STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
char *certsoutfile = NULL;
- const EVP_CIPHER *cipher = NULL;
+ const EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL;
CMS_ContentInfo *cms = NULL, *rcms = NULL;
X509_STORE *store = NULL;
X509 *cert = NULL, *recip = NULL, *signer = NULL;
cipher = EVP_des_ede3_cbc();
else if (!strcmp (*args, "-des"))
cipher = EVP_des_cbc();
+ else if (!strcmp (*args, "-des3-wrap"))
+ wrap_cipher = EVP_des_ede3_wrap();
#endif
#ifndef OPENSSL_NO_SEED
else if (!strcmp (*args, "-seed"))
cipher = EVP_aes_192_cbc();
else if (!strcmp(*args,"-aes256"))
cipher = EVP_aes_256_cbc();
+ else if (!strcmp(*args,"-aes128-wrap"))
+ wrap_cipher = EVP_aes_128_wrap();
+ else if (!strcmp(*args,"-aes192-wrap"))
+ wrap_cipher = EVP_aes_192_wrap();
+ else if (!strcmp(*args,"-aes256-wrap"))
+ wrap_cipher = EVP_aes_256_wrap();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (!strcmp(*args,"-camellia128"))
if (!cms_set_pkey_param(pctx, kparam->param))
goto end;
}
+ if (CMS_RecipientInfo_type(ri) == CMS_RECIPINFO_AGREE
+ && wrap_cipher)
+ {
+ EVP_CIPHER_CTX *wctx;
+ wctx = CMS_RecipientInfo_kari_get0_ctx(ri);
+ EVP_EncryptInit_ex(wctx, wrap_cipher,
+ NULL, NULL, NULL);
+ }
}
if (secret_key)
projects / oweals / openssl.git / commitdiff