Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
a6e7fcd1
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
8 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
a6e7fcd1
编写于
5月 18, 2006
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Multiple signer support in smime application.
上级
76cf3fcb
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
97 addition
and
6 deletion
+97
-6
CHANGES
CHANGES
+5
-0
apps/smime.c
apps/smime.c
+92
-6
未找到文件。
CHANGES
浏览文件 @
a6e7fcd1
...
...
@@ -4,6 +4,11 @@
Changes between 0.9.8b and 0.9.9 [xx XXX xxxx]
*) Tidy up PKCS#7 routines and add new functions to make it easier to
create PKCS7 structures containing multiple signers. Update smime
application to support multiple signers.
[Steve Henson]
*) New -macalg option to pkcs12 utility to allow setting of an alternative
digest MAC.
[Steve Henson]
...
...
apps/smime.c
浏览文件 @
a6e7fcd1
...
...
@@ -90,6 +90,7 @@ int MAIN(int argc, char **argv)
const
char
*
inmode
=
"r"
,
*
outmode
=
"w"
;
char
*
infile
=
NULL
,
*
outfile
=
NULL
;
char
*
signerfile
=
NULL
,
*
recipfile
=
NULL
;
STACK
*
sksigners
=
NULL
,
*
skkeys
=
NULL
;
char
*
certfile
=
NULL
,
*
keyfile
=
NULL
,
*
contfile
=
NULL
;
const
EVP_CIPHER
*
cipher
=
NULL
;
PKCS7
*
p7
=
NULL
;
...
...
@@ -229,6 +230,20 @@ int MAIN(int argc, char **argv)
{
if
(
!
args
[
1
])
goto
argerr
;
/* If previous -signer argument add signer to list */
if
(
signerfile
)
{
if
(
!
sksigners
)
sksigners
=
sk_new_null
();
sk_push
(
sksigners
,
signerfile
);
if
(
!
keyfile
)
keyfile
=
signerfile
;
if
(
!
skkeys
)
skkeys
=
sk_new_null
();
sk_push
(
skkeys
,
keyfile
);
keyfile
=
NULL
;
}
signerfile
=
*++
args
;
}
else
if
(
!
strcmp
(
*
args
,
"-recip"
))
...
...
@@ -241,6 +256,22 @@ int MAIN(int argc, char **argv)
{
if
(
!
args
[
1
])
goto
argerr
;
/* If previous -inkey arument add signer to list */
if
(
keyfile
)
{
if
(
!
signerfile
)
{
BIO_puts
(
bio_err
,
"Illegal -inkey without -signer
\n
"
);
goto
argerr
;
}
if
(
!
sksigners
)
sksigners
=
sk_new_null
();
sk_push
(
sksigners
,
signerfile
);
signerfile
=
NULL
;
if
(
!
skkeys
)
skkeys
=
sk_new_null
();
sk_push
(
skkeys
,
keyfile
);
}
keyfile
=
*++
args
;
}
else
if
(
!
strcmp
(
*
args
,
"-keyform"
))
...
...
@@ -304,14 +335,38 @@ int MAIN(int argc, char **argv)
args
++
;
}
if
((
operation
!=
SMIME_SIGN
)
&&
(
skkeys
||
sksigners
))
{
BIO_puts
(
bio_err
,
"Multiple signers or keys not allowed
\n
"
);
goto
argerr
;
}
if
(
operation
==
SMIME_SIGN
)
{
if
(
!
signerfile
)
/* Check to see if any final signer needs to be appended */
if
(
keyfile
&&
!
signerfile
)
{
BIO_puts
(
bio_err
,
"Illegal -inkey without -signer
\n
"
);
goto
argerr
;
}
if
(
signerfile
)
{
if
(
!
sksigners
)
sksigners
=
sk_new_null
();
sk_push
(
sksigners
,
signerfile
);
if
(
!
skkeys
)
skkeys
=
sk_new_null
();
if
(
!
keyfile
)
keyfile
=
signerfile
;
sk_push
(
skkeys
,
keyfile
);
}
if
(
!
sksigners
)
{
BIO_printf
(
bio_err
,
"No signer certificate specified
\n
"
);
badarg
=
1
;
}
signerfile
=
NULL
;
keyfile
=
NULL
;
need_rand
=
1
;
}
else
if
(
operation
==
SMIME_DECRYPT
)
...
...
@@ -565,17 +620,44 @@ int MAIN(int argc, char **argv)
p7
=
PKCS7_encrypt
(
encerts
,
in
,
cipher
,
flags
);
else
if
(
operation
==
SMIME_SIGN
)
{
int
i
;
/* If detached data and SMIME output enable partial
* signing.
*/
if
((
flags
&
PKCS7_DETACHED
)
&&
(
outformat
==
FORMAT_SMIME
))
flags
|=
PKCS7_STREAM
;
p7
=
PKCS7_sign
(
signer
,
key
,
other
,
in
,
flags
);
/* Don't need to rewind for partial signing */
if
(
!
(
flags
&
PKCS7_STREAM
)
&&
(
BIO_reset
(
in
)
!=
0
))
flags
|=
PKCS7_PARTIAL
;
p7
=
PKCS7_sign
(
NULL
,
NULL
,
other
,
in
,
flags
);
for
(
i
=
0
;
i
<
sk_num
(
sksigners
);
i
++
)
{
signerfile
=
sk_value
(
sksigners
,
i
);
keyfile
=
sk_value
(
skkeys
,
i
);
signer
=
load_cert
(
bio_err
,
signerfile
,
FORMAT_PEM
,
NULL
,
e
,
"signer certificate"
);
if
(
!
signer
)
goto
end
;
key
=
load_key
(
bio_err
,
keyfile
,
keyform
,
0
,
passin
,
e
,
"signing key file"
);
if
(
!
key
)
goto
end
;
if
(
!
PKCS7_sign_add_signer
(
p7
,
signer
,
key
,
NULL
,
flags
))
goto
end
;
X509_free
(
signer
);
signer
=
NULL
;
EVP_PKEY_free
(
key
);
key
=
NULL
;
}
/* If not streaming finalize structure */
if
(
!
(
flags
&
PKCS7_STREAM
))
{
BIO_printf
(
bio_err
,
"Can't rewind input file
\n
"
);
goto
end
;
if
(
!
PKCS7_final
(
p7
,
in
,
flags
))
goto
end
;
if
(
BIO_reset
(
in
)
!=
0
)
{
BIO_puts
(
bio_err
,
"Can't rewind input file
\n
"
);
goto
end
;
}
}
}
else
...
...
@@ -674,6 +756,10 @@ end:
sk_X509_pop_free
(
other
,
X509_free
);
if
(
vpm
)
X509_VERIFY_PARAM_free
(
vpm
);
if
(
sksigners
)
sk_free
(
sksigners
);
if
(
skkeys
)
sk_free
(
skkeys
);
X509_STORE_free
(
store
);
X509_free
(
cert
);
X509_free
(
recip
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录