Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(396)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/apps/cms.c

Issue 9254031: Upgrade chrome's OpenSSL to same version Android ships with. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/
Patch Set: '' Created 8 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « openssl/apps/ciphers.c ('k') | openssl/apps/crl2p7.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* apps/cms.c */ 1 /* apps/cms.c */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
5 /* ==================================================================== 5 /* ====================================================================
6 * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
10 * are met: 10 * are met:
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
64 #include <openssl/err.h> 64 #include <openssl/err.h>
65 #include <openssl/x509_vfy.h> 65 #include <openssl/x509_vfy.h>
66 #include <openssl/x509v3.h> 66 #include <openssl/x509v3.h>
67 #include <openssl/cms.h> 67 #include <openssl/cms.h>
68 68
69 #undef PROG 69 #undef PROG
70 #define PROG cms_main 70 #define PROG cms_main
71 static int save_certs(char *signerfile, STACK_OF(X509) *signers); 71 static int save_certs(char *signerfile, STACK_OF(X509) *signers);
72 static int cms_cb(int ok, X509_STORE_CTX *ctx); 72 static int cms_cb(int ok, X509_STORE_CTX *ctx);
73 static void receipt_request_print(BIO *out, CMS_ContentInfo *cms); 73 static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
74 static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst, 74 static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
75 » » » » » » » » STACK *rr_from); 75 » » » » » » int rr_allorfirst,
76 » » » » » STACK_OF(OPENSSL_STRING) *rr_from);
76 77
77 #define SMIME_OP 0x10 78 #define SMIME_OP 0x10
78 #define SMIME_IP 0x20 79 #define SMIME_IP 0x20
79 #define SMIME_SIGNERS 0x40 80 #define SMIME_SIGNERS 0x40
80 #define SMIME_ENCRYPT (1 | SMIME_OP) 81 #define SMIME_ENCRYPT (1 | SMIME_OP)
81 #define SMIME_DECRYPT (2 | SMIME_IP) 82 #define SMIME_DECRYPT (2 | SMIME_IP)
82 #define SMIME_SIGN (3 | SMIME_OP | SMIME_SIGNERS) 83 #define SMIME_SIGN (3 | SMIME_OP | SMIME_SIGNERS)
83 #define SMIME_VERIFY (4 | SMIME_IP) 84 #define SMIME_VERIFY (4 | SMIME_IP)
84 #define SMIME_CMSOUT (5 | SMIME_IP | SMIME_OP) 85 #define SMIME_CMSOUT (5 | SMIME_IP | SMIME_OP)
85 #define SMIME_RESIGN (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS) 86 #define SMIME_RESIGN (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
86 #define SMIME_DATAOUT (7 | SMIME_IP) 87 #define SMIME_DATAOUT (7 | SMIME_IP)
87 #define SMIME_DATA_CREATE (8 | SMIME_OP) 88 #define SMIME_DATA_CREATE (8 | SMIME_OP)
88 #define SMIME_DIGEST_VERIFY (9 | SMIME_IP) 89 #define SMIME_DIGEST_VERIFY (9 | SMIME_IP)
89 #define SMIME_DIGEST_CREATE (10 | SMIME_OP) 90 #define SMIME_DIGEST_CREATE (10 | SMIME_OP)
90 #define SMIME_UNCOMPRESS (11 | SMIME_IP) 91 #define SMIME_UNCOMPRESS (11 | SMIME_IP)
91 #define SMIME_COMPRESS (12 | SMIME_OP) 92 #define SMIME_COMPRESS (12 | SMIME_OP)
92 #define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP) 93 #define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP)
93 #define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP) 94 #define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP)
94 #define SMIME_SIGN_RECEIPT (15 | SMIME_IP | SMIME_OP) 95 #define SMIME_SIGN_RECEIPT (15 | SMIME_IP | SMIME_OP)
95 #define SMIME_VERIFY_RECEIPT (16 | SMIME_IP) 96 #define SMIME_VERIFY_RECEIPT (16 | SMIME_IP)
96 97
98 int verify_err = 0;
99
97 int MAIN(int, char **); 100 int MAIN(int, char **);
98 101
99 int MAIN(int argc, char **argv) 102 int MAIN(int argc, char **argv)
100 { 103 {
101 ENGINE *e = NULL; 104 ENGINE *e = NULL;
102 int operation = 0; 105 int operation = 0;
103 int ret = 0; 106 int ret = 0;
104 char **args; 107 char **args;
105 const char *inmode = "r", *outmode = "w"; 108 const char *inmode = "r", *outmode = "w";
106 char *infile = NULL, *outfile = NULL, *rctfile = NULL; 109 char *infile = NULL, *outfile = NULL, *rctfile = NULL;
107 char *signerfile = NULL, *recipfile = NULL; 110 char *signerfile = NULL, *recipfile = NULL;
108 » STACK *sksigners = NULL, *skkeys = NULL; 111 » STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
109 char *certfile = NULL, *keyfile = NULL, *contfile=NULL; 112 char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
110 char *certsoutfile = NULL; 113 char *certsoutfile = NULL;
111 const EVP_CIPHER *cipher = NULL; 114 const EVP_CIPHER *cipher = NULL;
112 CMS_ContentInfo *cms = NULL, *rcms = NULL; 115 CMS_ContentInfo *cms = NULL, *rcms = NULL;
113 X509_STORE *store = NULL; 116 X509_STORE *store = NULL;
114 X509 *cert = NULL, *recip = NULL, *signer = NULL; 117 X509 *cert = NULL, *recip = NULL, *signer = NULL;
115 EVP_PKEY *key = NULL; 118 EVP_PKEY *key = NULL;
116 STACK_OF(X509) *encerts = NULL, *other = NULL; 119 STACK_OF(X509) *encerts = NULL, *other = NULL;
117 BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL; 120 BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
118 int badarg = 0; 121 int badarg = 0;
119 » int flags = CMS_DETACHED; 122 » int flags = CMS_DETACHED, noout = 0, print = 0;
123 » int verify_retcode = 0;
120 int rr_print = 0, rr_allorfirst = -1; 124 int rr_print = 0, rr_allorfirst = -1;
121 » STACK *rr_to = NULL, *rr_from = NULL; 125 » STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
122 CMS_ReceiptRequest *rr = NULL; 126 CMS_ReceiptRequest *rr = NULL;
123 char *to = NULL, *from = NULL, *subject = NULL; 127 char *to = NULL, *from = NULL, *subject = NULL;
124 char *CAfile = NULL, *CApath = NULL; 128 char *CAfile = NULL, *CApath = NULL;
125 char *passargin = NULL, *passin = NULL; 129 char *passargin = NULL, *passin = NULL;
126 char *inrand = NULL; 130 char *inrand = NULL;
127 int need_rand = 0; 131 int need_rand = 0;
128 const EVP_MD *sign_md = NULL; 132 const EVP_MD *sign_md = NULL;
129 int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; 133 int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
130 int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM; 134 int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
131 #ifndef OPENSSL_NO_ENGINE 135 #ifndef OPENSSL_NO_ENGINE
(...skipping 27 matching lines...) Expand all
159 else if (!strcmp (*args, "-decrypt")) 163 else if (!strcmp (*args, "-decrypt"))
160 operation = SMIME_DECRYPT; 164 operation = SMIME_DECRYPT;
161 else if (!strcmp (*args, "-sign")) 165 else if (!strcmp (*args, "-sign"))
162 operation = SMIME_SIGN; 166 operation = SMIME_SIGN;
163 else if (!strcmp (*args, "-sign_receipt")) 167 else if (!strcmp (*args, "-sign_receipt"))
164 operation = SMIME_SIGN_RECEIPT; 168 operation = SMIME_SIGN_RECEIPT;
165 else if (!strcmp (*args, "-resign")) 169 else if (!strcmp (*args, "-resign"))
166 operation = SMIME_RESIGN; 170 operation = SMIME_RESIGN;
167 else if (!strcmp (*args, "-verify")) 171 else if (!strcmp (*args, "-verify"))
168 operation = SMIME_VERIFY; 172 operation = SMIME_VERIFY;
173 else if (!strcmp (*args, "-verify_retcode"))
174 verify_retcode = 1;
169 else if (!strcmp(*args,"-verify_receipt")) 175 else if (!strcmp(*args,"-verify_receipt"))
170 { 176 {
171 operation = SMIME_VERIFY_RECEIPT; 177 operation = SMIME_VERIFY_RECEIPT;
172 if (!args[1]) 178 if (!args[1])
173 goto argerr; 179 goto argerr;
174 args++; 180 args++;
175 rctfile = *args; 181 rctfile = *args;
176 } 182 }
177 else if (!strcmp (*args, "-cmsout")) 183 else if (!strcmp (*args, "-cmsout"))
178 operation = SMIME_CMSOUT; 184 operation = SMIME_CMSOUT;
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after
245 flags |= CMS_BINARY; 251 flags |= CMS_BINARY;
246 else if (!strcmp (*args, "-keyid")) 252 else if (!strcmp (*args, "-keyid"))
247 flags |= CMS_USE_KEYID; 253 flags |= CMS_USE_KEYID;
248 else if (!strcmp (*args, "-nosigs")) 254 else if (!strcmp (*args, "-nosigs"))
249 flags |= CMS_NOSIGS; 255 flags |= CMS_NOSIGS;
250 else if (!strcmp (*args, "-no_content_verify")) 256 else if (!strcmp (*args, "-no_content_verify"))
251 flags |= CMS_NO_CONTENT_VERIFY; 257 flags |= CMS_NO_CONTENT_VERIFY;
252 else if (!strcmp (*args, "-no_attr_verify")) 258 else if (!strcmp (*args, "-no_attr_verify"))
253 flags |= CMS_NO_ATTR_VERIFY; 259 flags |= CMS_NO_ATTR_VERIFY;
254 else if (!strcmp (*args, "-stream")) 260 else if (!strcmp (*args, "-stream"))
255 » » » » { 261 » » » » flags |= CMS_STREAM;
256 » » » » args++;
257 » » » » continue;
258 » » » » }
259 else if (!strcmp (*args, "-indef")) 262 else if (!strcmp (*args, "-indef"))
260 » » » » { 263 » » » » flags |= CMS_STREAM;
261 » » » » args++;
262 » » » » continue;
263 » » » » }
264 else if (!strcmp (*args, "-noindef")) 264 else if (!strcmp (*args, "-noindef"))
265 flags &= ~CMS_STREAM; 265 flags &= ~CMS_STREAM;
266 else if (!strcmp (*args, "-nooldmime")) 266 else if (!strcmp (*args, "-nooldmime"))
267 flags |= CMS_NOOLDMIMETYPE; 267 flags |= CMS_NOOLDMIMETYPE;
268 else if (!strcmp (*args, "-crlfeol")) 268 else if (!strcmp (*args, "-crlfeol"))
269 flags |= CMS_CRLFEOL; 269 flags |= CMS_CRLFEOL;
270 else if (!strcmp (*args, "-noout"))
271 noout = 1;
270 else if (!strcmp (*args, "-receipt_request_print")) 272 else if (!strcmp (*args, "-receipt_request_print"))
271 rr_print = 1; 273 rr_print = 1;
272 else if (!strcmp (*args, "-receipt_request_all")) 274 else if (!strcmp (*args, "-receipt_request_all"))
273 rr_allorfirst = 0; 275 rr_allorfirst = 0;
274 else if (!strcmp (*args, "-receipt_request_first")) 276 else if (!strcmp (*args, "-receipt_request_first"))
275 rr_allorfirst = 1; 277 rr_allorfirst = 1;
276 else if (!strcmp(*args,"-receipt_request_from")) 278 else if (!strcmp(*args,"-receipt_request_from"))
277 { 279 {
278 if (!args[1]) 280 if (!args[1])
279 goto argerr; 281 goto argerr;
280 args++; 282 args++;
281 if (!rr_from) 283 if (!rr_from)
282 » » » » rr_from = sk_new_null(); 284 » » » » rr_from = sk_OPENSSL_STRING_new_null();
283 » » » sk_push(rr_from, *args); 285 » » » sk_OPENSSL_STRING_push(rr_from, *args);
284 } 286 }
285 else if (!strcmp(*args,"-receipt_request_to")) 287 else if (!strcmp(*args,"-receipt_request_to"))
286 { 288 {
287 if (!args[1]) 289 if (!args[1])
288 goto argerr; 290 goto argerr;
289 args++; 291 args++;
290 if (!rr_to) 292 if (!rr_to)
291 » » » » rr_to = sk_new_null(); 293 » » » » rr_to = sk_OPENSSL_STRING_new_null();
292 » » » sk_push(rr_to, *args); 294 » » » sk_OPENSSL_STRING_push(rr_to, *args);
293 } 295 }
296 else if (!strcmp (*args, "-print"))
297 {
298 noout = 1;
299 print = 1;
300 }
294 else if (!strcmp(*args,"-secretkey")) 301 else if (!strcmp(*args,"-secretkey"))
295 { 302 {
296 long ltmp; 303 long ltmp;
297 if (!args[1]) 304 if (!args[1])
298 goto argerr; 305 goto argerr;
299 args++; 306 args++;
300 secret_key = string_to_hex(*args, &ltmp); 307 secret_key = string_to_hex(*args, &ltmp);
301 if (!secret_key) 308 if (!secret_key)
302 { 309 {
303 BIO_printf(bio_err, "Invalid key %s\n", *args); 310 BIO_printf(bio_err, "Invalid key %s\n", *args);
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after
373 } 380 }
374 else if (!strcmp (*args, "-signer")) 381 else if (!strcmp (*args, "-signer"))
375 { 382 {
376 if (!args[1]) 383 if (!args[1])
377 goto argerr; 384 goto argerr;
378 /* If previous -signer argument add signer to list */ 385 /* If previous -signer argument add signer to list */
379 386
380 if (signerfile) 387 if (signerfile)
381 { 388 {
382 if (!sksigners) 389 if (!sksigners)
383 » » » » » sksigners = sk_new_null(); 390 » » » » » sksigners = sk_OPENSSL_STRING_new_null() ;
384 » » » » sk_push(sksigners, signerfile); 391 » » » » sk_OPENSSL_STRING_push(sksigners, signerfile);
385 if (!keyfile) 392 if (!keyfile)
386 keyfile = signerfile; 393 keyfile = signerfile;
387 if (!skkeys) 394 if (!skkeys)
388 » » » » » skkeys = sk_new_null(); 395 » » » » » skkeys = sk_OPENSSL_STRING_new_null();
389 » » » » sk_push(skkeys, keyfile); 396 » » » » sk_OPENSSL_STRING_push(skkeys, keyfile);
390 keyfile = NULL; 397 keyfile = NULL;
391 } 398 }
392 signerfile = *++args; 399 signerfile = *++args;
393 } 400 }
394 else if (!strcmp (*args, "-recip")) 401 else if (!strcmp (*args, "-recip"))
395 { 402 {
396 if (!args[1]) 403 if (!args[1])
397 goto argerr; 404 goto argerr;
398 recipfile = *++args; 405 recipfile = *++args;
399 } 406 }
(...skipping 21 matching lines...) Expand all
421 goto argerr; 428 goto argerr;
422 /* If previous -inkey arument add signer to list */ 429 /* If previous -inkey arument add signer to list */
423 if (keyfile) 430 if (keyfile)
424 { 431 {
425 if (!signerfile) 432 if (!signerfile)
426 { 433 {
427 BIO_puts(bio_err, "Illegal -inkey withou t -signer\n"); 434 BIO_puts(bio_err, "Illegal -inkey withou t -signer\n");
428 goto argerr; 435 goto argerr;
429 } 436 }
430 if (!sksigners) 437 if (!sksigners)
431 » » » » » sksigners = sk_new_null(); 438 » » » » » sksigners = sk_OPENSSL_STRING_new_null() ;
432 » » » » sk_push(sksigners, signerfile); 439 » » » » sk_OPENSSL_STRING_push(sksigners, signerfile);
433 signerfile = NULL; 440 signerfile = NULL;
434 if (!skkeys) 441 if (!skkeys)
435 » » » » » skkeys = sk_new_null(); 442 » » » » » skkeys = sk_OPENSSL_STRING_new_null();
436 » » » » sk_push(skkeys, keyfile); 443 » » » » sk_OPENSSL_STRING_push(skkeys, keyfile);
437 } 444 }
438 keyfile = *++args; 445 keyfile = *++args;
439 } 446 }
440 else if (!strcmp (*args, "-keyform")) 447 else if (!strcmp (*args, "-keyform"))
441 { 448 {
442 if (!args[1]) 449 if (!args[1])
443 goto argerr; 450 goto argerr;
444 keyform = str2fmt(*++args); 451 keyform = str2fmt(*++args);
445 } 452 }
446 else if (!strcmp (*args, "-rctform")) 453 else if (!strcmp (*args, "-rctform"))
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after
525 { 532 {
526 if (keyfile && !signerfile) 533 if (keyfile && !signerfile)
527 { 534 {
528 BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 535 BIO_puts(bio_err, "Illegal -inkey without -signer\n");
529 goto argerr; 536 goto argerr;
530 } 537 }
531 /* Check to see if any final signer needs to be appended */ 538 /* Check to see if any final signer needs to be appended */
532 if (signerfile) 539 if (signerfile)
533 { 540 {
534 if (!sksigners) 541 if (!sksigners)
535 » » » » sksigners = sk_new_null(); 542 » » » » sksigners = sk_OPENSSL_STRING_new_null();
536 » » » sk_push(sksigners, signerfile); 543 » » » sk_OPENSSL_STRING_push(sksigners, signerfile);
537 if (!skkeys) 544 if (!skkeys)
538 » » » » skkeys = sk_new_null(); 545 » » » » skkeys = sk_OPENSSL_STRING_new_null();
539 if (!keyfile) 546 if (!keyfile)
540 keyfile = signerfile; 547 keyfile = signerfile;
541 » » » sk_push(skkeys, keyfile); 548 » » » sk_OPENSSL_STRING_push(skkeys, keyfile);
542 } 549 }
543 if (!sksigners) 550 if (!sksigners)
544 { 551 {
545 BIO_printf(bio_err, "No signer certificate specified\n") ; 552 BIO_printf(bio_err, "No signer certificate specified\n") ;
546 badarg = 1; 553 badarg = 1;
547 } 554 }
548 signerfile = NULL; 555 signerfile = NULL;
549 keyfile = NULL; 556 keyfile = NULL;
550 need_rand = 1; 557 need_rand = 1;
551 } 558 }
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
604 BIO_printf (bio_err, "-nosigs don't verify message signat ure\n"); 611 BIO_printf (bio_err, "-nosigs don't verify message signat ure\n");
605 BIO_printf (bio_err, "-noverify don't verify signers certif icate\n"); 612 BIO_printf (bio_err, "-noverify don't verify signers certif icate\n");
606 BIO_printf (bio_err, "-nocerts don't include signers certi ficate when signing\n"); 613 BIO_printf (bio_err, "-nocerts don't include signers certi ficate when signing\n");
607 BIO_printf (bio_err, "-nodetach use opaque signing\n"); 614 BIO_printf (bio_err, "-nodetach use opaque signing\n");
608 BIO_printf (bio_err, "-noattr don't include any signed at tributes\n"); 615 BIO_printf (bio_err, "-noattr don't include any signed at tributes\n");
609 BIO_printf (bio_err, "-binary don't translate message to text\n"); 616 BIO_printf (bio_err, "-binary don't translate message to text\n");
610 BIO_printf (bio_err, "-certfile file other certificates file\n") ; 617 BIO_printf (bio_err, "-certfile file other certificates file\n") ;
611 BIO_printf (bio_err, "-certsout file certificate output file\n") ; 618 BIO_printf (bio_err, "-certsout file certificate output file\n") ;
612 BIO_printf (bio_err, "-signer file signer certificate file\n") ; 619 BIO_printf (bio_err, "-signer file signer certificate file\n") ;
613 BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n"); 620 BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n");
614 » » BIO_printf (bio_err, "-skeyid use subject key identifier\ n"); 621 » » BIO_printf (bio_err, "-keyid use subject key identifier\n ");
615 BIO_printf (bio_err, "-in file input file\n"); 622 BIO_printf (bio_err, "-in file input file\n");
616 BIO_printf (bio_err, "-inform arg input format SMIME (default ), PEM or DER\n"); 623 BIO_printf (bio_err, "-inform arg input format SMIME (default ), PEM or DER\n");
617 BIO_printf (bio_err, "-inkey file input private key (if not s igner or recipient)\n"); 624 BIO_printf (bio_err, "-inkey file input private key (if not s igner or recipient)\n");
618 BIO_printf (bio_err, "-keyform arg input private key format (P EM or ENGINE)\n"); 625 BIO_printf (bio_err, "-keyform arg input private key format (P EM or ENGINE)\n");
619 BIO_printf (bio_err, "-out file output file\n"); 626 BIO_printf (bio_err, "-out file output file\n");
620 BIO_printf (bio_err, "-outform arg output format SMIME (defaul t), PEM or DER\n"); 627 BIO_printf (bio_err, "-outform arg output format SMIME (defaul t), PEM or DER\n");
621 BIO_printf (bio_err, "-content file supply or override content for detached signature\n"); 628 BIO_printf (bio_err, "-content file supply or override content for detached signature\n");
622 BIO_printf (bio_err, "-to addr to address\n"); 629 BIO_printf (bio_err, "-to addr to address\n");
623 BIO_printf (bio_err, "-from ad from address\n"); 630 BIO_printf (bio_err, "-from ad from address\n");
624 BIO_printf (bio_err, "-subject s subject\n"); 631 BIO_printf (bio_err, "-subject s subject\n");
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
690 #ifndef OPENSSL_NO_DES 697 #ifndef OPENSSL_NO_DES
691 cipher = EVP_des_ede3_cbc(); 698 cipher = EVP_des_ede3_cbc();
692 #else 699 #else
693 BIO_printf(bio_err, "No cipher selected\n"); 700 BIO_printf(bio_err, "No cipher selected\n");
694 goto end; 701 goto end;
695 #endif 702 #endif
696 } 703 }
697 704
698 if (secret_key && !secret_keyid) 705 if (secret_key && !secret_keyid)
699 { 706 {
700 » » » BIO_printf(bio_err, "No sectre key id\n"); 707 » » » BIO_printf(bio_err, "No secret key id\n");
701 goto end; 708 goto end;
702 } 709 }
703 710
704 if (*args) 711 if (*args)
705 encerts = sk_X509_new_null(); 712 encerts = sk_X509_new_null();
706 while (*args) 713 while (*args)
707 { 714 {
708 if (!(cert = load_cert(bio_err,*args,FORMAT_PEM, 715 if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
709 NULL, e, "recipient certificate file"))) 716 NULL, e, "recipient certificate file")))
710 goto end; 717 goto end;
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after
866 BIO *tmpbio = BIO_new(BIO_f_linebuffer()); 873 BIO *tmpbio = BIO_new(BIO_f_linebuffer());
867 out = BIO_push(tmpbio, out); 874 out = BIO_push(tmpbio, out);
868 } 875 }
869 #endif 876 #endif
870 } 877 }
871 878
872 if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT)) 879 if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT))
873 { 880 {
874 if (!(store = setup_verify(bio_err, CAfile, CApath))) 881 if (!(store = setup_verify(bio_err, CAfile, CApath)))
875 goto end; 882 goto end;
876 » » X509_STORE_set_verify_cb_func(store, cms_cb); 883 » » X509_STORE_set_verify_cb(store, cms_cb);
877 if (vpm) 884 if (vpm)
878 X509_STORE_set1_param(store, vpm); 885 X509_STORE_set1_param(store, vpm);
879 } 886 }
880 887
881 888
882 ret = 3; 889 ret = 3;
883 890
884 if (operation == SMIME_DATA_CREATE) 891 if (operation == SMIME_DATA_CREATE)
885 { 892 {
886 cms = CMS_data_create(in, flags); 893 cms = CMS_data_create(in, flags);
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after
966 if (!rr) 973 if (!rr)
967 { 974 {
968 BIO_puts(bio_err, 975 BIO_puts(bio_err,
969 "Signed Receipt Request Creation Error\n"); 976 "Signed Receipt Request Creation Error\n");
970 goto end; 977 goto end;
971 } 978 }
972 } 979 }
973 } 980 }
974 else 981 else
975 flags |= CMS_REUSE_DIGEST; 982 flags |= CMS_REUSE_DIGEST;
976 » » for (i = 0; i < sk_num(sksigners); i++) 983 » » for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
977 { 984 {
978 CMS_SignerInfo *si; 985 CMS_SignerInfo *si;
979 » » » signerfile = sk_value(sksigners, i); 986 » » » signerfile = sk_OPENSSL_STRING_value(sksigners, i);
980 » » » keyfile = sk_value(skkeys, i); 987 » » » keyfile = sk_OPENSSL_STRING_value(skkeys, i);
981 signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL, 988 signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
982 e, "signer certificate"); 989 e, "signer certificate");
983 if (!signer) 990 if (!signer)
984 goto end; 991 goto end;
985 key = load_key(bio_err, keyfile, keyform, 0, passin, e, 992 key = load_key(bio_err, keyfile, keyform, 0, passin, e,
986 "signing key file"); 993 "signing key file");
987 if (!key) 994 if (!key)
988 goto end; 995 goto end;
989 si = CMS_add1_signer(cms, signer, key, sign_md, flags); 996 si = CMS_add1_signer(cms, signer, key, sign_md, flags);
990 if (!si) 997 if (!si)
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after
1068 indata, out, flags)) 1075 indata, out, flags))
1069 goto end; 1076 goto end;
1070 } 1077 }
1071 else if (operation == SMIME_VERIFY) 1078 else if (operation == SMIME_VERIFY)
1072 { 1079 {
1073 if (CMS_verify(cms, other, store, indata, out, flags) > 0) 1080 if (CMS_verify(cms, other, store, indata, out, flags) > 0)
1074 BIO_printf(bio_err, "Verification successful\n"); 1081 BIO_printf(bio_err, "Verification successful\n");
1075 else 1082 else
1076 { 1083 {
1077 BIO_printf(bio_err, "Verification failure\n"); 1084 BIO_printf(bio_err, "Verification failure\n");
1085 if (verify_retcode)
1086 ret = verify_err + 32;
1078 goto end; 1087 goto end;
1079 } 1088 }
1080 if (signerfile) 1089 if (signerfile)
1081 { 1090 {
1082 STACK_OF(X509) *signers; 1091 STACK_OF(X509) *signers;
1083 signers = CMS_get0_signers(cms); 1092 signers = CMS_get0_signers(cms);
1084 if (!save_certs(signerfile, signers)) 1093 if (!save_certs(signerfile, signers))
1085 { 1094 {
1086 BIO_printf(bio_err, 1095 BIO_printf(bio_err,
1087 "Error writing signers to %s\n", 1096 "Error writing signers to %s\n",
(...skipping 12 matching lines...) Expand all
1100 if (CMS_verify_receipt(rcms, cms, other, store, flags) > 0) 1109 if (CMS_verify_receipt(rcms, cms, other, store, flags) > 0)
1101 BIO_printf(bio_err, "Verification successful\n"); 1110 BIO_printf(bio_err, "Verification successful\n");
1102 else 1111 else
1103 { 1112 {
1104 BIO_printf(bio_err, "Verification failure\n"); 1113 BIO_printf(bio_err, "Verification failure\n");
1105 goto end; 1114 goto end;
1106 } 1115 }
1107 } 1116 }
1108 else 1117 else
1109 { 1118 {
1110 » » if (outformat == FORMAT_SMIME) 1119 » » if (noout)
1120 » » » {
1121 » » » if (print)
1122 » » » » CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
1123 » » » }
1124 » » else if (outformat == FORMAT_SMIME)
1111 { 1125 {
1112 if (to) 1126 if (to)
1113 BIO_printf(out, "To: %s\n", to); 1127 BIO_printf(out, "To: %s\n", to);
1114 if (from) 1128 if (from)
1115 BIO_printf(out, "From: %s\n", from); 1129 BIO_printf(out, "From: %s\n", from);
1116 if (subject) 1130 if (subject)
1117 BIO_printf(out, "Subject: %s\n", subject); 1131 BIO_printf(out, "Subject: %s\n", subject);
1118 if (operation == SMIME_RESIGN) 1132 if (operation == SMIME_RESIGN)
1119 ret = SMIME_write_CMS(out, cms, indata, flags); 1133 ret = SMIME_write_CMS(out, cms, indata, flags);
1120 else 1134 else
1121 ret = SMIME_write_CMS(out, cms, in, flags); 1135 ret = SMIME_write_CMS(out, cms, in, flags);
1122 } 1136 }
1123 else if (outformat == FORMAT_PEM) 1137 else if (outformat == FORMAT_PEM)
1124 » » » ret = PEM_write_bio_CMS(out, cms); 1138 » » » ret = PEM_write_bio_CMS_stream(out, cms, in, flags);
1125 else if (outformat == FORMAT_ASN1) 1139 else if (outformat == FORMAT_ASN1)
1126 » » » ret = i2d_CMS_bio(out,cms); 1140 » » » ret = i2d_CMS_bio_stream(out,cms, in, flags);
1127 else 1141 else
1128 { 1142 {
1129 BIO_printf(bio_err, "Bad output format for CMS file\n"); 1143 BIO_printf(bio_err, "Bad output format for CMS file\n");
1130 goto end; 1144 goto end;
1131 } 1145 }
1132 if (ret <= 0) 1146 if (ret <= 0)
1133 { 1147 {
1134 ret = 6; 1148 ret = 6;
1135 goto end; 1149 goto end;
1136 } 1150 }
1137 } 1151 }
1138 ret = 0; 1152 ret = 0;
1139 end: 1153 end:
1140 if (ret) 1154 if (ret)
1141 ERR_print_errors(bio_err); 1155 ERR_print_errors(bio_err);
1142 if (need_rand) 1156 if (need_rand)
1143 app_RAND_write_file(NULL, bio_err); 1157 app_RAND_write_file(NULL, bio_err);
1144 sk_X509_pop_free(encerts, X509_free); 1158 sk_X509_pop_free(encerts, X509_free);
1145 sk_X509_pop_free(other, X509_free); 1159 sk_X509_pop_free(other, X509_free);
1146 if (vpm) 1160 if (vpm)
1147 X509_VERIFY_PARAM_free(vpm); 1161 X509_VERIFY_PARAM_free(vpm);
1148 if (sksigners) 1162 if (sksigners)
1149 » » sk_free(sksigners); 1163 » » sk_OPENSSL_STRING_free(sksigners);
1150 if (skkeys) 1164 if (skkeys)
1151 » » sk_free(skkeys); 1165 » » sk_OPENSSL_STRING_free(skkeys);
1152 if (secret_key) 1166 if (secret_key)
1153 OPENSSL_free(secret_key); 1167 OPENSSL_free(secret_key);
1154 if (secret_keyid) 1168 if (secret_keyid)
1155 OPENSSL_free(secret_keyid); 1169 OPENSSL_free(secret_keyid);
1156 if (econtent_type) 1170 if (econtent_type)
1157 ASN1_OBJECT_free(econtent_type); 1171 ASN1_OBJECT_free(econtent_type);
1158 if (rr) 1172 if (rr)
1159 CMS_ReceiptRequest_free(rr); 1173 CMS_ReceiptRequest_free(rr);
1160 if (rr_to) 1174 if (rr_to)
1161 » » sk_free(rr_to); 1175 » » sk_OPENSSL_STRING_free(rr_to);
1162 if (rr_from) 1176 if (rr_from)
1163 » » sk_free(rr_from); 1177 » » sk_OPENSSL_STRING_free(rr_from);
1164 X509_STORE_free(store); 1178 X509_STORE_free(store);
1165 X509_free(cert); 1179 X509_free(cert);
1166 X509_free(recip); 1180 X509_free(recip);
1167 X509_free(signer); 1181 X509_free(signer);
1168 EVP_PKEY_free(key); 1182 EVP_PKEY_free(key);
1169 CMS_ContentInfo_free(cms); 1183 CMS_ContentInfo_free(cms);
1170 CMS_ContentInfo_free(rcms); 1184 CMS_ContentInfo_free(rcms);
1171 BIO_free(rctin); 1185 BIO_free(rctin);
1172 BIO_free(in); 1186 BIO_free(in);
1173 BIO_free(indata); 1187 BIO_free(indata);
(...skipping 18 matching lines...) Expand all
1192 1206
1193 1207
1194 /* Minimal callback just to output policy info (if any) */ 1208 /* Minimal callback just to output policy info (if any) */
1195 1209
1196 static int cms_cb(int ok, X509_STORE_CTX *ctx) 1210 static int cms_cb(int ok, X509_STORE_CTX *ctx)
1197 { 1211 {
1198 int error; 1212 int error;
1199 1213
1200 error = X509_STORE_CTX_get_error(ctx); 1214 error = X509_STORE_CTX_get_error(ctx);
1201 1215
1216 verify_err = error;
1217
1202 if ((error != X509_V_ERR_NO_EXPLICIT_POLICY) 1218 if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
1203 && ((error != X509_V_OK) || (ok != 2))) 1219 && ((error != X509_V_OK) || (ok != 2)))
1204 return ok; 1220 return ok;
1205 1221
1206 policies_print(NULL, ctx); 1222 policies_print(NULL, ctx);
1207 1223
1208 return ok; 1224 return ok;
1209 1225
1210 } 1226 }
1211 1227
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
1273 else 1289 else
1274 BIO_printf(out, " Unknown (%d)\n", allorfirst); 1290 BIO_printf(out, " Unknown (%d)\n", allorfirst);
1275 BIO_puts(out, " Receipts To:\n"); 1291 BIO_puts(out, " Receipts To:\n");
1276 gnames_stack_print(out, rto); 1292 gnames_stack_print(out, rto);
1277 } 1293 }
1278 if (rr) 1294 if (rr)
1279 CMS_ReceiptRequest_free(rr); 1295 CMS_ReceiptRequest_free(rr);
1280 } 1296 }
1281 } 1297 }
1282 1298
1283 static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns) 1299 static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
1284 { 1300 {
1285 int i; 1301 int i;
1286 STACK_OF(GENERAL_NAMES) *ret; 1302 STACK_OF(GENERAL_NAMES) *ret;
1287 GENERAL_NAMES *gens = NULL; 1303 GENERAL_NAMES *gens = NULL;
1288 GENERAL_NAME *gen = NULL; 1304 GENERAL_NAME *gen = NULL;
1289 ret = sk_GENERAL_NAMES_new_null(); 1305 ret = sk_GENERAL_NAMES_new_null();
1290 if (!ret) 1306 if (!ret)
1291 goto err; 1307 goto err;
1292 » for (i = 0; i < sk_num(ns); i++) 1308 » for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++)
1293 { 1309 {
1294 » » CONF_VALUE cnf; 1310 » » char *str = sk_OPENSSL_STRING_value(ns, i);
1295 » » cnf.name = "email"; 1311 » » gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0);
1296 » » cnf.value = sk_value(ns, i);
1297 » » gen = v2i_GENERAL_NAME(NULL, NULL, &cnf);
1298 if (!gen) 1312 if (!gen)
1299 goto err; 1313 goto err;
1300 gens = GENERAL_NAMES_new(); 1314 gens = GENERAL_NAMES_new();
1301 if (!gens) 1315 if (!gens)
1302 goto err; 1316 goto err;
1303 if (!sk_GENERAL_NAME_push(gens, gen)) 1317 if (!sk_GENERAL_NAME_push(gens, gen))
1304 goto err; 1318 goto err;
1305 gen = NULL; 1319 gen = NULL;
1306 if (!sk_GENERAL_NAMES_push(ret, gens)) 1320 if (!sk_GENERAL_NAMES_push(ret, gens))
1307 goto err; 1321 goto err;
1308 gens = NULL; 1322 gens = NULL;
1309 } 1323 }
1310 1324
1311 return ret; 1325 return ret;
1312 1326
1313 err: 1327 err:
1314 if (ret) 1328 if (ret)
1315 sk_GENERAL_NAMES_pop_free(ret, GENERAL_NAMES_free); 1329 sk_GENERAL_NAMES_pop_free(ret, GENERAL_NAMES_free);
1316 if (gens) 1330 if (gens)
1317 GENERAL_NAMES_free(gens); 1331 GENERAL_NAMES_free(gens);
1318 if (gen) 1332 if (gen)
1319 GENERAL_NAME_free(gen); 1333 GENERAL_NAME_free(gen);
1320 return NULL; 1334 return NULL;
1321 } 1335 }
1322 1336
1323 1337
1324 static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst, 1338 static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
1325 » » » » » » » » STACK *rr_from) 1339 » » » » » » int rr_allorfirst,
1340 » » » » » » STACK_OF(OPENSSL_STRING) *rr_fro m)
1326 { 1341 {
1327 STACK_OF(GENERAL_NAMES) *rct_to, *rct_from; 1342 STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
1328 CMS_ReceiptRequest *rr; 1343 CMS_ReceiptRequest *rr;
1329 rct_to = make_names_stack(rr_to); 1344 rct_to = make_names_stack(rr_to);
1330 if (!rct_to) 1345 if (!rct_to)
1331 goto err; 1346 goto err;
1332 if (rr_from) 1347 if (rr_from)
1333 { 1348 {
1334 rct_from = make_names_stack(rr_from); 1349 rct_from = make_names_stack(rr_from);
1335 if (!rct_from) 1350 if (!rct_from)
1336 goto err; 1351 goto err;
1337 } 1352 }
1338 else 1353 else
1339 rct_from = NULL; 1354 rct_from = NULL;
1340 rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from, 1355 rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
1341 rct_to); 1356 rct_to);
1342 return rr; 1357 return rr;
1343 err: 1358 err:
1344 return NULL; 1359 return NULL;
1345 } 1360 }
1346 1361
1347 #endif 1362 #endif
OLDNEW
« no previous file with comments | « openssl/apps/ciphers.c ('k') | openssl/apps/crl2p7.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698