From f7a8d0bc325d2c8b24edf852647ddc0e82345567 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Thu, 26 Mar 2009 23:12:35 +0000 Subject: [PATCH] add allow weak crypto flag git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24960 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/hx509/hxtool.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/hx509/hxtool.c b/lib/hx509/hxtool.c index 80f069f8b..ad77f7910 100644 --- a/lib/hx509/hxtool.c +++ b/lib/hx509/hxtool.c @@ -466,6 +466,7 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) void *p; int ret; hx509_lock lock; + int flags = 0; hx509_lock_init(context, &lock); lock_strings(lock, &opt->pass_strings); @@ -498,7 +499,10 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) certs_strings(context, "store", certs, lock, &opt->certificate_strings); - ret = hx509_cms_unenvelope(context, certs, 0, co.data, co.length, + if (opt->allow_weak_crypto_flag) + flags |= HX509_CMS_UE_ALLOW_WEAK; + + ret = hx509_cms_unenvelope(context, certs, flags, co.data, co.length, NULL, 0, &contentType, &o); if (co.data != p) der_free_octet_string(&co); @@ -532,6 +536,7 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) size_t sz; void *p; hx509_lock lock; + int flags = 0; memset(&contentType, 0, sizeof(contentType)); @@ -547,6 +552,9 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) certs_strings(context, "store", certs, lock, &opt->certificate_strings); + if (opt->allow_weak_crypto_flag) + flags |= HX509_CMS_EV_ALLOW_WEAK; + if (opt->encryption_type_string) { enctype = hx509_crypto_enctype_by_name(opt->encryption_type_string); if (enctype == NULL)