From 5711885a2b31bfb623fb3738ce92a4cce4316bc7 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 17 Jul 2013 15:21:31 +0100 Subject: [PATCH] Custom key wrap option for cms utility. --- apps/cms.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/apps/cms.c b/apps/cms.c index 2e734bdf27..d15e203f9c 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -122,7 +122,7 @@ int MAIN(int argc, char **argv) STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL; char *certfile = NULL, *keyfile = NULL, *contfile=NULL; char *certsoutfile = NULL; - const EVP_CIPHER *cipher = NULL; + const EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL; CMS_ContentInfo *cms = NULL, *rcms = NULL; X509_STORE *store = NULL; X509 *cert = NULL, *recip = NULL, *signer = NULL; @@ -217,6 +217,8 @@ int MAIN(int argc, char **argv) cipher = EVP_des_ede3_cbc(); else if (!strcmp (*args, "-des")) cipher = EVP_des_cbc(); + else if (!strcmp (*args, "-des3-wrap")) + wrap_cipher = EVP_des_ede3_wrap(); #endif #ifndef OPENSSL_NO_SEED else if (!strcmp (*args, "-seed")) @@ -237,6 +239,12 @@ int MAIN(int argc, char **argv) cipher = EVP_aes_192_cbc(); else if (!strcmp(*args,"-aes256")) cipher = EVP_aes_256_cbc(); + else if (!strcmp(*args,"-aes128-wrap")) + wrap_cipher = EVP_aes_128_wrap(); + else if (!strcmp(*args,"-aes192-wrap")) + wrap_cipher = EVP_aes_192_wrap(); + else if (!strcmp(*args,"-aes256-wrap")) + wrap_cipher = EVP_aes_256_wrap(); #endif #ifndef OPENSSL_NO_CAMELLIA else if (!strcmp(*args,"-camellia128")) @@ -1005,6 +1013,14 @@ int MAIN(int argc, char **argv) if (!cms_set_pkey_param(pctx, kparam->param)) goto end; } + if (CMS_RecipientInfo_type(ri) == CMS_RECIPINFO_AGREE + && wrap_cipher) + { + EVP_CIPHER_CTX *wctx; + wctx = CMS_RecipientInfo_kari_get0_ctx(ri); + EVP_EncryptInit_ex(wctx, wrap_cipher, + NULL, NULL, NULL); + } } if (secret_key) -- 2.25.1