OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Dr.
Stephen Henson
Root: /v/openssl/cvs Email: steve openssl.org
Module: openssl Date:
15-Mar-2008 00:30:56
Branch: HEAD Handle:
2008031423305600
Modified files:
openssl/apps cms.c
openssl/crypto/cms cms.h cms_enc.c cms_lib.c
Log:
Initial support for Encrypted Data type generation.
Summary:
Revision Changes Path
1.4 +11 -0 openssl/apps/cms.c
1.5 +4 -0 openssl/crypto/cms/cms.h
1.4 +15 -2 openssl/crypto/cms/cms_enc.c
1.4 +1 -0 openssl/crypto/cms/cms_lib.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/apps/cms.c
============================================================
================
$ cvs diff -u -r1.3 -r1.4 cms.c
--- openssl/apps/cms.c 14 Mar 2008 19:38:44 -0000 1.3
+++ openssl/apps/cms.c 14 Mar 2008 23:30:56 -0000 1.4
-87,6 +87,7
#define SMIME_UNCOMPRESS (11 | SMIME_IP)
#define SMIME_COMPRESS (12 | SMIME_OP)
#define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP)
+#define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP)
int MAIN(int, char **);
-169,6 +170,8
operation = SMIME_UNCOMPRESS;
else if (!strcmp (*args,
"-EncryptedData_decrypt"))
operation = SMIME_ENCRYPTED_DECRYPT;
+ else if (!strcmp (*args,
"-EncryptedData_encrypt"))
+ operation = SMIME_ENCRYPTED_ENCRYPT;
#ifndef OPENSSL_NO_DES
else if (!strcmp (*args, "-des3"))
cipher = EVP_des_ede3_cbc();
-745,6 +748,14
flags |= CMS_STREAM;
cms = CMS_encrypt(encerts, in, cipher, flags);
}
+ else if (operation == SMIME_ENCRYPTED_ENCRYPT)
+ {
+ if (indef)
+ flags |= CMS_STREAM;
+ cms = CMS_EncryptedData_encrypt(in, cipher,
+ secret_key, secret_keylen,
+ flags);
+ }
else if (operation & SMIME_SIGNERS)
{
int i;
.
patch -p0 <<' .'
Index: openssl/crypto/cms/cms.h
============================================================
================
$ cvs diff -u -r1.4 -r1.5 cms.h
--- openssl/crypto/cms/cms.h 14 Mar 2008 19:37:55
-0000 1.4
+++ openssl/crypto/cms/cms.h 14 Mar 2008 23:30:56
-0000 1.5
-142,6 +142,10
const unsigned char *key, size_t keylen,
BIO *dcont, BIO *out, unsigned int flags);
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const
EVP_CIPHER *cipher,
+ const unsigned char *key, size_t keylen,
+ unsigned int flags);
+
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms,
const EVP_CIPHER *ciph,
const unsigned char *key, size_t keylen);
.
patch -p0 <<' .'
Index: openssl/crypto/cms/cms_enc.c
============================================================
================
$ cvs diff -u -r1.3 -r1.4 cms_enc.c
--- openssl/crypto/cms/cms_enc.c 14 Mar 2008 19:37:55
-0000 1.3
+++ openssl/crypto/cms/cms_enc.c 14 Mar 2008 23:30:56
-0000 1.4
-75,6 +75,8
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
+ int ok = 0;
+
int enc;
enc = ec->cipher ? 1 : 0;
-90,7 +92,7
BIO_get_cipher_ctx(b, &ctx);
if (enc)
- calg->algorithm =
OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+ ciph = ec->cipher;
else
{
ciph = EVP_get_cipherbyobj(calg->algorithm);
-110,6 +112,9
goto err;
}
+ if (enc)
+ calg->algorithm =
OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+
/* If necessary set key length */
if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
-164,9 +169,17
goto err;
}
}
- return b;
+ ok = 1;
err:
+ if (ec->key)
+ {
+ OPENSSL_cleanse(ec->key, ec->keylen);
+ OPENSSL_free(ec->key);
+ ec->key = NULL;
+ }
+ if (ok)
+ return b;
BIO_free(b);
return NULL;
}
.
patch -p0 <<' .'
Index: openssl/crypto/cms/cms_lib.c
============================================================
================
$ cvs diff -u -r1.3 -r1.4 cms_lib.c
--- openssl/crypto/cms/cms_lib.c 14 Mar 2008 19:37:56
-0000 1.3
+++ openssl/crypto/cms/cms_lib.c 14 Mar 2008 23:30:56
-0000 1.4
-180,6 +180,7
{
case NID_pkcs7_data:
+ case NID_pkcs7_encrypted:
case NID_id_smime_ct_compressedData:
/* Nothing to do */
return 1;
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|
