libressl/0065-cms-autoguess-preferred-RecipientInfo-type.patch

From 2233c8980d35abd789e7fa0ba163bd1f10915f11 Mon Sep 17 00:00:00 2001
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu, 9 Apr 2020 03:16:06 +0300
Subject: [PATCH 65/87] cms: autoguess preferred RecipientInfo type

If caller has specified originator certificate and private keys, try
using KeyAgreeRecipientInfo, otherwise select pkey-preferred RI type.

Sponsored by ROSA Linux

Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
---
 src/lib/libcrypto/cms/cms_env.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/lib/libcrypto/cms/cms_env.c b/src/lib/libcrypto/cms/cms_env.c
index b51baf702..8e025aa1d 100644
--- a/src/lib/libcrypto/cms/cms_env.c
+++ b/src/lib/libcrypto/cms/cms_env.c
@@ -245,6 +245,7 @@ CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip,
 	CMS_RecipientInfo *ri = NULL;
 	CMS_EnvelopedData *env;
 	EVP_PKEY *pk = NULL;
+	int ri_type;
 
 	env = cms_get0_enveloped(cms);
 	if (!env)
@@ -261,7 +262,13 @@ CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip,
 		goto err;
 	}
 
-	switch (cms_pkey_get_ri_type(pk)) {
+	if (originator && originator_pkey &&
+	    cms_pkey_is_ri_type_supported(pk, CMS_RECIPINFO_AGREE))
+		ri_type = CMS_RECIPINFO_AGREE;
+	else
+		ri_type = cms_pkey_get_ri_type(pk);
+
+	switch (ri_type) {
 
 	case CMS_RECIPINFO_TRANS:
 		if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags))
-- 
2.17.1
Add gost-new patches sponsored by ROSA Linux TODO: add tests 2020-08-05 12:55:25 +03:00			`From 2233c8980d35abd789e7fa0ba163bd1f10915f11 Mon Sep 17 00:00:00 2001`
			`From: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`Date: Thu, 9 Apr 2020 03:16:06 +0300`
			`Subject: [PATCH 65/87] cms: autoguess preferred RecipientInfo type`

			`If caller has specified originator certificate and private keys, try`
			`using KeyAgreeRecipientInfo, otherwise select pkey-preferred RI type.`

			`Sponsored by ROSA Linux`

			`Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`---`
			`src/lib/libcrypto/cms/cms_env.c \| 9 ++++++++-`
			`1 file changed, 8 insertions(+), 1 deletion(-)`

			`diff --git a/src/lib/libcrypto/cms/cms_env.c b/src/lib/libcrypto/cms/cms_env.c`
			`index b51baf702..8e025aa1d 100644`
			`--- a/src/lib/libcrypto/cms/cms_env.c`
			`+++ b/src/lib/libcrypto/cms/cms_env.c`
			`@@ -245,6 +245,7 @@ CMS_add1_recipient_cert(CMS_ContentInfo cms, X509 recip,`
			`CMS_RecipientInfo *ri = NULL;`
			`CMS_EnvelopedData *env;`
			`EVP_PKEY *pk = NULL;`
			`+ int ri_type;`

			`env = cms_get0_enveloped(cms);`
			`if (!env)`
			`@@ -261,7 +262,13 @@ CMS_add1_recipient_cert(CMS_ContentInfo cms, X509 recip,`
			`goto err;`
			`}`

			`- switch (cms_pkey_get_ri_type(pk)) {`
			`+ if (originator && originator_pkey &&`
			`+ cms_pkey_is_ri_type_supported(pk, CMS_RECIPINFO_AGREE))`
			`+ ri_type = CMS_RECIPINFO_AGREE;`
			`+ else`
			`+ ri_type = cms_pkey_get_ri_type(pk);`
			`+`
			`+ switch (ri_type) {`

			`case CMS_RECIPINFO_TRANS:`
			`if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags))`
			`--`
			`2.17.1`