Hi, I just find (after spending some time on debug) than the PKCS7_cert_from_signer_info functions doesn't work in case of Signed and enveloped PKCS7
As I don't see any reason of that, I would propose a support of this case. Actual version (Openssl 1.0.0d) : X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) { if (PKCS7_type_is_signed(p7)) return(X509_find_by_issuer_and_serial(p7->d.sign->cert, si->issuer_and_serial->issuer, si->issuer_and_serial->serial)); else return (NULL); } I propose this version : X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) { if (PKCS7_type_is_signed(p7)) return(X509_find_by_issuer_and_serial(p7->d.sign->cert, si->issuer_and_serial->issuer, si->issuer_and_serial->serial)); else if (PKCS7_type_is_signedAndEnveloped(p7)) return(X509_find_by_issuer_and_serial(p7->d.signed_and_enveloped->cert, si->issuer_and_serial->issuer, si->issuer_and_serial->serial)); else return (NULL); } Kind regards, -- Ludovic FLAMENT Fondateur - Expert Cryptographie,PKI,CC/CSPN http://www.cryptograph-ic.com/ ludovic.flam...@cryptograph-ic.com
Hi, I just find (after spending some time on debug) than the PKCS7_cert_from_signer_info functions doesn't work in case of Signed and enveloped PKCS7 As I don't see any reason of that, I would propose a support of this case. Actual version (Openssl 1.0.0d) : X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) { if (PKCS7_type_is_signed(p7)) return(X509_find_by_issuer_and_serial(p7->d.sign->cert, si->issuer_and_serial->issuer, si->issuer_and_serial->serial)); else return (NULL); } I propose this version : X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) { if (PKCS7_type_is_signed(p7)) return(X509_find_by_issuer_and_serial(p7->d.sign->cert, si->issuer_and_serial->issuer, si->issuer_and_serial->serial)); else if (PKCS7_type_is_signedAndEnveloped(p7)) return(X509_find_by_issuer_and_serial(p7->d.signed_and_enveloped->cert, si->issuer_and_serial->issuer, si->issuer_and_serial->serial)); else return (NULL); } Kind regards, -- Ludovic FLAMENT Fondateur - Expert Cryptographie,PKI,CC/CSPN |