From: Dr. Stephen Henson Date: Thu, 1 May 2008 23:31:03 +0000 (+0000) Subject: Update from HEAD. X-Git-Tag: OpenSSL_0_9_8h~26 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1099a9406355a7fe5c1e05719af2f7c65b395cdc;p=openssl Update from HEAD. --- diff --git a/apps/cms.c b/apps/cms.c index 0b92579cbb..6d227acabe 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -107,6 +107,7 @@ int MAIN(int argc, char **argv) char *signerfile = NULL, *recipfile = NULL; STACK *sksigners = NULL, *skkeys = NULL; char *certfile = NULL, *keyfile = NULL, *contfile=NULL; + char *certsoutfile = NULL; const EVP_CIPHER *cipher = NULL; CMS_ContentInfo *cms = NULL, *rcms = NULL; X509_STORE *store = NULL; @@ -396,6 +397,12 @@ int MAIN(int argc, char **argv) goto argerr; recipfile = *++args; } + else if (!strcmp (*args, "-certsout")) + { + if (!args[1]) + goto argerr; + certsoutfile = *++args; + } else if (!strcmp (*args, "-md")) { if (!args[1]) @@ -601,6 +608,7 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-noattr don't include any signed attributes\n"); BIO_printf (bio_err, "-binary don't translate message to text\n"); BIO_printf (bio_err, "-certfile file other certificates file\n"); + BIO_printf (bio_err, "-certsout file certificate output file\n"); BIO_printf (bio_err, "-signer file signer certificate file\n"); BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n"); BIO_printf (bio_err, "-skeyid use subject key identifier\n"); @@ -796,6 +804,20 @@ int MAIN(int argc, char **argv) goto end; } } + if (certsoutfile) + { + STACK_OF(X509) *allcerts; + allcerts = CMS_get1_certs(cms); + if (!save_certs(certsoutfile, allcerts)) + { + BIO_printf(bio_err, + "Error writing certs to %s\n", + certsoutfile); + ret = 5; + goto end; + } + sk_X509_pop_free(allcerts, X509_free); + } } if (rctfile) diff --git a/test/cms-examples.pl b/test/cms-examples.pl index 62290db275..2e95b48ba4 100644 --- a/test/cms-examples.pl +++ b/test/cms-examples.pl @@ -78,17 +78,17 @@ elsif (-f "..\\out32\\openssl.exe") my @test_list = ( [ "3.1.bin" => "dataout" ], [ "3.2.bin" => "encode, dataout" ], - [ "4.1.bin" => "encode, verifyder, content, dss" ], + [ "4.1.bin" => "encode, verifyder, cont, dss" ], [ "4.2.bin" => "encode, verifyder, cont, rsa" ], [ "4.3.bin" => "encode, verifyder, cont_extern, dss" ], [ "4.4.bin" => "encode, verifyder, cont, dss" ], - [ "4.5.bin" => "verifyder, content, rsa" ], + [ "4.5.bin" => "verifyder, cont, rsa" ], [ "4.6.bin" => "encode, verifyder, cont, dss" ], [ "4.7.bin" => "encode, verifyder, cont, dss" ], [ "4.8.eml" => "verifymime, dss" ], [ "4.9.eml" => "verifymime, dss" ], [ "4.10.bin" => "encode, verifyder, cont, dss" ], - [ "4.11.bin" => "encode" ], + [ "4.11.bin" => "encode, certsout" ], [ "5.1.bin" => "encode, envelopeder, cont" ], [ "5.2.bin" => "encode, envelopeder, cont" ], [ "5.3.eml" => "envelopemime, cont" ], @@ -151,6 +151,9 @@ foreach (@test_list) { if ( $tlist =~ /encode/ ) { run_reencode_test( $exdir, $file ); } + if ( $tlist =~ /certsout/ ) { + run_certsout_test( $exdir, $file ); + } if ( $tlist =~ /dataout/ ) { run_dataout_test( $exdir, $file ); } @@ -216,6 +219,23 @@ sub run_reencode_test { } } +sub run_certsout_test { + my ( $cmsdir, $tfile ) = @_; + unlink "tmp.der"; + unlink "tmp.pem"; + + system( "$cmscmd -cmsout -inform DER -certsout tmp.pem" + . " -in $cmsdir/$tfile -out tmp.der" ); + + if ($?) { + print "\tCertificate output command FAILED!!\n"; + $badtest++; + } + else { + print "\tCertificate output passed\n" if $verbose; + } +} + sub run_dataout_test { my ( $cmsdir, $tfile ) = @_; unlink "tmp.txt";