if (ri == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATADECODE,
PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
- return(NULL);
+ goto err;
}
jj=EVP_PKEY_size(pkey);
BIO_get_cipher_ctx(etmp,&evp_ctx);
EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0);
if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
- return(NULL);
+ goto err;
if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
/* Some S/MIME clients don't use the same key
BIO_get_md_ctx(btmp,&mdc);
if (mdc == NULL)
{
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
+ PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_INTERNAL_ERROR);
goto err;
}
if (EVP_MD_CTX_type(mdc) == j)
/* We now have the EVP_MD_CTX, lets do the
* signing. */
- memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
+ EVP_MD_CTX_init(&ctx_tmp);
+ EVP_MD_CTX_copy(&ctx_tmp,mdc);
if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
{
PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
OPENSSL_free(abuf);
}
+#ifndef OPENSSL_NO_DSA
if (si->pkey->type == EVP_PKEY_DSA)
ctx_tmp.digest=EVP_dss1();
+#endif
if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
(unsigned int *)&buf->length,si->pkey))
}
ret=1;
err:
+ EVP_MD_CTX_cleanup(&ctx_tmp);
if (buf != NULL) BUF_MEM_free(buf);
return(ret);
}
}
/* Lets verify */
- X509_STORE_CTX_init(ctx,cert_store,x509,cert);
+ if(!X509_STORE_CTX_init(ctx,cert_store,x509,cert))
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB);
+ goto err;
+ }
X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
i=X509_verify_cert(ctx);
if (i <= 0)
BIO *btmp;
EVP_PKEY *pkey;
+ EVP_MD_CTX_init(&mdc_tmp);
+
if (!PKCS7_type_is_signed(p7) &&
!PKCS7_type_is_signedAndEnveloped(p7)) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
if (mdc == NULL)
{
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_INTERNAL_ERROR);
+ ERR_R_INTERNAL_ERROR);
goto err;
}
if (EVP_MD_CTX_type(mdc) == md_type)
/* mdc is the digest ctx that we want, unless there are attributes,
* in which case the digest is the signed attributes */
- memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
+ EVP_MD_CTX_copy(&mdc_tmp,mdc);
sk=si->auth_attr;
if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
ret = -1;
goto err;
}
+#ifndef OPENSSL_NO_DSA
if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
+#endif
i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
EVP_PKEY_free(pkey);
else
ret=1;
err:
+ EVP_MD_CTX_cleanup(&mdc_tmp);
return(ret);
}