From: Martin Willi Date: Tue, 27 Nov 2012 16:10:23 +0000 (+0100) Subject: Add a getter for signed PKCS#7 attributes X-Git-Tag: 5.0.2dr4~75 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d3d706f4fc7119c40bbc1a7941264c80f6b6e3b9;p=thirdparty%2Fstrongswan.git Add a getter for signed PKCS#7 attributes --- diff --git a/src/libstrongswan/credentials/containers/pkcs7.h b/src/libstrongswan/credentials/containers/pkcs7.h index eed340f489..68125cdc0d 100644 --- a/src/libstrongswan/credentials/containers/pkcs7.h +++ b/src/libstrongswan/credentials/containers/pkcs7.h @@ -34,6 +34,20 @@ struct pkcs7_t { * Implements container_t. */ container_t container; + + /** + * Get an authenticated PKCS#9 attribute from PKCS#7 signerInfo. + * + * To select the signerInfo structure to get the attribute from, pass + * the enumerator position from container_t.create_signature_enumerator(). + * + * @param oid OID from the attribute to get + * @param enumerator enumerator to select signerInfo + * @param value chunk receiving attribute value, internal data + * @return TRUE if attribute found + */ + bool (*get_attribute)(pkcs7_t *this, int oid, enumerator_t *enumerator, + chunk_t *value); }; #endif /** PKCS7_H_ @}*/ diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_data.c index 5f0ab10f4c..d0e7e1c759 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_data.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_data.c @@ -98,6 +98,7 @@ static private_pkcs7_data_t* create_empty() .get_encoding = _get_encoding, .destroy = _destroy, }, + .get_attribute = (void*)return_false, }, ); diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c index 652769a8f7..d9bff41e55 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c @@ -380,6 +380,7 @@ static private_pkcs7_enveloped_data_t* create_empty() .get_encoding = _get_encoding, .destroy = _destroy, }, + .get_attribute = (void*)return_false, }, ); diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c index dd9561133b..5ec5684f42 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c @@ -172,6 +172,8 @@ typedef struct { enumerator_t *inner; /** currently enumerated auth_cfg */ auth_cfg_t *auth; + /** currently enumerating signerinfo */ + signerinfo_t *info; /** reference to container */ private_pkcs7_signed_data_t *this; } signature_enumerator_t; @@ -275,8 +277,10 @@ METHOD(enumerator_t, enumerate, bool, continue; } *out = this->auth; + this->info = info; return TRUE; } + this->info = NULL; return FALSE; } @@ -307,6 +311,25 @@ METHOD(container_t, create_signature_enumerator, enumerator_t*, return &enumerator->public; } +METHOD(pkcs7_t, get_attribute, bool, + private_pkcs7_signed_data_t *this, int oid, enumerator_t *enumerator, chunk_t *value) +{ + signature_enumerator_t *e; + chunk_t chunk; + + e = (signature_enumerator_t*)enumerator; + if (e->info) + { + chunk = e->info->attributes->get_attribute(e->info->attributes, oid); + if (chunk.len) + { + *value = chunk; + return TRUE; + } + } + return FALSE; +} + METHOD(container_t, get_data, bool, private_pkcs7_signed_data_t *this, chunk_t *data) { @@ -351,6 +374,7 @@ static private_pkcs7_signed_data_t* create_empty() .get_encoding = _get_encoding, .destroy = _destroy, }, + .get_attribute = _get_attribute, }, .creds = mem_cred_create(), .signerinfos = linked_list_create(),