Fix safestack issues in x509.h

[openssl.git] / apps / cms.c

diff --git a/apps/cms.c b/apps/cms.c
index bcf2f44ce5d48095cc8f997663ec6a728d70d6cb..fada7b57a9478659e1701fc2da4851dc989222e0 100644 (file)
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -23,7 +23,6 @@
 # include <openssl/x509v3.h>
 # include <openssl/cms.h>
 
-DEFINE_STACK_OF(X509)
 DEFINE_STACK_OF(CMS_SignerInfo)
 DEFINE_STACK_OF(GENERAL_NAME)
 DEFINE_STACK_OF(GENERAL_NAMES)
@@ -866,6 +865,13 @@ int cms_main(int argc, char **argv)
         key = load_key(keyfile, keyform, 0, passin, e, "signing key file");
         if (key == NULL)
             goto end;
+
+        /*
+         * TODO: Remove this when CMS has full support for provider-native
+         * EVP_PKEYs
+         */
+        if (EVP_PKEY_get0(key) == NULL)
+            goto end;
     }
 
     in = bio_open_default(infile, 'r', informat);
@@ -1064,6 +1070,14 @@ int cms_main(int argc, char **argv)
                 ret = 2;
                 goto end;
             }
+
+            /*
+             * TODO: Remove this when CMS has full support for provider-native
+             * EVP_PKEYs
+             */
+            if (EVP_PKEY_get0(key) == NULL)
+                goto end;
+
             for (kparam = key_first; kparam; kparam = kparam->next) {
                 if (kparam->idx == i) {
                     tflags |= CMS_KEY_PARAM;