summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/smime.c
diff options
context:
space:
mode:
authortb <>2023-03-06 14:32:06 +0000
committertb <>2023-03-06 14:32:06 +0000
commit6c965e26b1a93da63948edae6b68564be1ded507 (patch)
treebbe07d6e06b695cebe22802551f2db0a61354d7c /src/usr.bin/openssl/smime.c
parent48e828ea26ee91710242131cd75cd9d1d20b773c (diff)
downloadopenbsd-6c965e26b1a93da63948edae6b68564be1ded507.tar.gz
openbsd-6c965e26b1a93da63948edae6b68564be1ded507.tar.bz2
openbsd-6c965e26b1a93da63948edae6b68564be1ded507.zip
Rename struct ${app}_config to plain cfg
All the structs are static and we need to reach into them many times. Having a shorter name is more concise and results in less visual clutter. It also avoids many overlong lines and we will be able to get rid of some unfortunate line wrapping down the road. Discussed with jsing
Diffstat (limited to 'src/usr.bin/openssl/smime.c')
-rw-r--r--src/usr.bin/openssl/smime.c384
1 files changed, 192 insertions, 192 deletions
diff --git a/src/usr.bin/openssl/smime.c b/src/usr.bin/openssl/smime.c
index 37375c1600..e54c8d0b84 100644
--- a/src/usr.bin/openssl/smime.c
+++ b/src/usr.bin/openssl/smime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: smime.c,v 1.18 2022/11/11 17:07:39 joshua Exp $ */ 1/* $OpenBSD: smime.c,v 1.19 2023/03/06 14:32:06 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -107,7 +107,7 @@ static struct {
107 char *subject; 107 char *subject;
108 char *to; 108 char *to;
109 X509_VERIFY_PARAM *vpm; 109 X509_VERIFY_PARAM *vpm;
110} smime_config; 110} cfg;
111 111
112static const EVP_CIPHER * 112static const EVP_CIPHER *
113get_cipher_by_name(char *name) 113get_cipher_by_name(char *name)
@@ -156,8 +156,8 @@ smime_opt_cipher(int argc, char **argv, int *argsused)
156 if (*name++ != '-') 156 if (*name++ != '-')
157 return (1); 157 return (1);
158 158
159 if ((smime_config.cipher = get_cipher_by_name(name)) == NULL) 159 if ((cfg.cipher = get_cipher_by_name(name)) == NULL)
160 if ((smime_config.cipher = EVP_get_cipherbyname(name)) == NULL) 160 if ((cfg.cipher = EVP_get_cipherbyname(name)) == NULL)
161 return (1); 161 return (1);
162 162
163 *argsused = 1; 163 *argsused = 1;
@@ -167,41 +167,41 @@ smime_opt_cipher(int argc, char **argv, int *argsused)
167static int 167static int
168smime_opt_inkey(char *arg) 168smime_opt_inkey(char *arg)
169{ 169{
170 if (smime_config.keyfile == NULL) { 170 if (cfg.keyfile == NULL) {
171 smime_config.keyfile = arg; 171 cfg.keyfile = arg;
172 return (0); 172 return (0);
173 } 173 }
174 174
175 if (smime_config.signerfile == NULL) { 175 if (cfg.signerfile == NULL) {
176 BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 176 BIO_puts(bio_err, "Illegal -inkey without -signer\n");
177 return (1); 177 return (1);
178 } 178 }
179 179
180 if (smime_config.sksigners == NULL) { 180 if (cfg.sksigners == NULL) {
181 if ((smime_config.sksigners = sk_OPENSSL_STRING_new_null()) == NULL) 181 if ((cfg.sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
182 return (1); 182 return (1);
183 } 183 }
184 if (!sk_OPENSSL_STRING_push(smime_config.sksigners, 184 if (!sk_OPENSSL_STRING_push(cfg.sksigners,
185 smime_config.signerfile)) 185 cfg.signerfile))
186 return (1); 186 return (1);
187 187
188 smime_config.signerfile = NULL; 188 cfg.signerfile = NULL;
189 189
190 if (smime_config.skkeys == NULL) { 190 if (cfg.skkeys == NULL) {
191 if ((smime_config.skkeys = sk_OPENSSL_STRING_new_null()) == NULL) 191 if ((cfg.skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
192 return (1); 192 return (1);
193 } 193 }
194 if (!sk_OPENSSL_STRING_push(smime_config.skkeys, smime_config.keyfile)) 194 if (!sk_OPENSSL_STRING_push(cfg.skkeys, cfg.keyfile))
195 return (1); 195 return (1);
196 196
197 smime_config.keyfile = arg; 197 cfg.keyfile = arg;
198 return (0); 198 return (0);
199} 199}
200 200
201static int 201static int
202smime_opt_md(char *arg) 202smime_opt_md(char *arg)
203{ 203{
204 if ((smime_config.sign_md = EVP_get_digestbyname(arg)) == NULL) { 204 if ((cfg.sign_md = EVP_get_digestbyname(arg)) == NULL) {
205 BIO_printf(bio_err, "Unknown digest %s\n", arg); 205 BIO_printf(bio_err, "Unknown digest %s\n", arg);
206 return (1); 206 return (1);
207 } 207 }
@@ -211,32 +211,32 @@ smime_opt_md(char *arg)
211static int 211static int
212smime_opt_signer(char *arg) 212smime_opt_signer(char *arg)
213{ 213{
214 if (smime_config.signerfile == NULL) { 214 if (cfg.signerfile == NULL) {
215 smime_config.signerfile = arg; 215 cfg.signerfile = arg;
216 return (0); 216 return (0);
217 } 217 }
218 218
219 if (smime_config.sksigners == NULL) { 219 if (cfg.sksigners == NULL) {
220 if ((smime_config.sksigners = sk_OPENSSL_STRING_new_null()) == NULL) 220 if ((cfg.sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
221 return (1); 221 return (1);
222 } 222 }
223 if (!sk_OPENSSL_STRING_push(smime_config.sksigners, 223 if (!sk_OPENSSL_STRING_push(cfg.sksigners,
224 smime_config.signerfile)) 224 cfg.signerfile))
225 return (1); 225 return (1);
226 226
227 if (smime_config.keyfile == NULL) 227 if (cfg.keyfile == NULL)
228 smime_config.keyfile = smime_config.signerfile; 228 cfg.keyfile = cfg.signerfile;
229 229
230 if (smime_config.skkeys == NULL) { 230 if (cfg.skkeys == NULL) {
231 if ((smime_config.skkeys = sk_OPENSSL_STRING_new_null()) == NULL) 231 if ((cfg.skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
232 return (1); 232 return (1);
233 } 233 }
234 if (!sk_OPENSSL_STRING_push(smime_config.skkeys, smime_config.keyfile)) 234 if (!sk_OPENSSL_STRING_push(cfg.skkeys, cfg.keyfile))
235 return (1); 235 return (1);
236 236
237 smime_config.keyfile = NULL; 237 cfg.keyfile = NULL;
238 238
239 smime_config.signerfile = arg; 239 cfg.signerfile = arg;
240 return (0); 240 return (0);
241} 241}
242 242
@@ -246,7 +246,7 @@ smime_opt_verify_param(int argc, char **argv, int *argsused)
246 int oargc = argc; 246 int oargc = argc;
247 int badarg = 0; 247 int badarg = 0;
248 248
249 if (!args_verify(&argv, &argc, &badarg, bio_err, &smime_config.vpm)) 249 if (!args_verify(&argv, &argc, &badarg, bio_err, &cfg.vpm))
250 return (1); 250 return (1);
251 if (badarg) 251 if (badarg)
252 return (1); 252 return (1);
@@ -336,20 +336,20 @@ static const struct option smime_options[] = {
336 .argname = "file", 336 .argname = "file",
337 .desc = "Certificate Authority file", 337 .desc = "Certificate Authority file",
338 .type = OPTION_ARG, 338 .type = OPTION_ARG,
339 .opt.arg = &smime_config.CAfile, 339 .opt.arg = &cfg.CAfile,
340 }, 340 },
341 { 341 {
342 .name = "CApath", 342 .name = "CApath",
343 .argname = "path", 343 .argname = "path",
344 .desc = "Certificate Authority path", 344 .desc = "Certificate Authority path",
345 .type = OPTION_ARG, 345 .type = OPTION_ARG,
346 .opt.arg = &smime_config.CApath, 346 .opt.arg = &cfg.CApath,
347 }, 347 },
348 { 348 {
349 .name = "binary", 349 .name = "binary",
350 .desc = "Do not translate message to text", 350 .desc = "Do not translate message to text",
351 .type = OPTION_VALUE_OR, 351 .type = OPTION_VALUE_OR,
352 .opt.value = &smime_config.flags, 352 .opt.value = &cfg.flags,
353 .value = PKCS7_BINARY, 353 .value = PKCS7_BINARY,
354 }, 354 },
355 { 355 {
@@ -357,34 +357,34 @@ static const struct option smime_options[] = {
357 .argname = "file", 357 .argname = "file",
358 .desc = "Other certificates file", 358 .desc = "Other certificates file",
359 .type = OPTION_ARG, 359 .type = OPTION_ARG,
360 .opt.arg = &smime_config.certfile, 360 .opt.arg = &cfg.certfile,
361 }, 361 },
362 { 362 {
363 .name = "content", 363 .name = "content",
364 .argname = "file", 364 .argname = "file",
365 .desc = "Supply or override content for detached signature", 365 .desc = "Supply or override content for detached signature",
366 .type = OPTION_ARG, 366 .type = OPTION_ARG,
367 .opt.arg = &smime_config.contfile, 367 .opt.arg = &cfg.contfile,
368 }, 368 },
369 { 369 {
370 .name = "crlfeol", 370 .name = "crlfeol",
371 .desc = "Use CRLF as EOL termination instead of CR only", 371 .desc = "Use CRLF as EOL termination instead of CR only",
372 .type = OPTION_VALUE_OR, 372 .type = OPTION_VALUE_OR,
373 .opt.value = &smime_config.flags, 373 .opt.value = &cfg.flags,
374 .value = PKCS7_CRLFEOL, 374 .value = PKCS7_CRLFEOL,
375 }, 375 },
376 { 376 {
377 .name = "decrypt", 377 .name = "decrypt",
378 .desc = "Decrypt encrypted message", 378 .desc = "Decrypt encrypted message",
379 .type = OPTION_VALUE, 379 .type = OPTION_VALUE,
380 .opt.value = &smime_config.operation, 380 .opt.value = &cfg.operation,
381 .value = SMIME_DECRYPT, 381 .value = SMIME_DECRYPT,
382 }, 382 },
383 { 383 {
384 .name = "encrypt", 384 .name = "encrypt",
385 .desc = "Encrypt message", 385 .desc = "Encrypt message",
386 .type = OPTION_VALUE, 386 .type = OPTION_VALUE,
387 .opt.value = &smime_config.operation, 387 .opt.value = &cfg.operation,
388 .value = SMIME_ENCRYPT, 388 .value = SMIME_ENCRYPT,
389 }, 389 },
390 { 390 {
@@ -392,20 +392,20 @@ static const struct option smime_options[] = {
392 .argname = "addr", 392 .argname = "addr",
393 .desc = "From address", 393 .desc = "From address",
394 .type = OPTION_ARG, 394 .type = OPTION_ARG,
395 .opt.arg = &smime_config.from, 395 .opt.arg = &cfg.from,
396 }, 396 },
397 { 397 {
398 .name = "in", 398 .name = "in",
399 .argname = "file", 399 .argname = "file",
400 .desc = "Input file", 400 .desc = "Input file",
401 .type = OPTION_ARG, 401 .type = OPTION_ARG,
402 .opt.arg = &smime_config.infile, 402 .opt.arg = &cfg.infile,
403 }, 403 },
404 { 404 {
405 .name = "indef", 405 .name = "indef",
406 .desc = "Same as -stream", 406 .desc = "Same as -stream",
407 .type = OPTION_VALUE, 407 .type = OPTION_VALUE,
408 .opt.value = &smime_config.indef, 408 .opt.value = &cfg.indef,
409 .value = 1, 409 .value = 1,
410 }, 410 },
411 { 411 {
@@ -413,7 +413,7 @@ static const struct option smime_options[] = {
413 .argname = "fmt", 413 .argname = "fmt",
414 .desc = "Input format (DER, PEM or SMIME (default))", 414 .desc = "Input format (DER, PEM or SMIME (default))",
415 .type = OPTION_ARG_FORMAT, 415 .type = OPTION_ARG_FORMAT,
416 .opt.value = &smime_config.informat, 416 .opt.value = &cfg.informat,
417 }, 417 },
418 { 418 {
419 .name = "inkey", 419 .name = "inkey",
@@ -427,7 +427,7 @@ static const struct option smime_options[] = {
427 .argname = "fmt", 427 .argname = "fmt",
428 .desc = "Input key format (DER or PEM (default))", 428 .desc = "Input key format (DER or PEM (default))",
429 .type = OPTION_ARG_FORMAT, 429 .type = OPTION_ARG_FORMAT,
430 .opt.value = &smime_config.keyform, 430 .opt.value = &cfg.keyform,
431 }, 431 },
432 { 432 {
433 .name = "md", 433 .name = "md",
@@ -440,70 +440,70 @@ static const struct option smime_options[] = {
440 .name = "noattr", 440 .name = "noattr",
441 .desc = "Do not include any signed attributes", 441 .desc = "Do not include any signed attributes",
442 .type = OPTION_VALUE_OR, 442 .type = OPTION_VALUE_OR,
443 .opt.value = &smime_config.flags, 443 .opt.value = &cfg.flags,
444 .value = PKCS7_NOATTR, 444 .value = PKCS7_NOATTR,
445 }, 445 },
446 { 446 {
447 .name = "nocerts", 447 .name = "nocerts",
448 .desc = "Do not include signer's certificate when signing", 448 .desc = "Do not include signer's certificate when signing",
449 .type = OPTION_VALUE_OR, 449 .type = OPTION_VALUE_OR,
450 .opt.value = &smime_config.flags, 450 .opt.value = &cfg.flags,
451 .value = PKCS7_NOCERTS, 451 .value = PKCS7_NOCERTS,
452 }, 452 },
453 { 453 {
454 .name = "nochain", 454 .name = "nochain",
455 .desc = "Do not chain verification of signer's certificates", 455 .desc = "Do not chain verification of signer's certificates",
456 .type = OPTION_VALUE_OR, 456 .type = OPTION_VALUE_OR,
457 .opt.value = &smime_config.flags, 457 .opt.value = &cfg.flags,
458 .value = PKCS7_NOCHAIN, 458 .value = PKCS7_NOCHAIN,
459 }, 459 },
460 { 460 {
461 .name = "nodetach", 461 .name = "nodetach",
462 .desc = "Use opaque signing", 462 .desc = "Use opaque signing",
463 .type = OPTION_VALUE_AND, 463 .type = OPTION_VALUE_AND,
464 .opt.value = &smime_config.flags, 464 .opt.value = &cfg.flags,
465 .value = ~PKCS7_DETACHED, 465 .value = ~PKCS7_DETACHED,
466 }, 466 },
467 { 467 {
468 .name = "noindef", 468 .name = "noindef",
469 .desc = "Disable streaming I/O", 469 .desc = "Disable streaming I/O",
470 .type = OPTION_VALUE, 470 .type = OPTION_VALUE,
471 .opt.value = &smime_config.indef, 471 .opt.value = &cfg.indef,
472 .value = 0, 472 .value = 0,
473 }, 473 },
474 { 474 {
475 .name = "nointern", 475 .name = "nointern",
476 .desc = "Do not search certificates in message for signer", 476 .desc = "Do not search certificates in message for signer",
477 .type = OPTION_VALUE_OR, 477 .type = OPTION_VALUE_OR,
478 .opt.value = &smime_config.flags, 478 .opt.value = &cfg.flags,
479 .value = PKCS7_NOINTERN, 479 .value = PKCS7_NOINTERN,
480 }, 480 },
481 { 481 {
482 .name = "nooldmime", 482 .name = "nooldmime",
483 .desc = "Output old S/MIME content type", 483 .desc = "Output old S/MIME content type",
484 .type = OPTION_VALUE_OR, 484 .type = OPTION_VALUE_OR,
485 .opt.value = &smime_config.flags, 485 .opt.value = &cfg.flags,
486 .value = PKCS7_NOOLDMIMETYPE, 486 .value = PKCS7_NOOLDMIMETYPE,
487 }, 487 },
488 { 488 {
489 .name = "nosigs", 489 .name = "nosigs",
490 .desc = "Do not verify message signature", 490 .desc = "Do not verify message signature",
491 .type = OPTION_VALUE_OR, 491 .type = OPTION_VALUE_OR,
492 .opt.value = &smime_config.flags, 492 .opt.value = &cfg.flags,
493 .value = PKCS7_NOSIGS, 493 .value = PKCS7_NOSIGS,
494 }, 494 },
495 { 495 {
496 .name = "nosmimecap", 496 .name = "nosmimecap",
497 .desc = "Omit the SMIMECapabilities attribute", 497 .desc = "Omit the SMIMECapabilities attribute",
498 .type = OPTION_VALUE_OR, 498 .type = OPTION_VALUE_OR,
499 .opt.value = &smime_config.flags, 499 .opt.value = &cfg.flags,
500 .value = PKCS7_NOSMIMECAP, 500 .value = PKCS7_NOSMIMECAP,
501 }, 501 },
502 { 502 {
503 .name = "noverify", 503 .name = "noverify",
504 .desc = "Do not verify signer's certificate", 504 .desc = "Do not verify signer's certificate",
505 .type = OPTION_VALUE_OR, 505 .type = OPTION_VALUE_OR,
506 .opt.value = &smime_config.flags, 506 .opt.value = &cfg.flags,
507 .value = PKCS7_NOVERIFY, 507 .value = PKCS7_NOVERIFY,
508 }, 508 },
509 { 509 {
@@ -511,27 +511,27 @@ static const struct option smime_options[] = {
511 .argname = "file", 511 .argname = "file",
512 .desc = "Output file", 512 .desc = "Output file",
513 .type = OPTION_ARG, 513 .type = OPTION_ARG,
514 .opt.arg = &smime_config.outfile, 514 .opt.arg = &cfg.outfile,
515 }, 515 },
516 { 516 {
517 .name = "outform", 517 .name = "outform",
518 .argname = "fmt", 518 .argname = "fmt",
519 .desc = "Output format (DER, PEM or SMIME (default))", 519 .desc = "Output format (DER, PEM or SMIME (default))",
520 .type = OPTION_ARG_FORMAT, 520 .type = OPTION_ARG_FORMAT,
521 .opt.value = &smime_config.outformat, 521 .opt.value = &cfg.outformat,
522 }, 522 },
523 { 523 {
524 .name = "passin", 524 .name = "passin",
525 .argname = "src", 525 .argname = "src",
526 .desc = "Private key password source", 526 .desc = "Private key password source",
527 .type = OPTION_ARG, 527 .type = OPTION_ARG,
528 .opt.arg = &smime_config.passargin, 528 .opt.arg = &cfg.passargin,
529 }, 529 },
530 { 530 {
531 .name = "pk7out", 531 .name = "pk7out",
532 .desc = "Output PKCS#7 structure", 532 .desc = "Output PKCS#7 structure",
533 .type = OPTION_VALUE, 533 .type = OPTION_VALUE,
534 .opt.value = &smime_config.operation, 534 .opt.value = &cfg.operation,
535 .value = SMIME_PK7OUT, 535 .value = SMIME_PK7OUT,
536 }, 536 },
537 { 537 {
@@ -539,20 +539,20 @@ static const struct option smime_options[] = {
539 .argname = "file", 539 .argname = "file",
540 .desc = "Recipient certificate file for decryption", 540 .desc = "Recipient certificate file for decryption",
541 .type = OPTION_ARG, 541 .type = OPTION_ARG,
542 .opt.arg = &smime_config.recipfile, 542 .opt.arg = &cfg.recipfile,
543 }, 543 },
544 { 544 {
545 .name = "resign", 545 .name = "resign",
546 .desc = "Resign a signed message", 546 .desc = "Resign a signed message",
547 .type = OPTION_VALUE, 547 .type = OPTION_VALUE,
548 .opt.value = &smime_config.operation, 548 .opt.value = &cfg.operation,
549 .value = SMIME_RESIGN, 549 .value = SMIME_RESIGN,
550 }, 550 },
551 { 551 {
552 .name = "sign", 552 .name = "sign",
553 .desc = "Sign message", 553 .desc = "Sign message",
554 .type = OPTION_VALUE, 554 .type = OPTION_VALUE,
555 .opt.value = &smime_config.operation, 555 .opt.value = &cfg.operation,
556 .value = SMIME_SIGN, 556 .value = SMIME_SIGN,
557 }, 557 },
558 { 558 {
@@ -566,7 +566,7 @@ static const struct option smime_options[] = {
566 .name = "stream", 566 .name = "stream",
567 .desc = "Enable streaming I/O", 567 .desc = "Enable streaming I/O",
568 .type = OPTION_VALUE, 568 .type = OPTION_VALUE,
569 .opt.value = &smime_config.indef, 569 .opt.value = &cfg.indef,
570 .value = 1, 570 .value = 1,
571 }, 571 },
572 { 572 {
@@ -574,13 +574,13 @@ static const struct option smime_options[] = {
574 .argname = "s", 574 .argname = "s",
575 .desc = "Subject", 575 .desc = "Subject",
576 .type = OPTION_ARG, 576 .type = OPTION_ARG,
577 .opt.arg = &smime_config.subject, 577 .opt.arg = &cfg.subject,
578 }, 578 },
579 { 579 {
580 .name = "text", 580 .name = "text",
581 .desc = "Include or delete text MIME headers", 581 .desc = "Include or delete text MIME headers",
582 .type = OPTION_VALUE_OR, 582 .type = OPTION_VALUE_OR,
583 .opt.value = &smime_config.flags, 583 .opt.value = &cfg.flags,
584 .value = PKCS7_TEXT, 584 .value = PKCS7_TEXT,
585 }, 585 },
586 { 586 {
@@ -588,13 +588,13 @@ static const struct option smime_options[] = {
588 .argname = "addr", 588 .argname = "addr",
589 .desc = "To address", 589 .desc = "To address",
590 .type = OPTION_ARG, 590 .type = OPTION_ARG,
591 .opt.arg = &smime_config.to, 591 .opt.arg = &cfg.to,
592 }, 592 },
593 { 593 {
594 .name = "verify", 594 .name = "verify",
595 .desc = "Verify signed message", 595 .desc = "Verify signed message",
596 .type = OPTION_VALUE, 596 .type = OPTION_VALUE,
597 .opt.value = &smime_config.operation, 597 .opt.value = &cfg.operation,
598 .value = SMIME_VERIFY, 598 .value = SMIME_VERIFY,
599 }, 599 },
600 { 600 {
@@ -727,70 +727,70 @@ smime_main(int argc, char **argv)
727 exit(1); 727 exit(1);
728 } 728 }
729 729
730 memset(&smime_config, 0, sizeof(smime_config)); 730 memset(&cfg, 0, sizeof(cfg));
731 smime_config.flags = PKCS7_DETACHED; 731 cfg.flags = PKCS7_DETACHED;
732 smime_config.informat = FORMAT_SMIME; 732 cfg.informat = FORMAT_SMIME;
733 smime_config.outformat = FORMAT_SMIME; 733 cfg.outformat = FORMAT_SMIME;
734 smime_config.keyform = FORMAT_PEM; 734 cfg.keyform = FORMAT_PEM;
735 if (options_parse(argc, argv, smime_options, NULL, &argsused) != 0) { 735 if (options_parse(argc, argv, smime_options, NULL, &argsused) != 0) {
736 goto argerr; 736 goto argerr;
737 } 737 }
738 args = argv + argsused; 738 args = argv + argsused;
739 ret = 1; 739 ret = 1;
740 740
741 if (!(smime_config.operation & SMIME_SIGNERS) && 741 if (!(cfg.operation & SMIME_SIGNERS) &&
742 (smime_config.skkeys != NULL || smime_config.sksigners != NULL)) { 742 (cfg.skkeys != NULL || cfg.sksigners != NULL)) {
743 BIO_puts(bio_err, "Multiple signers or keys not allowed\n"); 743 BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
744 goto argerr; 744 goto argerr;
745 } 745 }
746 if (smime_config.operation & SMIME_SIGNERS) { 746 if (cfg.operation & SMIME_SIGNERS) {
747 /* Check to see if any final signer needs to be appended */ 747 /* Check to see if any final signer needs to be appended */
748 if (smime_config.keyfile != NULL && 748 if (cfg.keyfile != NULL &&
749 smime_config.signerfile == NULL) { 749 cfg.signerfile == NULL) {
750 BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 750 BIO_puts(bio_err, "Illegal -inkey without -signer\n");
751 goto argerr; 751 goto argerr;
752 } 752 }
753 if (smime_config.signerfile != NULL) { 753 if (cfg.signerfile != NULL) {
754 if (smime_config.sksigners == NULL) { 754 if (cfg.sksigners == NULL) {
755 if ((smime_config.sksigners = 755 if ((cfg.sksigners =
756 sk_OPENSSL_STRING_new_null()) == NULL) 756 sk_OPENSSL_STRING_new_null()) == NULL)
757 goto end; 757 goto end;
758 } 758 }
759 if (!sk_OPENSSL_STRING_push(smime_config.sksigners, 759 if (!sk_OPENSSL_STRING_push(cfg.sksigners,
760 smime_config.signerfile)) 760 cfg.signerfile))
761 goto end; 761 goto end;
762 if (smime_config.skkeys == NULL) { 762 if (cfg.skkeys == NULL) {
763 if ((smime_config.skkeys = 763 if ((cfg.skkeys =
764 sk_OPENSSL_STRING_new_null()) == NULL) 764 sk_OPENSSL_STRING_new_null()) == NULL)
765 goto end; 765 goto end;
766 } 766 }
767 if (smime_config.keyfile == NULL) 767 if (cfg.keyfile == NULL)
768 smime_config.keyfile = smime_config.signerfile; 768 cfg.keyfile = cfg.signerfile;
769 if (!sk_OPENSSL_STRING_push(smime_config.skkeys, 769 if (!sk_OPENSSL_STRING_push(cfg.skkeys,
770 smime_config.keyfile)) 770 cfg.keyfile))
771 goto end; 771 goto end;
772 } 772 }
773 if (smime_config.sksigners == NULL) { 773 if (cfg.sksigners == NULL) {
774 BIO_printf(bio_err, 774 BIO_printf(bio_err,
775 "No signer certificate specified\n"); 775 "No signer certificate specified\n");
776 badarg = 1; 776 badarg = 1;
777 } 777 }
778 smime_config.signerfile = NULL; 778 cfg.signerfile = NULL;
779 smime_config.keyfile = NULL; 779 cfg.keyfile = NULL;
780 } else if (smime_config.operation == SMIME_DECRYPT) { 780 } else if (cfg.operation == SMIME_DECRYPT) {
781 if (smime_config.recipfile == NULL && 781 if (cfg.recipfile == NULL &&
782 smime_config.keyfile == NULL) { 782 cfg.keyfile == NULL) {
783 BIO_printf(bio_err, 783 BIO_printf(bio_err,
784 "No recipient certificate or key specified\n"); 784 "No recipient certificate or key specified\n");
785 badarg = 1; 785 badarg = 1;
786 } 786 }
787 } else if (smime_config.operation == SMIME_ENCRYPT) { 787 } else if (cfg.operation == SMIME_ENCRYPT) {
788 if (*args == NULL) { 788 if (*args == NULL) {
789 BIO_printf(bio_err, 789 BIO_printf(bio_err,
790 "No recipient(s) certificate(s) specified\n"); 790 "No recipient(s) certificate(s) specified\n");
791 badarg = 1; 791 badarg = 1;
792 } 792 }
793 } else if (!smime_config.operation) { 793 } else if (!cfg.operation) {
794 badarg = 1; 794 badarg = 1;
795 } 795 }
796 796
@@ -800,35 +800,35 @@ smime_main(int argc, char **argv)
800 goto end; 800 goto end;
801 } 801 }
802 802
803 if (!app_passwd(bio_err, smime_config.passargin, NULL, &passin, NULL)) { 803 if (!app_passwd(bio_err, cfg.passargin, NULL, &passin, NULL)) {
804 BIO_printf(bio_err, "Error getting password\n"); 804 BIO_printf(bio_err, "Error getting password\n");
805 goto end; 805 goto end;
806 } 806 }
807 ret = 2; 807 ret = 2;
808 808
809 if (!(smime_config.operation & SMIME_SIGNERS)) 809 if (!(cfg.operation & SMIME_SIGNERS))
810 smime_config.flags &= ~PKCS7_DETACHED; 810 cfg.flags &= ~PKCS7_DETACHED;
811 811
812 if (smime_config.operation & SMIME_OP) { 812 if (cfg.operation & SMIME_OP) {
813 if (smime_config.outformat == FORMAT_ASN1) 813 if (cfg.outformat == FORMAT_ASN1)
814 outmode = "wb"; 814 outmode = "wb";
815 } else { 815 } else {
816 if (smime_config.flags & PKCS7_BINARY) 816 if (cfg.flags & PKCS7_BINARY)
817 outmode = "wb"; 817 outmode = "wb";
818 } 818 }
819 819
820 if (smime_config.operation & SMIME_IP) { 820 if (cfg.operation & SMIME_IP) {
821 if (smime_config.informat == FORMAT_ASN1) 821 if (cfg.informat == FORMAT_ASN1)
822 inmode = "rb"; 822 inmode = "rb";
823 } else { 823 } else {
824 if (smime_config.flags & PKCS7_BINARY) 824 if (cfg.flags & PKCS7_BINARY)
825 inmode = "rb"; 825 inmode = "rb";
826 } 826 }
827 827
828 if (smime_config.operation == SMIME_ENCRYPT) { 828 if (cfg.operation == SMIME_ENCRYPT) {
829 if (smime_config.cipher == NULL) { 829 if (cfg.cipher == NULL) {
830#ifndef OPENSSL_NO_RC2 830#ifndef OPENSSL_NO_RC2
831 smime_config.cipher = EVP_rc2_40_cbc(); 831 cfg.cipher = EVP_rc2_40_cbc();
832#else 832#else
833 BIO_printf(bio_err, "No cipher selected\n"); 833 BIO_printf(bio_err, "No cipher selected\n");
834 goto end; 834 goto end;
@@ -847,41 +847,41 @@ smime_main(int argc, char **argv)
847 args++; 847 args++;
848 } 848 }
849 } 849 }
850 if (smime_config.certfile != NULL) { 850 if (cfg.certfile != NULL) {
851 if ((other = load_certs(bio_err, smime_config.certfile, 851 if ((other = load_certs(bio_err, cfg.certfile,
852 FORMAT_PEM, NULL, "certificate file")) == NULL) { 852 FORMAT_PEM, NULL, "certificate file")) == NULL) {
853 ERR_print_errors(bio_err); 853 ERR_print_errors(bio_err);
854 goto end; 854 goto end;
855 } 855 }
856 } 856 }
857 if (smime_config.recipfile != NULL && 857 if (cfg.recipfile != NULL &&
858 (smime_config.operation == SMIME_DECRYPT)) { 858 (cfg.operation == SMIME_DECRYPT)) {
859 if ((recip = load_cert(bio_err, smime_config.recipfile, 859 if ((recip = load_cert(bio_err, cfg.recipfile,
860 FORMAT_PEM, NULL, "recipient certificate file")) == NULL) { 860 FORMAT_PEM, NULL, "recipient certificate file")) == NULL) {
861 ERR_print_errors(bio_err); 861 ERR_print_errors(bio_err);
862 goto end; 862 goto end;
863 } 863 }
864 } 864 }
865 if (smime_config.operation == SMIME_DECRYPT) { 865 if (cfg.operation == SMIME_DECRYPT) {
866 if (smime_config.keyfile == NULL) 866 if (cfg.keyfile == NULL)
867 smime_config.keyfile = smime_config.recipfile; 867 cfg.keyfile = cfg.recipfile;
868 } else if (smime_config.operation == SMIME_SIGN) { 868 } else if (cfg.operation == SMIME_SIGN) {
869 if (smime_config.keyfile == NULL) 869 if (cfg.keyfile == NULL)
870 smime_config.keyfile = smime_config.signerfile; 870 cfg.keyfile = cfg.signerfile;
871 } else { 871 } else {
872 smime_config.keyfile = NULL; 872 cfg.keyfile = NULL;
873 } 873 }
874 874
875 if (smime_config.keyfile != NULL) { 875 if (cfg.keyfile != NULL) {
876 key = load_key(bio_err, smime_config.keyfile, 876 key = load_key(bio_err, cfg.keyfile,
877 smime_config.keyform, 0, passin, "signing key file"); 877 cfg.keyform, 0, passin, "signing key file");
878 if (key == NULL) 878 if (key == NULL)
879 goto end; 879 goto end;
880 } 880 }
881 if (smime_config.infile != NULL) { 881 if (cfg.infile != NULL) {
882 if ((in = BIO_new_file(smime_config.infile, inmode)) == NULL) { 882 if ((in = BIO_new_file(cfg.infile, inmode)) == NULL) {
883 BIO_printf(bio_err, 883 BIO_printf(bio_err,
884 "Can't open input file %s\n", smime_config.infile); 884 "Can't open input file %s\n", cfg.infile);
885 goto end; 885 goto end;
886 } 886 }
887 } else { 887 } else {
@@ -889,12 +889,12 @@ smime_main(int argc, char **argv)
889 goto end; 889 goto end;
890 } 890 }
891 891
892 if (smime_config.operation & SMIME_IP) { 892 if (cfg.operation & SMIME_IP) {
893 if (smime_config.informat == FORMAT_SMIME) 893 if (cfg.informat == FORMAT_SMIME)
894 p7 = SMIME_read_PKCS7(in, &indata); 894 p7 = SMIME_read_PKCS7(in, &indata);
895 else if (smime_config.informat == FORMAT_PEM) 895 else if (cfg.informat == FORMAT_PEM)
896 p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); 896 p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
897 else if (smime_config.informat == FORMAT_ASN1) 897 else if (cfg.informat == FORMAT_ASN1)
898 p7 = d2i_PKCS7_bio(in, NULL); 898 p7 = d2i_PKCS7_bio(in, NULL);
899 else { 899 else {
900 BIO_printf(bio_err, 900 BIO_printf(bio_err,
@@ -906,22 +906,22 @@ smime_main(int argc, char **argv)
906 BIO_printf(bio_err, "Error reading S/MIME message\n"); 906 BIO_printf(bio_err, "Error reading S/MIME message\n");
907 goto end; 907 goto end;
908 } 908 }
909 if (smime_config.contfile != NULL) { 909 if (cfg.contfile != NULL) {
910 BIO_free(indata); 910 BIO_free(indata);
911 if ((indata = BIO_new_file(smime_config.contfile, 911 if ((indata = BIO_new_file(cfg.contfile,
912 "rb")) == NULL) { 912 "rb")) == NULL) {
913 BIO_printf(bio_err, 913 BIO_printf(bio_err,
914 "Can't read content file %s\n", 914 "Can't read content file %s\n",
915 smime_config.contfile); 915 cfg.contfile);
916 goto end; 916 goto end;
917 } 917 }
918 } 918 }
919 } 919 }
920 if (smime_config.outfile != NULL) { 920 if (cfg.outfile != NULL) {
921 if ((out = BIO_new_file(smime_config.outfile, outmode)) == NULL) { 921 if ((out = BIO_new_file(cfg.outfile, outmode)) == NULL) {
922 BIO_printf(bio_err, 922 BIO_printf(bio_err,
923 "Can't open output file %s\n", 923 "Can't open output file %s\n",
924 smime_config.outfile); 924 cfg.outfile);
925 goto end; 925 goto end;
926 } 926 }
927 } else { 927 } else {
@@ -929,60 +929,60 @@ smime_main(int argc, char **argv)
929 goto end; 929 goto end;
930 } 930 }
931 931
932 if (smime_config.operation == SMIME_VERIFY) { 932 if (cfg.operation == SMIME_VERIFY) {
933 if ((store = setup_verify(bio_err, smime_config.CAfile, 933 if ((store = setup_verify(bio_err, cfg.CAfile,
934 smime_config.CApath)) == NULL) 934 cfg.CApath)) == NULL)
935 goto end; 935 goto end;
936 X509_STORE_set_verify_cb(store, smime_cb); 936 X509_STORE_set_verify_cb(store, smime_cb);
937 if (smime_config.vpm != NULL) { 937 if (cfg.vpm != NULL) {
938 if (!X509_STORE_set1_param(store, smime_config.vpm)) 938 if (!X509_STORE_set1_param(store, cfg.vpm))
939 goto end; 939 goto end;
940 } 940 }
941 } 941 }
942 ret = 3; 942 ret = 3;
943 943
944 if (smime_config.operation == SMIME_ENCRYPT) { 944 if (cfg.operation == SMIME_ENCRYPT) {
945 if (smime_config.indef) 945 if (cfg.indef)
946 smime_config.flags |= PKCS7_STREAM; 946 cfg.flags |= PKCS7_STREAM;
947 p7 = PKCS7_encrypt(encerts, in, smime_config.cipher, 947 p7 = PKCS7_encrypt(encerts, in, cfg.cipher,
948 smime_config.flags); 948 cfg.flags);
949 } else if (smime_config.operation & SMIME_SIGNERS) { 949 } else if (cfg.operation & SMIME_SIGNERS) {
950 int i; 950 int i;
951 /* 951 /*
952 * If detached data content we only enable streaming if 952 * If detached data content we only enable streaming if
953 * S/MIME output format. 953 * S/MIME output format.
954 */ 954 */
955 if (smime_config.operation == SMIME_SIGN) { 955 if (cfg.operation == SMIME_SIGN) {
956 if (smime_config.flags & PKCS7_DETACHED) { 956 if (cfg.flags & PKCS7_DETACHED) {
957 if (smime_config.outformat == FORMAT_SMIME) 957 if (cfg.outformat == FORMAT_SMIME)
958 smime_config.flags |= PKCS7_STREAM; 958 cfg.flags |= PKCS7_STREAM;
959 } else if (smime_config.indef) { 959 } else if (cfg.indef) {
960 smime_config.flags |= PKCS7_STREAM; 960 cfg.flags |= PKCS7_STREAM;
961 } 961 }
962 smime_config.flags |= PKCS7_PARTIAL; 962 cfg.flags |= PKCS7_PARTIAL;
963 p7 = PKCS7_sign(NULL, NULL, other, in, 963 p7 = PKCS7_sign(NULL, NULL, other, in,
964 smime_config.flags); 964 cfg.flags);
965 if (p7 == NULL) 965 if (p7 == NULL)
966 goto end; 966 goto end;
967 } else { 967 } else {
968 smime_config.flags |= PKCS7_REUSE_DIGEST; 968 cfg.flags |= PKCS7_REUSE_DIGEST;
969 } 969 }
970 for (i = 0; i < sk_OPENSSL_STRING_num(smime_config.sksigners); i++) { 970 for (i = 0; i < sk_OPENSSL_STRING_num(cfg.sksigners); i++) {
971 smime_config.signerfile = 971 cfg.signerfile =
972 sk_OPENSSL_STRING_value(smime_config.sksigners, i); 972 sk_OPENSSL_STRING_value(cfg.sksigners, i);
973 smime_config.keyfile = 973 cfg.keyfile =
974 sk_OPENSSL_STRING_value(smime_config.skkeys, i); 974 sk_OPENSSL_STRING_value(cfg.skkeys, i);
975 signer = load_cert(bio_err, smime_config.signerfile, 975 signer = load_cert(bio_err, cfg.signerfile,
976 FORMAT_PEM, NULL, "signer certificate"); 976 FORMAT_PEM, NULL, "signer certificate");
977 if (signer == NULL) 977 if (signer == NULL)
978 goto end; 978 goto end;
979 key = load_key(bio_err, smime_config.keyfile, 979 key = load_key(bio_err, cfg.keyfile,
980 smime_config.keyform, 0, passin, 980 cfg.keyform, 0, passin,
981 "signing key file"); 981 "signing key file");
982 if (key == NULL) 982 if (key == NULL)
983 goto end; 983 goto end;
984 if (PKCS7_sign_add_signer(p7, signer, key, 984 if (PKCS7_sign_add_signer(p7, signer, key,
985 smime_config.sign_md, smime_config.flags) == NULL) 985 cfg.sign_md, cfg.flags) == NULL)
986 goto end; 986 goto end;
987 X509_free(signer); 987 X509_free(signer);
988 signer = NULL; 988 signer = NULL;
@@ -990,9 +990,9 @@ smime_main(int argc, char **argv)
990 key = NULL; 990 key = NULL;
991 } 991 }
992 /* If not streaming or resigning finalize structure */ 992 /* If not streaming or resigning finalize structure */
993 if ((smime_config.operation == SMIME_SIGN) && 993 if ((cfg.operation == SMIME_SIGN) &&
994 !(smime_config.flags & PKCS7_STREAM)) { 994 !(cfg.flags & PKCS7_STREAM)) {
995 if (!PKCS7_final(p7, in, smime_config.flags)) 995 if (!PKCS7_final(p7, in, cfg.flags))
996 goto end; 996 goto end;
997 } 997 }
998 } 998 }
@@ -1002,58 +1002,58 @@ smime_main(int argc, char **argv)
1002 } 1002 }
1003 ret = 4; 1003 ret = 4;
1004 1004
1005 if (smime_config.operation == SMIME_DECRYPT) { 1005 if (cfg.operation == SMIME_DECRYPT) {
1006 if (!PKCS7_decrypt(p7, key, recip, out, smime_config.flags)) { 1006 if (!PKCS7_decrypt(p7, key, recip, out, cfg.flags)) {
1007 BIO_printf(bio_err, 1007 BIO_printf(bio_err,
1008 "Error decrypting PKCS#7 structure\n"); 1008 "Error decrypting PKCS#7 structure\n");
1009 goto end; 1009 goto end;
1010 } 1010 }
1011 } else if (smime_config.operation == SMIME_VERIFY) { 1011 } else if (cfg.operation == SMIME_VERIFY) {
1012 STACK_OF(X509) *signers; 1012 STACK_OF(X509) *signers;
1013 if (PKCS7_verify(p7, other, store, indata, out, 1013 if (PKCS7_verify(p7, other, store, indata, out,
1014 smime_config.flags)) { 1014 cfg.flags)) {
1015 BIO_printf(bio_err, "Verification successful\n"); 1015 BIO_printf(bio_err, "Verification successful\n");
1016 } else { 1016 } else {
1017 BIO_printf(bio_err, "Verification failure\n"); 1017 BIO_printf(bio_err, "Verification failure\n");
1018 goto end; 1018 goto end;
1019 } 1019 }
1020 if ((signers = PKCS7_get0_signers(p7, other, 1020 if ((signers = PKCS7_get0_signers(p7, other,
1021 smime_config.flags)) == NULL) 1021 cfg.flags)) == NULL)
1022 goto end; 1022 goto end;
1023 if (!save_certs(smime_config.signerfile, signers)) { 1023 if (!save_certs(cfg.signerfile, signers)) {
1024 BIO_printf(bio_err, "Error writing signers to %s\n", 1024 BIO_printf(bio_err, "Error writing signers to %s\n",
1025 smime_config.signerfile); 1025 cfg.signerfile);
1026 sk_X509_free(signers); 1026 sk_X509_free(signers);
1027 ret = 5; 1027 ret = 5;
1028 goto end; 1028 goto end;
1029 } 1029 }
1030 sk_X509_free(signers); 1030 sk_X509_free(signers);
1031 } else if (smime_config.operation == SMIME_PK7OUT) { 1031 } else if (cfg.operation == SMIME_PK7OUT) {
1032 PEM_write_bio_PKCS7(out, p7); 1032 PEM_write_bio_PKCS7(out, p7);
1033 } else { 1033 } else {
1034 if (smime_config.to != NULL) 1034 if (cfg.to != NULL)
1035 BIO_printf(out, "To: %s\n", smime_config.to); 1035 BIO_printf(out, "To: %s\n", cfg.to);
1036 if (smime_config.from != NULL) 1036 if (cfg.from != NULL)
1037 BIO_printf(out, "From: %s\n", smime_config.from); 1037 BIO_printf(out, "From: %s\n", cfg.from);
1038 if (smime_config.subject != NULL) 1038 if (cfg.subject != NULL)
1039 BIO_printf(out, "Subject: %s\n", smime_config.subject); 1039 BIO_printf(out, "Subject: %s\n", cfg.subject);
1040 if (smime_config.outformat == FORMAT_SMIME) { 1040 if (cfg.outformat == FORMAT_SMIME) {
1041 if (smime_config.operation == SMIME_RESIGN) { 1041 if (cfg.operation == SMIME_RESIGN) {
1042 if (!SMIME_write_PKCS7(out, p7, indata, 1042 if (!SMIME_write_PKCS7(out, p7, indata,
1043 smime_config.flags)) 1043 cfg.flags))
1044 goto end; 1044 goto end;
1045 } else { 1045 } else {
1046 if (!SMIME_write_PKCS7(out, p7, in, 1046 if (!SMIME_write_PKCS7(out, p7, in,
1047 smime_config.flags)) 1047 cfg.flags))
1048 goto end; 1048 goto end;
1049 } 1049 }
1050 } else if (smime_config.outformat == FORMAT_PEM) { 1050 } else if (cfg.outformat == FORMAT_PEM) {
1051 if (!PEM_write_bio_PKCS7_stream(out, p7, in, 1051 if (!PEM_write_bio_PKCS7_stream(out, p7, in,
1052 smime_config.flags)) 1052 cfg.flags))
1053 goto end; 1053 goto end;
1054 } else if (smime_config.outformat == FORMAT_ASN1) { 1054 } else if (cfg.outformat == FORMAT_ASN1) {
1055 if (!i2d_PKCS7_bio_stream(out, p7, in, 1055 if (!i2d_PKCS7_bio_stream(out, p7, in,
1056 smime_config.flags)) 1056 cfg.flags))
1057 goto end; 1057 goto end;
1058 } else { 1058 } else {
1059 BIO_printf(bio_err, 1059 BIO_printf(bio_err,
@@ -1069,9 +1069,9 @@ smime_main(int argc, char **argv)
1069 ERR_print_errors(bio_err); 1069 ERR_print_errors(bio_err);
1070 sk_X509_pop_free(encerts, X509_free); 1070 sk_X509_pop_free(encerts, X509_free);
1071 sk_X509_pop_free(other, X509_free); 1071 sk_X509_pop_free(other, X509_free);
1072 X509_VERIFY_PARAM_free(smime_config.vpm); 1072 X509_VERIFY_PARAM_free(cfg.vpm);
1073 sk_OPENSSL_STRING_free(smime_config.sksigners); 1073 sk_OPENSSL_STRING_free(cfg.sksigners);
1074 sk_OPENSSL_STRING_free(smime_config.skkeys); 1074 sk_OPENSSL_STRING_free(cfg.skkeys);
1075 X509_STORE_free(store); 1075 X509_STORE_free(store);
1076 X509_free(cert); 1076 X509_free(cert);
1077 X509_free(recip); 1077 X509_free(recip);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 00:24:34 +0000