Initial support for enveloped data decrypt. Extent runex.pl to cover these

examples. All RFC4134 examples can not be processed.

4 files changed, 19 insertions, 20 deletions

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 898aafffae..94a166630c 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -481,6 +481,7 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_NULL_BEFORE_BLOCK_MISSING			 113
 #define RSA_R_N_DOES_NOT_EQUAL_P_Q			 127
 #define RSA_R_OAEP_DECODING_ERROR			 121
+#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE	 148
 #define RSA_R_PADDING_CHECK_FAILED			 114
 #define RSA_R_P_NOT_PRIME				 128
 #define RSA_R_Q_NOT_PRIME				 129
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 39fa9ec104..e705f16cb9 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -267,38 +267,29 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
 
 static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 	{
+	X509_ALGOR *alg = NULL;
 	switch (op)
 		{
 
 		case ASN1_PKEY_CTRL_PKCS7_SIGN:
 		if (arg1 == 0)
-			{
-			X509_ALGOR *alg;
 			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg);
-			X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
-							V_ASN1_NULL, 0);
-			}
-		return 1;
+		break;
 
 		case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
 		if (arg1 == 0)
-			{
-			X509_ALGOR *alg;
 			PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
-			X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
-							V_ASN1_NULL, 0);
-			}
-		return 1;
+		break;
 #ifndef OPENSSL_NO_CMS
 		case ASN1_PKEY_CTRL_CMS_SIGN:
 		if (arg1 == 0)
-			{
-			X509_ALGOR *alg;
 			CMS_SignerInfo_get0_algs(arg2, NULL, NULL, NULL, &alg);
-			X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
-							V_ASN1_NULL, 0);
-			}
-		return 1;
+		break;
+
+		case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+		if (arg1 == 0)
+			CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg);
+		break;
 #endif
 
 		case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
@@ -310,6 +301,12 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 
 		}
 
+	if (alg)
+		X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
+							V_ASN1_NULL, 0);
+
+	return 1;
+
 	}
 
 
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index b7ac4d2c21..0577fbb1ea 100644
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
 /* crypto/rsa/rsa_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -159,6 +159,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
 {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
 {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  ,"n does not equal p q"},
 {ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   ,"oaep decoding error"},
+{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
 {ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  ,"padding check failed"},
 {ERR_REASON(RSA_R_P_NOT_PRIME)           ,"p not prime"},
 {ERR_REASON(RSA_R_Q_NOT_PRIME)           ,"q not prime"},
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 0580bac9c9..7d6fef822a 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -443,7 +443,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 		return 1;
 		case EVP_PKEY_CTRL_PEER_KEY:
 			RSAerr(RSA_F_PKEY_RSA_CTRL,
-			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+			RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
 			return -2;	
 
 		default: