Allow reordering of certificates when signing.

Add certificates if -nocerts and -certfile specified when signing in smime application. This can be used this to specify the order certificates appear in the PKCS#7 structure: some broken applications require a certain ordering. PR#3316 (cherry picked from commit e114abee9ec084a56c1d6076ac6de8a7a3a5cf34)
2014-06-02 14:12:07 +01:00 · 2014-06-02 14:12:07 +01:00 · 4967a832ab
commit 4967a832ab
parent 6468866823
1 changed files with 8 additions and 0 deletions
--- a/apps/smime.c
+++ b/apps/smime.c
@ -704,6 +704,14 @@ int MAIN(int argc, char **argv)
 			p7 = PKCS7_sign(NULL, NULL, other, in, flags);
 			if (!p7)
 				goto end;
+			if (flags & PKCS7_NOCERTS)
+				{
+				for (i = 0; i < sk_X509_num(other); i++)
+					{
+					X509 *x = sk_X509_value(other, i);
+					PKCS7_add_certificate(p7, x);
+					}
+				}
 			}
 		else
 			flags |= PKCS7_REUSE_DIGEST;