[openssl] master update
beldmit at gmail.com
beldmit at gmail.com
Wed Jun 24 06:58:36 UTC 2020
The branch master has been updated
via 922f156545c9c8397abbda49eb640f7a34969231 (commit)
via 6ec351f4496a6a8dd40ef2d811967247afaf1c41 (commit)
from 49a36a528a48bb6b8421b8a0363adb85e63d71fe (commit)
- Log -----------------------------------------------------------------
commit 922f156545c9c8397abbda49eb640f7a34969231
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date: Fri Jun 19 17:06:18 2020 +0300
CMS print should support string conversion: docs
Documentation for -nameopt option
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12206)
commit 6ec351f4496a6a8dd40ef2d811967247afaf1c41
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date: Fri Jun 19 17:05:12 2020 +0300
CMS print should support string conversion
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12206)
-----------------------------------------------------------------------
Summary of changes:
apps/cms.c | 23 ++++++++++++++++++++---
doc/man1/openssl-cms.pod.in | 9 +++++++++
2 files changed, 29 insertions(+), 3 deletions(-)
diff --git a/apps/cms.c b/apps/cms.c
index 445fec5388..2cb92ab85f 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -82,7 +82,7 @@ typedef enum OPTION_choice {
OPT_NOINDEF, OPT_CRLFEOL, OPT_NOOUT, OPT_RR_PRINT,
OPT_RR_ALL, OPT_RR_FIRST, OPT_RCTFORM, OPT_CERTFILE, OPT_CAFILE,
OPT_CAPATH, OPT_CASTORE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NOCASTORE,
- OPT_CONTENT, OPT_PRINT,
+ OPT_CONTENT, OPT_PRINT, OPT_NAMEOPT,
OPT_SECRETKEY, OPT_SECRETKEYID, OPT_PWRI_PASSWORD, OPT_ECONTENT_TYPE,
OPT_PASSIN, OPT_TO, OPT_FROM, OPT_SUBJECT, OPT_SIGNER, OPT_RECIP,
OPT_CERTSOUT, OPT_MD, OPT_INKEY, OPT_KEYFORM, OPT_KEYOPT, OPT_RR_FROM,
@@ -184,6 +184,8 @@ const OPTIONS cms_options[] = {
"Supply or override content for detached signature"},
{"print", OPT_PRINT, '-',
"For the -cmsout operation print out all fields of the CMS structure"},
+ {"nameopt", OPT_NAMEOPT, 's',
+ "For the -print option specifies various strings printing options"},
{"certsout", OPT_CERTSOUT, '>', "Certificate output file"},
OPT_SECTION("Keying"),
@@ -466,6 +468,10 @@ int cms_main(int argc, char **argv)
case OPT_PRINT:
noout = print = 1;
break;
+ case OPT_NAMEOPT:
+ if (!set_nameopt(opt_arg()))
+ goto opthelp;
+ break;
case OPT_SECRETKEY:
if (secret_key != NULL) {
BIO_printf(bio_err, "Invalid key (supplied twice) %s\n",
@@ -1152,8 +1158,19 @@ int cms_main(int argc, char **argv)
}
} else {
if (noout) {
- if (print)
- CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
+ if (print) {
+ ASN1_PCTX *pctx = NULL;
+ if (get_nameopt() != XN_FLAG_ONELINE) {
+ pctx = ASN1_PCTX_new();
+ if (pctx != NULL) { /* Print anyway if malloc failed */
+ ASN1_PCTX_set_flags(pctx, ASN1_PCTX_FLAGS_SHOW_ABSENT);
+ ASN1_PCTX_set_str_flags(pctx, get_nameopt());
+ ASN1_PCTX_set_nm_flags(pctx, get_nameopt());
+ }
+ }
+ CMS_ContentInfo_print_ctx(out, cms, 0, pctx);
+ ASN1_PCTX_free(pctx);
+ }
} else if (outformat == FORMAT_SMIME) {
if (to)
BIO_printf(out, "To: %s%s", to, mime_eol);
diff --git a/doc/man1/openssl-cms.pod.in b/doc/man1/openssl-cms.pod.in
index 5ef1219a2e..b4c57d37ff 100644
--- a/doc/man1/openssl-cms.pod.in
+++ b/doc/man1/openssl-cms.pod.in
@@ -44,6 +44,7 @@ B<openssl> B<cms>
[B<-text>]
[B<-noout>]
[B<-print>]
+[B<-nameopt> I<option>]
[B<-md> I<digest>]
[B<-I<cipher>>]
[B<-wrap> I<cipher>]
@@ -288,6 +289,12 @@ structure is being checked.
For the B<-cmsout> operation print out all fields of the CMS structure. This
is mainly useful for testing purposes.
+=item B<-nameopt> I<option>
+
+For the B<-cmsout> operation when B<-print> option is in use, specifies
+printing options for string fields. For most cases B<utf8> is reasonable value.
+See L<openssl(1)/Name Format Options> for details.
+
=item B<-md> I<digest>
Digest algorithm to use when signing or resigning. If not present then the
@@ -772,6 +779,8 @@ The -no_alt_chains option was added in OpenSSL 1.0.2b.
All B<-keyform> values except B<ENGINE> have become obsolete in OpenSSL 3.0.0
and have no effect.
+The B<-nameopt> option was added in OpenSSL 3.0.0.
+
=head1 COPYRIGHT
Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
More information about the openssl-commits
mailing list