oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Implement and use HX509_CMS_SIGATURE_ID_NAME.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21267 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-06-24 19:24:20 +00:00
parent 0a6bc4b22c
commit bff0a5c11c
1 changed files with 37 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
lib/hx509/cms.c
View File

@@ -115,24 +115,42 @@ hx509_cms_unwrap_ContentInfo(const heim_octet_string *in,
return 0; return 0;
} }
#define CMS_ID_SKI 0
#define CMS_ID_NAME 1
static int static int
fill_CMSIdentifier(const hx509_cert cert, CMSIdentifier *id) fill_CMSIdentifier(const hx509_cert cert,
int type,
CMSIdentifier *id)
{ {
hx509_name name;
int ret; int ret;
id->element = choice_CMSIdentifier_issuerAndSerialNumber; switch (type) {
ret = hx509_cert_get_issuer(cert, &name); case CMS_ID_SKI:
if (ret) id->element = choice_CMSIdentifier_subjectKeyIdentifier;
return ret; ret = _hx509_find_extension_subject_key_id(_hx509_get_cert(cert),
ret = copy_Name(&name->der_name, &id->u.subjectKeyIdentifier);
&id->u.issuerAndSerialNumber.issuer); if (ret == 0)
hx509_name_free(&name); break;
if (ret) /* FALL THOUGH */
return ret; case CMS_ID_NAME: {
hx509_name name;
ret = hx509_cert_get_serialnumber(cert, id->element = choice_CMSIdentifier_issuerAndSerialNumber;
&id->u.issuerAndSerialNumber.serialNumber); ret = hx509_cert_get_issuer(cert, &name);
if (ret)
return ret;
ret = hx509_name_to_Name(name, &id->u.issuerAndSerialNumber.issuer);
hx509_name_free(&name);
if (ret)
return ret;
ret = hx509_cert_get_serialnumber(cert, &id->u.issuerAndSerialNumber.serialNumber);
break;
}
default:
_hx509_abort("CMS fill identifier with unknown type");
}
return ret; return ret;
} }
@@ -518,7 +536,7 @@ hx509_cms_envelope_1(hx509_context context,
ri = &ed.recipientInfos.val[0]; ri = &ed.recipientInfos.val[0];
ri->version = 0; ri->version = 0;
ret = fill_CMSIdentifier(cert, &ri->rid); ret = fill_CMSIdentifier(cert, CMS_ID_SKI, &ri->rid);
if (ret) { if (ret) {
hx509_set_error_string(context, 0, ret, hx509_set_error_string(context, 0, ret,
"Failed to set CMS identifier info " "Failed to set CMS identifier info "
@@ -941,6 +959,7 @@ hx509_cms_create_signed_1(hx509_context context,
int ret; int ret;
size_t size; size_t size;
hx509_path path; hx509_path path;
int cmsidflag = CMS_ID_SKI;
memset(&sd, 0, sizeof(sd)); memset(&sd, 0, sizeof(sd));
memset(&name, 0, sizeof(name)); memset(&name, 0, sizeof(name));
@@ -950,6 +969,9 @@ hx509_cms_create_signed_1(hx509_context context,
content.data = rk_UNCONST(data); content.data = rk_UNCONST(data);
content.length = length; content.length = length;
if (flags & HX509_CMS_SIGATURE_ID_NAME)
cmsidflag = CMS_ID_NAME;
if (_hx509_cert_private_key(cert) == NULL) { if (_hx509_cert_private_key(cert) == NULL) {
hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING,
"Private key missing for signing"); "Private key missing for signing");
@@ -1004,7 +1026,7 @@ hx509_cms_create_signed_1(hx509_context context,
signer_info->version = 1; signer_info->version = 1;
ret = fill_CMSIdentifier(cert, &signer_info->sid); ret = fill_CMSIdentifier(cert, cmsidflag, &signer_info->sid);
if (ret) { if (ret) {
hx509_clear_error_string(context); hx509_clear_error_string(context);
goto out; goto out;