#define SMIME_DIGEST_CREATE (10 | SMIME_OP)
#define SMIME_UNCOMPRESS (11 | SMIME_IP)
#define SMIME_COMPRESS (12 | SMIME_OP)
+#define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP)
+#define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP)
int MAIN(int, char **);
char *passargin = NULL, *passin = NULL;
char *inrand = NULL;
int need_rand = 0;
- int indef = 0;
const EVP_MD *sign_md = NULL;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int keyform = FORMAT_PEM;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
+ unsigned char *secret_key = NULL;
+ size_t secret_keylen = 0;
X509_VERIFY_PARAM *vpm = NULL;
operation = SMIME_COMPRESS;
else if (!strcmp (*args, "-uncompress"))
operation = SMIME_UNCOMPRESS;
+ else if (!strcmp (*args, "-EncryptedData_decrypt"))
+ operation = SMIME_ENCRYPTED_DECRYPT;
+ else if (!strcmp (*args, "-EncryptedData_encrypt"))
+ operation = SMIME_ENCRYPTED_ENCRYPT;
#ifndef OPENSSL_NO_DES
else if (!strcmp (*args, "-des3"))
cipher = EVP_des_ede3_cbc();
else if (!strcmp (*args, "-no_attr_verify"))
flags |= CMS_NO_ATTR_VERIFY;
else if (!strcmp (*args, "-stream"))
- indef = 1;
+ flags |= CMS_STREAM;
else if (!strcmp (*args, "-indef"))
- indef = 1;
+ flags |= CMS_STREAM;
else if (!strcmp (*args, "-noindef"))
- indef = 0;
+ flags &= ~CMS_STREAM;
else if (!strcmp (*args, "-nooldmime"))
flags |= CMS_NOOLDMIMETYPE;
else if (!strcmp (*args, "-crlfeol"))
flags |= CMS_CRLFEOL;
+ else if (!strcmp(*args,"-secretkey"))
+ {
+ long ltmp;
+ if (!args[1])
+ goto argerr;
+ args++;
+ secret_key = string_to_hex(*args, <mp);
+ if (!secret_key)
+ {
+ BIO_printf(bio_err, "Invalid key %s\n", *args);
+ goto argerr;
+ }
+ secret_keylen = (size_t)ltmp;
+ }
else if (!strcmp(*args,"-rand"))
{
if (!args[1])
{
if (!cipher)
{
-#ifndef OPENSSL_NO_RC2
- cipher = EVP_rc2_40_cbc();
+#ifndef OPENSSL_NO_DES
+ cipher = EVP_des_ede3_cbc();
#else
BIO_printf(bio_err, "No cipher selected\n");
goto end;
if (operation == SMIME_DATA_CREATE)
{
- if (indef)
- flags |= CMS_STREAM;
cms = CMS_data_create(in, flags);
}
else if (operation == SMIME_DIGEST_CREATE)
{
- if (indef)
- flags |= CMS_STREAM;
cms = CMS_digest_create(in, sign_md, flags);
}
else if (operation == SMIME_COMPRESS)
{
- if (indef)
- flags |= CMS_STREAM;
cms = CMS_compress(in, -1, flags);
}
else if (operation == SMIME_ENCRYPT)
{
- if (indef)
- flags |= CMS_STREAM;
cms = CMS_encrypt(encerts, in, cipher, flags);
}
+ else if (operation == SMIME_ENCRYPTED_ENCRYPT)
+ {
+ cms = CMS_EncryptedData_encrypt(in, cipher,
+ secret_key, secret_keylen,
+ flags);
+ }
else if (operation & SMIME_SIGNERS)
{
int i;
{
if (flags & CMS_DETACHED)
{
- if (outformat == FORMAT_SMIME)
- flags |= CMS_STREAM;
+ if (outformat != FORMAT_SMIME)
+ flags &= ~CMS_STREAM;
}
- else if (indef)
- flags |= CMS_STREAM;
flags |= CMS_PARTIAL;
cms = CMS_sign(NULL, NULL, other, in, flags);
if (!cms)
ret = 4;
if (operation == SMIME_DECRYPT)
{
- if (!CMS_decrypt(cms, key, recip, out, flags))
+ if (!CMS_decrypt(cms, key, recip, indata, out, flags))
{
BIO_printf(bio_err, "Error decrypting CMS structure\n");
goto end;
goto end;
}
}
+ else if (operation == SMIME_ENCRYPTED_DECRYPT)
+ {
+ if (!CMS_EncryptedData_decrypt(cms, secret_key, secret_keylen,
+ indata, out, flags))
+ goto end;
+ }
else if (operation == SMIME_VERIFY)
{
if (CMS_verify(cms, other, store, indata, out, flags) > 0)
sk_free(sksigners);
if (skkeys)
sk_free(skkeys);
+ if (secret_key)
+ OPENSSL_free(secret_key);
X509_STORE_free(store);
X509_free(cert);
X509_free(recip);