1c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* smime.c */ 2c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * project. 4c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 5c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* ==================================================================== 6c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 7c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 8c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Redistribution and use in source and binary forms, with or without 9c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * modification, are permitted provided that the following conditions 10c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * are met: 11c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 12c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 1. Redistributions of source code must retain the above copyright 13c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer. 14c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 15c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 2. Redistributions in binary form must reproduce the above copyright 16c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer in 17c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the documentation and/or other materials provided with the 18c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * distribution. 19c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 20c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 3. All advertising materials mentioning features or use of this 21c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * software must display the following acknowledgment: 22c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software developed by the OpenSSL Project 23c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 25c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * endorse or promote products derived from this software without 27c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * prior written permission. For written permission, please contact 28c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * licensing@OpenSSL.org. 29c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 30c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 5. Products derived from this software may not be called "OpenSSL" 31c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * nor may "OpenSSL" appear in their names without prior written 32c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * permission of the OpenSSL Project. 33c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 34c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 6. Redistributions of any form whatsoever must retain the following 35c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * acknowledgment: 36c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software developed by the OpenSSL Project 37c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 39c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OF THE POSSIBILITY OF SUCH DAMAGE. 51c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ==================================================================== 52c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 53c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This product includes cryptographic software written by Eric Young 54c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * (eay@cryptsoft.com). This product includes software written by Tim 55c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Hudson (tjh@cryptsoft.com). 56c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 57c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 58c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 59c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* S/MIME utility function */ 60c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 61c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <stdio.h> 62c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <string.h> 63c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include "apps.h" 64c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/crypto.h> 65c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/pem.h> 66c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/err.h> 67c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/x509_vfy.h> 68c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/x509v3.h> 69c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 70c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#undef PROG 71c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define PROG smime_main 72c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int save_certs(char *signerfile, STACK_OF(X509) *signers); 73c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int smime_cb(int ok, X509_STORE_CTX *ctx); 74c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 75c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define SMIME_OP 0x10 76480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#define SMIME_IP 0x20 77480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#define SMIME_SIGNERS 0x40 78c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define SMIME_ENCRYPT (1 | SMIME_OP) 79480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#define SMIME_DECRYPT (2 | SMIME_IP) 80480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#define SMIME_SIGN (3 | SMIME_OP | SMIME_SIGNERS) 81480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#define SMIME_VERIFY (4 | SMIME_IP) 82480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#define SMIME_PK7OUT (5 | SMIME_IP | SMIME_OP) 83480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#define SMIME_RESIGN (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS) 84c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 85c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgint MAIN(int, char **); 86c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 87c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgint MAIN(int argc, char **argv) 88c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 89c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ENGINE *e = NULL; 90c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int operation = 0; 91c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int ret = 0; 92c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char **args; 93c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const char *inmode = "r", *outmode = "w"; 94c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *infile = NULL, *outfile = NULL; 95c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *signerfile = NULL, *recipfile = NULL; 96480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL; 97c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *certfile = NULL, *keyfile = NULL, *contfile=NULL; 98c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const EVP_CIPHER *cipher = NULL; 99c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PKCS7 *p7 = NULL; 100c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_STORE *store = NULL; 101c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509 *cert = NULL, *recip = NULL, *signer = NULL; 102c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY *key = NULL; 103c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(X509) *encerts = NULL, *other = NULL; 104c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *in = NULL, *out = NULL, *indata = NULL; 105c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int badarg = 0; 106c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int flags = PKCS7_DETACHED; 107c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *to = NULL, *from = NULL, *subject = NULL; 108c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *CAfile = NULL, *CApath = NULL; 109c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *passargin = NULL, *passin = NULL; 110c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *inrand = NULL; 111c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int need_rand = 0; 112480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int indef = 0; 113480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const EVP_MD *sign_md = NULL; 114c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; 115c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int keyform = FORMAT_PEM; 116c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 117c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *engine=NULL; 118c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 119c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 120c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_VERIFY_PARAM *vpm = NULL; 121c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 122c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org args = argv + 1; 123c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret = 1; 124c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 125c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org apps_startup(); 126c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 127c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (bio_err == NULL) 128c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 129c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((bio_err = BIO_new(BIO_s_file())) != NULL) 130c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT); 131c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 132c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 133c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!load_config(bio_err, NULL)) 134c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 135c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 136c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (!badarg && *args && *args[0] == '-') 137c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 138c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!strcmp (*args, "-encrypt")) 139c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org operation = SMIME_ENCRYPT; 140c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-decrypt")) 141c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org operation = SMIME_DECRYPT; 142c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-sign")) 143c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org operation = SMIME_SIGN; 144480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (!strcmp (*args, "-resign")) 145480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org operation = SMIME_RESIGN; 146c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-verify")) 147c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org operation = SMIME_VERIFY; 148c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-pk7out")) 149c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org operation = SMIME_PK7OUT; 150c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_DES 151c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-des3")) 152c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_des_ede3_cbc(); 153c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-des")) 154c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_des_cbc(); 155c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 156c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_SEED 157c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-seed")) 158c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_seed_cbc(); 159c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 160c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_RC2 161c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-rc2-40")) 162c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_rc2_40_cbc(); 163c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-rc2-128")) 164c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_rc2_cbc(); 165c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-rc2-64")) 166c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_rc2_64_cbc(); 167c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 168c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_AES 169c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-aes128")) 170c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_aes_128_cbc(); 171c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-aes192")) 172c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_aes_192_cbc(); 173c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-aes256")) 174c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_aes_256_cbc(); 175c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 176c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_CAMELLIA 177c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-camellia128")) 178c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_camellia_128_cbc(); 179c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-camellia192")) 180c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_camellia_192_cbc(); 181c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-camellia256")) 182c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_camellia_256_cbc(); 183c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 184c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-text")) 185c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_TEXT; 186c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-nointern")) 187c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOINTERN; 188c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-noverify")) 189c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOVERIFY; 190c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-nochain")) 191c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOCHAIN; 192c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-nocerts")) 193c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOCERTS; 194c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-noattr")) 195c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOATTR; 196c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-nodetach")) 197c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags &= ~PKCS7_DETACHED; 198c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-nosmimecap")) 199c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOSMIMECAP; 200c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-binary")) 201c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_BINARY; 202c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-nosigs")) 203c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOSIGS; 204480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (!strcmp (*args, "-stream")) 205480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org indef = 1; 206480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (!strcmp (*args, "-indef")) 207480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org indef = 1; 208480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (!strcmp (*args, "-noindef")) 209480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org indef = 0; 210c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-nooldmime")) 211c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_NOOLDMIMETYPE; 212c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-crlfeol")) 213c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_CRLFEOL; 214c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-rand")) 215c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 216480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 217480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 218480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org args++; 219480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org inrand = *args; 220c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org need_rand = 1; 221c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 222c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 223c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-engine")) 224c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 225480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 226480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 227480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org engine = *++args; 228c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 229c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 230c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(*args,"-passin")) 231c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 232480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 233480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 234480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org passargin = *++args; 235c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 236c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-to")) 237c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 238480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 239480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 240480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org to = *++args; 241c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 242c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-from")) 243c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 244480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 245480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 246480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org from = *++args; 247c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 248c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-subject")) 249c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 250480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 251480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 252480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org subject = *++args; 253c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 254c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-signer")) 255c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 256480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 257480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 258480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* If previous -signer argument add signer to list */ 259480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 260480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (signerfile) 261c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 262480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!sksigners) 263480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sksigners = sk_OPENSSL_STRING_new_null(); 264480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_push(sksigners, signerfile); 265480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!keyfile) 266480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyfile = signerfile; 267480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!skkeys) 268480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org skkeys = sk_OPENSSL_STRING_new_null(); 269480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_push(skkeys, keyfile); 270480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyfile = NULL; 271c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 272480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org signerfile = *++args; 273c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 274c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-recip")) 275c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 276480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 277480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 278480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org recipfile = *++args; 279480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 280480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (!strcmp (*args, "-md")) 281480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 282480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 283480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 284480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sign_md = EVP_get_digestbyname(*++args); 285480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (sign_md == NULL) 286c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 287480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, "Unknown digest %s\n", 288480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *args); 289480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 290c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 291c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 292c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-inkey")) 293c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 294480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 295480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 296480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* If previous -inkey arument add signer to list */ 297480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (keyfile) 298c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 299480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!signerfile) 300480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 301480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 302480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 303480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 304480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!sksigners) 305480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sksigners = sk_OPENSSL_STRING_new_null(); 306480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_push(sksigners, signerfile); 307480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org signerfile = NULL; 308480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!skkeys) 309480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org skkeys = sk_OPENSSL_STRING_new_null(); 310480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_push(skkeys, keyfile); 311c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 312480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyfile = *++args; 313480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 314c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-keyform")) 315c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 316480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 317480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 318480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyform = str2fmt(*++args); 319c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 320c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-certfile")) 321c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 322480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 323480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 324480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org certfile = *++args; 325c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 326c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-CAfile")) 327c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 328480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 329480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 330480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org CAfile = *++args; 331c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 332c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-CApath")) 333c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 334480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 335480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 336480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org CApath = *++args; 337c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 338c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-in")) 339c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 340480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 341480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 342480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org infile = *++args; 343c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 344c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-inform")) 345c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 346480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 347480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 348480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org informat = str2fmt(*++args); 349c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 350c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-outform")) 351c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 352480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 353480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 354480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org outformat = str2fmt(*++args); 355c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 356c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-out")) 357c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 358480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 359480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 360480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org outfile = *++args; 361c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 362c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp (*args, "-content")) 363c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 364480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!args[1]) 365480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 366480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org contfile = *++args; 367c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 368c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (args_verify(&args, NULL, &badarg, bio_err, &vpm)) 369c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org continue; 370480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL) 371c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org badarg = 1; 372c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org args++; 373c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 374c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 375480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) 376480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 377480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(bio_err, "Multiple signers or keys not allowed\n"); 378480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 379480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 380c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 381480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (operation & SMIME_SIGNERS) 382c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 383480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* Check to see if any final signer needs to be appended */ 384480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (keyfile && !signerfile) 385480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 386480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 387480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto argerr; 388480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 389480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (signerfile) 390480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 391480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!sksigners) 392480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sksigners = sk_OPENSSL_STRING_new_null(); 393480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_push(sksigners, signerfile); 394480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!skkeys) 395480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org skkeys = sk_OPENSSL_STRING_new_null(); 396480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!keyfile) 397480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyfile = signerfile; 398480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_push(skkeys, keyfile); 399480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 400480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!sksigners) 401c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 402c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "No signer certificate specified\n"); 403c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org badarg = 1; 404c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 405480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org signerfile = NULL; 406480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyfile = NULL; 407c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org need_rand = 1; 408c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 409c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (operation == SMIME_DECRYPT) 410c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 411c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!recipfile && !keyfile) 412c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 413c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "No recipient certificate or key specified\n"); 414c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org badarg = 1; 415c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 416c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 417c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (operation == SMIME_ENCRYPT) 418c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 419c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!*args) 420c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 421c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n"); 422c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org badarg = 1; 423c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 424c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org need_rand = 1; 425c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 426c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!operation) 427c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org badarg = 1; 428c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 429c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (badarg) 430c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 431480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org argerr: 432c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n"); 433c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "where options are\n"); 434c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-encrypt encrypt message\n"); 435c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-decrypt decrypt encrypted message\n"); 436c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-sign sign message\n"); 437c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-verify verify signed message\n"); 438c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-pk7out output PKCS#7 structure\n"); 439c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_DES 440c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-des3 encrypt with triple DES\n"); 441c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-des encrypt with DES\n"); 442c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 443c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_SEED 444c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-seed encrypt with SEED\n"); 445c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 446c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_RC2 447c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n"); 448c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n"); 449c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n"); 450c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 451c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_AES 452c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-aes128, -aes192, -aes256\n"); 453c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, " encrypt PEM output with cbc aes\n"); 454c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 455c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_CAMELLIA 456c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n"); 457c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n"); 458c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 459c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n"); 460c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-nosigs don't verify message signature\n"); 461c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-noverify don't verify signers certificate\n"); 462c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-nocerts don't include signers certificate when signing\n"); 463c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-nodetach use opaque signing\n"); 464c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-noattr don't include any signed attributes\n"); 465c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-binary don't translate message to text\n"); 466c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-certfile file other certificates file\n"); 467c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-signer file signer certificate file\n"); 468c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n"); 469c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-in file input file\n"); 470c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); 471c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n"); 472c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-keyform arg input private key format (PEM or ENGINE)\n"); 473c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-out file output file\n"); 474c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); 475c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-content file supply or override content for detached signature\n"); 476c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-to addr to address\n"); 477c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-from ad from address\n"); 478c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-subject s subject\n"); 479c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-text include or delete text MIME headers\n"); 480c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-CApath dir trusted certificates directory\n"); 481c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); 482c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); 483c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); 484c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 485c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); 486c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 487c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "-passin arg input file pass phrase source\n"); 488c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 489c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); 490c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, " the random number generator\n"); 491c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); 492c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 493c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 494c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 495c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 496c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org e = setup_engine(bio_err, engine, 0); 497c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 498c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 499c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) 500c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 501c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error getting password\n"); 502c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 503c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 504c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 505c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (need_rand) 506c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 507c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org app_RAND_load_file(NULL, bio_err, (inrand != NULL)); 508c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (inrand != NULL) 509c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 510c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org app_RAND_load_files(inrand)); 511c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 512c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 513c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret = 2; 514c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 515480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!(operation & SMIME_SIGNERS)) 516c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags &= ~PKCS7_DETACHED; 517c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 518c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (operation & SMIME_OP) 519c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 520c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (outformat == FORMAT_ASN1) 521c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org outmode = "wb"; 522c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 523c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 524c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 525c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (flags & PKCS7_BINARY) 526c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org outmode = "wb"; 527480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 528480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 529480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (operation & SMIME_IP) 530480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 531c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (informat == FORMAT_ASN1) 532c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org inmode = "rb"; 533c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 534480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else 535480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 536480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (flags & PKCS7_BINARY) 537480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org inmode = "rb"; 538480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 539c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 540c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (operation == SMIME_ENCRYPT) 541c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 542c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!cipher) 543c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 544c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_RC2 545c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher = EVP_rc2_40_cbc(); 546c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 547c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "No cipher selected\n"); 548c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 549c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 550c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 551c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org encerts = sk_X509_new_null(); 552c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (*args) 553c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 554c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(cert = load_cert(bio_err,*args,FORMAT_PEM, 555c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL, e, "recipient certificate file"))) 556c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 557c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if 0 /* An appropriate message is already printed */ 558c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args); 559c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 560c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 561c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 562c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk_X509_push(encerts, cert); 563c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cert = NULL; 564c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org args++; 565c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 566c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 567c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 568c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (certfile) 569c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 570c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL, 571c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org e, "certificate file"))) 572c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 573c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 574c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 575c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 576c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 577c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 578c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (recipfile && (operation == SMIME_DECRYPT)) 579c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 580c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL, 581c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org e, "recipient certificate file"))) 582c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 583c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 584c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 585c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 586c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 587c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 588c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (operation == SMIME_DECRYPT) 589c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 590c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!keyfile) 591c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org keyfile = recipfile; 592c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 593c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (operation == SMIME_SIGN) 594c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 595c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!keyfile) 596c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org keyfile = signerfile; 597c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 598c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else keyfile = NULL; 599c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 600c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (keyfile) 601c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 602c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org key = load_key(bio_err, keyfile, keyform, 0, passin, e, 603c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "signing key file"); 604c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!key) 605c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 606c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 607c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 608c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (infile) 609c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 610c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(in = BIO_new_file(infile, inmode))) 611c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 612c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, 613c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Can't open input file %s\n", infile); 614c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 615c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 616c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 617c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 618c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org in = BIO_new_fp(stdin, BIO_NOCLOSE); 619c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 620480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (operation & SMIME_IP) 621480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 622480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (informat == FORMAT_SMIME) 623480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org p7 = SMIME_read_PKCS7(in, &indata); 624480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (informat == FORMAT_PEM) 625480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); 626480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (informat == FORMAT_ASN1) 627480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org p7 = d2i_PKCS7_bio(in, NULL); 628480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else 629480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 630480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, "Bad input format for PKCS#7 file\n"); 631480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 632480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 633480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 634480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!p7) 635480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 636480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, "Error reading S/MIME message\n"); 637480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 638480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 639480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (contfile) 640480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 641480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_free(indata); 642480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!(indata = BIO_new_file(contfile, "rb"))) 643480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 644480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, "Can't read content file %s\n", contfile); 645480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 646480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 647480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 648480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 649480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 650c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (outfile) 651c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 652c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(out = BIO_new_file(outfile, outmode))) 653c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 654c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf (bio_err, 655c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Can't open output file %s\n", outfile); 656c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 657c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 658c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 659c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 660c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 661c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org out = BIO_new_fp(stdout, BIO_NOCLOSE); 662c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef OPENSSL_SYS_VMS 663c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 664c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *tmpbio = BIO_new(BIO_f_linebuffer()); 665c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org out = BIO_push(tmpbio, out); 666c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 667c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 668c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 669c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 670c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (operation == SMIME_VERIFY) 671c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 672c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(store = setup_verify(bio_err, CAfile, CApath))) 673c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 674480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org X509_STORE_set_verify_cb(store, smime_cb); 675c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (vpm) 676c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_STORE_set1_param(store, vpm); 677c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 678c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 679c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 680c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret = 3; 681c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 682c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (operation == SMIME_ENCRYPT) 683c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 684480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (indef) 685c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org flags |= PKCS7_STREAM; 686480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org p7 = PKCS7_encrypt(encerts, in, cipher, flags); 687c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 688480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (operation & SMIME_SIGNERS) 689c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 690480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int i; 691480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* If detached data content we only enable streaming if 692480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * S/MIME output format. 693480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org */ 694480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (operation == SMIME_SIGN) 695c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 696480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (flags & PKCS7_DETACHED) 697480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 698480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (outformat == FORMAT_SMIME) 699480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org flags |= PKCS7_STREAM; 700480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 701480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (indef) 702480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org flags |= PKCS7_STREAM; 703480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org flags |= PKCS7_PARTIAL; 704480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org p7 = PKCS7_sign(NULL, NULL, other, in, flags); 705480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!p7) 706480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 707c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 708480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else 709480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org flags |= PKCS7_REUSE_DIGEST; 710480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) 711480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 712480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org signerfile = sk_OPENSSL_STRING_value(sksigners, i); 713480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyfile = sk_OPENSSL_STRING_value(skkeys, i); 714480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL, 715480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org e, "signer certificate"); 716480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!signer) 717480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 718480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org key = load_key(bio_err, keyfile, keyform, 0, passin, e, 719480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org "signing key file"); 720480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!key) 721480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 722480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!PKCS7_sign_add_signer(p7, signer, key, 723480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sign_md, flags)) 724480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 725480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org X509_free(signer); 726480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org signer = NULL; 727480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_free(key); 728480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org key = NULL; 729c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 730480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* If not streaming or resigning finalize structure */ 731480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM)) 732c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 733480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!PKCS7_final(p7, in, flags)) 734c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 735c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 736c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 737c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 738c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!p7) 739c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 740c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error creating PKCS#7 structure\n"); 741c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 742c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 743c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 744c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret = 4; 745c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (operation == SMIME_DECRYPT) 746c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 747c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!PKCS7_decrypt(p7, key, recip, out, flags)) 748c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 749c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n"); 750c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 751c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 752c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 753c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (operation == SMIME_VERIFY) 754c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 755c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(X509) *signers; 756c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (PKCS7_verify(p7, other, store, indata, out, flags)) 757c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Verification successful\n"); 758c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 759c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 760c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Verification failure\n"); 761c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 762c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 763c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org signers = PKCS7_get0_signers(p7, other, flags); 764c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!save_certs(signerfile, signers)) 765c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 766c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error writing signers to %s\n", 767c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org signerfile); 768c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret = 5; 769c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 770c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 771c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk_X509_free(signers); 772c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 773c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (operation == SMIME_PK7OUT) 774c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PEM_write_bio_PKCS7(out, p7); 775c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 776c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 777c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (to) 778c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(out, "To: %s\n", to); 779c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (from) 780c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(out, "From: %s\n", from); 781c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (subject) 782c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(out, "Subject: %s\n", subject); 783c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (outformat == FORMAT_SMIME) 784480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 785480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (operation == SMIME_RESIGN) 786480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SMIME_write_PKCS7(out, p7, indata, flags); 787480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else 788480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SMIME_write_PKCS7(out, p7, in, flags); 789480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 790c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (outformat == FORMAT_PEM) 791480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org PEM_write_bio_PKCS7_stream(out, p7, in, flags); 792c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (outformat == FORMAT_ASN1) 793480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org i2d_PKCS7_bio_stream(out,p7, in, flags); 794c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 795c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 796c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Bad output format for PKCS#7 file\n"); 797c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 798c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 799c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 800c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret = 0; 801c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgend: 802c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (need_rand) 803c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org app_RAND_write_file(NULL, bio_err); 804c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (ret) ERR_print_errors(bio_err); 805c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk_X509_pop_free(encerts, X509_free); 806c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk_X509_pop_free(other, X509_free); 807c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (vpm) 808c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_VERIFY_PARAM_free(vpm); 809480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (sksigners) 810480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_free(sksigners); 811480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (skkeys) 812480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_free(skkeys); 813c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_STORE_free(store); 814c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_free(cert); 815c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_free(recip); 816c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_free(signer); 817c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(key); 818c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PKCS7_free(p7); 819c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(in); 820c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(indata); 821c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free_all(out); 822c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (passin) OPENSSL_free(passin); 823c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return (ret); 824c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org} 825c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 826c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int save_certs(char *signerfile, STACK_OF(X509) *signers) 827c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 828c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int i; 829c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *tmp; 830c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!signerfile) 831c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 1; 832c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tmp = BIO_new_file(signerfile, "w"); 833c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!tmp) return 0; 834c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for(i = 0; i < sk_X509_num(signers); i++) 835c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PEM_write_bio_X509(tmp, sk_X509_value(signers, i)); 836c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(tmp); 837c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 1; 838c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 839c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 840c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 841c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Minimal callback just to output policy info (if any) */ 842c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 843c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int smime_cb(int ok, X509_STORE_CTX *ctx) 844c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 845c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int error; 846c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 847c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org error = X509_STORE_CTX_get_error(ctx); 848c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 849c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((error != X509_V_ERR_NO_EXPLICIT_POLICY) 850c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org && ((error != X509_V_OK) || (ok != 2))) 851c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return ok; 852c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 853c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org policies_print(NULL, ctx); 854c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 855c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return ok; 856c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 857c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 858