| Index: openssl/apps/cms.c
|
| ===================================================================
|
| --- openssl/apps/cms.c (revision 105093)
|
| +++ openssl/apps/cms.c (working copy)
|
| @@ -71,8 +71,9 @@
|
| static int save_certs(char *signerfile, STACK_OF(X509) *signers);
|
| static int cms_cb(int ok, X509_STORE_CTX *ctx);
|
| static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
|
| -static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst,
|
| - STACK *rr_from);
|
| +static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
|
| + int rr_allorfirst,
|
| + STACK_OF(OPENSSL_STRING) *rr_from);
|
|
|
| #define SMIME_OP 0x10
|
| #define SMIME_IP 0x20
|
| @@ -94,6 +95,8 @@
|
| #define SMIME_SIGN_RECEIPT (15 | SMIME_IP | SMIME_OP)
|
| #define SMIME_VERIFY_RECEIPT (16 | SMIME_IP)
|
|
|
| +int verify_err = 0;
|
| +
|
| int MAIN(int, char **);
|
|
|
| int MAIN(int argc, char **argv)
|
| @@ -105,7 +108,7 @@
|
| const char *inmode = "r", *outmode = "w";
|
| char *infile = NULL, *outfile = NULL, *rctfile = NULL;
|
| char *signerfile = NULL, *recipfile = NULL;
|
| - STACK *sksigners = NULL, *skkeys = NULL;
|
| + STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
|
| char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
|
| char *certsoutfile = NULL;
|
| const EVP_CIPHER *cipher = NULL;
|
| @@ -116,9 +119,10 @@
|
| STACK_OF(X509) *encerts = NULL, *other = NULL;
|
| BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
|
| int badarg = 0;
|
| - int flags = CMS_DETACHED;
|
| + int flags = CMS_DETACHED, noout = 0, print = 0;
|
| + int verify_retcode = 0;
|
| int rr_print = 0, rr_allorfirst = -1;
|
| - STACK *rr_to = NULL, *rr_from = NULL;
|
| + STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
|
| CMS_ReceiptRequest *rr = NULL;
|
| char *to = NULL, *from = NULL, *subject = NULL;
|
| char *CAfile = NULL, *CApath = NULL;
|
| @@ -166,6 +170,8 @@
|
| operation = SMIME_RESIGN;
|
| else if (!strcmp (*args, "-verify"))
|
| operation = SMIME_VERIFY;
|
| + else if (!strcmp (*args, "-verify_retcode"))
|
| + verify_retcode = 1;
|
| else if (!strcmp(*args,"-verify_receipt"))
|
| {
|
| operation = SMIME_VERIFY_RECEIPT;
|
| @@ -252,21 +258,17 @@
|
| else if (!strcmp (*args, "-no_attr_verify"))
|
| flags |= CMS_NO_ATTR_VERIFY;
|
| else if (!strcmp (*args, "-stream"))
|
| - {
|
| - args++;
|
| - continue;
|
| - }
|
| + flags |= CMS_STREAM;
|
| else if (!strcmp (*args, "-indef"))
|
| - {
|
| - args++;
|
| - continue;
|
| - }
|
| + flags |= CMS_STREAM;
|
| else if (!strcmp (*args, "-noindef"))
|
| flags &= ~CMS_STREAM;
|
| else if (!strcmp (*args, "-nooldmime"))
|
| flags |= CMS_NOOLDMIMETYPE;
|
| else if (!strcmp (*args, "-crlfeol"))
|
| flags |= CMS_CRLFEOL;
|
| + else if (!strcmp (*args, "-noout"))
|
| + noout = 1;
|
| else if (!strcmp (*args, "-receipt_request_print"))
|
| rr_print = 1;
|
| else if (!strcmp (*args, "-receipt_request_all"))
|
| @@ -279,8 +281,8 @@
|
| goto argerr;
|
| args++;
|
| if (!rr_from)
|
| - rr_from = sk_new_null();
|
| - sk_push(rr_from, *args);
|
| + rr_from = sk_OPENSSL_STRING_new_null();
|
| + sk_OPENSSL_STRING_push(rr_from, *args);
|
| }
|
| else if (!strcmp(*args,"-receipt_request_to"))
|
| {
|
| @@ -288,9 +290,14 @@
|
| goto argerr;
|
| args++;
|
| if (!rr_to)
|
| - rr_to = sk_new_null();
|
| - sk_push(rr_to, *args);
|
| + rr_to = sk_OPENSSL_STRING_new_null();
|
| + sk_OPENSSL_STRING_push(rr_to, *args);
|
| }
|
| + else if (!strcmp (*args, "-print"))
|
| + {
|
| + noout = 1;
|
| + print = 1;
|
| + }
|
| else if (!strcmp(*args,"-secretkey"))
|
| {
|
| long ltmp;
|
| @@ -380,13 +387,13 @@
|
| if (signerfile)
|
| {
|
| if (!sksigners)
|
| - sksigners = sk_new_null();
|
| - sk_push(sksigners, signerfile);
|
| + sksigners = sk_OPENSSL_STRING_new_null();
|
| + sk_OPENSSL_STRING_push(sksigners, signerfile);
|
| if (!keyfile)
|
| keyfile = signerfile;
|
| if (!skkeys)
|
| - skkeys = sk_new_null();
|
| - sk_push(skkeys, keyfile);
|
| + skkeys = sk_OPENSSL_STRING_new_null();
|
| + sk_OPENSSL_STRING_push(skkeys, keyfile);
|
| keyfile = NULL;
|
| }
|
| signerfile = *++args;
|
| @@ -428,12 +435,12 @@
|
| goto argerr;
|
| }
|
| if (!sksigners)
|
| - sksigners = sk_new_null();
|
| - sk_push(sksigners, signerfile);
|
| + sksigners = sk_OPENSSL_STRING_new_null();
|
| + sk_OPENSSL_STRING_push(sksigners, signerfile);
|
| signerfile = NULL;
|
| if (!skkeys)
|
| - skkeys = sk_new_null();
|
| - sk_push(skkeys, keyfile);
|
| + skkeys = sk_OPENSSL_STRING_new_null();
|
| + sk_OPENSSL_STRING_push(skkeys, keyfile);
|
| }
|
| keyfile = *++args;
|
| }
|
| @@ -532,13 +539,13 @@
|
| if (signerfile)
|
| {
|
| if (!sksigners)
|
| - sksigners = sk_new_null();
|
| - sk_push(sksigners, signerfile);
|
| + sksigners = sk_OPENSSL_STRING_new_null();
|
| + sk_OPENSSL_STRING_push(sksigners, signerfile);
|
| if (!skkeys)
|
| - skkeys = sk_new_null();
|
| + skkeys = sk_OPENSSL_STRING_new_null();
|
| if (!keyfile)
|
| keyfile = signerfile;
|
| - sk_push(skkeys, keyfile);
|
| + sk_OPENSSL_STRING_push(skkeys, keyfile);
|
| }
|
| if (!sksigners)
|
| {
|
| @@ -611,7 +618,7 @@
|
| BIO_printf (bio_err, "-certsout file certificate output file\n");
|
| BIO_printf (bio_err, "-signer file signer certificate file\n");
|
| BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n");
|
| - BIO_printf (bio_err, "-skeyid use subject key identifier\n");
|
| + BIO_printf (bio_err, "-keyid use subject key identifier\n");
|
| BIO_printf (bio_err, "-in file input file\n");
|
| BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n");
|
| BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n");
|
| @@ -697,7 +704,7 @@
|
|
|
| if (secret_key && !secret_keyid)
|
| {
|
| - BIO_printf(bio_err, "No sectre key id\n");
|
| + BIO_printf(bio_err, "No secret key id\n");
|
| goto end;
|
| }
|
|
|
| @@ -873,7 +880,7 @@
|
| {
|
| if (!(store = setup_verify(bio_err, CAfile, CApath)))
|
| goto end;
|
| - X509_STORE_set_verify_cb_func(store, cms_cb);
|
| + X509_STORE_set_verify_cb(store, cms_cb);
|
| if (vpm)
|
| X509_STORE_set1_param(store, vpm);
|
| }
|
| @@ -973,11 +980,11 @@
|
| }
|
| else
|
| flags |= CMS_REUSE_DIGEST;
|
| - for (i = 0; i < sk_num(sksigners); i++)
|
| + for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
|
| {
|
| CMS_SignerInfo *si;
|
| - signerfile = sk_value(sksigners, i);
|
| - keyfile = sk_value(skkeys, i);
|
| + signerfile = sk_OPENSSL_STRING_value(sksigners, i);
|
| + keyfile = sk_OPENSSL_STRING_value(skkeys, i);
|
| signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
|
| e, "signer certificate");
|
| if (!signer)
|
| @@ -1075,6 +1082,8 @@
|
| else
|
| {
|
| BIO_printf(bio_err, "Verification failure\n");
|
| + if (verify_retcode)
|
| + ret = verify_err + 32;
|
| goto end;
|
| }
|
| if (signerfile)
|
| @@ -1107,8 +1116,13 @@
|
| }
|
| else
|
| {
|
| - if (outformat == FORMAT_SMIME)
|
| + if (noout)
|
| {
|
| + if (print)
|
| + CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
|
| + }
|
| + else if (outformat == FORMAT_SMIME)
|
| + {
|
| if (to)
|
| BIO_printf(out, "To: %s\n", to);
|
| if (from)
|
| @@ -1121,9 +1135,9 @@
|
| ret = SMIME_write_CMS(out, cms, in, flags);
|
| }
|
| else if (outformat == FORMAT_PEM)
|
| - ret = PEM_write_bio_CMS(out, cms);
|
| + ret = PEM_write_bio_CMS_stream(out, cms, in, flags);
|
| else if (outformat == FORMAT_ASN1)
|
| - ret = i2d_CMS_bio(out,cms);
|
| + ret = i2d_CMS_bio_stream(out,cms, in, flags);
|
| else
|
| {
|
| BIO_printf(bio_err, "Bad output format for CMS file\n");
|
| @@ -1146,9 +1160,9 @@
|
| if (vpm)
|
| X509_VERIFY_PARAM_free(vpm);
|
| if (sksigners)
|
| - sk_free(sksigners);
|
| + sk_OPENSSL_STRING_free(sksigners);
|
| if (skkeys)
|
| - sk_free(skkeys);
|
| + sk_OPENSSL_STRING_free(skkeys);
|
| if (secret_key)
|
| OPENSSL_free(secret_key);
|
| if (secret_keyid)
|
| @@ -1158,9 +1172,9 @@
|
| if (rr)
|
| CMS_ReceiptRequest_free(rr);
|
| if (rr_to)
|
| - sk_free(rr_to);
|
| + sk_OPENSSL_STRING_free(rr_to);
|
| if (rr_from)
|
| - sk_free(rr_from);
|
| + sk_OPENSSL_STRING_free(rr_from);
|
| X509_STORE_free(store);
|
| X509_free(cert);
|
| X509_free(recip);
|
| @@ -1199,6 +1213,8 @@
|
|
|
| error = X509_STORE_CTX_get_error(ctx);
|
|
|
| + verify_err = error;
|
| +
|
| if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
|
| && ((error != X509_V_OK) || (ok != 2)))
|
| return ok;
|
| @@ -1280,7 +1296,7 @@
|
| }
|
| }
|
|
|
| -static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns)
|
| +static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
|
| {
|
| int i;
|
| STACK_OF(GENERAL_NAMES) *ret;
|
| @@ -1289,12 +1305,10 @@
|
| ret = sk_GENERAL_NAMES_new_null();
|
| if (!ret)
|
| goto err;
|
| - for (i = 0; i < sk_num(ns); i++)
|
| + for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++)
|
| {
|
| - CONF_VALUE cnf;
|
| - cnf.name = "email";
|
| - cnf.value = sk_value(ns, i);
|
| - gen = v2i_GENERAL_NAME(NULL, NULL, &cnf);
|
| + char *str = sk_OPENSSL_STRING_value(ns, i);
|
| + gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0);
|
| if (!gen)
|
| goto err;
|
| gens = GENERAL_NAMES_new();
|
| @@ -1321,8 +1335,9 @@
|
| }
|
|
|
|
|
| -static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst,
|
| - STACK *rr_from)
|
| +static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
|
| + int rr_allorfirst,
|
| + STACK_OF(OPENSSL_STRING) *rr_from)
|
| {
|
| STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
|
| CMS_ReceiptRequest *rr;
|
|
|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/