summaryrefslogtreecommitdiff
path: root/app/openssl/apps/cms.c
diff options
context:
space:
mode:
Diffstat (limited to 'app/openssl/apps/cms.c')
-rw-r--r--app/openssl/apps/cms.c41
1 files changed, 38 insertions, 3 deletions
diff --git a/app/openssl/apps/cms.c b/app/openssl/apps/cms.c
index d29a8849..5f77f8fb 100644
--- a/app/openssl/apps/cms.c
+++ b/app/openssl/apps/cms.c
@@ -136,6 +136,7 @@ int MAIN(int argc, char **argv)
char *engine=NULL;
#endif
unsigned char *secret_key = NULL, *secret_keyid = NULL;
+ unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
size_t secret_keylen = 0, secret_keyidlen = 0;
ASN1_OBJECT *econtent_type = NULL;
@@ -232,6 +233,8 @@ int MAIN(int argc, char **argv)
else if (!strcmp(*args,"-camellia256"))
cipher = EVP_camellia_256_cbc();
#endif
+ else if (!strcmp (*args, "-debug_decrypt"))
+ flags |= CMS_DEBUG_DECRYPT;
else if (!strcmp (*args, "-text"))
flags |= CMS_TEXT;
else if (!strcmp (*args, "-nointern"))
@@ -326,6 +329,13 @@ int MAIN(int argc, char **argv)
}
secret_keyidlen = (size_t)ltmp;
}
+ else if (!strcmp(*args,"-pwri_password"))
+ {
+ if (!args[1])
+ goto argerr;
+ args++;
+ pwri_pass = (unsigned char *)*args;
+ }
else if (!strcmp(*args,"-econtent_type"))
{
if (!args[1])
@@ -559,7 +569,7 @@ int MAIN(int argc, char **argv)
else if (operation == SMIME_DECRYPT)
{
- if (!recipfile && !keyfile && !secret_key)
+ if (!recipfile && !keyfile && !secret_key && !pwri_pass)
{
BIO_printf(bio_err, "No recipient certificate or key specified\n");
badarg = 1;
@@ -567,7 +577,7 @@ int MAIN(int argc, char **argv)
}
else if (operation == SMIME_ENCRYPT)
{
- if (!*args && !secret_key)
+ if (!*args && !secret_key && !pwri_pass)
{
BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
badarg = 1;
@@ -618,7 +628,7 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-certsout file certificate output file\n");
BIO_printf (bio_err, "-signer file signer certificate file\n");
BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n");
- BIO_printf (bio_err, "-skeyid use subject key identifier\n");
+ BIO_printf (bio_err, "-keyid use subject key identifier\n");
BIO_printf (bio_err, "-in file input file\n");
BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n");
BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n");
@@ -917,6 +927,17 @@ int MAIN(int argc, char **argv)
secret_key = NULL;
secret_keyid = NULL;
}
+ if (pwri_pass)
+ {
+ pwri_tmp = (unsigned char *)BUF_strdup((char *)pwri_pass);
+ if (!pwri_tmp)
+ goto end;
+ if (!CMS_add0_recipient_password(cms,
+ -1, NID_undef, NID_undef,
+ pwri_tmp, -1, NULL))
+ goto end;
+ pwri_tmp = NULL;
+ }
if (!(flags & CMS_STREAM))
{
if (!CMS_final(cms, in, NULL, flags))
@@ -1020,6 +1041,8 @@ int MAIN(int argc, char **argv)
ret = 4;
if (operation == SMIME_DECRYPT)
{
+ if (flags & CMS_DEBUG_DECRYPT)
+ CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags);
if (secret_key)
{
@@ -1043,6 +1066,16 @@ int MAIN(int argc, char **argv)
}
}
+ if (pwri_pass)
+ {
+ if (!CMS_decrypt_set1_password(cms, pwri_pass, -1))
+ {
+ BIO_puts(bio_err,
+ "Error decrypting CMS using password\n");
+ goto end;
+ }
+ }
+
if (!CMS_decrypt(cms, NULL, NULL, indata, out, flags))
{
BIO_printf(bio_err, "Error decrypting CMS structure\n");
@@ -1167,6 +1200,8 @@ end:
OPENSSL_free(secret_key);
if (secret_keyid)
OPENSSL_free(secret_keyid);
+ if (pwri_tmp)
+ OPENSSL_free(pwri_tmp);
if (econtent_type)
ASN1_OBJECT_free(econtent_type);
if (rr)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 06:38:33 +0000