List Info

Thread: OpenSSL: openssl/crypto/evp/ evp.h openssl/crypto/pkcs7/ pk7_lib...
OpenSSL: openssl/crypto/evp/ evp.h openssl/crypto/pkcs7/ pk7_lib...
user name
 2006-04-27 18:20:35 
  OpenSSL CVS Repository
  http://cvs.openssl.org/
 
____________________________________________________________
________________

  Server: cvs.openssl.org                  Name:   Dr.
Stephen Henson
  Root:   /v/openssl/cvs                   Email:  steveopenssl.org
  Module: openssl                          Date:  
27-Apr-2006 20:20:34
  Branch: HEAD                             Handle:
2006042719203103

  Modified files:
    openssl/crypto/evp      evp.h
    openssl/crypto/pkcs7    pk7_lib.c pkcs7.h pkcs7err.c
    openssl/crypto/rsa      rsa_ameth.c

  Log:
    Replace RSA specific PKCS7_RECIP_INFO set up with an
public key algorithm
    ctrl.

  Summary:
    Revision    Changes     Path
    1.149       +1  -0      openssl/crypto/evp/evp.h
    1.38        +37 -6      openssl/crypto/pkcs7/pk7_lib.c
    1.58        +3  -0      openssl/crypto/pkcs7/pkcs7.h
    1.21        +3  -0      openssl/crypto/pkcs7/pkcs7err.c
    1.11        +11 -0      openssl/crypto/rsa/rsa_ameth.c
 
____________________________________________________________
________________

  patch -p0 <<' .'
  Index: openssl/crypto/evp/evp.h
 
============================================================
================
  $ cvs diff -u -r1.148 -r1.149 evp.h
  --- openssl/crypto/evp/evp.h	26 Apr 2006 11:52:36
-0000	1.148
  +++ openssl/crypto/evp/evp.h	27 Apr 2006 18:20:31
-0000	1.149
   -804,6 +804,7 
   #define ASN1_PKEY_SIGPARAM_NULL	0x4
   
   #define ASN1_PKEY_CTRL_PKCS7_SIGN	0x1
  +#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT	0x2
   
   int EVP_PKEY_asn1_get_count(void);
   const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
   .
  patch -p0 <<' .'
  Index: openssl/crypto/pkcs7/pk7_lib.c
 
============================================================
================
  $ cvs diff -u -r1.37 -r1.38 pk7_lib.c
  --- openssl/crypto/pkcs7/pk7_lib.c	27 Apr 2006 00:42:51
-0000	1.37
  +++ openssl/crypto/pkcs7/pk7_lib.c	27 Apr 2006 18:20:32
-0000	1.38
   -456,9 +456,11 
   	if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
   	if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
   	if (!PKCS7_add_recipient_info(p7,ri)) goto err;
  -	return(ri);
  +	return ri;
   err:
  -	return(NULL);
  +	if (ri)
  +		PKCS7_RECIP_INFO_free(ri);
  +	return NULL;
   	}
   
   int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO
*ri)
   -486,6 +488,8 
   
   int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509
*x509)
   	{
  +	int ret;
  +	EVP_PKEY *pkey = NULL;
   	if (!ASN1_INTEGER_set(p7i->version,0))
   		return 0;
   	if
(!X509_NAME_set(&p7i->issuer_and_serial->issuer,
   -497,14 +501,41 
   		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
   		return 0;
   
  -	X509_ALGOR_free(p7i->key_enc_algor);
  -	if (!(p7i->key_enc_algor=
X509_ALGOR_dup(x509->cert_info->key->algor)))
  -		return 0;
  +	pkey = X509_get_pubkey(x509);
  +
  +	if (!pkey || !pkey->ameth ||
!pkey->ameth->pkey_ctrl)
  +		{
  +		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
  +			PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
  +		goto err;
  +		}
  +
  +	ret = pkey->ameth->pkey_ctrl(pkey,
ASN1_PKEY_CTRL_PKCS7_ENCRYPT,
  +						0, p7i);
  +	if (ret == -2)
  +		{
  +		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
  +			PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
  +		goto err;
  +		}
  +	if (ret <= 0)
  +		{
  +		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
  +				PKCS7_R_ENCRYPTION_CTRL_FAILURE);
  +		goto err;
  +		}
  +
  +	EVP_PKEY_free(pkey);
   
   	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
   	p7i->cert=x509;
   
  -	return(1);
  +	return 1;
  +
  +	err:
  +	if (pkey)
  +		EVP_PKEY_free(pkey);
  +	return 0;
   	}
   
   X509 *PKCS7_cert_from_signer_info(PKCS7 *p7,
PKCS7_SIGNER_INFO *si)
   .
  patch -p0 <<' .'
  Index: openssl/crypto/pkcs7/pkcs7.h
 
============================================================
================
  $ cvs diff -u -r1.57 -r1.58 pkcs7.h
  --- openssl/crypto/pkcs7/pkcs7.h	27 Apr 2006 00:29:50
-0000	1.57
  +++ openssl/crypto/pkcs7/pkcs7.h	27 Apr 2006 18:20:33
-0000	1.58
   -406,6 +406,7 
   #define PKCS7_F_PKCS7_ENCRYPT				 115
   #define PKCS7_F_PKCS7_FIND_DIGEST			 127
   #define PKCS7_F_PKCS7_GET0_SIGNERS			 124
  +#define PKCS7_F_PKCS7_RECIP_INFO_SET			 130
   #define PKCS7_F_PKCS7_SET_CIPHER			 108
   #define PKCS7_F_PKCS7_SET_CONTENT			 109
   #define PKCS7_F_PKCS7_SET_DIGEST			 126
   -427,6 +428,8 
   #define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH		 100
   #define PKCS7_R_DECRYPT_ERROR				 119
   #define PKCS7_R_DIGEST_FAILURE				 101
  +#define PKCS7_R_ENCRYPTION_CTRL_FAILURE			 149
  +#define
PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
   #define PKCS7_R_ERROR_ADDING_RECIPIENT			 120
   #define PKCS7_R_ERROR_SETTING_CIPHER			 121
   #define PKCS7_R_INVALID_MIME_TYPE			 131
   .
  patch -p0 <<' .'
  Index: openssl/crypto/pkcs7/pkcs7err.c
 
============================================================
================
  $ cvs diff -u -r1.20 -r1.21 pkcs7err.c
  --- openssl/crypto/pkcs7/pkcs7err.c	17 Apr 2006 17:12:23
-0000	1.20
  +++ openssl/crypto/pkcs7/pkcs7err.c	27 Apr 2006 18:20:33
-0000	1.21
   -88,6 +88,7 
  
{ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT),	"PKCS7_encrypt"
;},
  
{ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST),	"PKCS7_FIND_DIGE
ST"},
  
{ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS),	"PKCS7_GET0_SIG
NERS"},
 
+{ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET),	"PKCS7_RECIP
_INFO_set"},
  
{ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER),	"PKCS7_set_cipher
"},
  
{ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT),	"PKCS7_set_conte
nt"},
  
{ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST),	"PKCS7_set_digest
"},
   -112,6 +113,8 
  
{ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),"de
crypted key is wrong length"},
   {ERR_REASON(PKCS7_R_DECRYPT_ERROR)       ,"decrypt
error"},
   {ERR_REASON(PKCS7_R_DIGEST_FAILURE)      ,"digest
failure"},
 
+{ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE),"encrypt
ion ctrl failure"},
 
+{ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_T
YPE),"encryption not supported for this key
type"},
   {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT),"error
adding recipient"},
   {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER),"error
setting cipher"},
   {ERR_REASON(PKCS7_R_INVALID_MIME_TYPE)   ,"invalid
mime type"},
   .
  patch -p0 <<' .'
  Index: openssl/crypto/rsa/rsa_ameth.c
 
============================================================
================
  $ cvs diff -u -r1.10 -r1.11 rsa_ameth.c
  --- openssl/crypto/rsa/rsa_ameth.c	19 Apr 2006 17:05:59
-0000	1.10
  +++ openssl/crypto/rsa/rsa_ameth.c	27 Apr 2006 18:20:34
-0000	1.11
   -266,6 +266,7 
   	{
   	switch (op)
   		{
  +
   		case ASN1_PKEY_CTRL_PKCS7_SIGN:
   		if (arg1 == 0)
   			{
   -276,6 +277,16 
   			}
   		return 1;
   
  +		case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
  +		if (arg1 == 0)
  +			{
  +			X509_ALGOR *alg;
  +			PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
  +			X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
  +							V_ASN1_NULL, 0);
  +			}
  +		return 1;
  +
   		default:
   		return -2;
   
   .
____________________________________________________________
__________
OpenSSL Project                                 http://www.openssl.org
CVS Repository Commit List                    
openssl-cvsopenssl.org
Automated List Manager                          
majordomoopenssl.org
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )