projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Don't output bogus errors in PKCS12_parse
[openssl.git]
/
crypto
/
pkcs12
/
p12_kiss.c
diff --git
a/crypto/pkcs12/p12_kiss.c
b/crypto/pkcs12/p12_kiss.c
index ee476c38f4a733102cbb3b650e89766b639cde76..fdddffbab41c5f39d9dec52aa2dcc30f8c2fdbe7 100644
(file)
--- a/
crypto/pkcs12/p12_kiss.c
+++ b/
crypto/pkcs12/p12_kiss.c
@@
-58,7
+58,7
@@
*/
#include <stdio.h>
*/
#include <stdio.h>
-#include "cryptlib.h"
+#include "
internal/
cryptlib.h"
#include <openssl/pkcs12.h>
/* Simplified PKCS#12 routines */
#include <openssl/pkcs12.h>
/* Simplified PKCS#12 routines */
@@
-135,10
+135,12
@@
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
while ((x = sk_X509_pop(ocerts))) {
if (pkey && *pkey && cert && !*cert) {
while ((x = sk_X509_pop(ocerts))) {
if (pkey && *pkey && cert && !*cert) {
+ ERR_set_mark();
if (X509_check_private_key(x, *pkey)) {
*cert = x;
x = NULL;
}
if (X509_check_private_key(x, *pkey)) {
*cert = x;
x = NULL;
}
+ ERR_pop_to_mark();
}
if (ca && x) {
}
if (ca && x) {
@@
-150,25
+152,21
@@
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
goto err;
x = NULL;
}
goto err;
x = NULL;
}
- if (x)
- X509_free(x);
+ X509_free(x);
}
}
- if (ocerts)
- sk_X509_pop_free(ocerts, X509_free);
+ sk_X509_pop_free(ocerts, X509_free);
return 1;
err:
return 1;
err:
- if (pkey
&& *pkey
)
+ if (pkey)
EVP_PKEY_free(*pkey);
EVP_PKEY_free(*pkey);
- if (cert
&& *cert
)
+ if (cert)
X509_free(*cert);
X509_free(*cert);
- if (x)
- X509_free(x);
- if (ocerts)
- sk_X509_pop_free(ocerts, X509_free);
+ X509_free(x);
+ sk_X509_pop_free(ocerts, X509_free);
return 0;
}
return 0;
}
@@
-183,7
+181,7
@@
static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
int i, bagnid;
PKCS7 *p7;
int i, bagnid;
PKCS7 *p7;
- if (
!(asafes = PKCS12_unpack_authsafes(p12))
)
+ if (
(asafes = PKCS12_unpack_authsafes(p12)) == NULL
)
return 0;
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
p7 = sk_PKCS7_value(asafes, i);
return 0;
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
p7 = sk_PKCS7_value(asafes, i);
@@
-240,14
+238,14
@@
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
case NID_keyBag:
if (!pkey || *pkey)
return 1;
case NID_keyBag:
if (!pkey || *pkey)
return 1;
- if (
!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))
)
+ if (
(*pkey = EVP_PKCS82PKEY(bag->value.keybag)) == NULL
)
return 0;
break;
case NID_pkcs8ShroudedKeyBag:
if (!pkey || *pkey)
return 1;
return 0;
break;
case NID_pkcs8ShroudedKeyBag:
if (!pkey || *pkey)
return 1;
- if (
!(p8 = PKCS12_decrypt_skey(bag, pass, passlen))
)
+ if (
(p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL
)
return 0;
*pkey = EVP_PKCS82PKEY(p8);
PKCS8_PRIV_KEY_INFO_free(p8);
return 0;
*pkey = EVP_PKCS82PKEY(p8);
PKCS8_PRIV_KEY_INFO_free(p8);
@@
-258,7
+256,7
@@
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
case NID_certBag:
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
return 1;
case NID_certBag:
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
return 1;
- if (
!(x509 = PKCS12_certbag2x509(bag))
)
+ if (
(x509 = PKCS12_certbag2x509(bag)) == NULL
)
return 0;
if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
X509_free(x509);
return 0;
if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
X509_free(x509);
@@
-287,11
+285,9
@@
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
case NID_safeContentsBag:
return parse_bags(bag->value.safes, pass, passlen, pkey, ocerts);
case NID_safeContentsBag:
return parse_bags(bag->value.safes, pass, passlen, pkey, ocerts);
- break;
default:
return 1;
default:
return 1;
- break;
}
return 1;
}
}
return 1;
}