Initial support for Encrypted Data type generation.
This commit is contained in:
Dr. Stephen Henson
parent
b31db9ee96
commit
d9f5f07e28
4 changed files with 31 additions and 2 deletions
11
apps/cms.c
11
apps/cms.c
|
|
@ -87,6 +87,7 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx);
|
|||
#define SMIME_UNCOMPRESS (11 | SMIME_IP)
|
||||
#define SMIME_COMPRESS (12 | SMIME_OP)
|
||||
#define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP)
|
||||
#define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP)
|
||||
|
||||
int MAIN(int, char **);
|
||||
|
||||
|
|
@ -169,6 +170,8 @@ int MAIN(int argc, char **argv)
|
|||
operation = SMIME_UNCOMPRESS;
|
||||
else if (!strcmp (*args, "-EncryptedData_decrypt"))
|
||||
operation = SMIME_ENCRYPTED_DECRYPT;
|
||||
else if (!strcmp (*args, "-EncryptedData_encrypt"))
|
||||
operation = SMIME_ENCRYPTED_ENCRYPT;
|
||||
#ifndef OPENSSL_NO_DES
|
||||
else if (!strcmp (*args, "-des3"))
|
||||
cipher = EVP_des_ede3_cbc();
|
||||
|
|
@ -745,6 +748,14 @@ int MAIN(int argc, char **argv)
|
|||
flags |= CMS_STREAM;
|
||||
cms = CMS_encrypt(encerts, in, cipher, flags);
|
||||
}
|
||||
else if (operation == SMIME_ENCRYPTED_ENCRYPT)
|
||||
{
|
||||
if (indef)
|
||||
flags |= CMS_STREAM;
|
||||
cms = CMS_EncryptedData_encrypt(in, cipher,
|
||||
secret_key, secret_keylen,
|
||||
flags);
|
||||
}
|
||||
else if (operation & SMIME_SIGNERS)
|
||||
{
|
||||
int i;
|
||||
|
|
|
|||
|
|
@ -142,6 +142,10 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
|
|||
const unsigned char *key, size_t keylen,
|
||||
BIO *dcont, BIO *out, unsigned int flags);
|
||||
|
||||
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
|
||||
const unsigned char *key, size_t keylen,
|
||||
unsigned int flags);
|
||||
|
||||
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
|
||||
const unsigned char *key, size_t keylen);
|
||||
|
||||
|
|
|
|||
|
|
@ -75,6 +75,8 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
|
||||
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
|
||||
|
||||
int ok = 0;
|
||||
|
||||
int enc;
|
||||
|
||||
enc = ec->cipher ? 1 : 0;
|
||||
|
|
@ -90,7 +92,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||
BIO_get_cipher_ctx(b, &ctx);
|
||||
|
||||
if (enc)
|
||||
calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
|
||||
ciph = ec->cipher;
|
||||
else
|
||||
{
|
||||
ciph = EVP_get_cipherbyobj(calg->algorithm);
|
||||
|
|
@ -110,6 +112,9 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||
goto err;
|
||||
}
|
||||
|
||||
if (enc)
|
||||
calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
|
||||
|
||||
/* If necessary set key length */
|
||||
|
||||
if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
|
||||
|
|
@ -164,9 +169,17 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||
goto err;
|
||||
}
|
||||
}
|
||||
return b;
|
||||
ok = 1;
|
||||
|
||||
err:
|
||||
if (ec->key)
|
||||
{
|
||||
OPENSSL_cleanse(ec->key, ec->keylen);
|
||||
OPENSSL_free(ec->key);
|
||||
ec->key = NULL;
|
||||
}
|
||||
if (ok)
|
||||
return b;
|
||||
BIO_free(b);
|
||||
return NULL;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -180,6 +180,7 @@ int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
|
|||
{
|
||||
|
||||
case NID_pkcs7_data:
|
||||
case NID_pkcs7_encrypted:
|
||||
case NID_id_smime_ct_compressedData:
|
||||
/* Nothing to do */
|
||||
return 1;
|
||||
|
|
|
|||
Loading…
Reference in a new issue