diff options
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/openssl/smime.c | 33 |
1 files changed, 8 insertions, 25 deletions
diff --git a/src/usr.bin/openssl/smime.c b/src/usr.bin/openssl/smime.c index e1c54bf225..d981335179 100644 --- a/src/usr.bin/openssl/smime.c +++ b/src/usr.bin/openssl/smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: smime.c,v 1.3 2015/08/22 16:36:05 jsing Exp $ */ | 1 | /* $OpenBSD: smime.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -85,7 +85,6 @@ static int smime_cb(int ok, X509_STORE_CTX * ctx); | |||
| 85 | int | 85 | int |
| 86 | smime_main(int argc, char **argv) | 86 | smime_main(int argc, char **argv) |
| 87 | { | 87 | { |
| 88 | ENGINE *e = NULL; | ||
| 89 | int operation = 0; | 88 | int operation = 0; |
| 90 | int ret = 0; | 89 | int ret = 0; |
| 91 | char **args; | 90 | char **args; |
| @@ -110,9 +109,6 @@ smime_main(int argc, char **argv) | |||
| 110 | const EVP_MD *sign_md = NULL; | 109 | const EVP_MD *sign_md = NULL; |
| 111 | int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; | 110 | int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; |
| 112 | int keyform = FORMAT_PEM; | 111 | int keyform = FORMAT_PEM; |
| 113 | #ifndef OPENSSL_NO_ENGINE | ||
| 114 | char *engine = NULL; | ||
| 115 | #endif | ||
| 116 | 112 | ||
| 117 | X509_VERIFY_PARAM *vpm = NULL; | 113 | X509_VERIFY_PARAM *vpm = NULL; |
| 118 | 114 | ||
| @@ -192,13 +188,6 @@ smime_main(int argc, char **argv) | |||
| 192 | flags |= PKCS7_NOOLDMIMETYPE; | 188 | flags |= PKCS7_NOOLDMIMETYPE; |
| 193 | else if (!strcmp(*args, "-crlfeol")) | 189 | else if (!strcmp(*args, "-crlfeol")) |
| 194 | flags |= PKCS7_CRLFEOL; | 190 | flags |= PKCS7_CRLFEOL; |
| 195 | #ifndef OPENSSL_NO_ENGINE | ||
| 196 | else if (!strcmp(*args, "-engine")) { | ||
| 197 | if (!args[1]) | ||
| 198 | goto argerr; | ||
| 199 | engine = *++args; | ||
| 200 | } | ||
| 201 | #endif | ||
| 202 | else if (!strcmp(*args, "-passin")) { | 191 | else if (!strcmp(*args, "-passin")) { |
| 203 | if (!args[1]) | 192 | if (!args[1]) |
| 204 | goto argerr; | 193 | goto argerr; |
| @@ -384,7 +373,7 @@ argerr: | |||
| 384 | BIO_printf(bio_err, "-in file input file\n"); | 373 | BIO_printf(bio_err, "-in file input file\n"); |
| 385 | BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); | 374 | BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); |
| 386 | BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n"); | 375 | BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n"); |
| 387 | BIO_printf(bio_err, "-keyform arg input private key format (PEM or ENGINE)\n"); | 376 | BIO_printf(bio_err, "-keyform arg input private key format (PEM)\n"); |
| 388 | BIO_printf(bio_err, "-out file output file\n"); | 377 | BIO_printf(bio_err, "-out file output file\n"); |
| 389 | BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); | 378 | BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); |
| 390 | BIO_printf(bio_err, "-content file supply or override content for detached signature\n"); | 379 | BIO_printf(bio_err, "-content file supply or override content for detached signature\n"); |
| @@ -396,16 +385,10 @@ argerr: | |||
| 396 | BIO_printf(bio_err, "-CAfile file trusted certificates file\n"); | 385 | BIO_printf(bio_err, "-CAfile file trusted certificates file\n"); |
| 397 | BIO_printf(bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); | 386 | BIO_printf(bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); |
| 398 | BIO_printf(bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); | 387 | BIO_printf(bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); |
| 399 | #ifndef OPENSSL_NO_ENGINE | ||
| 400 | BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); | ||
| 401 | #endif | ||
| 402 | BIO_printf(bio_err, "-passin arg input file pass phrase source\n"); | 388 | BIO_printf(bio_err, "-passin arg input file pass phrase source\n"); |
| 403 | BIO_printf(bio_err, "cert.pem recipient certificate(s) for encryption\n"); | 389 | BIO_printf(bio_err, "cert.pem recipient certificate(s) for encryption\n"); |
| 404 | goto end; | 390 | goto end; |
| 405 | } | 391 | } |
| 406 | #ifndef OPENSSL_NO_ENGINE | ||
| 407 | e = setup_engine(bio_err, engine, 0); | ||
| 408 | #endif | ||
| 409 | 392 | ||
| 410 | if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { | 393 | if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { |
| 411 | BIO_printf(bio_err, "Error getting password\n"); | 394 | BIO_printf(bio_err, "Error getting password\n"); |
| @@ -444,7 +427,7 @@ argerr: | |||
| 444 | encerts = sk_X509_new_null(); | 427 | encerts = sk_X509_new_null(); |
| 445 | while (*args) { | 428 | while (*args) { |
| 446 | if (!(cert = load_cert(bio_err, *args, FORMAT_PEM, | 429 | if (!(cert = load_cert(bio_err, *args, FORMAT_PEM, |
| 447 | NULL, e, "recipient certificate file"))) { | 430 | NULL, "recipient certificate file"))) { |
| 448 | goto end; | 431 | goto end; |
| 449 | } | 432 | } |
| 450 | sk_X509_push(encerts, cert); | 433 | sk_X509_push(encerts, cert); |
| @@ -454,14 +437,14 @@ argerr: | |||
| 454 | } | 437 | } |
| 455 | if (certfile) { | 438 | if (certfile) { |
| 456 | if (!(other = load_certs(bio_err, certfile, FORMAT_PEM, NULL, | 439 | if (!(other = load_certs(bio_err, certfile, FORMAT_PEM, NULL, |
| 457 | e, "certificate file"))) { | 440 | "certificate file"))) { |
| 458 | ERR_print_errors(bio_err); | 441 | ERR_print_errors(bio_err); |
| 459 | goto end; | 442 | goto end; |
| 460 | } | 443 | } |
| 461 | } | 444 | } |
| 462 | if (recipfile && (operation == SMIME_DECRYPT)) { | 445 | if (recipfile && (operation == SMIME_DECRYPT)) { |
| 463 | if (!(recip = load_cert(bio_err, recipfile, FORMAT_PEM, NULL, | 446 | if (!(recip = load_cert(bio_err, recipfile, FORMAT_PEM, NULL, |
| 464 | e, "recipient certificate file"))) { | 447 | "recipient certificate file"))) { |
| 465 | ERR_print_errors(bio_err); | 448 | ERR_print_errors(bio_err); |
| 466 | goto end; | 449 | goto end; |
| 467 | } | 450 | } |
| @@ -476,7 +459,7 @@ argerr: | |||
| 476 | keyfile = NULL; | 459 | keyfile = NULL; |
| 477 | 460 | ||
| 478 | if (keyfile) { | 461 | if (keyfile) { |
| 479 | key = load_key(bio_err, keyfile, keyform, 0, passin, e, | 462 | key = load_key(bio_err, keyfile, keyform, 0, passin, |
| 480 | "signing key file"); | 463 | "signing key file"); |
| 481 | if (!key) | 464 | if (!key) |
| 482 | goto end; | 465 | goto end; |
| @@ -559,10 +542,10 @@ argerr: | |||
| 559 | signerfile = sk_OPENSSL_STRING_value(sksigners, i); | 542 | signerfile = sk_OPENSSL_STRING_value(sksigners, i); |
| 560 | keyfile = sk_OPENSSL_STRING_value(skkeys, i); | 543 | keyfile = sk_OPENSSL_STRING_value(skkeys, i); |
| 561 | signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL, | 544 | signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL, |
| 562 | e, "signer certificate"); | 545 | "signer certificate"); |
| 563 | if (!signer) | 546 | if (!signer) |
| 564 | goto end; | 547 | goto end; |
| 565 | key = load_key(bio_err, keyfile, keyform, 0, passin, e, | 548 | key = load_key(bio_err, keyfile, keyform, 0, passin, |
| 566 | "signing key file"); | 549 | "signing key file"); |
| 567 | if (!key) | 550 | if (!key) |
| 568 | goto end; | 551 | goto end; |