#undef PROG
#define PROG cms_main
static int save_certs(char *signerfile, STACK_OF(X509) *signers);
-static int smime_cb(int ok, X509_STORE_CTX *ctx);
+static int cms_cb(int ok, X509_STORE_CTX *ctx);
static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst,
STACK *rr_from);
char *signerfile = NULL, *recipfile = NULL;
STACK *sksigners = NULL, *skkeys = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
+ char *certsoutfile = NULL;
const EVP_CIPHER *cipher = NULL;
CMS_ContentInfo *cms = NULL, *rcms = NULL;
X509_STORE *store = NULL;
else if (!strcmp(*args,"-camellia256"))
cipher = EVP_camellia_256_cbc();
#endif
+ else if (!strcmp (*args, "-debug_decrypt"))
+ flags |= CMS_DEBUG_DECRYPT;
else if (!strcmp (*args, "-text"))
flags |= CMS_TEXT;
else if (!strcmp (*args, "-nointern"))
goto argerr;
recipfile = *++args;
}
+ else if (!strcmp (*args, "-certsout"))
+ {
+ if (!args[1])
+ goto argerr;
+ certsoutfile = *++args;
+ }
else if (!strcmp (*args, "-md"))
{
if (!args[1])
if (badarg)
{
argerr:
- BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
+ BIO_printf (bio_err, "Usage cms [options] cert.pem ...\n");
BIO_printf (bio_err, "where options are\n");
BIO_printf (bio_err, "-encrypt encrypt message\n");
BIO_printf (bio_err, "-decrypt decrypt encrypted message\n");
BIO_printf (bio_err, "-noattr don't include any signed attributes\n");
BIO_printf (bio_err, "-binary don't translate message to text\n");
BIO_printf (bio_err, "-certfile file other certificates file\n");
+ BIO_printf (bio_err, "-certsout file certificate output file\n");
BIO_printf (bio_err, "-signer file signer certificate file\n");
BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n");
- BIO_printf (bio_err, "-skeyid use subject key identifier\n");
+ BIO_printf (bio_err, "-keyid use subject key identifier\n");
BIO_printf (bio_err, "-in file input file\n");
BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n");
BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n");
goto end;
}
}
+ if (certsoutfile)
+ {
+ STACK_OF(X509) *allcerts;
+ allcerts = CMS_get1_certs(cms);
+ if (!save_certs(certsoutfile, allcerts))
+ {
+ BIO_printf(bio_err,
+ "Error writing certs to %s\n",
+ certsoutfile);
+ ret = 5;
+ goto end;
+ }
+ sk_X509_pop_free(allcerts, X509_free);
+ }
}
if (rctfile)
{
if (!(store = setup_verify(bio_err, CAfile, CApath)))
goto end;
- X509_STORE_set_verify_cb_func(store, smime_cb);
+ X509_STORE_set_verify_cb_func(store, cms_cb);
if (vpm)
X509_STORE_set1_param(store, vpm);
}
}
if (!(flags & CMS_STREAM))
{
- if (!CMS_final(cms, in, flags))
+ if (!CMS_final(cms, in, NULL, flags))
goto end;
}
}
/* If not streaming or resigning finalize structure */
if ((operation == SMIME_SIGN) && !(flags & CMS_STREAM))
{
- if (!CMS_final(cms, in, flags))
+ if (!CMS_final(cms, in, NULL, flags))
goto end;
}
}
ret = 4;
if (operation == SMIME_DECRYPT)
{
+ if (flags & CMS_DEBUG_DECRYPT)
+ CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags);
if (secret_key)
{
/* Minimal callback just to output policy info (if any) */
-static int smime_cb(int ok, X509_STORE_CTX *ctx)
+static int cms_cb(int ok, X509_STORE_CTX *ctx)
{
int error;