diff options
author | FdaSilvaYY <fdasilvayy@gmail.com> | 2019-06-12 19:52:39 +0200 |
---|---|---|
committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-05-27 13:16:30 +0200 |
commit | 9e3c510bde91350c5a40b7ba4e9e0945895e9368 (patch) | |
tree | 1720a2cfea2ffded3a4e374e2c6e110f2499dbc4 /apps | |
parent | f7f53d7d61bba235b8babf4cf580114d74183e3e (diff) |
crypto/cms: add CAdES-BES signed attributes validation
for signing certificate V2 and signing certificate extensions.
CAdES: lowercase name for now internal methods.
crypto/cms: generated file changes.
Add some CHANGES entries.
[extended tests]
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8098)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/cms.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/apps/cms.c b/apps/cms.c index 6b5577ecee..445fec5388 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -670,12 +670,18 @@ int cms_main(int argc, char **argv) goto opthelp; } - if (flags & CMS_CADES) { - if (flags & CMS_NOATTR) { + if ((flags & CMS_CADES) != 0) { + if ((flags & CMS_NOATTR) != 0) { BIO_puts(bio_err, "Incompatible options: " "CAdES required signed attributes\n"); goto opthelp; } + if (operation == SMIME_VERIFY + && (flags & (CMS_NO_SIGNER_CERT_VERIFY | CMS_NO_ATTR_VERIFY)) != 0) { + BIO_puts(bio_err, "Incompatible options: CAdES validation require" + " certs and signed attributes validations\n"); + goto opthelp; + } } if (operation & SMIME_SIGNERS) { @@ -1115,7 +1121,8 @@ int cms_main(int argc, char **argv) goto end; } else if (operation == SMIME_VERIFY) { if (CMS_verify(cms, other, store, indata, out, flags) > 0) { - BIO_printf(bio_err, "Verification successful\n"); + BIO_printf(bio_err, "%s Verification successful\n", + (flags & CMS_CADES) ? "CAdES" : "CMS"); } else { BIO_printf(bio_err, "Verification failure\n"); if (verify_retcode) |