summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/cms.c
diff options
context:
space:
mode:
authortb <>2023-03-06 14:32:06 +0000
committertb <>2023-03-06 14:32:06 +0000
commit2ba7dcfcbc2ef5aaeb8eb14f36f83bd57c22bcae (patch)
treebbe07d6e06b695cebe22802551f2db0a61354d7c /src/usr.bin/openssl/cms.c
parentcfc0cbdbaaa36a4b6adee60b5cf3f4a388554426 (diff)
downloadopenbsd-2ba7dcfcbc2ef5aaeb8eb14f36f83bd57c22bcae.tar.gz
openbsd-2ba7dcfcbc2ef5aaeb8eb14f36f83bd57c22bcae.tar.bz2
openbsd-2ba7dcfcbc2ef5aaeb8eb14f36f83bd57c22bcae.zip
Rename struct ${app}_config to plain cfg
All the structs are static and we need to reach into them many times. Having a shorter name is more concise and results in less visual clutter. It also avoids many overlong lines and we will be able to get rid of some unfortunate line wrapping down the road. Discussed with jsing
Diffstat (limited to '')
-rw-r--r--src/usr.bin/openssl/cms.c702
1 files changed, 351 insertions, 351 deletions
diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c
index b88fd55b3c..0ddf26e5a7 100644
--- a/src/usr.bin/openssl/cms.c
+++ b/src/usr.bin/openssl/cms.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms.c,v 1.32 2023/03/05 13:08:22 tb Exp $ */ 1/* $OpenBSD: cms.c,v 1.33 2023/03/06 14:32:05 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -149,7 +149,7 @@ static struct {
149 char *to; 149 char *to;
150 int verify_retcode; 150 int verify_retcode;
151 X509_VERIFY_PARAM *vpm; 151 X509_VERIFY_PARAM *vpm;
152} cms_config; 152} cfg;
153 153
154static const EVP_CIPHER * 154static const EVP_CIPHER *
155get_cipher_by_name(char *name) 155get_cipher_by_name(char *name)
@@ -198,8 +198,8 @@ cms_opt_cipher(int argc, char **argv, int *argsused)
198 if (*name++ != '-') 198 if (*name++ != '-')
199 return (1); 199 return (1);
200 200
201 if ((cms_config.cipher = get_cipher_by_name(name)) == NULL) 201 if ((cfg.cipher = get_cipher_by_name(name)) == NULL)
202 if ((cms_config.cipher = EVP_get_cipherbyname(name)) == NULL) 202 if ((cfg.cipher = EVP_get_cipherbyname(name)) == NULL)
203 return (1); 203 return (1);
204 204
205 *argsused = 1; 205 *argsused = 1;
@@ -209,9 +209,9 @@ cms_opt_cipher(int argc, char **argv, int *argsused)
209static int 209static int
210cms_opt_econtent_type(char *arg) 210cms_opt_econtent_type(char *arg)
211{ 211{
212 ASN1_OBJECT_free(cms_config.econtent_type); 212 ASN1_OBJECT_free(cfg.econtent_type);
213 213
214 if ((cms_config.econtent_type = OBJ_txt2obj(arg, 0)) == NULL) { 214 if ((cfg.econtent_type = OBJ_txt2obj(arg, 0)) == NULL) {
215 BIO_printf(bio_err, "Invalid OID %s\n", arg); 215 BIO_printf(bio_err, "Invalid OID %s\n", arg);
216 return (1); 216 return (1);
217 } 217 }
@@ -221,33 +221,33 @@ cms_opt_econtent_type(char *arg)
221static int 221static int
222cms_opt_inkey(char *arg) 222cms_opt_inkey(char *arg)
223{ 223{
224 if (cms_config.keyfile == NULL) { 224 if (cfg.keyfile == NULL) {
225 cms_config.keyfile = arg; 225 cfg.keyfile = arg;
226 return (0); 226 return (0);
227 } 227 }
228 228
229 if (cms_config.signerfile == NULL) { 229 if (cfg.signerfile == NULL) {
230 BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 230 BIO_puts(bio_err, "Illegal -inkey without -signer\n");
231 return (1); 231 return (1);
232 } 232 }
233 233
234 if (cms_config.sksigners == NULL) 234 if (cfg.sksigners == NULL)
235 cms_config.sksigners = sk_OPENSSL_STRING_new_null(); 235 cfg.sksigners = sk_OPENSSL_STRING_new_null();
236 if (cms_config.sksigners == NULL) 236 if (cfg.sksigners == NULL)
237 return (1); 237 return (1);
238 if (!sk_OPENSSL_STRING_push(cms_config.sksigners, cms_config.signerfile)) 238 if (!sk_OPENSSL_STRING_push(cfg.sksigners, cfg.signerfile))
239 return (1); 239 return (1);
240 240
241 cms_config.signerfile = NULL; 241 cfg.signerfile = NULL;
242 242
243 if (cms_config.skkeys == NULL) 243 if (cfg.skkeys == NULL)
244 cms_config.skkeys = sk_OPENSSL_STRING_new_null(); 244 cfg.skkeys = sk_OPENSSL_STRING_new_null();
245 if (cms_config.skkeys == NULL) 245 if (cfg.skkeys == NULL)
246 return (1); 246 return (1);
247 if (!sk_OPENSSL_STRING_push(cms_config.skkeys, cms_config.keyfile)) 247 if (!sk_OPENSSL_STRING_push(cfg.skkeys, cfg.keyfile))
248 return (1); 248 return (1);
249 249
250 cms_config.keyfile = arg; 250 cfg.keyfile = arg;
251 return (0); 251 return (0);
252} 252}
253 253
@@ -256,14 +256,14 @@ cms_opt_keyopt(char *arg)
256{ 256{
257 int keyidx = -1; 257 int keyidx = -1;
258 258
259 if (cms_config.operation == SMIME_ENCRYPT) { 259 if (cfg.operation == SMIME_ENCRYPT) {
260 if (cms_config.encerts != NULL) 260 if (cfg.encerts != NULL)
261 keyidx += sk_X509_num(cms_config.encerts); 261 keyidx += sk_X509_num(cfg.encerts);
262 } else { 262 } else {
263 if (cms_config.keyfile != NULL || cms_config.signerfile != NULL) 263 if (cfg.keyfile != NULL || cfg.signerfile != NULL)
264 keyidx++; 264 keyidx++;
265 if (cms_config.skkeys != NULL) 265 if (cfg.skkeys != NULL)
266 keyidx += sk_OPENSSL_STRING_num(cms_config.skkeys); 266 keyidx += sk_OPENSSL_STRING_num(cfg.skkeys);
267 } 267 }
268 268
269 if (keyidx < 0) { 269 if (keyidx < 0) {
@@ -271,8 +271,8 @@ cms_opt_keyopt(char *arg)
271 return (1); 271 return (1);
272 } 272 }
273 273
274 if (cms_config.key_param == NULL || 274 if (cfg.key_param == NULL ||
275 cms_config.key_param->idx != keyidx) { 275 cfg.key_param->idx != keyidx) {
276 struct cms_key_param *nparam; 276 struct cms_key_param *nparam;
277 277
278 if ((nparam = calloc(1, sizeof(struct cms_key_param))) == NULL) 278 if ((nparam = calloc(1, sizeof(struct cms_key_param))) == NULL)
@@ -285,15 +285,15 @@ cms_opt_keyopt(char *arg)
285 } 285 }
286 286
287 nparam->next = NULL; 287 nparam->next = NULL;
288 if (cms_config.key_first == NULL) 288 if (cfg.key_first == NULL)
289 cms_config.key_first = nparam; 289 cfg.key_first = nparam;
290 else 290 else
291 cms_config.key_param->next = nparam; 291 cfg.key_param->next = nparam;
292 292
293 cms_config.key_param = nparam; 293 cfg.key_param = nparam;
294 } 294 }
295 295
296 if (!sk_OPENSSL_STRING_push(cms_config.key_param->param, arg)) 296 if (!sk_OPENSSL_STRING_push(cfg.key_param->param, arg))
297 return (1); 297 return (1);
298 298
299 return (0); 299 return (0);
@@ -302,7 +302,7 @@ cms_opt_keyopt(char *arg)
302static int 302static int
303cms_opt_md(char *arg) 303cms_opt_md(char *arg)
304{ 304{
305 if ((cms_config.sign_md = EVP_get_digestbyname(arg)) == NULL) { 305 if ((cfg.sign_md = EVP_get_digestbyname(arg)) == NULL) {
306 BIO_printf(bio_err, "Unknown digest %s\n", arg); 306 BIO_printf(bio_err, "Unknown digest %s\n", arg);
307 return (1); 307 return (1);
308 } 308 }
@@ -312,38 +312,38 @@ cms_opt_md(char *arg)
312static int 312static int
313cms_opt_print(void) 313cms_opt_print(void)
314{ 314{
315 cms_config.noout = 1; 315 cfg.noout = 1;
316 cms_config.print = 1; 316 cfg.print = 1;
317 return (0); 317 return (0);
318} 318}
319 319
320static int 320static int
321cms_opt_pwri_pass(char *arg) 321cms_opt_pwri_pass(char *arg)
322{ 322{
323 cms_config.pwri_pass = (unsigned char *)arg; 323 cfg.pwri_pass = (unsigned char *)arg;
324 return (0); 324 return (0);
325} 325}
326 326
327static int 327static int
328cms_opt_recip(char *arg) 328cms_opt_recip(char *arg)
329{ 329{
330 if (cms_config.operation == SMIME_ENCRYPT) { 330 if (cfg.operation == SMIME_ENCRYPT) {
331 if (cms_config.encerts == NULL) { 331 if (cfg.encerts == NULL) {
332 if ((cms_config.encerts = sk_X509_new_null()) == NULL) 332 if ((cfg.encerts = sk_X509_new_null()) == NULL)
333 return (1); 333 return (1);
334 } 334 }
335 335
336 cms_config.cert = load_cert(bio_err, arg, FORMAT_PEM, 336 cfg.cert = load_cert(bio_err, arg, FORMAT_PEM,
337 NULL, "recipient certificate file"); 337 NULL, "recipient certificate file");
338 if (cms_config.cert == NULL) 338 if (cfg.cert == NULL)
339 return (1); 339 return (1);
340 340
341 if (!sk_X509_push(cms_config.encerts, cms_config.cert)) 341 if (!sk_X509_push(cfg.encerts, cfg.cert))
342 return (1); 342 return (1);
343 343
344 cms_config.cert = NULL; 344 cfg.cert = NULL;
345 } else { 345 } else {
346 cms_config.recipfile = arg; 346 cfg.recipfile = arg;
347 } 347 }
348 return (0); 348 return (0);
349} 349}
@@ -351,11 +351,11 @@ cms_opt_recip(char *arg)
351static int 351static int
352cms_opt_receipt_request_from(char *arg) 352cms_opt_receipt_request_from(char *arg)
353{ 353{
354 if (cms_config.rr_from == NULL) 354 if (cfg.rr_from == NULL)
355 cms_config.rr_from = sk_OPENSSL_STRING_new_null(); 355 cfg.rr_from = sk_OPENSSL_STRING_new_null();
356 if (cms_config.rr_from == NULL) 356 if (cfg.rr_from == NULL)
357 return (1); 357 return (1);
358 if (!sk_OPENSSL_STRING_push(cms_config.rr_from, arg)) 358 if (!sk_OPENSSL_STRING_push(cfg.rr_from, arg))
359 return (1); 359 return (1);
360 360
361 return (0); 361 return (0);
@@ -364,11 +364,11 @@ cms_opt_receipt_request_from(char *arg)
364static int 364static int
365cms_opt_receipt_request_to(char *arg) 365cms_opt_receipt_request_to(char *arg)
366{ 366{
367 if (cms_config.rr_to == NULL) 367 if (cfg.rr_to == NULL)
368 cms_config.rr_to = sk_OPENSSL_STRING_new_null(); 368 cfg.rr_to = sk_OPENSSL_STRING_new_null();
369 if (cms_config.rr_to == NULL) 369 if (cfg.rr_to == NULL)
370 return (1); 370 return (1);
371 if (!sk_OPENSSL_STRING_push(cms_config.rr_to, arg)) 371 if (!sk_OPENSSL_STRING_push(cfg.rr_to, arg))
372 return (1); 372 return (1);
373 373
374 return (0); 374 return (0);
@@ -379,13 +379,13 @@ cms_opt_secretkey(char *arg)
379{ 379{
380 long ltmp; 380 long ltmp;
381 381
382 free(cms_config.secret_key); 382 free(cfg.secret_key);
383 383
384 if ((cms_config.secret_key = string_to_hex(arg, &ltmp)) == NULL) { 384 if ((cfg.secret_key = string_to_hex(arg, &ltmp)) == NULL) {
385 BIO_printf(bio_err, "Invalid key %s\n", arg); 385 BIO_printf(bio_err, "Invalid key %s\n", arg);
386 return (1); 386 return (1);
387 } 387 }
388 cms_config.secret_keylen = (size_t)ltmp; 388 cfg.secret_keylen = (size_t)ltmp;
389 return (0); 389 return (0);
390} 390}
391 391
@@ -394,44 +394,44 @@ cms_opt_secretkeyid(char *arg)
394{ 394{
395 long ltmp; 395 long ltmp;
396 396
397 free(cms_config.secret_keyid); 397 free(cfg.secret_keyid);
398 398
399 if ((cms_config.secret_keyid = string_to_hex(arg, &ltmp)) == NULL) { 399 if ((cfg.secret_keyid = string_to_hex(arg, &ltmp)) == NULL) {
400 BIO_printf(bio_err, "Invalid id %s\n", arg); 400 BIO_printf(bio_err, "Invalid id %s\n", arg);
401 return (1); 401 return (1);
402 } 402 }
403 cms_config.secret_keyidlen = (size_t)ltmp; 403 cfg.secret_keyidlen = (size_t)ltmp;
404 return (0); 404 return (0);
405} 405}
406 406
407static int 407static int
408cms_opt_signer(char *arg) 408cms_opt_signer(char *arg)
409{ 409{
410 if (cms_config.signerfile == NULL) { 410 if (cfg.signerfile == NULL) {
411 cms_config.signerfile = arg; 411 cfg.signerfile = arg;
412 return (0); 412 return (0);
413 } 413 }
414 414
415 if (cms_config.sksigners == NULL) 415 if (cfg.sksigners == NULL)
416 cms_config.sksigners = sk_OPENSSL_STRING_new_null(); 416 cfg.sksigners = sk_OPENSSL_STRING_new_null();
417 if (cms_config.sksigners == NULL) 417 if (cfg.sksigners == NULL)
418 return (1); 418 return (1);
419 if (!sk_OPENSSL_STRING_push(cms_config.sksigners, cms_config.signerfile)) 419 if (!sk_OPENSSL_STRING_push(cfg.sksigners, cfg.signerfile))
420 return (1); 420 return (1);
421 421
422 if (cms_config.keyfile == NULL) 422 if (cfg.keyfile == NULL)
423 cms_config.keyfile = cms_config.signerfile; 423 cfg.keyfile = cfg.signerfile;
424 424
425 if (cms_config.skkeys == NULL) 425 if (cfg.skkeys == NULL)
426 cms_config.skkeys = sk_OPENSSL_STRING_new_null(); 426 cfg.skkeys = sk_OPENSSL_STRING_new_null();
427 if (cms_config.skkeys == NULL) 427 if (cfg.skkeys == NULL)
428 return (1); 428 return (1);
429 if (!sk_OPENSSL_STRING_push(cms_config.skkeys, cms_config.keyfile)) 429 if (!sk_OPENSSL_STRING_push(cfg.skkeys, cfg.keyfile))
430 return (1); 430 return (1);
431 431
432 cms_config.keyfile = NULL; 432 cfg.keyfile = NULL;
433 433
434 cms_config.signerfile = arg; 434 cfg.signerfile = arg;
435 return (0); 435 return (0);
436} 436}
437 437
@@ -441,7 +441,7 @@ cms_opt_verify_param(int argc, char **argv, int *argsused)
441 int oargc = argc; 441 int oargc = argc;
442 int badarg = 0; 442 int badarg = 0;
443 443
444 if (!args_verify(&argv, &argc, &badarg, bio_err, &cms_config.vpm)) 444 if (!args_verify(&argv, &argc, &badarg, bio_err, &cfg.vpm))
445 return (1); 445 return (1);
446 if (badarg) 446 if (badarg)
447 return (1); 447 return (1);
@@ -454,8 +454,8 @@ cms_opt_verify_param(int argc, char **argv, int *argsused)
454static int 454static int
455cms_opt_verify_receipt(char *arg) 455cms_opt_verify_receipt(char *arg)
456{ 456{
457 cms_config.operation = SMIME_VERIFY_RECEIPT; 457 cfg.operation = SMIME_VERIFY_RECEIPT;
458 cms_config.rctfile = arg; 458 cfg.rctfile = arg;
459 return (0); 459 return (0);
460} 460}
461 461
@@ -539,20 +539,20 @@ static const struct option cms_options[] = {
539 .argname = "file", 539 .argname = "file",
540 .desc = "Certificate Authority file", 540 .desc = "Certificate Authority file",
541 .type = OPTION_ARG, 541 .type = OPTION_ARG,
542 .opt.arg = &cms_config.CAfile, 542 .opt.arg = &cfg.CAfile,
543 }, 543 },
544 { 544 {
545 .name = "CApath", 545 .name = "CApath",
546 .argname = "path", 546 .argname = "path",
547 .desc = "Certificate Authority path", 547 .desc = "Certificate Authority path",
548 .type = OPTION_ARG, 548 .type = OPTION_ARG,
549 .opt.arg = &cms_config.CApath, 549 .opt.arg = &cfg.CApath,
550 }, 550 },
551 { 551 {
552 .name = "binary", 552 .name = "binary",
553 .desc = "Do not translate message to text", 553 .desc = "Do not translate message to text",
554 .type = OPTION_VALUE_OR, 554 .type = OPTION_VALUE_OR,
555 .opt.value = &cms_config.flags, 555 .opt.value = &cfg.flags,
556 .value = CMS_BINARY, 556 .value = CMS_BINARY,
557 }, 557 },
558 { 558 {
@@ -560,27 +560,27 @@ static const struct option cms_options[] = {
560 .argname = "file", 560 .argname = "file",
561 .desc = "Other certificates file", 561 .desc = "Other certificates file",
562 .type = OPTION_ARG, 562 .type = OPTION_ARG,
563 .opt.arg = &cms_config.certfile, 563 .opt.arg = &cfg.certfile,
564 }, 564 },
565 { 565 {
566 .name = "certsout", 566 .name = "certsout",
567 .argname = "file", 567 .argname = "file",
568 .desc = "Certificate output file", 568 .desc = "Certificate output file",
569 .type = OPTION_ARG, 569 .type = OPTION_ARG,
570 .opt.arg = &cms_config.certsoutfile, 570 .opt.arg = &cfg.certsoutfile,
571 }, 571 },
572 { 572 {
573 .name = "cmsout", 573 .name = "cmsout",
574 .desc = "Output CMS structure", 574 .desc = "Output CMS structure",
575 .type = OPTION_VALUE, 575 .type = OPTION_VALUE,
576 .opt.value = &cms_config.operation, 576 .opt.value = &cfg.operation,
577 .value = SMIME_CMSOUT, 577 .value = SMIME_CMSOUT,
578 }, 578 },
579 { 579 {
580 .name = "compress", 580 .name = "compress",
581 .desc = "Create CMS CompressedData type", 581 .desc = "Create CMS CompressedData type",
582 .type = OPTION_VALUE, 582 .type = OPTION_VALUE,
583 .opt.value = &cms_config.operation, 583 .opt.value = &cfg.operation,
584 .value = SMIME_COMPRESS, 584 .value = SMIME_COMPRESS,
585 }, 585 },
586 { 586 {
@@ -588,55 +588,55 @@ static const struct option cms_options[] = {
588 .argname = "file", 588 .argname = "file",
589 .desc = "Supply or override content for detached signature", 589 .desc = "Supply or override content for detached signature",
590 .type = OPTION_ARG, 590 .type = OPTION_ARG,
591 .opt.arg = &cms_config.contfile, 591 .opt.arg = &cfg.contfile,
592 }, 592 },
593 { 593 {
594 .name = "crlfeol", 594 .name = "crlfeol",
595 .desc = "Use CRLF as EOL termination instead of CR only", 595 .desc = "Use CRLF as EOL termination instead of CR only",
596 .type = OPTION_VALUE_OR, 596 .type = OPTION_VALUE_OR,
597 .opt.value = &cms_config.flags, 597 .opt.value = &cfg.flags,
598 .value = CMS_CRLFEOL, 598 .value = CMS_CRLFEOL,
599 }, 599 },
600 { 600 {
601 .name = "data_create", 601 .name = "data_create",
602 .desc = "Create CMS Data type", 602 .desc = "Create CMS Data type",
603 .type = OPTION_VALUE, 603 .type = OPTION_VALUE,
604 .opt.value = &cms_config.operation, 604 .opt.value = &cfg.operation,
605 .value = SMIME_DATA_CREATE, 605 .value = SMIME_DATA_CREATE,
606 }, 606 },
607 { 607 {
608 .name = "data_out", 608 .name = "data_out",
609 .desc = "Output content from the input CMS Data type", 609 .desc = "Output content from the input CMS Data type",
610 .type = OPTION_VALUE, 610 .type = OPTION_VALUE,
611 .opt.value = &cms_config.operation, 611 .opt.value = &cfg.operation,
612 .value = SMIME_DATAOUT, 612 .value = SMIME_DATAOUT,
613 }, 613 },
614 { 614 {
615 .name = "debug_decrypt", 615 .name = "debug_decrypt",
616 .desc = "Set the CMS_DEBUG_DECRYPT flag when decrypting", 616 .desc = "Set the CMS_DEBUG_DECRYPT flag when decrypting",
617 .type = OPTION_VALUE_OR, 617 .type = OPTION_VALUE_OR,
618 .opt.value = &cms_config.flags, 618 .opt.value = &cfg.flags,
619 .value = CMS_DEBUG_DECRYPT, 619 .value = CMS_DEBUG_DECRYPT,
620 }, 620 },
621 { 621 {
622 .name = "decrypt", 622 .name = "decrypt",
623 .desc = "Decrypt encrypted message", 623 .desc = "Decrypt encrypted message",
624 .type = OPTION_VALUE, 624 .type = OPTION_VALUE,
625 .opt.value = &cms_config.operation, 625 .opt.value = &cfg.operation,
626 .value = SMIME_DECRYPT, 626 .value = SMIME_DECRYPT,
627 }, 627 },
628 { 628 {
629 .name = "digest_create", 629 .name = "digest_create",
630 .desc = "Create CMS DigestedData type", 630 .desc = "Create CMS DigestedData type",
631 .type = OPTION_VALUE, 631 .type = OPTION_VALUE,
632 .opt.value = &cms_config.operation, 632 .opt.value = &cfg.operation,
633 .value = SMIME_DIGEST_CREATE, 633 .value = SMIME_DIGEST_CREATE,
634 }, 634 },
635 { 635 {
636 .name = "digest_verify", 636 .name = "digest_verify",
637 .desc = "Verify CMS DigestedData type and output the content", 637 .desc = "Verify CMS DigestedData type and output the content",
638 .type = OPTION_VALUE, 638 .type = OPTION_VALUE,
639 .opt.value = &cms_config.operation, 639 .opt.value = &cfg.operation,
640 .value = SMIME_DIGEST_VERIFY, 640 .value = SMIME_DIGEST_VERIFY,
641 }, 641 },
642 { 642 {
@@ -650,21 +650,21 @@ static const struct option cms_options[] = {
650 .name = "encrypt", 650 .name = "encrypt",
651 .desc = "Encrypt message", 651 .desc = "Encrypt message",
652 .type = OPTION_VALUE, 652 .type = OPTION_VALUE,
653 .opt.value = &cms_config.operation, 653 .opt.value = &cfg.operation,
654 .value = SMIME_ENCRYPT, 654 .value = SMIME_ENCRYPT,
655 }, 655 },
656 { 656 {
657 .name = "EncryptedData_decrypt", 657 .name = "EncryptedData_decrypt",
658 .desc = "Decrypt CMS EncryptedData", 658 .desc = "Decrypt CMS EncryptedData",
659 .type = OPTION_VALUE, 659 .type = OPTION_VALUE,
660 .opt.value = &cms_config.operation, 660 .opt.value = &cfg.operation,
661 .value = SMIME_ENCRYPTED_DECRYPT, 661 .value = SMIME_ENCRYPTED_DECRYPT,
662 }, 662 },
663 { 663 {
664 .name = "EncryptedData_encrypt", 664 .name = "EncryptedData_encrypt",
665 .desc = "Encrypt content using supplied symmetric key and algorithm", 665 .desc = "Encrypt content using supplied symmetric key and algorithm",
666 .type = OPTION_VALUE, 666 .type = OPTION_VALUE,
667 .opt.value = &cms_config.operation, 667 .opt.value = &cfg.operation,
668 .value = SMIME_ENCRYPTED_ENCRYPT, 668 .value = SMIME_ENCRYPTED_ENCRYPT,
669 }, 669 },
670 { 670 {
@@ -672,20 +672,20 @@ static const struct option cms_options[] = {
672 .argname = "addr", 672 .argname = "addr",
673 .desc = "From address", 673 .desc = "From address",
674 .type = OPTION_ARG, 674 .type = OPTION_ARG,
675 .opt.arg = &cms_config.from, 675 .opt.arg = &cfg.from,
676 }, 676 },
677 { 677 {
678 .name = "in", 678 .name = "in",
679 .argname = "file", 679 .argname = "file",
680 .desc = "Input file", 680 .desc = "Input file",
681 .type = OPTION_ARG, 681 .type = OPTION_ARG,
682 .opt.arg = &cms_config.infile, 682 .opt.arg = &cfg.infile,
683 }, 683 },
684 { 684 {
685 .name = "indef", 685 .name = "indef",
686 .desc = "Same as -stream", 686 .desc = "Same as -stream",
687 .type = OPTION_VALUE_OR, 687 .type = OPTION_VALUE_OR,
688 .opt.value = &cms_config.flags, 688 .opt.value = &cfg.flags,
689 .value = CMS_STREAM, 689 .value = CMS_STREAM,
690 }, 690 },
691 { 691 {
@@ -693,7 +693,7 @@ static const struct option cms_options[] = {
693 .argname = "fmt", 693 .argname = "fmt",
694 .desc = "Input format (DER, PEM or SMIME (default))", 694 .desc = "Input format (DER, PEM or SMIME (default))",
695 .type = OPTION_ARG_FORMAT, 695 .type = OPTION_ARG_FORMAT,
696 .opt.value = &cms_config.informat, 696 .opt.value = &cfg.informat,
697 }, 697 },
698 { 698 {
699 .name = "inkey", 699 .name = "inkey",
@@ -707,13 +707,13 @@ static const struct option cms_options[] = {
707 .argname = "fmt", 707 .argname = "fmt",
708 .desc = "Input key format (DER or PEM (default))", 708 .desc = "Input key format (DER or PEM (default))",
709 .type = OPTION_ARG_FORMAT, 709 .type = OPTION_ARG_FORMAT,
710 .opt.value = &cms_config.keyform, 710 .opt.value = &cfg.keyform,
711 }, 711 },
712 { 712 {
713 .name = "keyid", 713 .name = "keyid",
714 .desc = "Use subject key identifier", 714 .desc = "Use subject key identifier",
715 .type = OPTION_VALUE_OR, 715 .type = OPTION_VALUE_OR,
716 .opt.value = &cms_config.flags, 716 .opt.value = &cfg.flags,
717 .value = CMS_USE_KEYID, 717 .value = CMS_USE_KEYID,
718 }, 718 },
719 { 719 {
@@ -734,90 +734,90 @@ static const struct option cms_options[] = {
734 .name = "no_attr_verify", 734 .name = "no_attr_verify",
735 .desc = "Do not verify the signer's attribute of a signature", 735 .desc = "Do not verify the signer's attribute of a signature",
736 .type = OPTION_VALUE_OR, 736 .type = OPTION_VALUE_OR,
737 .opt.value = &cms_config.flags, 737 .opt.value = &cfg.flags,
738 .value = CMS_NO_ATTR_VERIFY, 738 .value = CMS_NO_ATTR_VERIFY,
739 }, 739 },
740 { 740 {
741 .name = "no_content_verify", 741 .name = "no_content_verify",
742 .desc = "Do not verify the content of a signed message", 742 .desc = "Do not verify the content of a signed message",
743 .type = OPTION_VALUE_OR, 743 .type = OPTION_VALUE_OR,
744 .opt.value = &cms_config.flags, 744 .opt.value = &cfg.flags,
745 .value = CMS_NO_CONTENT_VERIFY, 745 .value = CMS_NO_CONTENT_VERIFY,
746 }, 746 },
747 { 747 {
748 .name = "no_signer_cert_verify", 748 .name = "no_signer_cert_verify",
749 .desc = "Do not verify the signer's certificate", 749 .desc = "Do not verify the signer's certificate",
750 .type = OPTION_VALUE_OR, 750 .type = OPTION_VALUE_OR,
751 .opt.value = &cms_config.flags, 751 .opt.value = &cfg.flags,
752 .value = CMS_NO_SIGNER_CERT_VERIFY, 752 .value = CMS_NO_SIGNER_CERT_VERIFY,
753 }, 753 },
754 { 754 {
755 .name = "noattr", 755 .name = "noattr",
756 .desc = "Do not include any signed attributes", 756 .desc = "Do not include any signed attributes",
757 .type = OPTION_VALUE_OR, 757 .type = OPTION_VALUE_OR,
758 .opt.value = &cms_config.flags, 758 .opt.value = &cfg.flags,
759 .value = CMS_NOATTR, 759 .value = CMS_NOATTR,
760 }, 760 },
761 { 761 {
762 .name = "nocerts", 762 .name = "nocerts",
763 .desc = "Do not include signer's certificate when signing", 763 .desc = "Do not include signer's certificate when signing",
764 .type = OPTION_VALUE_OR, 764 .type = OPTION_VALUE_OR,
765 .opt.value = &cms_config.flags, 765 .opt.value = &cfg.flags,
766 .value = CMS_NOCERTS, 766 .value = CMS_NOCERTS,
767 }, 767 },
768 { 768 {
769 .name = "nodetach", 769 .name = "nodetach",
770 .desc = "Use opaque signing", 770 .desc = "Use opaque signing",
771 .type = OPTION_VALUE_AND, 771 .type = OPTION_VALUE_AND,
772 .opt.value = &cms_config.flags, 772 .opt.value = &cfg.flags,
773 .value = ~CMS_DETACHED, 773 .value = ~CMS_DETACHED,
774 }, 774 },
775 { 775 {
776 .name = "noindef", 776 .name = "noindef",
777 .desc = "Disable CMS streaming", 777 .desc = "Disable CMS streaming",
778 .type = OPTION_VALUE_AND, 778 .type = OPTION_VALUE_AND,
779 .opt.value = &cms_config.flags, 779 .opt.value = &cfg.flags,
780 .value = ~CMS_STREAM, 780 .value = ~CMS_STREAM,
781 }, 781 },
782 { 782 {
783 .name = "nointern", 783 .name = "nointern",
784 .desc = "Do not search certificates in message for signer", 784 .desc = "Do not search certificates in message for signer",
785 .type = OPTION_VALUE_OR, 785 .type = OPTION_VALUE_OR,
786 .opt.value = &cms_config.flags, 786 .opt.value = &cfg.flags,
787 .value = CMS_NOINTERN, 787 .value = CMS_NOINTERN,
788 }, 788 },
789 { 789 {
790 .name = "nooldmime", 790 .name = "nooldmime",
791 .desc = "Output old S/MIME content type", 791 .desc = "Output old S/MIME content type",
792 .type = OPTION_VALUE_OR, 792 .type = OPTION_VALUE_OR,
793 .opt.value = &cms_config.flags, 793 .opt.value = &cfg.flags,
794 .value = CMS_NOOLDMIMETYPE, 794 .value = CMS_NOOLDMIMETYPE,
795 }, 795 },
796 { 796 {
797 .name = "noout", 797 .name = "noout",
798 .desc = "Do not output the parsed CMS structure", 798 .desc = "Do not output the parsed CMS structure",
799 .type = OPTION_FLAG, 799 .type = OPTION_FLAG,
800 .opt.flag = &cms_config.noout, 800 .opt.flag = &cfg.noout,
801 }, 801 },
802 { 802 {
803 .name = "nosigs", 803 .name = "nosigs",
804 .desc = "Do not verify message signature", 804 .desc = "Do not verify message signature",
805 .type = OPTION_VALUE_OR, 805 .type = OPTION_VALUE_OR,
806 .opt.value = &cms_config.flags, 806 .opt.value = &cfg.flags,
807 .value = CMS_NOSIGS, 807 .value = CMS_NOSIGS,
808 }, 808 },
809 { 809 {
810 .name = "nosmimecap", 810 .name = "nosmimecap",
811 .desc = "Omit the SMIMECapabilities attribute", 811 .desc = "Omit the SMIMECapabilities attribute",
812 .type = OPTION_VALUE_OR, 812 .type = OPTION_VALUE_OR,
813 .opt.value = &cms_config.flags, 813 .opt.value = &cfg.flags,
814 .value = CMS_NOSMIMECAP, 814 .value = CMS_NOSMIMECAP,
815 }, 815 },
816 { 816 {
817 .name = "noverify", 817 .name = "noverify",
818 .desc = "Do not verify signer's certificate", 818 .desc = "Do not verify signer's certificate",
819 .type = OPTION_VALUE_OR, 819 .type = OPTION_VALUE_OR,
820 .opt.value = &cms_config.flags, 820 .opt.value = &cfg.flags,
821 .value = CMS_NO_SIGNER_CERT_VERIFY, 821 .value = CMS_NO_SIGNER_CERT_VERIFY,
822 }, 822 },
823 { 823 {
@@ -825,21 +825,21 @@ static const struct option cms_options[] = {
825 .argname = "file", 825 .argname = "file",
826 .desc = "Output file", 826 .desc = "Output file",
827 .type = OPTION_ARG, 827 .type = OPTION_ARG,
828 .opt.arg = &cms_config.outfile, 828 .opt.arg = &cfg.outfile,
829 }, 829 },
830 { 830 {
831 .name = "outform", 831 .name = "outform",
832 .argname = "fmt", 832 .argname = "fmt",
833 .desc = "Output format (DER, PEM or SMIME (default))", 833 .desc = "Output format (DER, PEM or SMIME (default))",
834 .type = OPTION_ARG_FORMAT, 834 .type = OPTION_ARG_FORMAT,
835 .opt.value = &cms_config.outformat, 835 .opt.value = &cfg.outformat,
836 }, 836 },
837 { 837 {
838 .name = "passin", 838 .name = "passin",
839 .argname = "src", 839 .argname = "src",
840 .desc = "Private key password source", 840 .desc = "Private key password source",
841 .type = OPTION_ARG, 841 .type = OPTION_ARG,
842 .opt.arg = &cms_config.passargin, 842 .opt.arg = &cfg.passargin,
843 }, 843 },
844 { 844 {
845 .name = "print", 845 .name = "print",
@@ -859,20 +859,20 @@ static const struct option cms_options[] = {
859 .argname = "fmt", 859 .argname = "fmt",
860 .desc = "Receipt file format (DER, PEM or SMIME (default))", 860 .desc = "Receipt file format (DER, PEM or SMIME (default))",
861 .type = OPTION_ARG_FORMAT, 861 .type = OPTION_ARG_FORMAT,
862 .opt.value = &cms_config.rctformat, 862 .opt.value = &cfg.rctformat,
863 }, 863 },
864 { 864 {
865 .name = "receipt_request_all", 865 .name = "receipt_request_all",
866 .desc = "Indicate requests should be provided by all recipients", 866 .desc = "Indicate requests should be provided by all recipients",
867 .type = OPTION_VALUE, 867 .type = OPTION_VALUE,
868 .opt.value = &cms_config.rr_allorfirst, 868 .opt.value = &cfg.rr_allorfirst,
869 .value = 0, 869 .value = 0,
870 }, 870 },
871 { 871 {
872 .name = "receipt_request_first", 872 .name = "receipt_request_first",
873 .desc = "Indicate requests should be provided by first tier recipient", 873 .desc = "Indicate requests should be provided by first tier recipient",
874 .type = OPTION_VALUE, 874 .type = OPTION_VALUE,
875 .opt.value = &cms_config.rr_allorfirst, 875 .opt.value = &cfg.rr_allorfirst,
876 .value = 1, 876 .value = 1,
877 }, 877 },
878 { 878 {
@@ -886,7 +886,7 @@ static const struct option cms_options[] = {
886 .name = "receipt_request_print", 886 .name = "receipt_request_print",
887 .desc = "Print out the contents of any signed receipt requests", 887 .desc = "Print out the contents of any signed receipt requests",
888 .type = OPTION_FLAG, 888 .type = OPTION_FLAG,
889 .opt.flag = &cms_config.rr_print, 889 .opt.flag = &cfg.rr_print,
890 }, 890 },
891 { 891 {
892 .name = "receipt_request_to", 892 .name = "receipt_request_to",
@@ -906,7 +906,7 @@ static const struct option cms_options[] = {
906 .name = "resign", 906 .name = "resign",
907 .desc = "Resign a signed message", 907 .desc = "Resign a signed message",
908 .type = OPTION_VALUE, 908 .type = OPTION_VALUE,
909 .opt.value = &cms_config.operation, 909 .opt.value = &cfg.operation,
910 .value = SMIME_RESIGN, 910 .value = SMIME_RESIGN,
911 }, 911 },
912 { 912 {
@@ -927,14 +927,14 @@ static const struct option cms_options[] = {
927 .name = "sign", 927 .name = "sign",
928 .desc = "Sign message", 928 .desc = "Sign message",
929 .type = OPTION_VALUE, 929 .type = OPTION_VALUE,
930 .opt.value = &cms_config.operation, 930 .opt.value = &cfg.operation,
931 .value = SMIME_SIGN, 931 .value = SMIME_SIGN,
932 }, 932 },
933 { 933 {
934 .name = "sign_receipt", 934 .name = "sign_receipt",
935 .desc = "Generate a signed receipt for the message", 935 .desc = "Generate a signed receipt for the message",
936 .type = OPTION_VALUE, 936 .type = OPTION_VALUE,
937 .opt.value = &cms_config.operation, 937 .opt.value = &cfg.operation,
938 .value = SMIME_SIGN_RECEIPT, 938 .value = SMIME_SIGN_RECEIPT,
939 }, 939 },
940 { 940 {
@@ -948,7 +948,7 @@ static const struct option cms_options[] = {
948 .name = "stream", 948 .name = "stream",
949 .desc = "Enable CMS streaming", 949 .desc = "Enable CMS streaming",
950 .type = OPTION_VALUE_OR, 950 .type = OPTION_VALUE_OR,
951 .opt.value = &cms_config.flags, 951 .opt.value = &cfg.flags,
952 .value = CMS_STREAM, 952 .value = CMS_STREAM,
953 }, 953 },
954 { 954 {
@@ -956,13 +956,13 @@ static const struct option cms_options[] = {
956 .argname = "s", 956 .argname = "s",
957 .desc = "Subject", 957 .desc = "Subject",
958 .type = OPTION_ARG, 958 .type = OPTION_ARG,
959 .opt.arg = &cms_config.subject, 959 .opt.arg = &cfg.subject,
960 }, 960 },
961 { 961 {
962 .name = "text", 962 .name = "text",
963 .desc = "Include or delete text MIME headers", 963 .desc = "Include or delete text MIME headers",
964 .type = OPTION_VALUE_OR, 964 .type = OPTION_VALUE_OR,
965 .opt.value = &cms_config.flags, 965 .opt.value = &cfg.flags,
966 .value = CMS_TEXT, 966 .value = CMS_TEXT,
967 }, 967 },
968 { 968 {
@@ -970,20 +970,20 @@ static const struct option cms_options[] = {
970 .argname = "addr", 970 .argname = "addr",
971 .desc = "To address", 971 .desc = "To address",
972 .type = OPTION_ARG, 972 .type = OPTION_ARG,
973 .opt.arg = &cms_config.to, 973 .opt.arg = &cfg.to,
974 }, 974 },
975 { 975 {
976 .name = "uncompress", 976 .name = "uncompress",
977 .desc = "Uncompress CMS CompressedData type", 977 .desc = "Uncompress CMS CompressedData type",
978 .type = OPTION_VALUE, 978 .type = OPTION_VALUE,
979 .opt.value = &cms_config.operation, 979 .opt.value = &cfg.operation,
980 .value = SMIME_UNCOMPRESS, 980 .value = SMIME_UNCOMPRESS,
981 }, 981 },
982 { 982 {
983 .name = "verify", 983 .name = "verify",
984 .desc = "Verify signed message", 984 .desc = "Verify signed message",
985 .type = OPTION_VALUE, 985 .type = OPTION_VALUE,
986 .opt.value = &cms_config.operation, 986 .opt.value = &cfg.operation,
987 .value = SMIME_VERIFY, 987 .value = SMIME_VERIFY,
988 }, 988 },
989 { 989 {
@@ -997,7 +997,7 @@ static const struct option cms_options[] = {
997 .name = "verify_retcode", 997 .name = "verify_retcode",
998 .desc = "Set verification error code to exit code", 998 .desc = "Set verification error code to exit code",
999 .type = OPTION_FLAG, 999 .type = OPTION_FLAG,
1000 .opt.flag = &cms_config.verify_retcode, 1000 .opt.flag = &cfg.verify_retcode,
1001 }, 1001 },
1002 { 1002 {
1003 .name = "check_ss_sig", 1003 .name = "check_ss_sig",
@@ -1170,84 +1170,84 @@ cms_main(int argc, char **argv)
1170 exit(1); 1170 exit(1);
1171 } 1171 }
1172 1172
1173 memset(&cms_config, 0, sizeof(cms_config)); 1173 memset(&cfg, 0, sizeof(cfg));
1174 cms_config.flags = CMS_DETACHED; 1174 cfg.flags = CMS_DETACHED;
1175 cms_config.rr_allorfirst = -1; 1175 cfg.rr_allorfirst = -1;
1176 cms_config.informat = FORMAT_SMIME; 1176 cfg.informat = FORMAT_SMIME;
1177 cms_config.outformat = FORMAT_SMIME; 1177 cfg.outformat = FORMAT_SMIME;
1178 cms_config.rctformat = FORMAT_SMIME; 1178 cfg.rctformat = FORMAT_SMIME;
1179 cms_config.keyform = FORMAT_PEM; 1179 cfg.keyform = FORMAT_PEM;
1180 if (options_parse(argc, argv, cms_options, NULL, &argsused) != 0) { 1180 if (options_parse(argc, argv, cms_options, NULL, &argsused) != 0) {
1181 goto argerr; 1181 goto argerr;
1182 } 1182 }
1183 args = argv + argsused; 1183 args = argv + argsused;
1184 ret = 1; 1184 ret = 1;
1185 1185
1186 if (((cms_config.rr_allorfirst != -1) || cms_config.rr_from != NULL) && 1186 if (((cfg.rr_allorfirst != -1) || cfg.rr_from != NULL) &&
1187 cms_config.rr_to == NULL) { 1187 cfg.rr_to == NULL) {
1188 BIO_puts(bio_err, "No Signed Receipts Recipients\n"); 1188 BIO_puts(bio_err, "No Signed Receipts Recipients\n");
1189 goto argerr; 1189 goto argerr;
1190 } 1190 }
1191 if (!(cms_config.operation & SMIME_SIGNERS) && 1191 if (!(cfg.operation & SMIME_SIGNERS) &&
1192 (cms_config.rr_to != NULL || cms_config.rr_from != NULL)) { 1192 (cfg.rr_to != NULL || cfg.rr_from != NULL)) {
1193 BIO_puts(bio_err, "Signed receipts only allowed with -sign\n"); 1193 BIO_puts(bio_err, "Signed receipts only allowed with -sign\n");
1194 goto argerr; 1194 goto argerr;
1195 } 1195 }
1196 if (!(cms_config.operation & SMIME_SIGNERS) && 1196 if (!(cfg.operation & SMIME_SIGNERS) &&
1197 (cms_config.skkeys != NULL || cms_config.sksigners != NULL)) { 1197 (cfg.skkeys != NULL || cfg.sksigners != NULL)) {
1198 BIO_puts(bio_err, "Multiple signers or keys not allowed\n"); 1198 BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
1199 goto argerr; 1199 goto argerr;
1200 } 1200 }
1201 if (cms_config.operation & SMIME_SIGNERS) { 1201 if (cfg.operation & SMIME_SIGNERS) {
1202 if (cms_config.keyfile != NULL && 1202 if (cfg.keyfile != NULL &&
1203 cms_config.signerfile == NULL) { 1203 cfg.signerfile == NULL) {
1204 BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 1204 BIO_puts(bio_err, "Illegal -inkey without -signer\n");
1205 goto argerr; 1205 goto argerr;
1206 } 1206 }
1207 /* Check to see if any final signer needs to be appended */ 1207 /* Check to see if any final signer needs to be appended */
1208 if (cms_config.signerfile != NULL) { 1208 if (cfg.signerfile != NULL) {
1209 if (cms_config.sksigners == NULL && 1209 if (cfg.sksigners == NULL &&
1210 (cms_config.sksigners = 1210 (cfg.sksigners =
1211 sk_OPENSSL_STRING_new_null()) == NULL) 1211 sk_OPENSSL_STRING_new_null()) == NULL)
1212 goto end; 1212 goto end;
1213 if (!sk_OPENSSL_STRING_push(cms_config.sksigners, 1213 if (!sk_OPENSSL_STRING_push(cfg.sksigners,
1214 cms_config.signerfile)) 1214 cfg.signerfile))
1215 goto end; 1215 goto end;
1216 if (cms_config.skkeys == NULL && 1216 if (cfg.skkeys == NULL &&
1217 (cms_config.skkeys = 1217 (cfg.skkeys =
1218 sk_OPENSSL_STRING_new_null()) == NULL) 1218 sk_OPENSSL_STRING_new_null()) == NULL)
1219 goto end; 1219 goto end;
1220 if (cms_config.keyfile == NULL) 1220 if (cfg.keyfile == NULL)
1221 cms_config.keyfile = cms_config.signerfile; 1221 cfg.keyfile = cfg.signerfile;
1222 if (!sk_OPENSSL_STRING_push(cms_config.skkeys, 1222 if (!sk_OPENSSL_STRING_push(cfg.skkeys,
1223 cms_config.keyfile)) 1223 cfg.keyfile))
1224 goto end; 1224 goto end;
1225 } 1225 }
1226 if (cms_config.sksigners == NULL) { 1226 if (cfg.sksigners == NULL) {
1227 BIO_printf(bio_err, 1227 BIO_printf(bio_err,
1228 "No signer certificate specified\n"); 1228 "No signer certificate specified\n");
1229 badarg = 1; 1229 badarg = 1;
1230 } 1230 }
1231 cms_config.signerfile = NULL; 1231 cfg.signerfile = NULL;
1232 cms_config.keyfile = NULL; 1232 cfg.keyfile = NULL;
1233 } else if (cms_config.operation == SMIME_DECRYPT) { 1233 } else if (cfg.operation == SMIME_DECRYPT) {
1234 if (cms_config.recipfile == NULL && 1234 if (cfg.recipfile == NULL &&
1235 cms_config.keyfile == NULL && 1235 cfg.keyfile == NULL &&
1236 cms_config.secret_key == NULL && 1236 cfg.secret_key == NULL &&
1237 cms_config.pwri_pass == NULL) { 1237 cfg.pwri_pass == NULL) {
1238 BIO_printf(bio_err, 1238 BIO_printf(bio_err,
1239 "No recipient certificate or key specified\n"); 1239 "No recipient certificate or key specified\n");
1240 badarg = 1; 1240 badarg = 1;
1241 } 1241 }
1242 } else if (cms_config.operation == SMIME_ENCRYPT) { 1242 } else if (cfg.operation == SMIME_ENCRYPT) {
1243 if (*args == NULL && cms_config.secret_key == NULL && 1243 if (*args == NULL && cfg.secret_key == NULL &&
1244 cms_config.pwri_pass == NULL && 1244 cfg.pwri_pass == NULL &&
1245 cms_config.encerts == NULL) { 1245 cfg.encerts == NULL) {
1246 BIO_printf(bio_err, 1246 BIO_printf(bio_err,
1247 "No recipient(s) certificate(s) specified\n"); 1247 "No recipient(s) certificate(s) specified\n");
1248 badarg = 1; 1248 badarg = 1;
1249 } 1249 }
1250 } else if (!cms_config.operation) { 1250 } else if (!cfg.operation) {
1251 badarg = 1; 1251 badarg = 1;
1252 } 1252 }
1253 1253
@@ -1257,103 +1257,103 @@ cms_main(int argc, char **argv)
1257 goto end; 1257 goto end;
1258 } 1258 }
1259 1259
1260 if (!app_passwd(bio_err, cms_config.passargin, NULL, &passin, NULL)) { 1260 if (!app_passwd(bio_err, cfg.passargin, NULL, &passin, NULL)) {
1261 BIO_printf(bio_err, "Error getting password\n"); 1261 BIO_printf(bio_err, "Error getting password\n");
1262 goto end; 1262 goto end;
1263 } 1263 }
1264 ret = 2; 1264 ret = 2;
1265 1265
1266 if (!(cms_config.operation & SMIME_SIGNERS)) 1266 if (!(cfg.operation & SMIME_SIGNERS))
1267 cms_config.flags &= ~CMS_DETACHED; 1267 cfg.flags &= ~CMS_DETACHED;
1268 1268
1269 if (cms_config.operation & SMIME_OP) { 1269 if (cfg.operation & SMIME_OP) {
1270 if (cms_config.outformat == FORMAT_ASN1) 1270 if (cfg.outformat == FORMAT_ASN1)
1271 outmode = "wb"; 1271 outmode = "wb";
1272 } else { 1272 } else {
1273 if (cms_config.flags & CMS_BINARY) 1273 if (cfg.flags & CMS_BINARY)
1274 outmode = "wb"; 1274 outmode = "wb";
1275 } 1275 }
1276 1276
1277 if (cms_config.operation & SMIME_IP) { 1277 if (cfg.operation & SMIME_IP) {
1278 if (cms_config.informat == FORMAT_ASN1) 1278 if (cfg.informat == FORMAT_ASN1)
1279 inmode = "rb"; 1279 inmode = "rb";
1280 } else { 1280 } else {
1281 if (cms_config.flags & CMS_BINARY) 1281 if (cfg.flags & CMS_BINARY)
1282 inmode = "rb"; 1282 inmode = "rb";
1283 } 1283 }
1284 1284
1285 if (cms_config.operation == SMIME_ENCRYPT) { 1285 if (cfg.operation == SMIME_ENCRYPT) {
1286 if (cms_config.cipher == NULL) { 1286 if (cfg.cipher == NULL) {
1287#ifndef OPENSSL_NO_DES 1287#ifndef OPENSSL_NO_DES
1288 cms_config.cipher = EVP_des_ede3_cbc(); 1288 cfg.cipher = EVP_des_ede3_cbc();
1289#else 1289#else
1290 BIO_printf(bio_err, "No cipher selected\n"); 1290 BIO_printf(bio_err, "No cipher selected\n");
1291 goto end; 1291 goto end;
1292#endif 1292#endif
1293 } 1293 }
1294 if (cms_config.secret_key != NULL && 1294 if (cfg.secret_key != NULL &&
1295 cms_config.secret_keyid == NULL) { 1295 cfg.secret_keyid == NULL) {
1296 BIO_printf(bio_err, "No secret key id\n"); 1296 BIO_printf(bio_err, "No secret key id\n");
1297 goto end; 1297 goto end;
1298 } 1298 }
1299 if (*args != NULL && cms_config.encerts == NULL) 1299 if (*args != NULL && cfg.encerts == NULL)
1300 if ((cms_config.encerts = sk_X509_new_null()) == NULL) 1300 if ((cfg.encerts = sk_X509_new_null()) == NULL)
1301 goto end; 1301 goto end;
1302 while (*args) { 1302 while (*args) {
1303 if ((cms_config.cert = load_cert(bio_err, *args, 1303 if ((cfg.cert = load_cert(bio_err, *args,
1304 FORMAT_PEM, NULL, 1304 FORMAT_PEM, NULL,
1305 "recipient certificate file")) == NULL) 1305 "recipient certificate file")) == NULL)
1306 goto end; 1306 goto end;
1307 if (!sk_X509_push(cms_config.encerts, cms_config.cert)) 1307 if (!sk_X509_push(cfg.encerts, cfg.cert))
1308 goto end; 1308 goto end;
1309 cms_config.cert = NULL; 1309 cfg.cert = NULL;
1310 args++; 1310 args++;
1311 } 1311 }
1312 } 1312 }
1313 if (cms_config.certfile != NULL) { 1313 if (cfg.certfile != NULL) {
1314 if ((other = load_certs(bio_err, cms_config.certfile, 1314 if ((other = load_certs(bio_err, cfg.certfile,
1315 FORMAT_PEM, NULL, "certificate file")) == NULL) { 1315 FORMAT_PEM, NULL, "certificate file")) == NULL) {
1316 ERR_print_errors(bio_err); 1316 ERR_print_errors(bio_err);
1317 goto end; 1317 goto end;
1318 } 1318 }
1319 } 1319 }
1320 if (cms_config.recipfile != NULL && 1320 if (cfg.recipfile != NULL &&
1321 (cms_config.operation == SMIME_DECRYPT)) { 1321 (cfg.operation == SMIME_DECRYPT)) {
1322 if ((recip = load_cert(bio_err, cms_config.recipfile, 1322 if ((recip = load_cert(bio_err, cfg.recipfile,
1323 FORMAT_PEM, NULL, "recipient certificate file")) == NULL) { 1323 FORMAT_PEM, NULL, "recipient certificate file")) == NULL) {
1324 ERR_print_errors(bio_err); 1324 ERR_print_errors(bio_err);
1325 goto end; 1325 goto end;
1326 } 1326 }
1327 } 1327 }
1328 if (cms_config.operation == SMIME_SIGN_RECEIPT) { 1328 if (cfg.operation == SMIME_SIGN_RECEIPT) {
1329 if ((signer = load_cert(bio_err, cms_config.signerfile, 1329 if ((signer = load_cert(bio_err, cfg.signerfile,
1330 FORMAT_PEM, NULL, 1330 FORMAT_PEM, NULL,
1331 "receipt signer certificate file")) == NULL) { 1331 "receipt signer certificate file")) == NULL) {
1332 ERR_print_errors(bio_err); 1332 ERR_print_errors(bio_err);
1333 goto end; 1333 goto end;
1334 } 1334 }
1335 } 1335 }
1336 if (cms_config.operation == SMIME_DECRYPT) { 1336 if (cfg.operation == SMIME_DECRYPT) {
1337 if (cms_config.keyfile == NULL) 1337 if (cfg.keyfile == NULL)
1338 cms_config.keyfile = cms_config.recipfile; 1338 cfg.keyfile = cfg.recipfile;
1339 } else if ((cms_config.operation == SMIME_SIGN) || 1339 } else if ((cfg.operation == SMIME_SIGN) ||
1340 (cms_config.operation == SMIME_SIGN_RECEIPT)) { 1340 (cfg.operation == SMIME_SIGN_RECEIPT)) {
1341 if (cms_config.keyfile == NULL) 1341 if (cfg.keyfile == NULL)
1342 cms_config.keyfile = cms_config.signerfile; 1342 cfg.keyfile = cfg.signerfile;
1343 } else { 1343 } else {
1344 cms_config.keyfile = NULL; 1344 cfg.keyfile = NULL;
1345 } 1345 }
1346 1346
1347 if (cms_config.keyfile != NULL) { 1347 if (cfg.keyfile != NULL) {
1348 key = load_key(bio_err, cms_config.keyfile, cms_config.keyform, 1348 key = load_key(bio_err, cfg.keyfile, cfg.keyform,
1349 0, passin, "signing key file"); 1349 0, passin, "signing key file");
1350 if (key == NULL) 1350 if (key == NULL)
1351 goto end; 1351 goto end;
1352 } 1352 }
1353 if (cms_config.infile != NULL) { 1353 if (cfg.infile != NULL) {
1354 if ((in = BIO_new_file(cms_config.infile, inmode)) == NULL) { 1354 if ((in = BIO_new_file(cfg.infile, inmode)) == NULL) {
1355 BIO_printf(bio_err, 1355 BIO_printf(bio_err,
1356 "Can't open input file %s\n", cms_config.infile); 1356 "Can't open input file %s\n", cfg.infile);
1357 goto end; 1357 goto end;
1358 } 1358 }
1359 } else { 1359 } else {
@@ -1361,12 +1361,12 @@ cms_main(int argc, char **argv)
1361 goto end; 1361 goto end;
1362 } 1362 }
1363 1363
1364 if (cms_config.operation & SMIME_IP) { 1364 if (cfg.operation & SMIME_IP) {
1365 if (cms_config.informat == FORMAT_SMIME) 1365 if (cfg.informat == FORMAT_SMIME)
1366 cms = SMIME_read_CMS(in, &indata); 1366 cms = SMIME_read_CMS(in, &indata);
1367 else if (cms_config.informat == FORMAT_PEM) 1367 else if (cfg.informat == FORMAT_PEM)
1368 cms = PEM_read_bio_CMS(in, NULL, NULL, NULL); 1368 cms = PEM_read_bio_CMS(in, NULL, NULL, NULL);
1369 else if (cms_config.informat == FORMAT_ASN1) 1369 else if (cfg.informat == FORMAT_ASN1)
1370 cms = d2i_CMS_bio(in, NULL); 1370 cms = d2i_CMS_bio(in, NULL);
1371 else { 1371 else {
1372 BIO_printf(bio_err, "Bad input format for CMS file\n"); 1372 BIO_printf(bio_err, "Bad input format for CMS file\n");
@@ -1377,24 +1377,24 @@ cms_main(int argc, char **argv)
1377 BIO_printf(bio_err, "Error reading S/MIME message\n"); 1377 BIO_printf(bio_err, "Error reading S/MIME message\n");
1378 goto end; 1378 goto end;
1379 } 1379 }
1380 if (cms_config.contfile != NULL) { 1380 if (cfg.contfile != NULL) {
1381 BIO_free(indata); 1381 BIO_free(indata);
1382 if ((indata = BIO_new_file(cms_config.contfile, 1382 if ((indata = BIO_new_file(cfg.contfile,
1383 "rb")) == NULL) { 1383 "rb")) == NULL) {
1384 BIO_printf(bio_err, 1384 BIO_printf(bio_err,
1385 "Can't read content file %s\n", 1385 "Can't read content file %s\n",
1386 cms_config.contfile); 1386 cfg.contfile);
1387 goto end; 1387 goto end;
1388 } 1388 }
1389 } 1389 }
1390 if (cms_config.certsoutfile != NULL) { 1390 if (cfg.certsoutfile != NULL) {
1391 STACK_OF(X509) *allcerts; 1391 STACK_OF(X509) *allcerts;
1392 if ((allcerts = CMS_get1_certs(cms)) == NULL) 1392 if ((allcerts = CMS_get1_certs(cms)) == NULL)
1393 goto end; 1393 goto end;
1394 if (!save_certs(cms_config.certsoutfile, allcerts)) { 1394 if (!save_certs(cfg.certsoutfile, allcerts)) {
1395 BIO_printf(bio_err, 1395 BIO_printf(bio_err,
1396 "Error writing certs to %s\n", 1396 "Error writing certs to %s\n",
1397 cms_config.certsoutfile); 1397 cfg.certsoutfile);
1398 sk_X509_pop_free(allcerts, X509_free); 1398 sk_X509_pop_free(allcerts, X509_free);
1399 ret = 5; 1399 ret = 5;
1400 goto end; 1400 goto end;
@@ -1402,19 +1402,19 @@ cms_main(int argc, char **argv)
1402 sk_X509_pop_free(allcerts, X509_free); 1402 sk_X509_pop_free(allcerts, X509_free);
1403 } 1403 }
1404 } 1404 }
1405 if (cms_config.rctfile != NULL) { 1405 if (cfg.rctfile != NULL) {
1406 char *rctmode = (cms_config.rctformat == FORMAT_ASN1) ? 1406 char *rctmode = (cfg.rctformat == FORMAT_ASN1) ?
1407 "rb" : "r"; 1407 "rb" : "r";
1408 if ((rctin = BIO_new_file(cms_config.rctfile, rctmode)) == NULL) { 1408 if ((rctin = BIO_new_file(cfg.rctfile, rctmode)) == NULL) {
1409 BIO_printf(bio_err, 1409 BIO_printf(bio_err,
1410 "Can't open receipt file %s\n", cms_config.rctfile); 1410 "Can't open receipt file %s\n", cfg.rctfile);
1411 goto end; 1411 goto end;
1412 } 1412 }
1413 if (cms_config.rctformat == FORMAT_SMIME) 1413 if (cfg.rctformat == FORMAT_SMIME)
1414 rcms = SMIME_read_CMS(rctin, NULL); 1414 rcms = SMIME_read_CMS(rctin, NULL);
1415 else if (cms_config.rctformat == FORMAT_PEM) 1415 else if (cfg.rctformat == FORMAT_PEM)
1416 rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL); 1416 rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL);
1417 else if (cms_config.rctformat == FORMAT_ASN1) 1417 else if (cfg.rctformat == FORMAT_ASN1)
1418 rcms = d2i_CMS_bio(rctin, NULL); 1418 rcms = d2i_CMS_bio(rctin, NULL);
1419 else { 1419 else {
1420 BIO_printf(bio_err, "Bad input format for receipt\n"); 1420 BIO_printf(bio_err, "Bad input format for receipt\n");
@@ -1426,10 +1426,10 @@ cms_main(int argc, char **argv)
1426 goto end; 1426 goto end;
1427 } 1427 }
1428 } 1428 }
1429 if (cms_config.outfile != NULL) { 1429 if (cfg.outfile != NULL) {
1430 if ((out = BIO_new_file(cms_config.outfile, outmode)) == NULL) { 1430 if ((out = BIO_new_file(cfg.outfile, outmode)) == NULL) {
1431 BIO_printf(bio_err, 1431 BIO_printf(bio_err,
1432 "Can't open output file %s\n", cms_config.outfile); 1432 "Can't open output file %s\n", cfg.outfile);
1433 goto end; 1433 goto end;
1434 } 1434 }
1435 } else { 1435 } else {
@@ -1437,42 +1437,42 @@ cms_main(int argc, char **argv)
1437 goto end; 1437 goto end;
1438 } 1438 }
1439 1439
1440 if ((cms_config.operation == SMIME_VERIFY) || 1440 if ((cfg.operation == SMIME_VERIFY) ||
1441 (cms_config.operation == SMIME_VERIFY_RECEIPT)) { 1441 (cfg.operation == SMIME_VERIFY_RECEIPT)) {
1442 if ((store = setup_verify(bio_err, cms_config.CAfile, 1442 if ((store = setup_verify(bio_err, cfg.CAfile,
1443 cms_config.CApath)) == NULL) 1443 cfg.CApath)) == NULL)
1444 goto end; 1444 goto end;
1445 X509_STORE_set_verify_cb(store, cms_cb); 1445 X509_STORE_set_verify_cb(store, cms_cb);
1446 if (cms_config.vpm != NULL) { 1446 if (cfg.vpm != NULL) {
1447 if (!X509_STORE_set1_param(store, cms_config.vpm)) 1447 if (!X509_STORE_set1_param(store, cfg.vpm))
1448 goto end; 1448 goto end;
1449 } 1449 }
1450 } 1450 }
1451 ret = 3; 1451 ret = 3;
1452 1452
1453 if (cms_config.operation == SMIME_DATA_CREATE) { 1453 if (cfg.operation == SMIME_DATA_CREATE) {
1454 cms = CMS_data_create(in, cms_config.flags); 1454 cms = CMS_data_create(in, cfg.flags);
1455 } else if (cms_config.operation == SMIME_DIGEST_CREATE) { 1455 } else if (cfg.operation == SMIME_DIGEST_CREATE) {
1456 cms = CMS_digest_create(in, cms_config.sign_md, 1456 cms = CMS_digest_create(in, cfg.sign_md,
1457 cms_config.flags); 1457 cfg.flags);
1458 } else if (cms_config.operation == SMIME_COMPRESS) { 1458 } else if (cfg.operation == SMIME_COMPRESS) {
1459 cms = CMS_compress(in, -1, cms_config.flags); 1459 cms = CMS_compress(in, -1, cfg.flags);
1460 } else if (cms_config.operation == SMIME_ENCRYPT) { 1460 } else if (cfg.operation == SMIME_ENCRYPT) {
1461 int i; 1461 int i;
1462 cms_config.flags |= CMS_PARTIAL; 1462 cfg.flags |= CMS_PARTIAL;
1463 cms = CMS_encrypt(NULL, in, cms_config.cipher, 1463 cms = CMS_encrypt(NULL, in, cfg.cipher,
1464 cms_config.flags); 1464 cfg.flags);
1465 if (cms == NULL) 1465 if (cms == NULL)
1466 goto end; 1466 goto end;
1467 for (i = 0; i < sk_X509_num(cms_config.encerts); i++) { 1467 for (i = 0; i < sk_X509_num(cfg.encerts); i++) {
1468 CMS_RecipientInfo *ri; 1468 CMS_RecipientInfo *ri;
1469 struct cms_key_param *kparam; 1469 struct cms_key_param *kparam;
1470 int tflags = cms_config.flags; 1470 int tflags = cfg.flags;
1471 X509 *x; 1471 X509 *x;
1472 1472
1473 if ((x = sk_X509_value(cms_config.encerts, i)) == NULL) 1473 if ((x = sk_X509_value(cfg.encerts, i)) == NULL)
1474 goto end; 1474 goto end;
1475 for (kparam = cms_config.key_first; kparam != NULL; 1475 for (kparam = cfg.key_first; kparam != NULL;
1476 kparam = kparam->next) { 1476 kparam = kparam->next) {
1477 if (kparam->idx == i) { 1477 if (kparam->idx == i) {
1478 tflags |= CMS_KEY_PARAM; 1478 tflags |= CMS_KEY_PARAM;
@@ -1492,18 +1492,18 @@ cms_main(int argc, char **argv)
1492 } 1492 }
1493 } 1493 }
1494 1494
1495 if (cms_config.secret_key != NULL) { 1495 if (cfg.secret_key != NULL) {
1496 if (CMS_add0_recipient_key(cms, NID_undef, 1496 if (CMS_add0_recipient_key(cms, NID_undef,
1497 cms_config.secret_key, cms_config.secret_keylen, 1497 cfg.secret_key, cfg.secret_keylen,
1498 cms_config.secret_keyid, cms_config.secret_keyidlen, 1498 cfg.secret_keyid, cfg.secret_keyidlen,
1499 NULL, NULL, NULL) == NULL) 1499 NULL, NULL, NULL) == NULL)
1500 goto end; 1500 goto end;
1501 /* NULL these because call absorbs them */ 1501 /* NULL these because call absorbs them */
1502 cms_config.secret_key = NULL; 1502 cfg.secret_key = NULL;
1503 cms_config.secret_keyid = NULL; 1503 cfg.secret_keyid = NULL;
1504 } 1504 }
1505 if (cms_config.pwri_pass != NULL) { 1505 if (cfg.pwri_pass != NULL) {
1506 pwri_tmp = strdup(cms_config.pwri_pass); 1506 pwri_tmp = strdup(cfg.pwri_pass);
1507 if (pwri_tmp == NULL) 1507 if (pwri_tmp == NULL)
1508 goto end; 1508 goto end;
1509 if (CMS_add0_recipient_password(cms, -1, NID_undef, 1509 if (CMS_add0_recipient_password(cms, -1, NID_undef,
@@ -1511,16 +1511,16 @@ cms_main(int argc, char **argv)
1511 goto end; 1511 goto end;
1512 pwri_tmp = NULL; 1512 pwri_tmp = NULL;
1513 } 1513 }
1514 if (!(cms_config.flags & CMS_STREAM)) { 1514 if (!(cfg.flags & CMS_STREAM)) {
1515 if (!CMS_final(cms, in, NULL, cms_config.flags)) 1515 if (!CMS_final(cms, in, NULL, cfg.flags))
1516 goto end; 1516 goto end;
1517 } 1517 }
1518 } else if (cms_config.operation == SMIME_ENCRYPTED_ENCRYPT) { 1518 } else if (cfg.operation == SMIME_ENCRYPTED_ENCRYPT) {
1519 cms = CMS_EncryptedData_encrypt(in, cms_config.cipher, 1519 cms = CMS_EncryptedData_encrypt(in, cfg.cipher,
1520 cms_config.secret_key, cms_config.secret_keylen, 1520 cfg.secret_key, cfg.secret_keylen,
1521 cms_config.flags); 1521 cfg.flags);
1522 1522
1523 } else if (cms_config.operation == SMIME_SIGN_RECEIPT) { 1523 } else if (cfg.operation == SMIME_SIGN_RECEIPT) {
1524 CMS_ContentInfo *srcms = NULL; 1524 CMS_ContentInfo *srcms = NULL;
1525 STACK_OF(CMS_SignerInfo) *sis; 1525 STACK_OF(CMS_SignerInfo) *sis;
1526 CMS_SignerInfo *si; 1526 CMS_SignerInfo *si;
@@ -1531,36 +1531,36 @@ cms_main(int argc, char **argv)
1531 if (si == NULL) 1531 if (si == NULL)
1532 goto end; 1532 goto end;
1533 srcms = CMS_sign_receipt(si, signer, key, other, 1533 srcms = CMS_sign_receipt(si, signer, key, other,
1534 cms_config.flags); 1534 cfg.flags);
1535 if (srcms == NULL) 1535 if (srcms == NULL)
1536 goto end; 1536 goto end;
1537 CMS_ContentInfo_free(cms); 1537 CMS_ContentInfo_free(cms);
1538 cms = srcms; 1538 cms = srcms;
1539 } else if (cms_config.operation & SMIME_SIGNERS) { 1539 } else if (cfg.operation & SMIME_SIGNERS) {
1540 int i; 1540 int i;
1541 /* 1541 /*
1542 * If detached data content we enable streaming if S/MIME 1542 * If detached data content we enable streaming if S/MIME
1543 * output format. 1543 * output format.
1544 */ 1544 */
1545 if (cms_config.operation == SMIME_SIGN) { 1545 if (cfg.operation == SMIME_SIGN) {
1546 1546
1547 if (cms_config.flags & CMS_DETACHED) { 1547 if (cfg.flags & CMS_DETACHED) {
1548 if (cms_config.outformat == FORMAT_SMIME) 1548 if (cfg.outformat == FORMAT_SMIME)
1549 cms_config.flags |= CMS_STREAM; 1549 cfg.flags |= CMS_STREAM;
1550 } 1550 }
1551 cms_config.flags |= CMS_PARTIAL; 1551 cfg.flags |= CMS_PARTIAL;
1552 cms = CMS_sign(NULL, NULL, other, in, cms_config.flags); 1552 cms = CMS_sign(NULL, NULL, other, in, cfg.flags);
1553 if (cms == NULL) 1553 if (cms == NULL)
1554 goto end; 1554 goto end;
1555 if (cms_config.econtent_type != NULL) 1555 if (cfg.econtent_type != NULL)
1556 if (!CMS_set1_eContentType(cms, 1556 if (!CMS_set1_eContentType(cms,
1557 cms_config.econtent_type)) 1557 cfg.econtent_type))
1558 goto end; 1558 goto end;
1559 1559
1560 if (cms_config.rr_to != NULL) { 1560 if (cfg.rr_to != NULL) {
1561 rr = make_receipt_request(cms_config.rr_to, 1561 rr = make_receipt_request(cfg.rr_to,
1562 cms_config.rr_allorfirst, 1562 cfg.rr_allorfirst,
1563 cms_config.rr_from); 1563 cfg.rr_from);
1564 if (rr == NULL) { 1564 if (rr == NULL) {
1565 BIO_puts(bio_err, 1565 BIO_puts(bio_err,
1566 "Signed Receipt Request Creation Error\n"); 1566 "Signed Receipt Request Creation Error\n");
@@ -1568,28 +1568,28 @@ cms_main(int argc, char **argv)
1568 } 1568 }
1569 } 1569 }
1570 } else { 1570 } else {
1571 cms_config.flags |= CMS_REUSE_DIGEST; 1571 cfg.flags |= CMS_REUSE_DIGEST;
1572 } 1572 }
1573 1573
1574 for (i = 0; i < sk_OPENSSL_STRING_num(cms_config.sksigners); i++) { 1574 for (i = 0; i < sk_OPENSSL_STRING_num(cfg.sksigners); i++) {
1575 CMS_SignerInfo *si; 1575 CMS_SignerInfo *si;
1576 struct cms_key_param *kparam; 1576 struct cms_key_param *kparam;
1577 int tflags = cms_config.flags; 1577 int tflags = cfg.flags;
1578 1578
1579 cms_config.signerfile = sk_OPENSSL_STRING_value( 1579 cfg.signerfile = sk_OPENSSL_STRING_value(
1580 cms_config.sksigners, i); 1580 cfg.sksigners, i);
1581 cms_config.keyfile = sk_OPENSSL_STRING_value( 1581 cfg.keyfile = sk_OPENSSL_STRING_value(
1582 cms_config.skkeys, i); 1582 cfg.skkeys, i);
1583 1583
1584 signer = load_cert(bio_err, cms_config.signerfile, 1584 signer = load_cert(bio_err, cfg.signerfile,
1585 FORMAT_PEM, NULL, "signer certificate"); 1585 FORMAT_PEM, NULL, "signer certificate");
1586 if (signer == NULL) 1586 if (signer == NULL)
1587 goto end; 1587 goto end;
1588 key = load_key(bio_err, cms_config.keyfile, 1588 key = load_key(bio_err, cfg.keyfile,
1589 cms_config.keyform, 0, passin, "signing key file"); 1589 cfg.keyform, 0, passin, "signing key file");
1590 if (key == NULL) 1590 if (key == NULL)
1591 goto end; 1591 goto end;
1592 for (kparam = cms_config.key_first; kparam != NULL; 1592 for (kparam = cfg.key_first; kparam != NULL;
1593 kparam = kparam->next) { 1593 kparam = kparam->next) {
1594 if (kparam->idx == i) { 1594 if (kparam->idx == i) {
1595 tflags |= CMS_KEY_PARAM; 1595 tflags |= CMS_KEY_PARAM;
@@ -1597,7 +1597,7 @@ cms_main(int argc, char **argv)
1597 } 1597 }
1598 } 1598 }
1599 si = CMS_add1_signer(cms, signer, key, 1599 si = CMS_add1_signer(cms, signer, key,
1600 cms_config.sign_md, tflags); 1600 cfg.sign_md, tflags);
1601 if (si == NULL) 1601 if (si == NULL)
1602 goto end; 1602 goto end;
1603 if (kparam != NULL) { 1603 if (kparam != NULL) {
@@ -1616,9 +1616,9 @@ cms_main(int argc, char **argv)
1616 key = NULL; 1616 key = NULL;
1617 } 1617 }
1618 /* If not streaming or resigning finalize structure */ 1618 /* If not streaming or resigning finalize structure */
1619 if ((cms_config.operation == SMIME_SIGN) && 1619 if ((cfg.operation == SMIME_SIGN) &&
1620 !(cms_config.flags & CMS_STREAM)) { 1620 !(cfg.flags & CMS_STREAM)) {
1621 if (!CMS_final(cms, in, NULL, cms_config.flags)) 1621 if (!CMS_final(cms, in, NULL, cfg.flags))
1622 goto end; 1622 goto end;
1623 } 1623 }
1624 } 1624 }
@@ -1627,15 +1627,15 @@ cms_main(int argc, char **argv)
1627 goto end; 1627 goto end;
1628 } 1628 }
1629 ret = 4; 1629 ret = 4;
1630 if (cms_config.operation == SMIME_DECRYPT) { 1630 if (cfg.operation == SMIME_DECRYPT) {
1631 if (cms_config.flags & CMS_DEBUG_DECRYPT) 1631 if (cfg.flags & CMS_DEBUG_DECRYPT)
1632 CMS_decrypt(cms, NULL, NULL, NULL, NULL, 1632 CMS_decrypt(cms, NULL, NULL, NULL, NULL,
1633 cms_config.flags); 1633 cfg.flags);
1634 1634
1635 if (cms_config.secret_key != NULL) { 1635 if (cfg.secret_key != NULL) {
1636 if (!CMS_decrypt_set1_key(cms, cms_config.secret_key, 1636 if (!CMS_decrypt_set1_key(cms, cfg.secret_key,
1637 cms_config.secret_keylen, cms_config.secret_keyid, 1637 cfg.secret_keylen, cfg.secret_keyid,
1638 cms_config.secret_keyidlen)) { 1638 cfg.secret_keyidlen)) {
1639 BIO_puts(bio_err, 1639 BIO_puts(bio_err,
1640 "Error decrypting CMS using secret key\n"); 1640 "Error decrypting CMS using secret key\n");
1641 goto end; 1641 goto end;
@@ -1648,95 +1648,95 @@ cms_main(int argc, char **argv)
1648 goto end; 1648 goto end;
1649 } 1649 }
1650 } 1650 }
1651 if (cms_config.pwri_pass != NULL) { 1651 if (cfg.pwri_pass != NULL) {
1652 if (!CMS_decrypt_set1_password(cms, 1652 if (!CMS_decrypt_set1_password(cms,
1653 cms_config.pwri_pass, -1)) { 1653 cfg.pwri_pass, -1)) {
1654 BIO_puts(bio_err, 1654 BIO_puts(bio_err,
1655 "Error decrypting CMS using password\n"); 1655 "Error decrypting CMS using password\n");
1656 goto end; 1656 goto end;
1657 } 1657 }
1658 } 1658 }
1659 if (!CMS_decrypt(cms, NULL, NULL, indata, out, 1659 if (!CMS_decrypt(cms, NULL, NULL, indata, out,
1660 cms_config.flags)) { 1660 cfg.flags)) {
1661 BIO_printf(bio_err, "Error decrypting CMS structure\n"); 1661 BIO_printf(bio_err, "Error decrypting CMS structure\n");
1662 goto end; 1662 goto end;
1663 } 1663 }
1664 } else if (cms_config.operation == SMIME_DATAOUT) { 1664 } else if (cfg.operation == SMIME_DATAOUT) {
1665 if (!CMS_data(cms, out, cms_config.flags)) 1665 if (!CMS_data(cms, out, cfg.flags))
1666 goto end; 1666 goto end;
1667 } else if (cms_config.operation == SMIME_UNCOMPRESS) { 1667 } else if (cfg.operation == SMIME_UNCOMPRESS) {
1668 if (!CMS_uncompress(cms, indata, out, cms_config.flags)) 1668 if (!CMS_uncompress(cms, indata, out, cfg.flags))
1669 goto end; 1669 goto end;
1670 } else if (cms_config.operation == SMIME_DIGEST_VERIFY) { 1670 } else if (cfg.operation == SMIME_DIGEST_VERIFY) {
1671 if (CMS_digest_verify(cms, indata, out, cms_config.flags) > 0) 1671 if (CMS_digest_verify(cms, indata, out, cfg.flags) > 0)
1672 BIO_printf(bio_err, "Verification successful\n"); 1672 BIO_printf(bio_err, "Verification successful\n");
1673 else { 1673 else {
1674 BIO_printf(bio_err, "Verification failure\n"); 1674 BIO_printf(bio_err, "Verification failure\n");
1675 goto end; 1675 goto end;
1676 } 1676 }
1677 } else if (cms_config.operation == SMIME_ENCRYPTED_DECRYPT) { 1677 } else if (cfg.operation == SMIME_ENCRYPTED_DECRYPT) {
1678 if (!CMS_EncryptedData_decrypt(cms, cms_config.secret_key, 1678 if (!CMS_EncryptedData_decrypt(cms, cfg.secret_key,
1679 cms_config.secret_keylen, indata, out, cms_config.flags)) 1679 cfg.secret_keylen, indata, out, cfg.flags))
1680 goto end; 1680 goto end;
1681 } else if (cms_config.operation == SMIME_VERIFY) { 1681 } else if (cfg.operation == SMIME_VERIFY) {
1682 if (CMS_verify(cms, other, store, indata, out, 1682 if (CMS_verify(cms, other, store, indata, out,
1683 cms_config.flags) > 0) { 1683 cfg.flags) > 0) {
1684 BIO_printf(bio_err, "Verification successful\n"); 1684 BIO_printf(bio_err, "Verification successful\n");
1685 } else { 1685 } else {
1686 BIO_printf(bio_err, "Verification failure\n"); 1686 BIO_printf(bio_err, "Verification failure\n");
1687 if (cms_config.verify_retcode) 1687 if (cfg.verify_retcode)
1688 ret = verify_err + 32; 1688 ret = verify_err + 32;
1689 goto end; 1689 goto end;
1690 } 1690 }
1691 if (cms_config.signerfile != NULL) { 1691 if (cfg.signerfile != NULL) {
1692 STACK_OF(X509) *signers; 1692 STACK_OF(X509) *signers;
1693 if ((signers = CMS_get0_signers(cms)) == NULL) 1693 if ((signers = CMS_get0_signers(cms)) == NULL)
1694 goto end; 1694 goto end;
1695 if (!save_certs(cms_config.signerfile, signers)) { 1695 if (!save_certs(cfg.signerfile, signers)) {
1696 BIO_printf(bio_err, 1696 BIO_printf(bio_err,
1697 "Error writing signers to %s\n", 1697 "Error writing signers to %s\n",
1698 cms_config.signerfile); 1698 cfg.signerfile);
1699 sk_X509_free(signers); 1699 sk_X509_free(signers);
1700 ret = 5; 1700 ret = 5;
1701 goto end; 1701 goto end;
1702 } 1702 }
1703 sk_X509_free(signers); 1703 sk_X509_free(signers);
1704 } 1704 }
1705 if (cms_config.rr_print) 1705 if (cfg.rr_print)
1706 receipt_request_print(bio_err, cms); 1706 receipt_request_print(bio_err, cms);
1707 1707
1708 } else if (cms_config.operation == SMIME_VERIFY_RECEIPT) { 1708 } else if (cfg.operation == SMIME_VERIFY_RECEIPT) {
1709 if (CMS_verify_receipt(rcms, cms, other, store, 1709 if (CMS_verify_receipt(rcms, cms, other, store,
1710 cms_config.flags) > 0) { 1710 cfg.flags) > 0) {
1711 BIO_printf(bio_err, "Verification successful\n"); 1711 BIO_printf(bio_err, "Verification successful\n");
1712 } else { 1712 } else {
1713 BIO_printf(bio_err, "Verification failure\n"); 1713 BIO_printf(bio_err, "Verification failure\n");
1714 goto end; 1714 goto end;
1715 } 1715 }
1716 } else { 1716 } else {
1717 if (cms_config.noout) { 1717 if (cfg.noout) {
1718 if (cms_config.print && 1718 if (cfg.print &&
1719 !CMS_ContentInfo_print_ctx(out, cms, 0, NULL)) 1719 !CMS_ContentInfo_print_ctx(out, cms, 0, NULL))
1720 goto end; 1720 goto end;
1721 } else if (cms_config.outformat == FORMAT_SMIME) { 1721 } else if (cfg.outformat == FORMAT_SMIME) {
1722 if (cms_config.to != NULL) 1722 if (cfg.to != NULL)
1723 BIO_printf(out, "To: %s\n", cms_config.to); 1723 BIO_printf(out, "To: %s\n", cfg.to);
1724 if (cms_config.from != NULL) 1724 if (cfg.from != NULL)
1725 BIO_printf(out, "From: %s\n", cms_config.from); 1725 BIO_printf(out, "From: %s\n", cfg.from);
1726 if (cms_config.subject != NULL) 1726 if (cfg.subject != NULL)
1727 BIO_printf(out, "Subject: %s\n", 1727 BIO_printf(out, "Subject: %s\n",
1728 cms_config.subject); 1728 cfg.subject);
1729 if (cms_config.operation == SMIME_RESIGN) 1729 if (cfg.operation == SMIME_RESIGN)
1730 ret = SMIME_write_CMS(out, cms, indata, 1730 ret = SMIME_write_CMS(out, cms, indata,
1731 cms_config.flags); 1731 cfg.flags);
1732 else 1732 else
1733 ret = SMIME_write_CMS(out, cms, in, 1733 ret = SMIME_write_CMS(out, cms, in,
1734 cms_config.flags); 1734 cfg.flags);
1735 } else if (cms_config.outformat == FORMAT_PEM) { 1735 } else if (cfg.outformat == FORMAT_PEM) {
1736 ret = PEM_write_bio_CMS_stream(out, cms, in, 1736 ret = PEM_write_bio_CMS_stream(out, cms, in,
1737 cms_config.flags); 1737 cfg.flags);
1738 } else if (cms_config.outformat == FORMAT_ASN1) { 1738 } else if (cfg.outformat == FORMAT_ASN1) {
1739 ret = i2d_CMS_bio_stream(out, cms, in, cms_config.flags); 1739 ret = i2d_CMS_bio_stream(out, cms, in, cfg.flags);
1740 } else { 1740 } else {
1741 BIO_printf(bio_err, "Bad output format for CMS file\n"); 1741 BIO_printf(bio_err, "Bad output format for CMS file\n");
1742 goto end; 1742 goto end;
@@ -1752,27 +1752,27 @@ cms_main(int argc, char **argv)
1752 if (ret) 1752 if (ret)
1753 ERR_print_errors(bio_err); 1753 ERR_print_errors(bio_err);
1754 1754
1755 sk_X509_pop_free(cms_config.encerts, X509_free); 1755 sk_X509_pop_free(cfg.encerts, X509_free);
1756 sk_X509_pop_free(other, X509_free); 1756 sk_X509_pop_free(other, X509_free);
1757 X509_VERIFY_PARAM_free(cms_config.vpm); 1757 X509_VERIFY_PARAM_free(cfg.vpm);
1758 sk_OPENSSL_STRING_free(cms_config.sksigners); 1758 sk_OPENSSL_STRING_free(cfg.sksigners);
1759 sk_OPENSSL_STRING_free(cms_config.skkeys); 1759 sk_OPENSSL_STRING_free(cfg.skkeys);
1760 free(cms_config.secret_key); 1760 free(cfg.secret_key);
1761 free(cms_config.secret_keyid); 1761 free(cfg.secret_keyid);
1762 free(pwri_tmp); 1762 free(pwri_tmp);
1763 ASN1_OBJECT_free(cms_config.econtent_type); 1763 ASN1_OBJECT_free(cfg.econtent_type);
1764 CMS_ReceiptRequest_free(rr); 1764 CMS_ReceiptRequest_free(rr);
1765 sk_OPENSSL_STRING_free(cms_config.rr_to); 1765 sk_OPENSSL_STRING_free(cfg.rr_to);
1766 sk_OPENSSL_STRING_free(cms_config.rr_from); 1766 sk_OPENSSL_STRING_free(cfg.rr_from);
1767 for (cms_config.key_param = cms_config.key_first; cms_config.key_param;) { 1767 for (cfg.key_param = cfg.key_first; cfg.key_param;) {
1768 struct cms_key_param *tparam; 1768 struct cms_key_param *tparam;
1769 sk_OPENSSL_STRING_free(cms_config.key_param->param); 1769 sk_OPENSSL_STRING_free(cfg.key_param->param);
1770 tparam = cms_config.key_param->next; 1770 tparam = cfg.key_param->next;
1771 free(cms_config.key_param); 1771 free(cfg.key_param);
1772 cms_config.key_param = tparam; 1772 cfg.key_param = tparam;
1773 } 1773 }
1774 X509_STORE_free(store); 1774 X509_STORE_free(store);
1775 X509_free(cms_config.cert); 1775 X509_free(cfg.cert);
1776 X509_free(recip); 1776 X509_free(recip);
1777 X509_free(signer); 1777 X509_free(signer);
1778 EVP_PKEY_free(key); 1778 EVP_PKEY_free(key);