diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-11-11 11:27:33 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-11-15 01:25:06 +0000 |
commit | 1342185e333cb8139b7a70b7fe43571bcc2716a7 (patch) | |
tree | 0e1cb8d3cfc437bd7cc3a97f2bdc472f54d95dbd /source4/heimdal/lib/hx509/cms.c | |
parent | 13fd22f61017124d2d4964db3e32c667d119b56c (diff) | |
download | samba-1342185e333cb8139b7a70b7fe43571bcc2716a7.tar.gz samba-1342185e333cb8139b7a70b7fe43571bcc2716a7.tar.bz2 samba-1342185e333cb8139b7a70b7fe43571bcc2716a7.zip |
s4:heimdal: import lorikeet-heimdal-201011102149 (commit 5734d03c20e104c8f45533d07f2a2cbbd3224f29)
Diffstat (limited to 'source4/heimdal/lib/hx509/cms.c')
-rw-r--r-- | source4/heimdal/lib/hx509/cms.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/source4/heimdal/lib/hx509/cms.c b/source4/heimdal/lib/hx509/cms.c index 224c39086c..ef986fd4ed 100644 --- a/source4/heimdal/lib/hx509/cms.c +++ b/source4/heimdal/lib/hx509/cms.c @@ -532,6 +532,7 @@ out: * @param flags flags to control the behavior. * - HX509_CMS_EV_NO_KU_CHECK - Dont check KU on certificate * - HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo + * - HX509_CMS_EV_ID_NAME - prefer issuer name and serial number * @param cert Certificate to encrypt the EnvelopedData encryption key * with. * @param data pointer the data to encrypt. @@ -559,9 +560,9 @@ hx509_cms_envelope_1(hx509_context context, heim_octet_string ivec; heim_octet_string key; hx509_crypto crypto = NULL; + int ret, cmsidflag; EnvelopedData ed; size_t size; - int ret; memset(&ivec, 0, sizeof(ivec)); memset(&key, 0, sizeof(key)); @@ -648,8 +649,15 @@ hx509_cms_envelope_1(hx509_context context, ri = &ed.recipientInfos.val[0]; - ri->version = 0; - ret = fill_CMSIdentifier(cert, CMS_ID_SKI, &ri->rid); + if (flags & HX509_CMS_EV_ID_NAME) { + ri->version = 0; + cmsidflag = CMS_ID_NAME; + } else { + ri->version = 2; + cmsidflag = CMS_ID_SKI; + } + + ret = fill_CMSIdentifier(cert, cmsidflag, &ri->rid); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to set CMS identifier info " |