X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fasn1%2Fa_verify.c;h=7ded69b170f665825ee1d58135c12862c756f5f2;hp=d34e2871773dedf55af6a7ee91d1b87f16e16cb6;hb=66e8211c0b1347970096e04b18aa52567c325200;hpb=41a15c4f0f2535591ba9f258cf76119f86477c43

diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index d34e287177..7ded69b170 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -73,8 +73,7 @@
 
 #ifndef NO_ASN1_OLD
 
-int ASN1_verify(int (*i2d)(void *, unsigned char **),
-		X509_ALGOR *a, ASN1_BIT_STRING *signature,
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
 		char *data, EVP_PKEY *pkey)
 	{
 	EVP_MD_CTX ctx;
@@ -101,7 +100,12 @@ int ASN1_verify(int (*i2d)(void *, unsigned char **),
 	p=buf_in;
 
 	i2d(data,&p);
-	EVP_VerifyInit_ex(&ctx,type, NULL);
+	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+		{
+		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ret=0;
+		goto err;
+		}
 	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
 
 	OPENSSL_cleanse(buf_in,(unsigned int)inl);
@@ -134,29 +138,36 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 	unsigned char *buf_in=NULL;
 	int ret= -1,i,inl;
 
+	if (!pkey)
+		{
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
+		return -1;
+		}
+
 	EVP_MD_CTX_init(&ctx);
 	i=OBJ_obj2nid(a->algorithm);
 	type=EVP_get_digestbyname(OBJ_nid2sn(i));
 	if (type == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
 		goto err;
 		}
 
-	inl = ASN1_item_i2d(asn, &buf_in, it);
-	
-	if (buf_in == NULL)
+	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
+		ret=0;
 		goto err;
 		}
 
-	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+	inl = ASN1_item_i2d(asn, &buf_in, it);
+	
+	if (buf_in == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
-		ret=0;
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
+
 	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
 
 	OPENSSL_cleanse(buf_in,(unsigned int)inl);
@@ -165,7 +176,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
 			(unsigned int)signature->length,pkey) <= 0)
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
 		ret=0;
 		goto err;
 		}