X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=crypto%2Fpkcs7%2Fpk7_lib.c;h=58ce6791c9ac303240d2ab2ecb9a065c35894261;hb=7bdf8eed69e190ce8f2869a8421aa710d6d07504;hp=9b647b212182a74eaadb04fc313a97555d439446;hpb=48921e00fc69060b7b29bab707ebc255a3506aff;p=openssl.git

diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 9b647b2121..58ce6791c9 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -138,6 +138,10 @@ int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
 		p7->d.sign->contents=p7_data;
 		break;
 	case NID_pkcs7_digest:
+		if (p7->d.digest->contents != NULL)
+			PKCS7_free(p7->d.digest->contents);
+		p7->d.digest->contents=p7_data;
+		break;
 	case NID_pkcs7_data:
 	case NID_pkcs7_enveloped:
 	case NID_pkcs7_signedAndEnveloped:
@@ -164,7 +168,12 @@ int PKCS7_set_type(PKCS7 *p7, int type)
 		p7->type=obj;
 		if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
 			goto err;
-		ASN1_INTEGER_set(p7->d.sign->version,1);
+		if (!ASN1_INTEGER_set(p7->d.sign->version,1))
+			{
+			PKCS7_SIGNED_free(p7->d.sign);
+			p7->d.sign=NULL;
+			goto err;
+			}
 		break;
 	case NID_pkcs7_data:
 		p7->type=obj;
@@ -176,6 +185,8 @@ int PKCS7_set_type(PKCS7 *p7, int type)
 		if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
 			== NULL) goto err;
 		ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
+		if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1))
+			goto err;
 		p7->d.signed_and_enveloped->enc_data->content_type
 						= OBJ_nid2obj(NID_pkcs7_data);
 		break;
@@ -183,7 +194,8 @@ int PKCS7_set_type(PKCS7 *p7, int type)
 		p7->type=obj;
 		if ((p7->d.enveloped=PKCS7_ENVELOPE_new())
 			== NULL) goto err;
-		ASN1_INTEGER_set(p7->d.enveloped->version,0);
+		if (!ASN1_INTEGER_set(p7->d.enveloped->version,0))
+			goto err;
 		p7->d.enveloped->enc_data->content_type
 						= OBJ_nid2obj(NID_pkcs7_data);
 		break;
@@ -191,12 +203,19 @@ int PKCS7_set_type(PKCS7 *p7, int type)
 		p7->type=obj;
 		if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
 			== NULL) goto err;
-		ASN1_INTEGER_set(p7->d.encrypted->version,0);
+		if (!ASN1_INTEGER_set(p7->d.encrypted->version,0))
+			goto err;
 		p7->d.encrypted->enc_data->content_type
 						= OBJ_nid2obj(NID_pkcs7_data);
 		break;
 
 	case NID_pkcs7_digest:
+		p7->type=obj;
+		if ((p7->d.digest=PKCS7_DIGEST_new())
+			== NULL) goto err;
+		if (!ASN1_INTEGER_set(p7->d.digest->version,0))
+			goto err;
+		break;
 	default:
 		PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
 		goto err;
@@ -206,6 +225,13 @@ err:
 	return(0);
 	}
 
+int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other)
+	{
+	p7->type = OBJ_nid2obj(type);
+	p7->d.other = other;
+	return 1;
+	}
+
 int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
 	{
 	int i,j,nid;
@@ -322,15 +348,18 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
 	else
 		is_dsa = 0;
 	/* We now need to add another PKCS7_SIGNER_INFO entry */
-	ASN1_INTEGER_set(p7i->version,1);
-	X509_NAME_set(&p7i->issuer_and_serial->issuer,
-		X509_get_issuer_name(x509));
+	if (!ASN1_INTEGER_set(p7i->version,1))
+		goto err;
+	if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
+			X509_get_issuer_name(x509)))
+		goto err;
 
 	/* because ASN1_INTEGER_set is used to set a 'long' we will do
 	 * things the ugly way. */
 	M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-	p7i->issuer_and_serial->serial=
-		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
+	if (!(p7i->issuer_and_serial->serial=
+			M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
+		goto err;
 
 	/* lets keep the pkey around for a while */
 	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
@@ -398,6 +427,24 @@ err:
 	return(NULL);
 	}
 
+int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
+	{
+	if (PKCS7_type_is_digest(p7))
+		{
+		if(!(p7->d.digest->md->parameter = ASN1_TYPE_new()))
+			{
+			PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		p7->d.digest->md->parameter->type = V_ASN1_NULL;
+		p7->d.digest->md->algorithm = OBJ_nid2obj(EVP_MD_nid(md));
+		return 1;
+		}
+		
+	PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,PKCS7_R_WRONG_CONTENT_TYPE);
+	return 1;
+	}
+
 STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
 	{
 	if (PKCS7_type_is_signed(p7))
@@ -449,16 +496,20 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
 
 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
 	{
-	ASN1_INTEGER_set(p7i->version,0);
-	X509_NAME_set(&p7i->issuer_and_serial->issuer,
-		X509_get_issuer_name(x509));
+	if (!ASN1_INTEGER_set(p7i->version,0))
+		return 0;
+	if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
+		X509_get_issuer_name(x509)))
+		return 0;
 
 	M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-	p7i->issuer_and_serial->serial=
-		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
+	if (!(p7i->issuer_and_serial->serial=
+		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
+		return 0;
 
 	X509_ALGOR_free(p7i->key_enc_algor);
-	p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor);
+	if (!(p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor)))
+		return 0;
 
 	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
 	p7i->cert=x509;