Replace old (and invalid) copyright notice.

[openssl.git] / crypto / pkcs7 / pk7_doit.c

diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index de96148b6eba1a748919ccd66f8adb71a1e42fc6..4ff021e323af4c66af1b8419f4d3b7decfb2b9f8 100644 (file)
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -370,7 +370,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                if (ri == NULL) {
                        PKCS7err(PKCS7_F_PKCS7_DATADECODE,
                                 PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
-                       return(NULL);
+                       goto err;
                }
 
                jj=EVP_PKEY_size(pkey);
@@ -393,7 +393,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                BIO_get_cipher_ctx(etmp,&evp_ctx);
                EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0);
                if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
-                       return(NULL);
+                       goto err;
 
                if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
                        /* Some S/MIME clients don't use the same key
@@ -526,7 +526,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                                BIO_get_md_ctx(btmp,&mdc);
                                if (mdc == NULL)
                                        {
-                                       PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
+                                       PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_INTERNAL_ERROR);
                                        goto err;
                                        }
                                if (EVP_MD_CTX_type(mdc) == j)
@@ -537,7 +537,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                        
                        /* We now have the EVP_MD_CTX, lets do the
                         * signing. */
-                       memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
+                       EVP_MD_CTX_init(&ctx_tmp);
+                       EVP_MD_CTX_copy(&ctx_tmp,mdc);
                        if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
                                {
                                PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
@@ -580,8 +581,10 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                                OPENSSL_free(abuf);
                                }
 
+#ifndef OPENSSL_NO_DSA
                        if (si->pkey->type == EVP_PKEY_DSA)
                                ctx_tmp.digest=EVP_dss1();
+#endif
 
                        if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
                                (unsigned int *)&buf->length,si->pkey))
@@ -621,6 +624,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                }
        ret=1;
 err:
+       EVP_MD_CTX_cleanup(&ctx_tmp);
        if (buf != NULL) BUF_MEM_free(buf);
        return(ret);
        }
@@ -659,7 +663,11 @@ int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
                }
 
        /* Lets verify */
-       X509_STORE_CTX_init(ctx,cert_store,x509,cert);
+       if(!X509_STORE_CTX_init(ctx,cert_store,x509,cert))
+               {
+               PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB);
+               goto err;
+               }
        X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
        i=X509_verify_cert(ctx);
        if (i <= 0) 
@@ -686,6 +694,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
        BIO *btmp;
        EVP_PKEY *pkey;
 
+       EVP_MD_CTX_init(&mdc_tmp);
+
        if (!PKCS7_type_is_signed(p7) && 
                                !PKCS7_type_is_signedAndEnveloped(p7)) {
                PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
@@ -709,7 +719,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
                if (mdc == NULL)
                        {
                        PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-                                                       PKCS7_R_INTERNAL_ERROR);
+                                                       ERR_R_INTERNAL_ERROR);
                        goto err;
                        }
                if (EVP_MD_CTX_type(mdc) == md_type)
@@ -719,7 +729,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 
        /* mdc is the digest ctx that we want, unless there are attributes,
         * in which case the digest is the signed attributes */
-       memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
+       EVP_MD_CTX_copy(&mdc_tmp,mdc);
 
        sk=si->auth_attr;
        if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
@@ -769,7 +779,9 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
                ret = -1;
                goto err;
                }
+#ifndef OPENSSL_NO_DSA
        if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
+#endif
 
        i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
        EVP_PKEY_free(pkey);
@@ -783,6 +795,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
        else
                ret=1;
 err:
+       EVP_MD_CTX_cleanup(&mdc_tmp);
        return(ret);
        }