diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2013-07-17 14:36:39 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2013-10-01 14:01:18 +0100 |
| commit | 8c798690ce6092ba33eb4f7505c3c036cce20e8c (patch) | |
| tree | c9a06d6af1da2e5a896d0f08478b36591ce26b15 /crypto/cms/cms_lib.c | |
| parent | ea6bf266577e3a0bbc85c241686508f88b10881f (diff) | |
CMS support for key agreeement recipient info.
Add hooks to support key agreement recipient info type (KARI) using
algorithm specific code in the relevant public key ASN1 method.
(cherry picked from commit 17c2764d2e6fc5a010ad3c12662068689ed2ad17)
Diffstat (limited to 'crypto/cms/cms_lib.c')
| -rw-r--r-- | crypto/cms/cms_lib.c | 61 |
1 files changed, 60 insertions, 1 deletions
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index b62d1bfac0..ab57f0f4a1 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -52,7 +52,7 @@ */ #include <openssl/asn1t.h> -#include <openssl/x509.h> +#include <openssl/x509v3.h> #include <openssl/err.h> #include <openssl/pem.h> #include <openssl/bio.h> @@ -622,3 +622,62 @@ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms) } return crls; } + +int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) + { + int ret; + ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert)); + if (ret) + return ret; + return ASN1_INTEGER_cmp(ias->serialNumber, X509_get_serialNumber(cert)); + } + +int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) + { + X509_check_purpose(cert, -1, -1); + if (!cert->skid) + return -1; + return ASN1_OCTET_STRING_cmp(keyid, cert->skid); + } + +int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) + { + CMS_IssuerAndSerialNumber *ias; + ias = M_ASN1_new_of(CMS_IssuerAndSerialNumber); + if (!ias) + goto err; + if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert))) + goto err; + if (!ASN1_STRING_copy(ias->serialNumber, X509_get_serialNumber(cert))) + goto err; + if (*pias) + M_ASN1_free_of(*pias, CMS_IssuerAndSerialNumber); + *pias = ias; + return 1; + err: + if (ias) + M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber); + CMSerr(CMS_F_CMS_SET1_IAS, ERR_R_MALLOC_FAILURE); + return 0; + } + +int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) + { + ASN1_OCTET_STRING *keyid = NULL; + X509_check_purpose(cert, -1, -1); + if (!cert->skid) + { + CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID); + return 0; + } + keyid = ASN1_STRING_dup(cert->skid); + if (!keyid) + { + CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE); + return 0; + } + if (*pkeyid) + ASN1_OCTET_STRING_free(*pkeyid); + *pkeyid = keyid; + return 1; + } |