X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fts.c;h=ae7604cc698c63457d565e8e320cc41c5e22a85d;hp=b8fb50b3b58d64533219b1e283f256668befe3fb;hb=1769dfab06dcf93a1c310ca7ea9531afcc448d0a;hpb=fcfd87168aa2e82473bbe6d0c725c284e4fa3bdb

diff --git a/apps/ts.c b/apps/ts.c
index b8fb50b3b5..ae7604cc69 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -65,6 +65,7 @@
 #include <openssl/pem.h>
 #include <openssl/rand.h>
 #include <openssl/ts.h>
+#include <openssl/bn.h>
 
 #undef PROG
 #define PROG	ts_main
@@ -164,6 +165,9 @@ int MAIN(int argc, char **argv)
 		BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
 		}
 
+	if (!load_config(bio_err, NULL))
+		goto cleanup;
+
 	for (argc--, argv++; argc > 0; argc--, argv++)
 		{
 		if (strcmp(*argv, "-config") == 0)
@@ -191,16 +195,6 @@ int MAIN(int argc, char **argv)
 			if (argc-- < 1) goto usage;
 			digest = *++argv;
 			}
-		else if (strcmp(*argv, "-md2") == 0
-			|| strcmp(*argv, "-md4") == 0
-			|| strcmp(*argv, "-md5") == 0
-			|| strcmp(*argv, "-sha") == 0
-			|| strcmp(*argv, "-sha1") == 0
-			|| strcmp(*argv, "-mdc2") == 0
-			|| strcmp(*argv, "-ripemd160") == 0)
-			{
-			md = EVP_get_digestbyname(*argv + 1);
-			}
 		else if (strcmp(*argv, "-rand") == 0)
 			{
 			if (argc-- < 1) goto usage;
@@ -296,6 +290,10 @@ int MAIN(int argc, char **argv)
 			if (argc-- < 1) goto usage;
 			engine = *++argv;
 			}
+		else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL)
+			{
+			/* empty. */
+			}
 		else
 			goto usage;
 		}
@@ -603,6 +601,8 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md,
 	int md_value_len;
 
 	md_value_len = EVP_MD_size(md);
+	if (md_value_len < 0)
+	    goto err;
 	if (input)
 		{
 		/* Digest must be computed from an input file. */
@@ -618,7 +618,8 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md,
 			{
 			EVP_DigestUpdate(&md_ctx, buffer, length);
 			}
-		EVP_DigestFinal(&md_ctx, *md_value, NULL);
+		if (!EVP_DigestFinal(&md_ctx, *md_value, NULL))
+			return 0;
 		}
 	else
 		{
@@ -649,7 +650,7 @@ static ASN1_INTEGER *create_nonce(int bits)
 
 	/* Generating random byte sequence. */
 	if (len > (int)sizeof(buf)) goto err;
-	if (!RAND_bytes(buf, len)) goto err;
+	if (RAND_bytes(buf, len) <= 0) goto err;
 
 	/* Find the first non-zero byte and creating ASN1_INTEGER object. */
 	for (i = 0; i < len && !buf[i]; ++i);
@@ -818,9 +819,10 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
 
 	/* Setting serial number provider callback. */
 	if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) goto end;
-
+#ifndef OPENSSL_NO_ENGINE
 	/* Setting default OpenSSL engine. */
 	if (!TS_CONF_set_crypto_device(conf, section, engine)) goto end;
+#endif
 
 	/* Setting TSA signer certificate. */
 	if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) goto end;
@@ -1047,6 +1049,8 @@ static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
 		if (!(request = d2i_TS_REQ_bio(input, NULL))) goto err;
 		if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL))) goto err;
 		}
+	else
+		return NULL;
 
 	/* Add the signature verification flag and arguments. */
 	ctx->flags |= TS_VFY_SIGNATURE;
@@ -1080,7 +1084,7 @@ static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
 	cert_ctx = X509_STORE_new();
 
 	/* Setting the callback for certificate chain verification. */
-	X509_STORE_set_verify_cb_func(cert_ctx, verify_cb);
+	X509_STORE_set_verify_cb(cert_ctx, verify_cb);
 
 	/* Adding a trusted certificate directory source. */
 	if (ca_path)