OLD | NEW |
1 /* crypto/pkcs7/pk7_lib.c */ | 1 /* crypto/pkcs7/pk7_lib.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
53 * The licence and distribution terms for any publically available version or | 53 * The licence and distribution terms for any publically available version or |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 * copied and put under another distribution licence | 55 * copied and put under another distribution licence |
56 * [including the GNU Public Licence.] | 56 * [including the GNU Public Licence.] |
57 */ | 57 */ |
58 | 58 |
59 #include <stdio.h> | 59 #include <stdio.h> |
60 #include "cryptlib.h" | 60 #include "cryptlib.h" |
61 #include <openssl/objects.h> | 61 #include <openssl/objects.h> |
62 #include <openssl/x509.h> | 62 #include <openssl/x509.h> |
| 63 #include "asn1_locl.h" |
63 | 64 |
64 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) | 65 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) |
65 { | 66 { |
66 int nid; | 67 int nid; |
67 long ret; | 68 long ret; |
68 | 69 |
69 nid=OBJ_obj2nid(p7->type); | 70 nid=OBJ_obj2nid(p7->type); |
70 | 71 |
71 switch (cmd) | 72 switch (cmd) |
72 { | 73 { |
(...skipping 234 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
307 break; | 308 break; |
308 default: | 309 default: |
309 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYP
E); | 310 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYP
E); |
310 return(0); | 311 return(0); |
311 } | 312 } |
312 | 313 |
313 if (*sk == NULL) | 314 if (*sk == NULL) |
314 *sk=sk_X509_new_null(); | 315 *sk=sk_X509_new_null(); |
315 if (*sk == NULL) | 316 if (*sk == NULL) |
316 { | 317 { |
317 » » PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,ERR_R_MALLOC_FAILURE); | 318 » » PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE); |
318 return 0; | 319 return 0; |
319 } | 320 } |
320 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | 321 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
321 if (!sk_X509_push(*sk,x509)) | 322 if (!sk_X509_push(*sk,x509)) |
322 { | 323 { |
323 X509_free(x509); | 324 X509_free(x509); |
324 return 0; | 325 return 0; |
325 } | 326 } |
326 return(1); | 327 return(1); |
327 } | 328 } |
(...skipping 30 matching lines...) Expand all Loading... |
358 { | 359 { |
359 X509_CRL_free(crl); | 360 X509_CRL_free(crl); |
360 return 0; | 361 return 0; |
361 } | 362 } |
362 return(1); | 363 return(1); |
363 } | 364 } |
364 | 365 |
365 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, | 366 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, |
366 const EVP_MD *dgst) | 367 const EVP_MD *dgst) |
367 { | 368 { |
368 » int nid; | 369 » int ret; |
369 » char is_dsa; | |
370 | 370 |
371 if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC) | |
372 is_dsa = 1; | |
373 else | |
374 is_dsa = 0; | |
375 /* We now need to add another PKCS7_SIGNER_INFO entry */ | 371 /* We now need to add another PKCS7_SIGNER_INFO entry */ |
376 if (!ASN1_INTEGER_set(p7i->version,1)) | 372 if (!ASN1_INTEGER_set(p7i->version,1)) |
377 goto err; | 373 goto err; |
378 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, | 374 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, |
379 X509_get_issuer_name(x509))) | 375 X509_get_issuer_name(x509))) |
380 goto err; | 376 goto err; |
381 | 377 |
382 /* because ASN1_INTEGER_set is used to set a 'long' we will do | 378 /* because ASN1_INTEGER_set is used to set a 'long' we will do |
383 * things the ugly way. */ | 379 * things the ugly way. */ |
384 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | 380 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
385 if (!(p7i->issuer_and_serial->serial= | 381 if (!(p7i->issuer_and_serial->serial= |
386 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) | 382 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) |
387 goto err; | 383 goto err; |
388 | 384 |
389 /* lets keep the pkey around for a while */ | 385 /* lets keep the pkey around for a while */ |
390 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); | 386 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); |
391 p7i->pkey=pkey; | 387 p7i->pkey=pkey; |
392 | 388 |
393 /* Set the algorithms */ | 389 /* Set the algorithms */ |
394 if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); | |
395 else | |
396 p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); | |
397 | 390 |
398 » if (p7i->digest_alg->parameter != NULL) | 391 » X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)), |
399 » » ASN1_TYPE_free(p7i->digest_alg->parameter); | 392 » » » » V_ASN1_NULL, NULL); |
400 » if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) | |
401 » » goto err; | |
402 » p7i->digest_alg->parameter->type=V_ASN1_NULL; | |
403 | 393 |
404 » if (p7i->digest_enc_alg->parameter != NULL) | 394 » if (pkey->ameth && pkey->ameth->pkey_ctrl) |
405 » » ASN1_TYPE_free(p7i->digest_enc_alg->parameter); | |
406 » nid = EVP_PKEY_type(pkey->type); | |
407 » if (nid == EVP_PKEY_RSA) | |
408 { | 395 { |
409 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); | 396 » » ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, |
410 » » if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | 397 » » » » » » 0, p7i); |
411 » » » goto err; | 398 » » if (ret > 0) |
412 » » p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | 399 » » » return 1; |
| 400 » » if (ret != -2) |
| 401 » » » { |
| 402 » » » PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, |
| 403 » » » » » PKCS7_R_SIGNING_CTRL_FAILURE); |
| 404 » » » return 0; |
| 405 » » » } |
413 } | 406 } |
414 » else if (nid == EVP_PKEY_DSA) | 407 » PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, |
415 » » { | 408 » » » PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); |
416 #if 1 | |
417 » » /* use 'dsaEncryption' OID for compatibility with other software | |
418 » » * (PKCS #7 v1.5 does specify how to handle DSA) ... */ | |
419 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa); | |
420 #else | |
421 » » /* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 f
or CMS) | |
422 » » * would make more sense. */ | |
423 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1); | |
424 #endif | |
425 » » p7i->digest_enc_alg->parameter = NULL; /* special case for DSA:
omit 'parameter'! */ | |
426 » » } | |
427 » else if (nid == EVP_PKEY_EC) | |
428 » » { | |
429 » » p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1); | |
430 » » if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | |
431 » » » goto err; | |
432 » » p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | |
433 » » } | |
434 » else | |
435 » » return(0); | |
436 | |
437 » return(1); | |
438 err: | 409 err: |
439 » return(0); | 410 » return 0; |
440 } | 411 } |
441 | 412 |
442 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, | 413 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, |
443 const EVP_MD *dgst) | 414 const EVP_MD *dgst) |
444 { | 415 { |
445 » PKCS7_SIGNER_INFO *si; | 416 » PKCS7_SIGNER_INFO *si = NULL; |
| 417 |
| 418 » if (dgst == NULL) |
| 419 » » { |
| 420 » » int def_nid; |
| 421 » » if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) |
| 422 » » » goto err; |
| 423 » » dgst = EVP_get_digestbynid(def_nid); |
| 424 » » if (dgst == NULL) |
| 425 » » » { |
| 426 » » » PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE, |
| 427 » » » » » » PKCS7_R_NO_DEFAULT_DIGEST); |
| 428 » » » goto err; |
| 429 » » » } |
| 430 » » } |
446 | 431 |
447 if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; | 432 if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; |
448 if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; | 433 if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; |
449 if (!PKCS7_add_signer(p7,si)) goto err; | 434 if (!PKCS7_add_signer(p7,si)) goto err; |
450 return(si); | 435 return(si); |
451 err: | 436 err: |
452 » PKCS7_SIGNER_INFO_free(si); | 437 » if (si) |
| 438 » » PKCS7_SIGNER_INFO_free(si); |
453 return(NULL); | 439 return(NULL); |
454 } | 440 } |
455 | 441 |
456 int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) | 442 int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) |
457 { | 443 { |
458 if (PKCS7_type_is_digest(p7)) | 444 if (PKCS7_type_is_digest(p7)) |
459 { | 445 { |
460 if(!(p7->d.digest->md->parameter = ASN1_TYPE_new())) | 446 if(!(p7->d.digest->md->parameter = ASN1_TYPE_new())) |
461 { | 447 { |
462 PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,ERR_R_MALLOC_FAILURE); | 448 PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,ERR_R_MALLOC_FAILURE); |
(...skipping 15 matching lines...) Expand all Loading... |
478 return(p7->d.sign->signer_info); | 464 return(p7->d.sign->signer_info); |
479 } | 465 } |
480 else if (PKCS7_type_is_signedAndEnveloped(p7)) | 466 else if (PKCS7_type_is_signedAndEnveloped(p7)) |
481 { | 467 { |
482 return(p7->d.signed_and_enveloped->signer_info); | 468 return(p7->d.signed_and_enveloped->signer_info); |
483 } | 469 } |
484 else | 470 else |
485 return(NULL); | 471 return(NULL); |
486 } | 472 } |
487 | 473 |
| 474 void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, |
| 475 X509_ALGOR **pdig, X509_ALGOR **psig) |
| 476 { |
| 477 if (pk) |
| 478 *pk = si->pkey; |
| 479 if (pdig) |
| 480 *pdig = si->digest_alg; |
| 481 if (psig) |
| 482 *psig = si->digest_enc_alg; |
| 483 } |
| 484 |
| 485 void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc) |
| 486 { |
| 487 if (penc) |
| 488 *penc = ri->key_enc_algor; |
| 489 } |
| 490 |
488 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) | 491 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) |
489 { | 492 { |
490 PKCS7_RECIP_INFO *ri; | 493 PKCS7_RECIP_INFO *ri; |
491 | 494 |
492 if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; | 495 if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; |
493 if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; | 496 if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; |
494 if (!PKCS7_add_recipient_info(p7,ri)) goto err; | 497 if (!PKCS7_add_recipient_info(p7,ri)) goto err; |
495 » return(ri); | 498 » return ri; |
496 err: | 499 err: |
497 » PKCS7_RECIP_INFO_free(ri); | 500 » if (ri) |
498 » return(NULL); | 501 » » PKCS7_RECIP_INFO_free(ri); |
| 502 » return NULL; |
499 } | 503 } |
500 | 504 |
501 int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) | 505 int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) |
502 { | 506 { |
503 int i; | 507 int i; |
504 STACK_OF(PKCS7_RECIP_INFO) *sk; | 508 STACK_OF(PKCS7_RECIP_INFO) *sk; |
505 | 509 |
506 i=OBJ_obj2nid(p7->type); | 510 i=OBJ_obj2nid(p7->type); |
507 switch (i) | 511 switch (i) |
508 { | 512 { |
509 case NID_pkcs7_signedAndEnveloped: | 513 case NID_pkcs7_signedAndEnveloped: |
510 sk= p7->d.signed_and_enveloped->recipientinfo; | 514 sk= p7->d.signed_and_enveloped->recipientinfo; |
511 break; | 515 break; |
512 case NID_pkcs7_enveloped: | 516 case NID_pkcs7_enveloped: |
513 sk= p7->d.enveloped->recipientinfo; | 517 sk= p7->d.enveloped->recipientinfo; |
514 break; | 518 break; |
515 default: | 519 default: |
516 PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_
TYPE); | 520 PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_
TYPE); |
517 return(0); | 521 return(0); |
518 } | 522 } |
519 | 523 |
520 if (!sk_PKCS7_RECIP_INFO_push(sk,ri)) | 524 if (!sk_PKCS7_RECIP_INFO_push(sk,ri)) |
521 return 0; | 525 return 0; |
522 return(1); | 526 return(1); |
523 } | 527 } |
524 | 528 |
525 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) | 529 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) |
526 { | 530 { |
| 531 int ret; |
| 532 EVP_PKEY *pkey = NULL; |
527 if (!ASN1_INTEGER_set(p7i->version,0)) | 533 if (!ASN1_INTEGER_set(p7i->version,0)) |
528 return 0; | 534 return 0; |
529 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, | 535 if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, |
530 X509_get_issuer_name(x509))) | 536 X509_get_issuer_name(x509))) |
531 return 0; | 537 return 0; |
532 | 538 |
533 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); | 539 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); |
534 if (!(p7i->issuer_and_serial->serial= | 540 if (!(p7i->issuer_and_serial->serial= |
535 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) | 541 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) |
536 return 0; | 542 return 0; |
537 | 543 |
538 » X509_ALGOR_free(p7i->key_enc_algor); | 544 » pkey = X509_get_pubkey(x509); |
539 » if (!(p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor))) | 545 |
540 » » return 0; | 546 » if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) |
| 547 » » { |
| 548 » » PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, |
| 549 » » » PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); |
| 550 » » goto err; |
| 551 » » } |
| 552 |
| 553 » ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, |
| 554 » » » » » » 0, p7i); |
| 555 » if (ret == -2) |
| 556 » » { |
| 557 » » PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, |
| 558 » » » PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); |
| 559 » » goto err; |
| 560 » » } |
| 561 » if (ret <= 0) |
| 562 » » { |
| 563 » » PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, |
| 564 » » » » PKCS7_R_ENCRYPTION_CTRL_FAILURE); |
| 565 » » goto err; |
| 566 » » } |
| 567 |
| 568 » EVP_PKEY_free(pkey); |
541 | 569 |
542 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | 570 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
543 p7i->cert=x509; | 571 p7i->cert=x509; |
544 | 572 |
545 » return(1); | 573 » return 1; |
| 574 |
| 575 » err: |
| 576 » if (pkey) |
| 577 » » EVP_PKEY_free(pkey); |
| 578 » return 0; |
546 } | 579 } |
547 | 580 |
548 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) | 581 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) |
549 { | 582 { |
550 if (PKCS7_type_is_signed(p7)) | 583 if (PKCS7_type_is_signed(p7)) |
551 return(X509_find_by_issuer_and_serial(p7->d.sign->cert, | 584 return(X509_find_by_issuer_and_serial(p7->d.sign->cert, |
552 si->issuer_and_serial->issuer, | 585 si->issuer_and_serial->issuer, |
553 si->issuer_and_serial->serial)); | 586 si->issuer_and_serial->serial)); |
554 else | 587 else |
555 return(NULL); | 588 return(NULL); |
556 } | 589 } |
557 | 590 |
558 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) | 591 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) |
559 { | 592 { |
560 int i; | 593 int i; |
561 ASN1_OBJECT *objtmp; | |
562 PKCS7_ENC_CONTENT *ec; | 594 PKCS7_ENC_CONTENT *ec; |
563 | 595 |
564 i=OBJ_obj2nid(p7->type); | 596 i=OBJ_obj2nid(p7->type); |
565 switch (i) | 597 switch (i) |
566 { | 598 { |
567 case NID_pkcs7_signedAndEnveloped: | 599 case NID_pkcs7_signedAndEnveloped: |
568 ec=p7->d.signed_and_enveloped->enc_data; | 600 ec=p7->d.signed_and_enveloped->enc_data; |
569 break; | 601 break; |
570 case NID_pkcs7_enveloped: | 602 case NID_pkcs7_enveloped: |
571 ec=p7->d.enveloped->enc_data; | 603 ec=p7->d.enveloped->enc_data; |
572 break; | 604 break; |
573 default: | 605 default: |
574 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); | 606 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); |
575 return(0); | 607 return(0); |
576 } | 608 } |
577 | 609 |
578 /* Check cipher OID exists and has data in it*/ | 610 /* Check cipher OID exists and has data in it*/ |
579 i = EVP_CIPHER_type(cipher); | 611 i = EVP_CIPHER_type(cipher); |
580 if(i == NID_undef) { | 612 if(i == NID_undef) { |
581 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_I
DENTIFIER); | 613 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_I
DENTIFIER); |
582 return(0); | 614 return(0); |
583 } | 615 } |
584 objtmp = OBJ_nid2obj(i); | |
585 | 616 |
586 ec->cipher = cipher; | 617 ec->cipher = cipher; |
587 return 1; | 618 return 1; |
588 } | 619 } |
589 | 620 |
| 621 int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) |
| 622 { |
| 623 ASN1_OCTET_STRING *os = NULL; |
| 624 |
| 625 switch (OBJ_obj2nid(p7->type)) |
| 626 { |
| 627 case NID_pkcs7_data: |
| 628 os = p7->d.data; |
| 629 break; |
| 630 |
| 631 case NID_pkcs7_signedAndEnveloped: |
| 632 os = p7->d.signed_and_enveloped->enc_data->enc_data; |
| 633 if (os == NULL) |
| 634 { |
| 635 os=M_ASN1_OCTET_STRING_new(); |
| 636 p7->d.signed_and_enveloped->enc_data->enc_data=os; |
| 637 } |
| 638 break; |
| 639 |
| 640 case NID_pkcs7_enveloped: |
| 641 os = p7->d.enveloped->enc_data->enc_data; |
| 642 if (os == NULL) |
| 643 { |
| 644 os=M_ASN1_OCTET_STRING_new(); |
| 645 p7->d.enveloped->enc_data->enc_data=os; |
| 646 } |
| 647 break; |
| 648 |
| 649 case NID_pkcs7_signed: |
| 650 os=p7->d.sign->contents->d.data; |
| 651 break; |
| 652 |
| 653 default: |
| 654 os = NULL; |
| 655 break; |
| 656 } |
| 657 |
| 658 if (os == NULL) |
| 659 return 0; |
| 660 |
| 661 os->flags |= ASN1_STRING_FLAG_NDEF; |
| 662 *boundary = &os->data; |
| 663 |
| 664 return 1; |
| 665 } |
OLD | NEW |