1311
* Encrypt file; given a path (char *) fp, replace the file
1312
* by an encrypted version of it. If (char *) text is not null, then
1313
* replace the text of (char *) fp by the encrypted version of (char *) text.
1316
encrypt_file(char *fp, char *text)
1318
const EVP_CIPHER *cipher = NULL;
1319
STACK_OF(X509) *encerts = NULL;
1321
PERSONAL_CERT *pcert;
1328
if((pcert = ps_global->smime->personal_certs) == NULL)
1331
cipher = EVP_aes_256_cbc();
1332
encerts = sk_X509_new_null();
1334
if((cert = get_cert_for(pcert->name)) != NULL)
1335
sk_X509_push(encerts, cert);
1340
in = BIO_new(BIO_s_mem());
1343
(void) BIO_reset(in);
1347
if(!(in = BIO_new_file(fp, "rb")))
1350
BIO_read_filename(in, fp);
1353
if((p7 = PKCS7_encrypt(encerts, in, cipher, 0)) == NULL)
1355
BIO_set_close(in, BIO_CLOSE);
1357
if(!(in = BIO_new_file(fp, "w")))
1360
rv = PEM_write_bio_PKCS7(in, p7);
1366
sk_X509_pop_free(encerts, X509_free);
1312
1372
* Encrypt a message on the way out. Called from call_mailer in send.c
1785
/* decrypt an encrypted file.
1786
Args: fp - the path to the encrypted file.
1787
rv - a code that thells the caller what happened inside the function
1788
Returns the decoded text allocated in a char *, whose memory must be
1793
decrypt_file(char *fp, int *rv)
1797
BIO *in = NULL, *out = NULL;
1798
EVP_PKEY *pkey = NULL, *key = NULL;
1799
PERSONAL_CERT *pcert = NULL;
1801
STORE_S *outs = NULL, *store, *ins;
1803
long unsigned int len;
1808
if((text = read_file(fp, 0)) == NULL)
1811
tmp = fs_get(strlen(text) + (strlen(text) << 6) + 1);
1812
for(j = 0, i = strlen("-----BEGIN PKCS7-----") + 1; text[i] != '\0'
1813
&& text[i] != '-'; j++, i++)
1817
ret = rfc822_base64(tmp, strlen(tmp), &len);
1819
if((in = BIO_new_mem_buf((char *)ret, len)) != NULL){
1820
p7 = d2i_PKCS7_bio(in, NULL);
1824
if(text) fs_give((void **)&text);
1825
if(ret) fs_give((void **)&ret);
1827
if((pcert = ps_global->smime->personal_certs) == NULL)
1830
if((i = load_private_key(pcert)) == 0
1832
&& ps_global->smime->need_passphrase
1833
&& !ps_global->smime->already_auto_asked)
1835
ps_global->smime->already_auto_asked = 1;
1836
if(pith_opt_smime_get_passphrase){
1837
switch((*pith_opt_smime_get_passphrase)()){
1838
case 0 : i = load_private_key(pcert);
1844
default: break; /* repeat until we cancel */
1853
if((key = pcert->key) == NULL)
1856
recip = get_cert_for(pcert->name);
1857
out = BIO_new(BIO_s_mem());
1858
(void) BIO_reset(out);
1860
i = PKCS7_decrypt(p7, key, recip, out, 0);
1862
if(F_OFF(F_REMEMBER_SMIME_PASSPHRASE,ps_global))
1863
forget_private_keys();
1866
q_status_message1(SM_ORDER, 1, 1, _("Error decrypting: %s"),
1867
(char*) openssl_error_string());
1871
BIO_get_mem_data(out, &tmp);
1727
1883
* Try to decode (decrypt or verify a signature) a PKCS7 body
1756
snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
1757
p7 = get_pkcs7_from_part(msgno, newSec);
1911
p7 = get_pkcs7_from_part(msgno, section && *section ? section : "1");
1759
1913
q_status_message1(SM_ORDER, 2, 2, "Couldn't load PKCS7 object: %s",
1760
1914
(char*) openssl_error_string());