X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fpkcs7%2Fpk7_doit.c;h=24022416d225401d6272fdfd0178c50382a6f071;hp=f61d63b39b3a28ae66015925e1056b9ebda7caa9;hb=d356dc561925ec9cecc58a69e2280c18a49ec41a;hpb=9b0a453190efc9b14cc04e74ce2e8e35af45fb39 diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index f61d63b39b..24022416d2 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -1,63 +1,14 @@ -/* crypto/pkcs7/pk7_doit.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include -#include "cryptlib.h" +#include "internal/cryptlib.h" #include #include #include @@ -128,8 +79,7 @@ static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) return 1; err: - if (btmp) - BIO_free(btmp); + BIO_free(btmp); return 0; } @@ -143,7 +93,7 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, int ret = 0; size_t eklen; - pkey = X509_get_pubkey(ri->cert); + pkey = X509_get0_pubkey(ri->cert); if (!pkey) return 0; @@ -180,12 +130,8 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, ret = 1; err: - if (pkey) - EVP_PKEY_free(pkey); - if (pctx) - EVP_PKEY_CTX_free(pctx); - if (ek) - OPENSSL_free(ek); + EVP_PKEY_CTX_free(pctx); + OPENSSL_free(ek); return ret; } @@ -232,18 +178,13 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, ret = 1; - if (*pek) { - OPENSSL_cleanse(*pek, *peklen); - OPENSSL_free(*pek); - } - + OPENSSL_clear_free(*pek, *peklen); *pek = ek; *peklen = eklen; err: - if (pctx) - EVP_PKEY_CTX_free(pctx); - if (!ret && ek) + EVP_PKEY_CTX_free(pctx); + if (!ret) OPENSSL_free(ek); return ret; @@ -261,6 +202,25 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) PKCS7_RECIP_INFO *ri = NULL; ASN1_OCTET_STRING *os = NULL; + if (p7 == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); + return NULL; + } + /* + * The content field in the PKCS7 ContentInfo is optional, but that really + * only applies to inner content (precisely, detached signatures). + * + * When reading content, missing outer content is therefore treated as an + * error. + * + * When creating content, PKCS7_content_new() must be called before + * calling this method, so a NULL p7->d is always an error. + */ + if (p7->d.ptr == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); + return NULL; + } + i = OBJ_obj2nid(p7->type); p7->state = PKCS7_S_HEADER; @@ -321,7 +281,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) ivlen = EVP_CIPHER_iv_length(evp_cipher); xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); if (ivlen > 0) - if (RAND_pseudo_bytes(iv, ivlen) <= 0) + if (RAND_bytes(iv, ivlen) <= 0) goto err; if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0) goto err; @@ -371,27 +331,23 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) BIO_push(out, bio); else out = bio; - bio = NULL; - if (0) { + return out; + err: - if (out != NULL) - BIO_free_all(out); - if (btmp != NULL) - BIO_free_all(btmp); - out = NULL; - } - return (out); + BIO_free_all(out); + BIO_free_all(btmp); + return NULL; } static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) { int ret; ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, - pcert->cert_info->issuer); + X509_get_issuer_name(pcert)); if (ret) return ret; - return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, - ri->issuer_and_serial->serial); + return ASN1_INTEGER_cmp(X509_get_serialNumber(pcert), + ri->issuer_and_serial->serial); } /* int */ @@ -411,11 +367,27 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) unsigned char *ek = NULL, *tkey = NULL; int eklen = 0, tkeylen = 0; + if (p7 == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); + return NULL; + } + + if (p7->d.ptr == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); + return NULL; + } + i = OBJ_obj2nid(p7->type); p7->state = PKCS7_S_HEADER; switch (i) { case NID_pkcs7_signed: + /* + * p7->d.sign->contents is a PKCS7 structure consisting of a contentType + * field and optional content. + * data_body is NULL if that structure has no (=detached) content + * or if the contentType is wrong (i.e., not "data"). + */ data_body = PKCS7_get_octet_string(p7->d.sign->contents); if (!PKCS7_is_detached(p7) && data_body == NULL) { PKCS7err(PKCS7_F_PKCS7_DATADECODE, @@ -427,6 +399,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) case NID_pkcs7_signedAndEnveloped: rsk = p7->d.signed_and_enveloped->recipientinfo; md_sk = p7->d.signed_and_enveloped->md_algs; + /* data_body is NULL if the optional EncryptedContent is missing. */ data_body = p7->d.signed_and_enveloped->enc_data->enc_data; enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm; evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm); @@ -439,6 +412,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) case NID_pkcs7_enveloped: rsk = p7->d.enveloped->recipientinfo; enc_alg = p7->d.enveloped->enc_data->algorithm; + /* data_body is NULL if the optional EncryptedContent is missing. */ data_body = p7->d.enveloped->enc_data->enc_data; evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm); if (evp_cipher == NULL) { @@ -452,6 +426,12 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) goto err; } + /* Detached content must be supplied via in_bio instead. */ + if (data_body == NULL && in_bio == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); + goto err; + } + /* We will be checking the signature */ if (md_sk != NULL) { for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) { @@ -537,7 +517,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) /* Generate random key as MMA defence */ tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx); tkey = OPENSSL_malloc(tkeylen); - if (!tkey) + if (tkey == NULL) goto err; if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0) goto err; @@ -555,8 +535,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) */ if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) { /* Use random key as MMA defence */ - OPENSSL_cleanse(ek, eklen); - OPENSSL_free(ek); + OPENSSL_clear_free(ek, eklen); ek = tkey; eklen = tkeylen; tkey = NULL; @@ -567,16 +546,10 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0) goto err; - if (ek) { - OPENSSL_cleanse(ek, eklen); - OPENSSL_free(ek); - ek = NULL; - } - if (tkey) { - OPENSSL_cleanse(tkey, tkeylen); - OPENSSL_free(tkey); - tkey = NULL; - } + OPENSSL_clear_free(ek, eklen); + ek = NULL; + OPENSSL_clear_free(tkey, tkeylen); + tkey = NULL; if (out == NULL) out = etmp; @@ -584,13 +557,15 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) BIO_push(out, etmp); etmp = NULL; } - if (PKCS7_is_detached(p7) || (in_bio != NULL)) { + if (in_bio != NULL) { bio = in_bio; } else { if (data_body->length > 0) bio = BIO_new_mem_buf(data_body->data, data_body->length); else { bio = BIO_new(BIO_s_mem()); + if (bio == NULL) + goto err; BIO_set_mem_eof_return(bio, 0); } if (bio == NULL) @@ -598,27 +573,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) } BIO_push(out, bio); bio = NULL; - if (0) { + return out; + err: - if (ek) { - OPENSSL_cleanse(ek, eklen); - OPENSSL_free(ek); - } - if (tkey) { - OPENSSL_cleanse(tkey, tkeylen); - OPENSSL_free(tkey); - } - if (out != NULL) - BIO_free_all(out); - if (btmp != NULL) - BIO_free_all(btmp); - if (etmp != NULL) - BIO_free_all(etmp); - if (bio != NULL) - BIO_free_all(bio); - out = NULL; - } - return (out); + OPENSSL_clear_free(ek, eklen); + OPENSSL_clear_free(tkey, tkeylen); + BIO_free_all(out); + BIO_free_all(btmp); + BIO_free_all(etmp); + BIO_free_all(bio); + return NULL; } static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid) @@ -678,12 +642,27 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) int i, j; BIO *btmp; PKCS7_SIGNER_INFO *si; - EVP_MD_CTX *mdc, ctx_tmp; + EVP_MD_CTX *mdc, *ctx_tmp; STACK_OF(X509_ATTRIBUTE) *sk; STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL; ASN1_OCTET_STRING *os = NULL; - EVP_MD_CTX_init(&ctx_tmp); + if (p7 == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); + return 0; + } + + if (p7->d.ptr == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); + return 0; + } + + ctx_tmp = EVP_MD_CTX_new(); + if (ctx_tmp == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE); + return 0; + } + i = OBJ_obj2nid(p7->type); p7->state = PKCS7_S_HEADER; @@ -695,9 +674,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) /* XXXXXXXXXXXXXXXX */ si_sk = p7->d.signed_and_enveloped->signer_info; os = p7->d.signed_and_enveloped->enc_data->enc_data; - if (!os) { - os = M_ASN1_OCTET_STRING_new(); - if (!os) { + if (os == NULL) { + os = ASN1_OCTET_STRING_new(); + if (os == NULL) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE); goto err; } @@ -707,9 +686,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) case NID_pkcs7_enveloped: /* XXXXXXXXXXXXXXXX */ os = p7->d.enveloped->enc_data->enc_data; - if (!os) { - os = M_ASN1_OCTET_STRING_new(); - if (!os) { + if (os == NULL) { + os = ASN1_OCTET_STRING_new(); + if (os == NULL) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE); goto err; } @@ -721,7 +700,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) os = PKCS7_get_octet_string(p7->d.sign->contents); /* If detached data then the content is excluded */ if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { - M_ASN1_OCTET_STRING_free(os); + ASN1_OCTET_STRING_free(os); + os = NULL; p7->d.sign->contents->d.data = NULL; } break; @@ -730,7 +710,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) os = PKCS7_get_octet_string(p7->d.digest->contents); /* If detached data then the content is excluded */ if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) { - M_ASN1_OCTET_STRING_free(os); + ASN1_OCTET_STRING_free(os); + os = NULL; p7->d.digest->contents->d.data = NULL; } break; @@ -758,7 +739,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) /* * We now have the EVP_MD_CTX, lets do the signing. */ - if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc)) + if (!EVP_MD_CTX_copy_ex(ctx_tmp, mdc)) goto err; sk = si->auth_attr; @@ -768,17 +749,18 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) * sign the attributes */ if (sk_X509_ATTRIBUTE_num(sk) > 0) { - if (!do_pkcs7_signed_attrib(si, &ctx_tmp)) + if (!do_pkcs7_signed_attrib(si, ctx_tmp)) goto err; } else { unsigned char *abuf = NULL; unsigned int abuflen; abuflen = EVP_PKEY_size(si->pkey); abuf = OPENSSL_malloc(abuflen); - if (!abuf) + if (abuf == NULL) goto err; - if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) { + if (!EVP_SignFinal(ctx_tmp, abuf, &abuflen, si->pkey)) { + OPENSSL_free(abuf); PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB); goto err; } @@ -793,35 +775,44 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) goto err; if (!EVP_DigestFinal_ex(mdc, md_data, &md_len)) goto err; - M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); + if (!ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len)) + goto err; } - if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) { - char *cont; - long contlen; - btmp = BIO_find_type(bio, BIO_TYPE_MEM); - if (btmp == NULL) { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); - goto err; - } - contlen = BIO_get_mem_data(btmp, &cont); + if (!PKCS7_is_detached(p7)) { /* - * Mark the BIO read only then we can use its copy of the data - * instead of making an extra copy. + * NOTE(emilia): I think we only reach os == NULL here because detached + * digested data support is broken. */ - BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); - BIO_set_mem_eof_return(btmp, 0); - ASN1_STRING_set0(os, (unsigned char *)cont, contlen); + if (os == NULL) + goto err; + if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { + char *cont; + long contlen; + btmp = BIO_find_type(bio, BIO_TYPE_MEM); + if (btmp == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); + goto err; + } + contlen = BIO_get_mem_data(btmp, &cont); + /* + * Mark the BIO read only then we can use its copy of the data + * instead of making an extra copy. + */ + BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); + BIO_set_mem_eof_return(btmp, 0); + ASN1_STRING_set0(os, (unsigned char *)cont, contlen); + } } ret = 1; err: - EVP_MD_CTX_cleanup(&ctx_tmp); + EVP_MD_CTX_free(ctx_tmp); return (ret); } int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) { - EVP_MD_CTX mctx; + EVP_MD_CTX *mctx; EVP_PKEY_CTX *pctx; unsigned char *abuf = NULL; int alen; @@ -832,8 +823,13 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) if (md == NULL) return 0; - EVP_MD_CTX_init(&mctx); - if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0) + mctx = EVP_MD_CTX_new(); + if (mctx == NULL) { + PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0) goto err; if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, @@ -846,16 +842,16 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) ASN1_ITEM_rptr(PKCS7_ATTR_SIGN)); if (!abuf) goto err; - if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0) + if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0) goto err; OPENSSL_free(abuf); abuf = NULL; - if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) + if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0) goto err; abuf = OPENSSL_malloc(siglen); - if (!abuf) + if (abuf == NULL) goto err; - if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0) + if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0) goto err; if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, @@ -864,16 +860,15 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) goto err; } - EVP_MD_CTX_cleanup(&mctx); + EVP_MD_CTX_free(mctx); ASN1_STRING_set0(si->enc_digest, abuf, siglen); return 1; err: - if (abuf) - OPENSSL_free(abuf); - EVP_MD_CTX_cleanup(&mctx); + OPENSSL_free(abuf); + EVP_MD_CTX_free(mctx); return 0; } @@ -886,6 +881,16 @@ int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, STACK_OF(X509) *cert; X509 *x509; + if (p7 == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); + return 0; + } + + if (p7->d.ptr == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); + return 0; + } + if (PKCS7_type_is_signed(p7)) { cert = p7->d.sign->cert; } else if (PKCS7_type_is_signedAndEnveloped(p7)) { @@ -929,14 +934,18 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, X509 *x509) { ASN1_OCTET_STRING *os; - EVP_MD_CTX mdc_tmp, *mdc; + EVP_MD_CTX *mdc_tmp, *mdc; int ret = 0, i; int md_type; STACK_OF(X509_ATTRIBUTE) *sk; BIO *btmp; EVP_PKEY *pkey; - EVP_MD_CTX_init(&mdc_tmp); + mdc_tmp = EVP_MD_CTX_new(); + if (mdc_tmp == NULL) { + PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_MALLOC_FAILURE); + goto err; + } if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) { PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE); @@ -973,7 +982,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, * mdc is the digest ctx that we want, unless there are attributes, in * which case the digest is the signed attributes */ - if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc)) + if (!EVP_MD_CTX_copy_ex(mdc_tmp, mdc)) goto err; sk = si->auth_attr; @@ -983,7 +992,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, int alen; ASN1_OCTET_STRING *message_digest; - if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len)) + if (!EVP_DigestFinal_ex(mdc_tmp, md_dat, &md_len)) goto err; message_digest = PKCS7_digest_from_attributes(sk); if (!message_digest) { @@ -998,7 +1007,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, goto err; } - if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL)) + if (!EVP_VerifyInit_ex(mdc_tmp, EVP_get_digestbynid(md_type), NULL)) goto err; alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf, @@ -1008,29 +1017,28 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, ret = -1; goto err; } - if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen)) + if (!EVP_VerifyUpdate(mdc_tmp, abuf, alen)) goto err; OPENSSL_free(abuf); } os = si->enc_digest; - pkey = X509_get_pubkey(x509); + pkey = X509_get0_pubkey(x509); if (!pkey) { ret = -1; goto err; } - i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey); - EVP_PKEY_free(pkey); + i = EVP_VerifyFinal(mdc_tmp, os->data, os->length, pkey); if (i <= 0) { PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE); ret = -1; goto err; - } else - ret = 1; + } + ret = 1; err: - EVP_MD_CTX_cleanup(&mdc_tmp); + EVP_MD_CTX_free(mdc_tmp); return (ret); } @@ -1048,7 +1056,6 @@ PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) rsk = p7->d.signed_and_enveloped->recipientinfo; if (rsk == NULL) return NULL; - ri = sk_PKCS7_RECIP_INFO_value(rsk, 0); if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return (NULL); ri = sk_PKCS7_RECIP_INFO_value(rsk, idx); @@ -1077,7 +1084,7 @@ static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid) ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk) { ASN1_TYPE *astype; - if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) + if ((astype = get_attribute(sk, NID_pkcs9_messageDigest)) == NULL) return NULL; return astype->value.octet_string; } @@ -1087,8 +1094,7 @@ int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, { int i; - if (p7si->auth_attr != NULL) - sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free); + sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free); p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk); if (p7si->auth_attr == NULL) return 0; @@ -1107,8 +1113,7 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, { int i; - if (p7si->unauth_attr != NULL) - sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free); + sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free); p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk); if (p7si->unauth_attr == NULL) return 0; @@ -1140,11 +1145,10 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, X509_ATTRIBUTE *attr = NULL; if (*sk == NULL) { - *sk = sk_X509_ATTRIBUTE_new_null(); - if (*sk == NULL) + if ((*sk = sk_X509_ATTRIBUTE_new_null()) == NULL) return 0; new_attrib: - if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value))) + if ((attr = X509_ATTRIBUTE_create(nid, atrtype, value)) == NULL) return 0; if (!sk_X509_ATTRIBUTE_push(*sk, attr)) { X509_ATTRIBUTE_free(attr);