modes/ctr128.c: make it indent-friendly.

[openssl.git] / apps / cms.c

diff --git a/apps/cms.c b/apps/cms.c
index 2e734bdf2788daac691d60c588718ccf070b81d5..0534fdd071116af214cb6213b077607de7518085 100644 (file)
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -104,7 +104,7 @@ typedef struct cms_key_param_st cms_key_param;
 struct cms_key_param_st
        {
        int idx;
-       STACK_OF(OPENSSL_STRING)*param;
+       STACK_OF(OPENSSL_STRING) *param;
        cms_key_param *next;
        };
 
@@ -122,7 +122,7 @@ int MAIN(int argc, char **argv)
        STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
        char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
        char *certsoutfile = NULL;
-       const EVP_CIPHER *cipher = NULL;
+       const EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL;
        CMS_ContentInfo *cms = NULL, *rcms = NULL;
        X509_STORE *store = NULL;
        X509 *cert = NULL, *recip = NULL, *signer = NULL;
@@ -217,6 +217,8 @@ int MAIN(int argc, char **argv)
                                cipher = EVP_des_ede3_cbc();
                else if (!strcmp (*args, "-des")) 
                                cipher = EVP_des_cbc();
+               else if (!strcmp (*args, "-des3-wrap")) 
+                               wrap_cipher = EVP_des_ede3_wrap();
 #endif
 #ifndef OPENSSL_NO_SEED
                else if (!strcmp (*args, "-seed")) 
@@ -237,6 +239,12 @@ int MAIN(int argc, char **argv)
                                cipher = EVP_aes_192_cbc();
                else if (!strcmp(*args,"-aes256"))
                                cipher = EVP_aes_256_cbc();
+               else if (!strcmp(*args,"-aes128-wrap"))
+                               wrap_cipher = EVP_aes_128_wrap();
+               else if (!strcmp(*args,"-aes192-wrap"))
+                               wrap_cipher = EVP_aes_192_wrap();
+               else if (!strcmp(*args,"-aes256-wrap"))
+                               wrap_cipher = EVP_aes_256_wrap();
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
                else if (!strcmp(*args,"-camellia128"))
@@ -250,6 +258,8 @@ int MAIN(int argc, char **argv)
                                flags |= CMS_DEBUG_DECRYPT;
                else if (!strcmp (*args, "-text")) 
                                flags |= CMS_TEXT;
+               else if (!strcmp (*args, "-asciicrlf")) 
+                               flags |= CMS_ASCIICRLF;
                else if (!strcmp (*args, "-nointern")) 
                                flags |= CMS_NOINTERN;
                else if (!strcmp (*args, "-noverify") 
@@ -706,6 +716,7 @@ int MAIN(int argc, char **argv)
                BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
                BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
                BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
+               BIO_printf (bio_err, "-trusted_first use locally trusted certificates first when building trust chain\n");
                BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
                BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
 #ifndef OPENSSL_NO_ENGINE
@@ -1005,6 +1016,14 @@ int MAIN(int argc, char **argv)
                                if (!cms_set_pkey_param(pctx, kparam->param))
                                        goto end;
                                }
+                       if (CMS_RecipientInfo_type(ri) == CMS_RECIPINFO_AGREE
+                               && wrap_cipher)
+                               {
+                               EVP_CIPHER_CTX *wctx;
+                               wctx = CMS_RecipientInfo_kari_get0_ctx(ri);
+                               EVP_EncryptInit_ex(wctx, wrap_cipher,
+                                                       NULL, NULL, NULL);
+                               }
                        }
 
                if (secret_key)