Return an error if no recipient type matches.

[openssl.git] / crypto / pem / pem_seal.c

diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c
index 56e08abd705373541cb0e031a8f500ea0f68c13c..ae4598d67408947c889f2d8a3806f2825eb98798 100644 (file)
--- a/crypto/pem/pem_seal.c
+++ b/crypto/pem/pem_seal.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>       /* for OPENSSL_NO_RSA */
 #ifndef OPENSSL_NO_RSA
 #include <stdio.h>
 #include "cryptlib.h"
@@ -64,6 +65,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/rsa.h>
 
 int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
             unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
@@ -94,11 +96,12 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
        EVP_EncodeInit(&ctx->encode);
 
        EVP_MD_CTX_init(&ctx->md);
-       EVP_SignInit(&ctx->md,md_type);
+       if (!EVP_SignInit(&ctx->md,md_type))
+               goto err;
 
        EVP_CIPHER_CTX_init(&ctx->cipher);
        ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
-       if (!ret) goto err;
+       if (ret <= 0) goto err;
 
        /* base64 encode the keys */
        for (i=0; i<npubk; i++)
@@ -116,14 +119,15 @@ err:
        return(ret);
        }
 
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+int PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
             unsigned char *in, int inl)
        {
        unsigned char buffer[1600];
        int i,j;
 
        *outl=0;
-       EVP_SignUpdate(&ctx->md,in,inl);
+       if (!EVP_SignUpdate(&ctx->md,in,inl))
+               return 0;
        for (;;)
                {
                if (inl <= 0) break;
@@ -131,13 +135,15 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
                        i=1200;
                else
                        i=inl;
-               EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);
+               if (!EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i))
+                       return 0;
                EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);
                *outl+=j;
                out+=j;
                in+=i;
                inl-=i;
                }
+       return 1;
        }
 
 int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
@@ -161,7 +167,8 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
                goto err;
                }
 
-       EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
+       if (!EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i))
+               goto err;
        EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
        *outl=j;
        out+=j;