diff options
| author | Petr Gotthard <petr.gotthard@centrum.cz> | 2020-12-26 21:32:14 +0100 |
|---|---|---|
| committer | Pauli <ppzgs1@gmail.com> | 2021-02-05 01:24:04 +0100 |
| commit | 7dc67708c8ae6ec06c7fec34781225ed60b5e68d (patch) | |
| tree | c48ecd0e6c3a24a5837a09a7e7497c458052d4c6 /apps/cms.c | |
| parent | x509_vfy.c: Improve coding style and comments all over the file (diff) | |
| download | openssl-7dc67708c8ae6ec06c7fec34781225ed60b5e68d.tar.xz openssl-7dc67708c8ae6ec06c7fec34781225ed60b5e68d.zip | |
apps/openssl: add -propquery command line option
Fixes #13656. Right now all openssl commands use a NULL propq. This
patch adds a possibility to specify a custom propq.
The implementation follows the example of set_nameopt/get_nameopt.
Various tools had to be modified to call app_get0_propq after it has
been populated. Otherwise the -propquery has no effect.
The tests then verify the -propquery affects the tool behaviour by
requesting a non-existing property.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13707)
Diffstat (limited to 'apps/cms.c')
| -rw-r--r-- | apps/cms.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/apps/cms.c b/apps/cms.c index e8254cb85c..36fb88e15c 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -28,7 +28,7 @@ static int cms_cb(int ok, X509_STORE_CTX *ctx); static void receipt_request_print(CMS_ContentInfo *cms); static CMS_ReceiptRequest *make_receipt_request( STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst, - STACK_OF(OPENSSL_STRING) *rr_from, OSSL_LIB_CTX *libctx, const char *propq); + STACK_OF(OPENSSL_STRING) *rr_from, OSSL_LIB_CTX *libctx); static int cms_set_pkey_param(EVP_PKEY_CTX *pctx, STACK_OF(OPENSSL_STRING) *param); @@ -303,7 +303,6 @@ int cms_main(int argc, char **argv) const char *mime_eol = "\n"; OPTION_CHOICE o; OSSL_LIB_CTX *libctx = app_get0_libctx(); - const char *propq = app_get0_propq(); if ((vpm = X509_VERIFY_PARAM_new()) == NULL) return 1; @@ -457,7 +456,7 @@ int cms_main(int argc, char **argv) goto opthelp; } else { rcms = load_content_info(rctformat, rctin, NULL, "recipient", - libctx, propq); + libctx, app_get0_propq()); } break; case OPT_CERTFILE: @@ -870,7 +869,7 @@ int cms_main(int argc, char **argv) goto end; if (operation & SMIME_IP) { - cms = load_content_info(informat, in, &indata, "SMIME", libctx, propq); + cms = load_content_info(informat, in, &indata, "SMIME", libctx, app_get0_propq()); if (cms == NULL) goto end; if (contfile != NULL) { @@ -901,7 +900,7 @@ int cms_main(int argc, char **argv) } rcms = load_content_info(rctformat, rctin, NULL, "recipient", libctx, - propq); + app_get0_propq()); if (rcms == NULL) goto end; } @@ -922,15 +921,15 @@ int cms_main(int argc, char **argv) ret = 3; if (operation == SMIME_DATA_CREATE) { - cms = CMS_data_create_ex(in, flags, libctx, propq); + cms = CMS_data_create_ex(in, flags, libctx, app_get0_propq()); } else if (operation == SMIME_DIGEST_CREATE) { - cms = CMS_digest_create_ex(in, sign_md, flags, libctx, propq); + cms = CMS_digest_create_ex(in, sign_md, flags, libctx, app_get0_propq()); } else if (operation == SMIME_COMPRESS) { cms = CMS_compress(in, -1, flags); } else if (operation == SMIME_ENCRYPT) { int i; flags |= CMS_PARTIAL; - cms = CMS_encrypt_ex(NULL, in, cipher, flags, libctx, propq); + cms = CMS_encrypt_ex(NULL, in, cipher, flags, libctx, app_get0_propq()); if (cms == NULL) goto end; for (i = 0; i < sk_X509_num(encerts); i++) { @@ -996,7 +995,7 @@ int cms_main(int argc, char **argv) } } else if (operation == SMIME_ENCRYPTED_ENCRYPT) { cms = CMS_EncryptedData_encrypt_ex(in, cipher, secret_key, - secret_keylen, flags, libctx, propq); + secret_keylen, flags, libctx, app_get0_propq()); } else if (operation == SMIME_SIGN_RECEIPT) { CMS_ContentInfo *srcms = NULL; @@ -1024,15 +1023,14 @@ int cms_main(int argc, char **argv) flags |= CMS_STREAM; } flags |= CMS_PARTIAL; - cms = CMS_sign_ex(NULL, NULL, other, in, flags, libctx, propq); + cms = CMS_sign_ex(NULL, NULL, other, in, flags, libctx, app_get0_propq()); if (cms == NULL) goto end; if (econtent_type != NULL) CMS_set1_eContentType(cms, econtent_type); if (rr_to != NULL) { - rr = make_receipt_request(rr_to, rr_allorfirst, rr_from, libctx, - propq); + rr = make_receipt_request(rr_to, rr_allorfirst, rr_from, libctx); if (rr == NULL) { BIO_puts(bio_err, "Signed Receipt Request Creation Error\n"); @@ -1389,7 +1387,7 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns) static CMS_ReceiptRequest *make_receipt_request( STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING) *rr_from, - OSSL_LIB_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx) { STACK_OF(GENERAL_NAMES) *rct_to = NULL, *rct_from = NULL; CMS_ReceiptRequest *rr; @@ -1404,7 +1402,7 @@ static CMS_ReceiptRequest *make_receipt_request( rct_from = NULL; } rr = CMS_ReceiptRequest_create0_ex(NULL, -1, rr_allorfirst, rct_from, - rct_to, libctx, propq); + rct_to, libctx, app_get0_propq()); return rr; err: sk_GENERAL_NAMES_pop_free(rct_to, GENERAL_NAMES_free); |