diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2013-07-17 15:36:39 +0200 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2013-07-17 22:45:00 +0200 |
| commit | 17c2764d2e6fc5a010ad3c12662068689ed2ad17 (patch) | |
| tree | c3d729aba33ba57890381d5a675658d7a75187b9 /crypto/cms/cms_lib.c | |
| parent | Set CMS EnvelopedData version correctly. (diff) | |
| download | openssl-17c2764d2e6fc5a010ad3c12662068689ed2ad17.tar.xz openssl-17c2764d2e6fc5a010ad3c12662068689ed2ad17.zip | |
CMS support for key agreeement recipient info.
Add hooks to support key agreement recipient info type (KARI) using
algorithm specific code in the relevant public key ASN1 method.
Diffstat (limited to 'crypto/cms/cms_lib.c')
| -rw-r--r-- | crypto/cms/cms_lib.c | 61 |
1 files changed, 60 insertions, 1 deletions
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index a5a186c5ac..268278014c 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -52,7 +52,7 @@ */ #include <openssl/asn1t.h> -#include <openssl/x509.h> +#include <openssl/x509v3.h> #include <openssl/err.h> #include <openssl/pem.h> #include <openssl/bio.h> @@ -607,3 +607,62 @@ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms) } return crls; } + +int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) + { + int ret; + ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert)); + if (ret) + return ret; + return ASN1_INTEGER_cmp(ias->serialNumber, X509_get_serialNumber(cert)); + } + +int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) + { + X509_check_purpose(cert, -1, -1); + if (!cert->skid) + return -1; + return ASN1_OCTET_STRING_cmp(keyid, cert->skid); + } + +int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) + { + CMS_IssuerAndSerialNumber *ias; + ias = M_ASN1_new_of(CMS_IssuerAndSerialNumber); + if (!ias) + goto err; + if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert))) + goto err; + if (!ASN1_STRING_copy(ias->serialNumber, X509_get_serialNumber(cert))) + goto err; + if (*pias) + M_ASN1_free_of(*pias, CMS_IssuerAndSerialNumber); + *pias = ias; + return 1; + err: + if (ias) + M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber); + CMSerr(CMS_F_CMS_SET1_IAS, ERR_R_MALLOC_FAILURE); + return 0; + } + +int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) + { + ASN1_OCTET_STRING *keyid = NULL; + X509_check_purpose(cert, -1, -1); + if (!cert->skid) + { + CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID); + return 0; + } + keyid = ASN1_STRING_dup(cert->skid); + if (!keyid) + { + CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE); + return 0; + } + if (*pkeyid) + ASN1_OCTET_STRING_free(*pkeyid); + *pkeyid = keyid; + return 1; + } |