diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-06 13:51:50 +0200 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-15 20:20:08 +0200 |
commit | 6d382c74b375f1f8c44f04ec3de95ff781598a3b (patch) | |
tree | 4991b57879da3810fbf912c3d169232755380432 /apps/cms.c | |
parent | 60d5331350a5e557908eed0ba7420dba2ad3b79f (diff) |
Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c
This also adds the more flexible and general load_key_cert_crl()
as well as helper functions get_passwd(), cleanse(), and clear_free()
to be used also in apps/cmp.c etc.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11755)
Diffstat (limited to 'apps/cms.c')
-rw-r--r-- | apps/cms.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/apps/cms.c b/apps/cms.c index 0c8af3dab7..6b5577ecee 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -196,7 +196,7 @@ const OPTIONS cms_options[] = { {"passin", OPT_PASSIN, 's', "Input file pass phrase source"}, {"inkey", OPT_INKEY, 's', "Input private key (if not signer or recipient)"}, - {"keyform", OPT_KEYFORM, 'f', "Input private key format (PEM or ENGINE)"}, + {"keyform", OPT_KEYFORM, 'f', "Input private key format (ENGINE, other values ignored)"}, {"keyopt", OPT_KEYOPT, 's', "Set public key parameters as n:v pairs"}, OPT_SECTION("Mail header"), @@ -576,7 +576,7 @@ int cms_main(int argc, char **argv) if (operation == SMIME_ENCRYPT) { if (encerts == NULL && (encerts = sk_X509_new_null()) == NULL) goto end; - cert = load_cert(opt_arg(), FORMAT_PEM, + cert = load_cert(opt_arg(), FORMAT_UNDEF, "recipient certificate file"); if (cert == NULL) goto end; @@ -756,7 +756,7 @@ int cms_main(int argc, char **argv) if ((encerts = sk_X509_new_null()) == NULL) goto end; while (*argv) { - if ((cert = load_cert(*argv, FORMAT_PEM, + if ((cert = load_cert(*argv, FORMAT_UNDEF, "recipient certificate file")) == NULL) goto end; sk_X509_push(encerts, cert); @@ -774,7 +774,7 @@ int cms_main(int argc, char **argv) } if (recipfile != NULL && (operation == SMIME_DECRYPT)) { - if ((recip = load_cert(recipfile, FORMAT_PEM, + if ((recip = load_cert(recipfile, FORMAT_UNDEF, "recipient certificate file")) == NULL) { ERR_print_errors(bio_err); goto end; @@ -782,7 +782,7 @@ int cms_main(int argc, char **argv) } if (originatorfile != NULL) { - if ((originator = load_cert(originatorfile, FORMAT_PEM, + if ((originator = load_cert(originatorfile, FORMAT_UNDEF, "originator certificate file")) == NULL) { ERR_print_errors(bio_err); goto end; @@ -790,7 +790,7 @@ int cms_main(int argc, char **argv) } if (operation == SMIME_SIGN_RECEIPT) { - if ((signer = load_cert(signerfile, FORMAT_PEM, + if ((signer = load_cert(signerfile, FORMAT_UNDEF, "receipt signer certificate file")) == NULL) { ERR_print_errors(bio_err); goto end; @@ -1019,7 +1019,8 @@ int cms_main(int argc, char **argv) signerfile = sk_OPENSSL_STRING_value(sksigners, i); keyfile = sk_OPENSSL_STRING_value(skkeys, i); - signer = load_cert(signerfile, FORMAT_PEM, "signer certificate"); + signer = load_cert(signerfile, FORMAT_UNDEF, + "signer certificate"); if (signer == NULL) { ret = 2; goto end; |