nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-18 13:48:05 -05:00
Code Issues Projects Releases Wiki Activity

sign with multiple signature

Browse Source
This commit is contained in:
olszomal 2020-06-12 13:16:05 +02:00 committed by Michał Trojnara
parent cfaa37108d
commit 4f71fefb79
1 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
osslsigncode.c
View File

@ -2143,6 +2143,40 @@ static PKCS7 *pkcs7_get_nested_signature(PKCS7 *p7, int *has_sig)
return ret; return ret;
} }
static int append_attribute(STACK_OF(X509_ATTRIBUTE) **unauth_attr, int nid,
int atrtype, u_char *p, int len)
{
X509_ATTRIBUTE *attr = NULL;
ASN1_STRING *value;
if (*unauth_attr == NULL) {
if ((*unauth_attr = sk_X509_ATTRIBUTE_new_null()) == NULL)
return 0; /* FAILED */
} else {
int i;
for (i = 0; i < sk_X509_ATTRIBUTE_num(*unauth_attr); i++) {
attr = sk_X509_ATTRIBUTE_value(*unauth_attr, i);
if (OBJ_obj2nid(X509_ATTRIBUTE_get0_object(attr)) == nid) {
if (!X509_ATTRIBUTE_set1_data(attr, V_ASN1_SEQUENCE, p, len))
return 0; /* FAILED */
if (!sk_X509_ATTRIBUTE_set(*unauth_attr, i, attr))
return 0; /* FAILED */
goto end;
}
}
}
value = ASN1_STRING_new();
ASN1_STRING_set(value, p, len);
if ((attr = X509_ATTRIBUTE_create(nid, atrtype, value)) == NULL)
return 0; /* FAILED */
if (!sk_X509_ATTRIBUTE_push(*unauth_attr, attr)) {
X509_ATTRIBUTE_free(attr);
return 0; /* FAILED */
}
end:
return 1; /* OK */
}
/* /*
* pkcs7_set_nested_signature adds the p7nest signature to p7 * pkcs7_set_nested_signature adds the p7nest signature to p7
* as a nested signature (SPC_NESTED_SIGNATURE). * as a nested signature (SPC_NESTED_SIGNATURE).
@ -2151,7 +2185,6 @@ static int pkcs7_set_nested_signature(PKCS7 *p7, PKCS7 *p7nest, time_t signing_t
{ {
u_char *p = NULL; u_char *p = NULL;
int len = 0; int len = 0;
ASN1_STRING *astr;
PKCS7_SIGNER_INFO *si; PKCS7_SIGNER_INFO *si;
if (((len = i2d_PKCS7(p7nest, NULL)) <= 0) || if (((len = i2d_PKCS7(p7nest, NULL)) <= 0) ||
@ -2159,14 +2192,15 @@ static int pkcs7_set_nested_signature(PKCS7 *p7, PKCS7 *p7nest, time_t signing_t
return 0; return 0;
i2d_PKCS7(p7nest, &p); i2d_PKCS7(p7nest, &p);
p -= len; p -= len;
astr = ASN1_STRING_new();
ASN1_STRING_set(astr, p, len);
OPENSSL_free(p);
si = sk_PKCS7_SIGNER_INFO_value(p7->d.sign->signer_info, 0); si = sk_PKCS7_SIGNER_INFO_value(p7->d.sign->signer_info, 0);
pkcs7_add_signing_time(si, signing_time); pkcs7_add_signing_time(si, signing_time);
if (PKCS7_add_attribute(si, OBJ_txt2nid(SPC_NESTED_SIGNATURE_OBJID), V_ASN1_SEQUENCE, astr) == 0) if (!append_attribute(&(si->unauth_attr), OBJ_txt2nid(SPC_NESTED_SIGNATURE_OBJID),
V_ASN1_SEQUENCE, p, len)) {
OPENSSL_free(p);
return 0; return 0;
}
OPENSSL_free(p);
return 1; return 1;
} }