Allow reordering of certificates when signing.
Add certificates if -nocerts and -certfile specified when signing in smime application. This can be used this to specify the order certificates appear in the PKCS#7 structure: some broken applications require a certain ordering. PR#3316
This commit is contained in:
Dr. Stephen Henson
parent
13b7896022
commit
14f47acf23
1 changed files with 8 additions and 0 deletions
|
|
@ -704,6 +704,14 @@ int MAIN(int argc, char **argv)
|
|||
p7 = PKCS7_sign(NULL, NULL, other, in, flags);
|
||||
if (!p7)
|
||||
goto end;
|
||||
if (flags & PKCS7_NOCERTS)
|
||||
{
|
||||
for (i = 0; i < sk_X509_num(other); i++)
|
||||
{
|
||||
X509 *x = sk_X509_value(other, i);
|
||||
PKCS7_add_certificate(p7, x);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
flags |= PKCS7_REUSE_DIGEST;
|
||||
|
|
|
|||
Loading…
Reference in a new issue