13 #define WrapPKCS7(klass, obj, pkcs7) do { \
15 ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
17 (obj) = Data_Wrap_Struct((klass), 0, PKCS7_free, (pkcs7)); \
19 #define GetPKCS7(obj, pkcs7) do { \
20 Data_Get_Struct((obj), PKCS7, (pkcs7)); \
22 ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
25 #define SafeGetPKCS7(obj, pkcs7) do { \
26 OSSL_Check_Kind((obj), cPKCS7); \
27 GetPKCS7((obj), (pkcs7)); \
30 #define WrapPKCS7si(klass, obj, p7si) do { \
32 ossl_raise(rb_eRuntimeError, "PKCS7si wasn't initialized."); \
34 (obj) = Data_Wrap_Struct((klass), 0, PKCS7_SIGNER_INFO_free, (p7si)); \
36 #define GetPKCS7si(obj, p7si) do { \
37 Data_Get_Struct((obj), PKCS7_SIGNER_INFO, (p7si)); \
39 ossl_raise(rb_eRuntimeError, "PKCS7si wasn't initialized."); \
42 #define SafeGetPKCS7si(obj, p7si) do { \
43 OSSL_Check_Kind((obj), cPKCS7Signer); \
44 GetPKCS7si((obj), (p7si)); \
47 #define WrapPKCS7ri(klass, obj, p7ri) do { \
49 ossl_raise(rb_eRuntimeError, "PKCS7ri wasn't initialized."); \
51 (obj) = Data_Wrap_Struct((klass), 0, PKCS7_RECIP_INFO_free, (p7ri)); \
53 #define GetPKCS7ri(obj, p7ri) do { \
54 Data_Get_Struct((obj), PKCS7_RECIP_INFO, (p7ri)); \
56 ossl_raise(rb_eRuntimeError, "PKCS7ri wasn't initialized."); \
59 #define SafeGetPKCS7ri(obj, p7ri) do { \
60 OSSL_Check_Kind((obj), cPKCS7Recipient); \
61 GetPKCS7ri((obj), (p7ri)); \
64 #define numberof(ary) (int)(sizeof(ary)/sizeof((ary)[0]))
66 #define ossl_pkcs7_set_data(o,v) rb_iv_set((o), "@data", (v))
67 #define ossl_pkcs7_get_data(o) rb_iv_get((o), "@data")
68 #define ossl_pkcs7_set_err_string(o,v) rb_iv_set((o), "@error_string", (v))
69 #define ossl_pkcs7_get_err_string(o) rb_iv_get((o), "@error_string")
86 PKCS7_SIGNER_INFO *pkcs7;
96 static PKCS7_SIGNER_INFO *
99 PKCS7_SIGNER_INFO *p7si, *pkcs7;
112 PKCS7_RECIP_INFO *pkcs7;
122 static PKCS7_RECIP_INFO *
125 PKCS7_RECIP_INFO *p7ri, *pkcs7;
148 pkcs7 = SMIME_read_PKCS7(in, &out);
166 VALUE pkcs7, data, flags;
177 flg |= PKCS7_DETACHED;
179 if(!(out = BIO_new(BIO_s_mem()))){
183 if(!SMIME_write_PKCS7(out, p7, in, flg)){
201 VALUE cert,
key, data, certs, flags;
210 rb_scan_args(argc, argv,
"32", &cert, &key, &data, &certs, &flags);
217 x509s = ossl_protect_x509_ary2sk(certs, &status);
223 if(!(pkcs7 = PKCS7_sign(x509, pkey, x509s, in, flg))){
225 sk_X509_pop_free(x509s, X509_free);
232 sk_X509_pop_free(x509s, X509_free);
244 VALUE certs, data, cipher, flags;
247 const EVP_CIPHER *ciph;
252 rb_scan_args(argc, argv,
"22", &certs, &data, &cipher, &flags);
254 #if !defined(OPENSSL_NO_RC2)
255 ciph = EVP_rc2_40_cbc();
256 #elif !defined(OPENSSL_NO_DES)
257 ciph = EVP_des_ede3_cbc();
258 #elif !defined(OPENSSL_NO_RC2)
259 ciph = EVP_rc2_40_cbc();
260 #elif !defined(OPENSSL_NO_AES)
261 ciph = EVP_EVP_aes_128_cbc();
270 x509s = ossl_protect_x509_ary2sk(certs, &status);
275 if(!(p7 = PKCS7_encrypt(x509s, in, (EVP_CIPHER*)ciph, flg))){
277 sk_X509_pop_free(x509s, X509_free);
283 sk_X509_pop_free(x509s, X509_free);
294 if (!(pkcs7 = PKCS7_new())) {
320 p7 = PEM_read_bio_PKCS7(in, &pkcs,
NULL,
NULL);
323 p7 = d2i_PKCS7_bio(in, &pkcs);
342 PKCS7 *a, *b, *pkcs7;
345 if (
self == other)
return self;
350 pkcs7 = PKCS7_dup(b);
370 {
"signed", NID_pkcs7_signed },
371 {
"data", NID_pkcs7_data },
372 {
"signedAndEnveloped", NID_pkcs7_signedAndEnveloped },
373 {
"enveloped", NID_pkcs7_enveloped },
374 {
"encrypted", NID_pkcs7_encrypted },
375 {
"digest", NID_pkcs7_digest },
381 for(i = 0; i <
numberof(p7_type_tab); i++){
384 if(strcmp(p7_type_tab[i].
name, s) == 0){
385 ret = p7_type_tab[
i].nid;
419 if(PKCS7_type_is_signed(p7))
423 if(PKCS7_type_is_enveloped(p7))
425 if(PKCS7_type_is_signedAndEnveloped(p7))
427 if(PKCS7_type_is_data(p7))
440 if(!PKCS7_set_detached(p7, flag ==
Qtrue ? 1 : 0))
479 PKCS7_SIGNER_INFO *p7si;
483 if (!PKCS7_add_signer(pkcs7, p7si)) {
484 PKCS7_SIGNER_INFO_free(p7si);
487 if (PKCS7_type_is_signed(pkcs7)){
488 PKCS7_add_signed_attribute(p7si, NID_pkcs9_contentType,
489 V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data));
500 PKCS7_SIGNER_INFO *si;
505 if (!(sk = PKCS7_get_signer_info(pkcs7))) {
506 OSSL_Debug(
"OpenSSL::PKCS7#get_signer_info == NULL!");
509 if ((num = sk_PKCS7_SIGNER_INFO_num(sk)) < 0) {
513 for (i=0; i<num; i++) {
514 si = sk_PKCS7_SIGNER_INFO_value(sk, i);
525 PKCS7_RECIP_INFO *ri;
529 if (!PKCS7_add_recipient_info(pkcs7, ri)) {
530 PKCS7_RECIP_INFO_free(ri);
542 PKCS7_RECIP_INFO *si;
547 if (PKCS7_type_is_enveloped(pkcs7))
548 sk = pkcs7->d.enveloped->recipientinfo;
549 else if (PKCS7_type_is_signedAndEnveloped(pkcs7))
550 sk = pkcs7->d.signed_and_enveloped->recipientinfo;
553 if ((num = sk_PKCS7_RECIP_INFO_num(sk)) < 0) {
557 for (i=0; i<num; i++) {
558 si = sk_PKCS7_RECIP_INFO_value(sk, i);
573 if (!PKCS7_add_certificate(pkcs7, x509)){
581 pkcs7_get_certs(
VALUE self)
588 i = OBJ_obj2nid(pkcs7->type);
590 case NID_pkcs7_signed:
591 certs = pkcs7->d.sign->cert;
593 case NID_pkcs7_signedAndEnveloped:
594 certs = pkcs7->d.signed_and_enveloped->cert;
604 pkcs7_get_crls(
VALUE self)
611 i = OBJ_obj2nid(pkcs7->type);
613 case NID_pkcs7_signed:
614 crls = pkcs7->d.sign->crl;
616 case NID_pkcs7_signedAndEnveloped:
617 crls = pkcs7->d.signed_and_enveloped->crl;
638 certs = pkcs7_get_certs(
self);
639 while((cert = sk_X509_pop(certs))) X509_free(cert);
659 if (!PKCS7_add_crl(pkcs7, x509crl)) {
678 crls = pkcs7_get_crls(
self);
679 while((crl = sk_X509_CRL_pop(crls))) X509_CRL_free(crl);
694 VALUE certs, store, indata, flags;
697 int flg, ok, status = 0;
703 rb_scan_args(argc, argv,
"22", &certs, &store, &indata, &flags);
709 x509s = ossl_protect_x509_ary2sk(certs, &status);
717 if(!(out = BIO_new(BIO_s_mem()))){
719 sk_X509_pop_free(x509s, X509_free);
722 ok = PKCS7_verify(p7, x509s, x509st, in, out, flg);
725 msg = ERR_reason_error_string(ERR_get_error());
730 sk_X509_pop_free(x509s, X509_free);
738 VALUE pkey, cert, flags;
751 if(!(out = BIO_new(BIO_s_mem())))
753 if(!PKCS7_decrypt(p7, key, x509, out, flg)){
772 if(PKCS7_type_is_signed(pkcs7)){
773 if(!PKCS7_content_new(pkcs7, NID_pkcs7_data))
776 if(!(out = PKCS7_dataInit(pkcs7,
NULL)))
goto err;
778 if((len = BIO_read(in, buf,
sizeof(buf))) <= 0)
780 if(BIO_write(out, buf, len) != len)
783 if(!PKCS7_dataFinal(pkcs7, out))
goto err;
789 if(ERR_peek_error()){
805 if((len = i2d_PKCS7(pkcs7,
NULL)) <= 0)
809 if(i2d_PKCS7(pkcs7, &p) <= 0)
824 if (!(out = BIO_new(BIO_s_mem()))) {
827 if (!PEM_write_bio_PKCS7(out, pkcs7)) {
842 PKCS7_SIGNER_INFO *p7si;
845 if (!(p7si = PKCS7_SIGNER_INFO_new())) {
856 PKCS7_SIGNER_INFO *p7si;
865 if (!(PKCS7_SIGNER_INFO_set(p7si, x509, pkey, (EVP_MD*)md))) {
875 PKCS7_SIGNER_INFO *p7si;
885 PKCS7_SIGNER_INFO *p7si;
895 PKCS7_SIGNER_INFO *p7si;
900 if (!(asn1obj = PKCS7_get_signed_attribute(p7si, NID_pkcs9_signingTime))) {
903 if (asn1obj->type == V_ASN1_UTCTIME) {
921 PKCS7_RECIP_INFO *p7ri;
924 if (!(p7ri = PKCS7_RECIP_INFO_new())) {
935 PKCS7_RECIP_INFO *p7ri;
940 if (!PKCS7_RECIP_INFO_set(p7ri, x509)) {
950 PKCS7_RECIP_INFO *p7ri;
960 PKCS7_RECIP_INFO *p7ri;
970 PKCS7_RECIP_INFO *p7ri;
1034 #define DefPKCS7Const(x) rb_define_const(cPKCS7, #x, INT2NUM(PKCS7_##x))