version 1.14, 2019/11/18 11:34:41 |
version 1.15, 2019/11/18 12:43:27 |
|
|
|
|
int verify_err = 0; |
int verify_err = 0; |
|
|
typedef struct cms_key_param_st cms_key_param; |
struct cms_key_param { |
|
|
struct cms_key_param_st { |
|
int idx; |
int idx; |
STACK_OF(OPENSSL_STRING) *param; |
STACK_OF(OPENSSL_STRING) *param; |
cms_key_param *next; |
struct cms_key_param *next; |
}; |
}; |
|
|
int |
int |
|
|
unsigned char *pwri_pass = NULL, *pwri_tmp = NULL; |
unsigned char *pwri_pass = NULL, *pwri_tmp = NULL; |
size_t secret_keylen = 0, secret_keyidlen = 0; |
size_t secret_keylen = 0, secret_keyidlen = 0; |
|
|
cms_key_param *key_first = NULL, *key_param = NULL; |
struct cms_key_param *key_first = NULL, *key_param = NULL; |
|
|
ASN1_OBJECT *econtent_type = NULL; |
ASN1_OBJECT *econtent_type = NULL; |
|
|
|
|
args++; |
args++; |
if (!rr_from) |
if (!rr_from) |
rr_from = sk_OPENSSL_STRING_new_null(); |
rr_from = sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_push(rr_from, *args); |
if (!sk_OPENSSL_STRING_push(rr_from, *args)) |
|
goto end; |
} else if (!strcmp(*args, "-receipt_request_to")) { |
} else if (!strcmp(*args, "-receipt_request_to")) { |
if (!args[1]) |
if (!args[1]) |
goto argerr; |
goto argerr; |
args++; |
args++; |
if (!rr_to) |
if (!rr_to) |
rr_to = sk_OPENSSL_STRING_new_null(); |
rr_to = sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_push(rr_to, *args); |
if (!sk_OPENSSL_STRING_push(rr_to, *args)) |
|
goto end; |
} else if (!strcmp(*args, "-print")) { |
} else if (!strcmp(*args, "-print")) { |
noout = 1; |
noout = 1; |
print = 1; |
print = 1; |
|
|
if (!sksigners) |
if (!sksigners) |
sksigners = |
sksigners = |
sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_push(sksigners, signerfile); |
if (!sk_OPENSSL_STRING_push(sksigners, signerfile)) |
|
goto end; |
if (!keyfile) |
if (!keyfile) |
keyfile = signerfile; |
keyfile = signerfile; |
if (!skkeys) |
if (!skkeys) |
skkeys = sk_OPENSSL_STRING_new_null(); |
skkeys = sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_push(skkeys, keyfile); |
if (!sk_OPENSSL_STRING_push(skkeys, keyfile)) |
|
goto end; |
keyfile = NULL; |
keyfile = NULL; |
} |
} |
signerfile = *++args; |
signerfile = *++args; |
|
|
NULL, "recipient certificate file"); |
NULL, "recipient certificate file"); |
if (cert == NULL) |
if (cert == NULL) |
goto end; |
goto end; |
sk_X509_push(encerts, cert); |
if (!sk_X509_push(encerts, cert)) |
|
goto end; |
cert = NULL; |
cert = NULL; |
} else { |
} else { |
recipfile = *++args; |
recipfile = *++args; |
|
|
if (!sksigners) |
if (!sksigners) |
sksigners = |
sksigners = |
sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_push(sksigners, signerfile); |
if (!sk_OPENSSL_STRING_push(sksigners, signerfile)) |
|
goto end; |
signerfile = NULL; |
signerfile = NULL; |
if (!skkeys) |
if (!skkeys) |
skkeys = sk_OPENSSL_STRING_new_null(); |
skkeys = sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_push(skkeys, keyfile); |
if (!sk_OPENSSL_STRING_push(skkeys, keyfile)) |
|
goto end; |
} |
} |
keyfile = *++args; |
keyfile = *++args; |
} else if (!strcmp(*args, "-keyform")) { |
} else if (!strcmp(*args, "-keyform")) { |
|
|
goto argerr; |
goto argerr; |
} |
} |
if (key_param == NULL || key_param->idx != keyidx) { |
if (key_param == NULL || key_param->idx != keyidx) { |
cms_key_param *nparam; |
struct cms_key_param *nparam; |
if ((nparam = malloc(sizeof(cms_key_param))) == NULL) |
if ((nparam = malloc(sizeof(struct cms_key_param))) == NULL) |
goto end; |
goto end; |
nparam->idx = keyidx; |
nparam->idx = keyidx; |
if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) |
if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) |
|
|
key_param->next = nparam; |
key_param->next = nparam; |
key_param = nparam; |
key_param = nparam; |
} |
} |
sk_OPENSSL_STRING_push(key_param->param, *++args); |
if (!sk_OPENSSL_STRING_push(key_param->param, *++args)) |
|
goto end; |
} else if (!strcmp(*args, "-rctform")) { |
} else if (!strcmp(*args, "-rctform")) { |
if (!args[1]) |
if (!args[1]) |
goto argerr; |
goto argerr; |
|
|
if (signerfile) { |
if (signerfile) { |
if (!sksigners) |
if (!sksigners) |
sksigners = sk_OPENSSL_STRING_new_null(); |
sksigners = sk_OPENSSL_STRING_new_null(); |
sk_OPENSSL_STRING_push(sksigners, signerfile); |
if (!sk_OPENSSL_STRING_push(sksigners, signerfile)) |
|
goto end; |
if (!skkeys) |
if (!skkeys) |
skkeys = sk_OPENSSL_STRING_new_null(); |
skkeys = sk_OPENSSL_STRING_new_null(); |
if (!keyfile) |
if (!keyfile) |
keyfile = signerfile; |
keyfile = signerfile; |
sk_OPENSSL_STRING_push(skkeys, keyfile); |
if (!sk_OPENSSL_STRING_push(skkeys, keyfile)) |
|
goto end; |
} |
} |
if (!sksigners) { |
if (!sksigners) { |
BIO_printf(bio_err, |
BIO_printf(bio_err, |
|
|
BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); |
BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); |
BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n"); |
BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n"); |
BIO_printf(bio_err, "-keyform arg input private key format (PEM)\n"); |
BIO_printf(bio_err, "-keyform arg input private key format (PEM)\n"); |
BIO_printf (bio_err, "-keyopt nm:v set public key parameters\n"); |
BIO_printf(bio_err, "-keyopt nm:v set public key parameters\n"); |
BIO_printf(bio_err, "-out file output file\n"); |
BIO_printf(bio_err, "-out file output file\n"); |
BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); |
BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); |
BIO_printf(bio_err, "-content file supply or override content for detached signature\n"); |
BIO_printf(bio_err, "-content file supply or override content for detached signature\n"); |
|
|
if (!(cert = load_cert(bio_err, *args, FORMAT_PEM, |
if (!(cert = load_cert(bio_err, *args, FORMAT_PEM, |
NULL, "recipient certificate file"))) |
NULL, "recipient certificate file"))) |
goto end; |
goto end; |
sk_X509_push(encerts, cert); |
if (!sk_X509_push(encerts, cert)) |
|
goto end; |
cert = NULL; |
cert = NULL; |
args++; |
args++; |
} |
} |
|
|
goto end; |
goto end; |
for (i = 0; i < sk_X509_num(encerts); i++) { |
for (i = 0; i < sk_X509_num(encerts); i++) { |
CMS_RecipientInfo *ri; |
CMS_RecipientInfo *ri; |
cms_key_param *kparam; |
struct cms_key_param *kparam; |
int tflags = flags; |
int tflags = flags; |
X509 *x = sk_X509_value(encerts, i); |
X509 *x = sk_X509_value(encerts, i); |
for (kparam = key_first; kparam; kparam = kparam->next) { |
for (kparam = key_first; kparam; kparam = kparam->next) { |
|
|
flags |= CMS_REUSE_DIGEST; |
flags |= CMS_REUSE_DIGEST; |
for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { |
for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { |
CMS_SignerInfo *si; |
CMS_SignerInfo *si; |
cms_key_param *kparam; |
struct cms_key_param *kparam; |
int tflags = flags; |
int tflags = flags; |
signerfile = sk_OPENSSL_STRING_value(sksigners, i); |
signerfile = sk_OPENSSL_STRING_value(sksigners, i); |
keyfile = sk_OPENSSL_STRING_value(skkeys, i); |
keyfile = sk_OPENSSL_STRING_value(skkeys, i); |
|
|
sk_OPENSSL_STRING_free(rr_to); |
sk_OPENSSL_STRING_free(rr_to); |
sk_OPENSSL_STRING_free(rr_from); |
sk_OPENSSL_STRING_free(rr_from); |
for (key_param = key_first; key_param;) { |
for (key_param = key_first; key_param;) { |
cms_key_param *tparam; |
struct cms_key_param *tparam; |
sk_OPENSSL_STRING_free(key_param->param); |
sk_OPENSSL_STRING_free(key_param->param); |
tparam = key_param->next; |
tparam = key_param->next; |
free(key_param); |
free(key_param); |
|
|
{ |
{ |
char *keyopt; |
char *keyopt; |
int i; |
int i; |
|
|
if (sk_OPENSSL_STRING_num(param) <= 0) |
if (sk_OPENSSL_STRING_num(param) <= 0) |
return 1; |
return 1; |
for (i = 0; i < sk_OPENSSL_STRING_num(param); i++) { |
for (i = 0; i < sk_OPENSSL_STRING_num(param); i++) { |