aboutsummaryrefslogtreecommitdiff
path: root/openssl/apps/cms.c
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/apps/cms.c')
-rw-r--r--openssl/apps/cms.c113
1 files changed, 64 insertions, 49 deletions
diff --git a/openssl/apps/cms.c b/openssl/apps/cms.c
index 6d227acab..d29a88490 100644
--- a/openssl/apps/cms.c
+++ b/openssl/apps/cms.c
@@ -71,8 +71,9 @@
static int save_certs(char *signerfile, STACK_OF(X509) *signers);
static int cms_cb(int ok, X509_STORE_CTX *ctx);
static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
-static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst,
- STACK *rr_from);
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
+ int rr_allorfirst,
+ STACK_OF(OPENSSL_STRING) *rr_from);
#define SMIME_OP 0x10
#define SMIME_IP 0x20
@@ -94,6 +95,8 @@ static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst,
#define SMIME_SIGN_RECEIPT (15 | SMIME_IP | SMIME_OP)
#define SMIME_VERIFY_RECEIPT (16 | SMIME_IP)
+int verify_err = 0;
+
int MAIN(int, char **);
int MAIN(int argc, char **argv)
@@ -105,7 +108,7 @@ int MAIN(int argc, char **argv)
const char *inmode = "r", *outmode = "w";
char *infile = NULL, *outfile = NULL, *rctfile = NULL;
char *signerfile = NULL, *recipfile = NULL;
- STACK *sksigners = NULL, *skkeys = NULL;
+ STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
char *certsoutfile = NULL;
const EVP_CIPHER *cipher = NULL;
@@ -116,9 +119,10 @@ int MAIN(int argc, char **argv)
STACK_OF(X509) *encerts = NULL, *other = NULL;
BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
int badarg = 0;
- int flags = CMS_DETACHED;
+ int flags = CMS_DETACHED, noout = 0, print = 0;
+ int verify_retcode = 0;
int rr_print = 0, rr_allorfirst = -1;
- STACK *rr_to = NULL, *rr_from = NULL;
+ STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
CMS_ReceiptRequest *rr = NULL;
char *to = NULL, *from = NULL, *subject = NULL;
char *CAfile = NULL, *CApath = NULL;
@@ -166,6 +170,8 @@ int MAIN(int argc, char **argv)
operation = SMIME_RESIGN;
else if (!strcmp (*args, "-verify"))
operation = SMIME_VERIFY;
+ else if (!strcmp (*args, "-verify_retcode"))
+ verify_retcode = 1;
else if (!strcmp(*args,"-verify_receipt"))
{
operation = SMIME_VERIFY_RECEIPT;
@@ -252,21 +258,17 @@ int MAIN(int argc, char **argv)
else if (!strcmp (*args, "-no_attr_verify"))
flags |= CMS_NO_ATTR_VERIFY;
else if (!strcmp (*args, "-stream"))
- {
- args++;
- continue;
- }
+ flags |= CMS_STREAM;
else if (!strcmp (*args, "-indef"))
- {
- args++;
- continue;
- }
+ flags |= CMS_STREAM;
else if (!strcmp (*args, "-noindef"))
flags &= ~CMS_STREAM;
else if (!strcmp (*args, "-nooldmime"))
flags |= CMS_NOOLDMIMETYPE;
else if (!strcmp (*args, "-crlfeol"))
flags |= CMS_CRLFEOL;
+ else if (!strcmp (*args, "-noout"))
+ noout = 1;
else if (!strcmp (*args, "-receipt_request_print"))
rr_print = 1;
else if (!strcmp (*args, "-receipt_request_all"))
@@ -279,8 +281,8 @@ int MAIN(int argc, char **argv)
goto argerr;
args++;
if (!rr_from)
- rr_from = sk_new_null();
- sk_push(rr_from, *args);
+ rr_from = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(rr_from, *args);
}
else if (!strcmp(*args,"-receipt_request_to"))
{
@@ -288,9 +290,14 @@ int MAIN(int argc, char **argv)
goto argerr;
args++;
if (!rr_to)
- rr_to = sk_new_null();
- sk_push(rr_to, *args);
+ rr_to = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(rr_to, *args);
}
+ else if (!strcmp (*args, "-print"))
+ {
+ noout = 1;
+ print = 1;
+ }
else if (!strcmp(*args,"-secretkey"))
{
long ltmp;
@@ -380,13 +387,13 @@ int MAIN(int argc, char **argv)
if (signerfile)
{
if (!sksigners)
- sksigners = sk_new_null();
- sk_push(sksigners, signerfile);
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
if (!keyfile)
keyfile = signerfile;
if (!skkeys)
- skkeys = sk_new_null();
- sk_push(skkeys, keyfile);
+ skkeys = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
keyfile = NULL;
}
signerfile = *++args;
@@ -428,12 +435,12 @@ int MAIN(int argc, char **argv)
goto argerr;
}
if (!sksigners)
- sksigners = sk_new_null();
- sk_push(sksigners, signerfile);
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
signerfile = NULL;
if (!skkeys)
- skkeys = sk_new_null();
- sk_push(skkeys, keyfile);
+ skkeys = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
}
keyfile = *++args;
}
@@ -532,13 +539,13 @@ int MAIN(int argc, char **argv)
if (signerfile)
{
if (!sksigners)
- sksigners = sk_new_null();
- sk_push(sksigners, signerfile);
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
if (!skkeys)
- skkeys = sk_new_null();
+ skkeys = sk_OPENSSL_STRING_new_null();
if (!keyfile)
keyfile = signerfile;
- sk_push(skkeys, keyfile);
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
}
if (!sksigners)
{
@@ -697,7 +704,7 @@ int MAIN(int argc, char **argv)
if (secret_key && !secret_keyid)
{
- BIO_printf(bio_err, "No sectre key id\n");
+ BIO_printf(bio_err, "No secret key id\n");
goto end;
}
@@ -873,7 +880,7 @@ int MAIN(int argc, char **argv)
{
if (!(store = setup_verify(bio_err, CAfile, CApath)))
goto end;
- X509_STORE_set_verify_cb_func(store, cms_cb);
+ X509_STORE_set_verify_cb(store, cms_cb);
if (vpm)
X509_STORE_set1_param(store, vpm);
}
@@ -973,11 +980,11 @@ int MAIN(int argc, char **argv)
}
else
flags |= CMS_REUSE_DIGEST;
- for (i = 0; i < sk_num(sksigners); i++)
+ for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
{
CMS_SignerInfo *si;
- signerfile = sk_value(sksigners, i);
- keyfile = sk_value(skkeys, i);
+ signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+ keyfile = sk_OPENSSL_STRING_value(skkeys, i);
signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
e, "signer certificate");
if (!signer)
@@ -1075,6 +1082,8 @@ int MAIN(int argc, char **argv)
else
{
BIO_printf(bio_err, "Verification failure\n");
+ if (verify_retcode)
+ ret = verify_err + 32;
goto end;
}
if (signerfile)
@@ -1107,7 +1116,12 @@ int MAIN(int argc, char **argv)
}
else
{
- if (outformat == FORMAT_SMIME)
+ if (noout)
+ {
+ if (print)
+ CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
+ }
+ else if (outformat == FORMAT_SMIME)
{
if (to)
BIO_printf(out, "To: %s\n", to);
@@ -1121,9 +1135,9 @@ int MAIN(int argc, char **argv)
ret = SMIME_write_CMS(out, cms, in, flags);
}
else if (outformat == FORMAT_PEM)
- ret = PEM_write_bio_CMS(out, cms);
+ ret = PEM_write_bio_CMS_stream(out, cms, in, flags);
else if (outformat == FORMAT_ASN1)
- ret = i2d_CMS_bio(out,cms);
+ ret = i2d_CMS_bio_stream(out,cms, in, flags);
else
{
BIO_printf(bio_err, "Bad output format for CMS file\n");
@@ -1146,9 +1160,9 @@ end:
if (vpm)
X509_VERIFY_PARAM_free(vpm);
if (sksigners)
- sk_free(sksigners);
+ sk_OPENSSL_STRING_free(sksigners);
if (skkeys)
- sk_free(skkeys);
+ sk_OPENSSL_STRING_free(skkeys);
if (secret_key)
OPENSSL_free(secret_key);
if (secret_keyid)
@@ -1158,9 +1172,9 @@ end:
if (rr)
CMS_ReceiptRequest_free(rr);
if (rr_to)
- sk_free(rr_to);
+ sk_OPENSSL_STRING_free(rr_to);
if (rr_from)
- sk_free(rr_from);
+ sk_OPENSSL_STRING_free(rr_from);
X509_STORE_free(store);
X509_free(cert);
X509_free(recip);
@@ -1199,6 +1213,8 @@ static int cms_cb(int ok, X509_STORE_CTX *ctx)
error = X509_STORE_CTX_get_error(ctx);
+ verify_err = error;
+
if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
&& ((error != X509_V_OK) || (ok != 2)))
return ok;
@@ -1280,7 +1296,7 @@ static void receipt_request_print(BIO *out, CMS_ContentInfo *cms)
}
}
-static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns)
+static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
{
int i;
STACK_OF(GENERAL_NAMES) *ret;
@@ -1289,12 +1305,10 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns)
ret = sk_GENERAL_NAMES_new_null();
if (!ret)
goto err;
- for (i = 0; i < sk_num(ns); i++)
+ for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++)
{
- CONF_VALUE cnf;
- cnf.name = "email";
- cnf.value = sk_value(ns, i);
- gen = v2i_GENERAL_NAME(NULL, NULL, &cnf);
+ char *str = sk_OPENSSL_STRING_value(ns, i);
+ gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0);
if (!gen)
goto err;
gens = GENERAL_NAMES_new();
@@ -1321,8 +1335,9 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns)
}
-static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst,
- STACK *rr_from)
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
+ int rr_allorfirst,
+ STACK_OF(OPENSSL_STRING) *rr_from)
{
STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
CMS_ReceiptRequest *rr;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 17:59:44 +0000