libressl/0060-cms-add-support-for-setting-KeyAgreement-UKM.patch

From 2cec22ef8cfe2df5aeb74861bf6ad4c621be6d02 Mon Sep 17 00:00:00 2001
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu, 9 Apr 2020 01:30:23 +0300
Subject: [PATCH 60/87] cms: add support for setting KeyAgreement UKM

Creating GOST KeyAgreement CMS files requires setting UKM. Add API
function to set it.

Sponsored by ROSA Linux

Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
---
 src/lib/libcrypto/Symbols.list   |  1 +
 src/lib/libcrypto/cms/cms.h      |  1 +
 src/lib/libcrypto/cms/cms_kari.c | 17 +++++++++++++++++
 3 files changed, 19 insertions(+)

diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 3eda9f3bd..e5e7c435e 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -584,6 +584,7 @@ CMS_RecipientInfo_kari_get0_orig_id
 CMS_RecipientInfo_kari_get0_reks
 CMS_RecipientInfo_kari_orig_id_cmp
 CMS_RecipientInfo_kari_set0_pkey
+CMS_RecipientInfo_kari_set0_ukm
 CMS_RecipientInfo_kekri_get0_id
 CMS_RecipientInfo_kekri_id_cmp
 CMS_RecipientInfo_ktri_cert_cmp
diff --git a/src/lib/libcrypto/cms/cms.h b/src/lib/libcrypto/cms/cms.h
index 3c92be34f..fd2a5013a 100644
--- a/src/lib/libcrypto/cms/cms.h
+++ b/src/lib/libcrypto/cms/cms.h
@@ -324,6 +324,7 @@ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
 #endif
 int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, X509_ALGOR **palg,
     ASN1_OCTET_STRING **pukm);
+int CMS_RecipientInfo_kari_set0_ukm(CMS_RecipientInfo *ri, const unsigned char *d, int len);
 STACK_OF(CMS_RecipientEncryptedKey) *
     CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
 
diff --git a/src/lib/libcrypto/cms/cms_kari.c b/src/lib/libcrypto/cms/cms_kari.c
index 21e3ce825..2c3b50290 100644
--- a/src/lib/libcrypto/cms/cms_kari.c
+++ b/src/lib/libcrypto/cms/cms_kari.c
@@ -82,6 +82,23 @@ CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, X509_ALGOR **palg,
 	return 1;
 }
 
+int
+CMS_RecipientInfo_kari_set0_ukm(CMS_RecipientInfo *ri, const unsigned char *d, int len)
+{
+	if (ri->type != CMS_RECIPINFO_AGREE) {
+		CMSerror(CMS_R_NOT_KEY_AGREEMENT);
+		return 0;
+	}
+	if (ri->d.kari->ukm == NULL)
+		ri->d.kari->ukm = ASN1_STRING_new();
+	if (ri->d.kari->ukm == NULL) {
+		CMSerror(ERR_R_MALLOC_FAILURE);
+		return 0;
+	}
+
+	return ASN1_OCTET_STRING_set(ri->d.kari->ukm, d, len);
+}
+
 /* Retrieve recipient encrypted keys from a kari */
 
 STACK_OF(CMS_RecipientEncryptedKey) *
-- 
2.17.1
Add gost-new patches sponsored by ROSA Linux TODO: add tests 2020-08-05 12:55:25 +03:00			`From 2cec22ef8cfe2df5aeb74861bf6ad4c621be6d02 Mon Sep 17 00:00:00 2001`
			`From: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`Date: Thu, 9 Apr 2020 01:30:23 +0300`
			`Subject: [PATCH 60/87] cms: add support for setting KeyAgreement UKM`

			`Creating GOST KeyAgreement CMS files requires setting UKM. Add API`
			`function to set it.`

			`Sponsored by ROSA Linux`

			`Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`---`
			`src/lib/libcrypto/Symbols.list \| 1 +`
			`src/lib/libcrypto/cms/cms.h \| 1 +`
			`src/lib/libcrypto/cms/cms_kari.c \| 17 +++++++++++++++++`
			`3 files changed, 19 insertions(+)`

			`diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list`
			`index 3eda9f3bd..e5e7c435e 100644`
			`--- a/src/lib/libcrypto/Symbols.list`
			`+++ b/src/lib/libcrypto/Symbols.list`
			`@@ -584,6 +584,7 @@ CMS_RecipientInfo_kari_get0_orig_id`
			`CMS_RecipientInfo_kari_get0_reks`
			`CMS_RecipientInfo_kari_orig_id_cmp`
			`CMS_RecipientInfo_kari_set0_pkey`
			`+CMS_RecipientInfo_kari_set0_ukm`
			`CMS_RecipientInfo_kekri_get0_id`
			`CMS_RecipientInfo_kekri_id_cmp`
			`CMS_RecipientInfo_ktri_cert_cmp`
			`diff --git a/src/lib/libcrypto/cms/cms.h b/src/lib/libcrypto/cms/cms.h`
			`index 3c92be34f..fd2a5013a 100644`
			`--- a/src/lib/libcrypto/cms/cms.h`
			`+++ b/src/lib/libcrypto/cms/cms.h`
			`@@ -324,6 +324,7 @@ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest rr, ASN1_STRING *pcid,`
			`#endif`
			`int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo ri, X509_ALGOR *palg,`
			`ASN1_OCTET_STRING **pukm);`
			`+int CMS_RecipientInfo_kari_set0_ukm(CMS_RecipientInfo ri, const unsigned char d, int len);`
			`STACK_OF(CMS_RecipientEncryptedKey) *`
			`CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);`

			`diff --git a/src/lib/libcrypto/cms/cms_kari.c b/src/lib/libcrypto/cms/cms_kari.c`
			`index 21e3ce825..2c3b50290 100644`
			`--- a/src/lib/libcrypto/cms/cms_kari.c`
			`+++ b/src/lib/libcrypto/cms/cms_kari.c`
			`@@ -82,6 +82,23 @@ CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo ri, X509_ALGOR *palg,`
			`return 1;`
			`}`

			`+int`
			`+CMS_RecipientInfo_kari_set0_ukm(CMS_RecipientInfo ri, const unsigned char d, int len)`
			`+{`
			`+ if (ri->type != CMS_RECIPINFO_AGREE) {`
			`+ CMSerror(CMS_R_NOT_KEY_AGREEMENT);`
			`+ return 0;`
			`+ }`
			`+ if (ri->d.kari->ukm == NULL)`
			`+ ri->d.kari->ukm = ASN1_STRING_new();`
			`+ if (ri->d.kari->ukm == NULL) {`
			`+ CMSerror(ERR_R_MALLOC_FAILURE);`
			`+ return 0;`
			`+ }`
			`+`
			`+ return ASN1_OCTET_STRING_set(ri->d.kari->ukm, d, len);`
			`+}`
			`+`
			`/* Retrieve recipient encrypted keys from a kari */`

			`STACK_OF(CMS_RecipientEncryptedKey) *`
			`--`
			`2.17.1`