrypted: |
c6c34506 DSH |
191 | p7->type=obj; |
192 | if ((p7->d.encrypted=PKCS7_ENCRYPT_new()) | |
193 | == NULL) goto err; | |
194 | ASN1_INTEGER_set(p7->d.encrypted->version,0); | |
a43cf9fa DSH |
195 | p7->d.encrypted->enc_data->content_type |
196 | = OBJ_nid2obj(NID_pkcs7_data); | |
c6c34506 DSH |
197 | break; |
198 | ||
199 | case NID_pkcs7_digest: | |
0602abf5 DSH |
200 | p7->type=obj; |
201 | if ((p7->d.digest=PKCS7_DIGEST_new()) | |
202 | == NULL) goto err; | |
203 | ASN1_INTEGER_set(p7->d.digest->version,0); | |
204 | break; | |
d02b48c6 RE |
205 | default: |
206 | PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); | |
207 | goto err; | |
208 | } | |
209 | return(1); | |
210 | err: | |
211 | return(0); | |
212 | } | |
213 | ||
8d9086df DSH |
214 | int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other) |
215 | { | |
216 | p7->type = OBJ_nid2obj(type); | |
217 | p7->d.other = other; | |
218 | return 1; | |
219 | } | |
220 | ||
6b691a5c | 221 | int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) |
d02b48c6 RE |
222 | { |
223 | int i,j,nid; | |
224 | X509_ALGOR *alg; | |
b05b50e6 | 225 | STACK_OF(PKCS7_SIGNER_INFO) *signer_sk; |
426edadf | 226 | STACK_OF(X509_ALGOR) *md_sk; |
d02b48c6 RE |
227 | |
228 | i=OBJ_obj2nid(p7->type); | |
58964a49 | 229 | switch (i) |
d02b48c6 | 230 | { |
58964a49 RE |
231 | case NID_pkcs7_signed: |
232 | signer_sk= p7->d.sign->signer_info; | |
233 | md_sk= p7->d.sign->md_algs; | |
234 | break; | |
235 | case NID_pkcs7_signedAndEnveloped: | |
236 | signer_sk= p7->d.signed_and_enveloped->signer_info; | |
237 | md_sk= p7->d.signed_and_enveloped->md_algs; | |
238 | break; | |
239 | default: | |
d02b48c6 RE |
240 | PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE); |
241 | return(0); | |
242 | } | |
243 | ||
d02b48c6 RE |
244 | nid=OBJ_obj2nid(psi->digest_alg->algorithm); |
245 | ||
246 | /* If the digest is not currently listed, add it */ | |
247 | j=0; | |
426edadf | 248 | for (i=0; i<sk_X509_ALGOR_num(md_sk); i++) |
d02b48c6 | 249 | { |
426edadf | 250 | alg=sk_X509_ALGOR_value(md_sk,i); |
d02b48c6 RE |
251 | if (OBJ_obj2nid(alg->algorithm) == nid) |
252 | { | |
253 | j=1; | |
254 | break; | |
255 | } | |
256 | } | |
257 | if (!j) /* we need to add another algorithm */ | |
258 | { | |
b216664f DSH |
259 | if(!(alg=X509_ALGOR_new()) |
260 | || !(alg->parameter = ASN1_TYPE_new())) { | |
261 | PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE); | |
262 | return(0); | |
263 | } | |
d02b48c6 | 264 | alg->algorithm=OBJ_nid2obj(nid); |
b216664f | 265 | alg->parameter->type = V_ASN1_NULL; |
426edadf | 266 | sk_X509_ALGOR_push(md_sk,alg); |
d02b48c6 RE |
267 | } |
268 | ||
b05b50e6 | 269 | sk_PKCS7_SIGNER_INFO_push(signer_sk,psi); |
d02b48c6 RE |
270 | return(1); |
271 | } | |
272 | ||
6b691a5c | 273 | int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) |
d02b48c6 RE |
274 | { |
275 | int i; | |
f73e07cf | 276 | STACK_OF(X509) **sk; |
d02b48c6 RE |
277 | |
278 | i=OBJ_obj2nid(p7->type); | |
58964a49 | 279 | switch (i) |
d02b48c6 | 280 | { |
58964a49 RE |
281 | case NID_pkcs7_signed: |
282 | sk= &(p7->d.sign->cert); | |
283 | break; | |
284 | case NID_pkcs7_signedAndEnveloped: | |
285 | sk= &(p7->d.signed_and_enveloped->cert); | |
286 | break; | |
287 | default: | |
288 | PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE); | |
d02b48c6 RE |
289 | return(0); |
290 | } | |
291 | ||
58964a49 | 292 | if (*sk == NULL) |
f73e07cf | 293 | *sk=sk_X509_new_null(); |
d02b48c6 | 294 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
f73e07cf | 295 | sk_X509_push(*sk,x509); |
d02b48c6 RE |
296 | return(1); |
297 | } | |
298 | ||
6b691a5c | 299 | int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) |
d02b48c6 RE |
300 | { |
301 | int i; | |
6d114240 | 302 | STACK_OF(X509_CRL) **sk; |
58964a49 | 303 | |
d02b48c6 | 304 | i=OBJ_obj2nid(p7->type); |
58964a49 | 305 | switch (i) |
d02b48c6 | 306 | { |
58964a49 RE |
307 | case NID_pkcs7_signed: |
308 | sk= &(p7->d.sign->crl); | |
309 | break; | |
310 | case NID_pkcs7_signedAndEnveloped: | |
311 | sk= &(p7->d.signed_and_enveloped->crl); | |
312 | break; | |
313 | default: | |
314 | PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE); | |
d02b48c6 RE |
315 | return(0); |
316 | } | |
317 | ||
58964a49 | 318 | if (*sk == NULL) |
6d114240 | 319 | *sk=sk_X509_CRL_new_null(); |
d02b48c6 RE |
320 | |
321 | CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); | |
6d114240 | 322 | sk_X509_CRL_push(*sk,crl); |
d02b48c6 RE |
323 | return(1); |
324 | } | |
325 | ||
6b691a5c | 326 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, |
13588350 | 327 | const EVP_MD *dgst) |
d02b48c6 | 328 | { |
279fe3b1 | 329 | int nid; |
55f30198 | 330 | char is_dsa; |
279fe3b1 | 331 | |
5488bb61 | 332 | if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC) |
279fe3b1 BM |
333 | is_dsa = 1; |
334 | else | |
335 | is_dsa = 0; | |
d02b48c6 RE |
336 | /* We now need to add another PKCS7_SIGNER_INFO entry */ |
337 | ASN1_INTEGER_set(p7i->version,1); | |
338 | X509_NAME_set(&p7i->issuer_and_serial->issuer, | |
339 | X509_get_issuer_name(x509)); | |
340 | ||
341 | /* because ASN1_INTEGER_set is used to set a 'long' we will do | |
342 | * things the ugly way. */ | |
08e9c1af | 343 | M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
d02b48c6 | 344 | p7i->issuer_and_serial->serial= |
08e9c1af | 345 | M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); |
d02b48c6 RE |
346 | |
347 | /* lets keep the pkey around for a while */ | |
348 | CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); | |
349 | p7i->pkey=pkey; | |
350 | ||
351 | /* Set the algorithms */ | |
55f30198 | 352 | if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); |
dfeab068 RE |
353 | else |
354 | p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); | |
d02b48c6 | 355 | |
10243d97 DSH |
356 | if (p7i->digest_alg->parameter != NULL) |
357 | ASN1_TYPE_free(p7i->digest_alg->parameter); | |
358 | if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) | |
359 | goto err; | |
360 | p7i->digest_alg->parameter->type=V_ASN1_NULL; | |
361 | ||
d02b48c6 RE |
362 | if (p7i->digest_enc_alg->parameter != NULL) |
363 | ASN1_TYPE_free(p7i->digest_enc_alg->parameter); | |
279fe3b1 BM |
364 | nid = EVP_PKEY_type(pkey->type); |
365 | if (nid == EVP_PKEY_RSA) | |
366 | { | |
367 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); | |
55f30198 DSH |
368 | if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) |
369 | goto err; | |
370 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | |
279fe3b1 BM |
371 | } |
372 | else if (nid == EVP_PKEY_DSA) | |
373 | { | |
374 | #if 1 | |
375 | /* use 'dsaEncryption' OID for compatibility with other software | |
376 | * (PKCS #7 v1.5 does specify how to handle DSA) ... */ | |
377 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa); | |
378 | #else | |
379 | /* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 for CMS) | |
380 | * would make more sense. */ | |
381 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1); | |
382 | #endif | |
383 | p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */ | |
384 | } | |
5488bb61 | 385 | else if (nid == EVP_PKEY_EC) |
279fe3b1 BM |
386 | { |
387 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1); | |
388 | if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | |
389 | goto err; | |
390 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | |
391 | } | |
392 | else | |
393 | return(0); | |
d02b48c6 | 394 | |
d02b48c6 RE |
395 | return(1); |
396 | err: | |
397 | return(0); | |
398 | } | |
399 | ||
6b691a5c | 400 | PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, |
13588350 | 401 | const EVP_MD *dgst) |
d02b48c6 RE |
402 | { |
403 | PKCS7_SIGNER_INFO *si; | |
404 | ||
405 | if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; | |
406 | if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; | |
407 | if (!PKCS7_add_signer(p7,si)) goto err; | |
408 | return(si); | |
409 | err: | |
410 | return(NULL); | |
411 | } | |
412 | ||
b05b50e6 | 413 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) |
d02b48c6 RE |
414 | { |
415 | if (PKCS7_type_is_signed(p7)) | |
416 | { | |
417 | return(p7->d.sign->signer_info); | |
418 | } | |
dfeab068 RE |
419 | else if (PKCS7_type_is_signedAndEnveloped(p7)) |
420 | { | |
421 | return(p7->d.signed_and_enveloped->signer_info); | |
422 | } | |
d02b48c6 RE |
423 | else |
424 | return(NULL); | |
425 | } | |
426 | ||
6b691a5c | 427 | PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) |
58964a49 RE |
428 | { |
429 | PKCS7_RECIP_INFO *ri; | |
430 | ||
431 | if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; | |
432 | if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; | |
433 | if (!PKCS7_add_recipient_info(p7,ri)) goto err; | |
434 | return(ri); | |
435 | err: | |
436 | return(NULL); | |
437 | } | |
438 | ||
6b691a5c | 439 | int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) |
58964a49 RE |
440 | { |
441 | int i; | |
8f0edcd1 | 442 | STACK_OF(PKCS7_RECIP_INFO) *sk; |
58964a49 RE |
443 | |
444 | i=OBJ_obj2nid(p7->type); | |
445 | switch (i) | |
446 | { | |
447 | case NID_pkcs7_signedAndEnveloped: | |
448 | sk= p7->d.signed_and_enveloped->recipientinfo; | |
449 | break; | |
dfeab068 RE |
450 | case NID_pkcs7_enveloped: |
451 | sk= p7->d.enveloped->recipientinfo; | |
452 | break; | |
58964a49 RE |
453 | default: |
454 | PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE); | |
455 | return(0); | |
456 | } | |
457 | ||
8f0edcd1 | 458 | sk_PKCS7_RECIP_INFO_push(sk,ri); |
58964a49 RE |
459 | return(1); |
460 | } | |
461 | ||
6b691a5c | 462 | int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) |
58964a49 RE |
463 | { |
464 | ASN1_INTEGER_set(p7i->version,0); | |
465 | X509_NAME_set(&p7i->issuer_and_serial->issuer, | |
466 | X509_get_issuer_name(x509)); | |
467 | ||
08e9c1af | 468 | M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
58964a49 | 469 | p7i->issuer_and_serial->serial= |
08e9c1af | 470 | M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); |
58964a49 | 471 | |
dfeab068 | 472 | X509_ALGOR_free(p7i->key_enc_algor); |
78d3b819 | 473 | p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor); |
dfeab068 | 474 | |
58964a49 RE |
475 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
476 | p7i->cert=x509; | |
477 | ||
478 | return(1); | |
479 | } | |
480 | ||
6b691a5c | 481 | X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) |
d02b48c6 RE |
482 | { |
483 | if (PKCS7_type_is_signed(p7)) | |
484 | return(X509_find_by_issuer_and_serial(p7->d.sign->cert, | |
485 | si->issuer_and_serial->issuer, | |
486 | si->issuer_and_serial->serial)); | |
487 | else | |
488 | return(NULL); | |
489 | } | |
490 | ||
84fa704c | 491 | int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) |
58964a49 RE |
492 | { |
493 | int i; | |
f45f40ff | 494 | ASN1_OBJECT *objtmp; |
58964a49 RE |
495 | PKCS7_ENC_CONTENT *ec; |
496 | ||
497 | i=OBJ_obj2nid(p7->type); | |
498 | switch (i) | |
499 | { | |
500 | case NID_pkcs7_signedAndEnveloped: | |
501 | ec=p7->d.signed_and_enveloped->enc_data; | |
502 | break; | |
dfeab068 RE |
503 | case NID_pkcs7_enveloped: |
504 | ec=p7->d.enveloped->enc_data; | |
505 | break; | |
58964a49 RE |
506 | default: |
507 | PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); | |
508 | return(0); | |
509 | } | |
510 | ||
f45f40ff | 511 | /* Check cipher OID exists and has data in it*/ |
4b426580 DSH |
512 | i = EVP_CIPHER_type(cipher); |
513 | if(i == NID_undef) { | |
f45f40ff DSH |
514 | PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); |
515 | return(0); | |
516 | } | |
4b426580 | 517 | objtmp = OBJ_nid2obj(i); |
84fa704c DSH |
518 | |
519 | ec->cipher = cipher; | |
520 | return 1; | |
58964a49 RE |
521 | } |
522 |