diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-07-25 19:11:03 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-08-09 17:34:52 +1000 |
| commit | 90a1f2d76f53effefafbae31e2f425a3508bda45 (patch) | |
| tree | 64efd480bd47dc88a3ec858c0e401d712ff39802 /apps/pkcs7.c | |
| parent | 45b22d6a35678ac3f22a18302a2647bfd9cb244c (diff) | |
Add libctx support to PKCS7.
-Public PKCS7 methods that create a PKCS7 object now have variants that also add a libctx and propq.
This includes PKCS7_new_with_libctx(), PKCS7_sign_with_libctx() and PKCS7_encrypt_with_libctx()
-Added SMIME_read_PKCS7_ex() so that a created PKCS7 object can be passed to the read.
-d2i_PKCS7_bio() has been modified so that after it loads the PKCS7 object it then resolves any subobjects that require
the libctx/propq (such as objects containing X509 certificates).
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11884)
Diffstat (limited to 'apps/pkcs7.c')
| -rw-r--r-- | apps/pkcs7.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/apps/pkcs7.c b/apps/pkcs7.c index 2416584dd6..95d3ca0845 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -57,12 +57,14 @@ const OPTIONS pkcs7_options[] = { int pkcs7_main(int argc, char **argv) { ENGINE *e = NULL; - PKCS7 *p7 = NULL; + PKCS7 *p7 = NULL, *p7i; BIO *in = NULL, *out = NULL; int informat = FORMAT_PEM, outformat = FORMAT_PEM; char *infile = NULL, *outfile = NULL, *prog; int i, print_certs = 0, text = 0, noout = 0, p7_print = 0, ret = 1; OPTION_CHOICE o; + OPENSSL_CTX *libctx = app_get0_libctx(); + const char *propq = app_get0_propq(); prog = opt_init(argc, argv, pkcs7_options); while ((o = opt_next()) != OPT_EOF) { @@ -119,11 +121,18 @@ int pkcs7_main(int argc, char **argv) if (in == NULL) goto end; + p7 = PKCS7_new_with_libctx(libctx, propq); + if (p7 == NULL) { + BIO_printf(bio_err, "unable to allocate PKCS7 object\n"); + ERR_print_errors(bio_err); + goto end; + } + if (informat == FORMAT_ASN1) - p7 = d2i_PKCS7_bio(in, NULL); + p7i = d2i_PKCS7_bio(in, &p7); else - p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); - if (p7 == NULL) { + p7i = PEM_read_bio_PKCS7(in, &p7, NULL, NULL); + if (p7i == NULL) { BIO_printf(bio_err, "unable to load PKCS7 object\n"); ERR_print_errors(bio_err); goto end; |