#define SMIME_UNCOMPRESS (11 | SMIME_IP)
#define SMIME_COMPRESS (12 | SMIME_OP)
#define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP)
+#define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP)
int MAIN(int, char **);
operation = SMIME_UNCOMPRESS;
else if (!strcmp (*args, "-EncryptedData_decrypt"))
operation = SMIME_ENCRYPTED_DECRYPT;
+ else if (!strcmp (*args, "-EncryptedData_encrypt"))
+ operation = SMIME_ENCRYPTED_ENCRYPT;
#ifndef OPENSSL_NO_DES
else if (!strcmp (*args, "-des3"))
cipher = EVP_des_ede3_cbc();
flags |= CMS_STREAM;
cms = CMS_encrypt(encerts, in, cipher, flags);
}
+ else if (operation == SMIME_ENCRYPTED_ENCRYPT)
+ {
+ if (indef)
+ flags |= CMS_STREAM;
+ cms = CMS_EncryptedData_encrypt(in, cipher,
+ secret_key, secret_keylen,
+ flags);
+ }
else if (operation & SMIME_SIGNERS)
{
int i;
const unsigned char *key, size_t keylen,
BIO *dcont, BIO *out, unsigned int flags);
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+ const unsigned char *key, size_t keylen,
+ unsigned int flags);
+
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
const unsigned char *key, size_t keylen);
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
+ int ok = 0;
+
int enc;
enc = ec->cipher ? 1 : 0;
BIO_get_cipher_ctx(b, &ctx);
if (enc)
- calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+ ciph = ec->cipher;
else
{
ciph = EVP_get_cipherbyobj(calg->algorithm);
goto err;
}
+ if (enc)
+ calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+
/* If necessary set key length */
if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
goto err;
}
}
- return b;
+ ok = 1;
err:
+ if (ec->key)
+ {
+ OPENSSL_cleanse(ec->key, ec->keylen);
+ OPENSSL_free(ec->key);
+ ec->key = NULL;
+ }
+ if (ok)
+ return b;
BIO_free(b);
return NULL;
}
{
case NID_pkcs7_data:
+ case NID_pkcs7_encrypted:
case NID_id_smime_ct_compressedData:
/* Nothing to do */
return 1;
projects / openssl.git / commitdiff