Changes between 0.9.3a and 0.9.4 [xx Jul/Aug/...? 1999]
+ *) Allow the -k option to be used more than once in the enc program:
+ this allows the same encrypted message to be read by multiple recipients.
+ [Steve Henson]
+
*) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts
an ASN1_OBJECT to a text string. If the "no_name" parameter is set then
it will always use the numerical form of the OID, even if it has a short
int nodetach=1;
char *keyfile = NULL;
const EVP_CIPHER *cipher=NULL;
+ STACK_OF(X509) *recips=NULL;
SSLeay_add_all_algorithms();
keyfile = argv[2];
argc-=2;
argv+=2;
+ if (!(in=BIO_new_file(keyfile,"r"))) goto err;
+ if (!(x509=PEM_read_bio_X509(in,NULL,NULL))) goto err;
+ if(!recips) recips = sk_X509_new_null();
+ sk_X509_push(recips, x509);
+ BIO_free(in);
} else break;
}
- if (!BIO_read_filename(data,argv[1])) goto err;
+ if(!recips) {
+ fprintf(stderr, "No recipients\n");
+ goto err;
+ }
- if ((in=BIO_new_file(keyfile,"r")) == NULL) goto err;
- if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+ if (!BIO_read_filename(data,argv[1])) goto err;
p7=PKCS7_new();
#if 0
if(!cipher) cipher = EVP_des_ede3_cbc();
if (!PKCS7_set_cipher(p7,cipher)) goto err;
- if (PKCS7_add_recipient(p7,x509) == NULL) goto err;
-
-
+ for(i = 0; i < sk_X509_num(recips); i++) {
+ if (!PKCS7_add_recipient(p7,sk_X509_value(recips, i))) goto err;
+ }
+ sk_X509_pop_free(recips, X509_free);
/* Set the content of the signed to 'data' */
/* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */
projects / oweals / openssl.git / commitdiff