diff options
| author | Pierre Pronchery <pierre@freebsdfoundation.org> | 2023-09-22 14:52:58 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2023-09-22 15:55:26 +0000 |
| commit | 315108b81694de474bbc273c0050b195047f5eed (patch) | |
| tree | e3f2a313c74d0ae64bb2f0da5ecd9edb258e361f /crypto/cms | |
| parent | cf2fc1b0f5ce501f5a29d307294e5637e0f5aba6 (diff) | |
Diffstat (limited to 'crypto/cms')
| -rw-r--r-- | crypto/cms/cms_env.c | 21 | ||||
| -rw-r--r-- | crypto/cms/cms_lib.c | 5 | ||||
| -rw-r--r-- | crypto/cms/cms_local.h | 3 | ||||
| -rw-r--r-- | crypto/cms/cms_sd.c | 6 |
4 files changed, 25 insertions, 10 deletions
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index bd1f3e7345d4..99cf1dcb396c 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -26,7 +26,7 @@ static void cms_env_set_version(CMS_EnvelopedData *env); #define CMS_ENVELOPED_STANDARD 1 #define CMS_ENVELOPED_AUTH 2 -static int cms_get_enveloped_type(const CMS_ContentInfo *cms) +static int cms_get_enveloped_type_simple(const CMS_ContentInfo *cms) { int nid = OBJ_obj2nid(cms->contentType); @@ -38,11 +38,28 @@ static int cms_get_enveloped_type(const CMS_ContentInfo *cms) return CMS_ENVELOPED_AUTH; default: - ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA); return 0; } } +static int cms_get_enveloped_type(const CMS_ContentInfo *cms) +{ + int ret = cms_get_enveloped_type_simple(cms); + + if (ret == 0) + ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA); + return ret; +} + +void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf) +{ + if (cms_get_enveloped_type_simple(cinf) != 0) { + CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cinf); + if (ec != NULL) + OPENSSL_clear_free(ec->key, ec->keylen); + } +} + CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms) { if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) { diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index 1d2c5bc42288..8b135e95aacc 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -76,10 +76,7 @@ CMS_ContentInfo *CMS_ContentInfo_new(void) void CMS_ContentInfo_free(CMS_ContentInfo *cms) { if (cms != NULL) { - CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cms); - - if (ec != NULL) - OPENSSL_clear_free(ec->key, ec->keylen); + ossl_cms_env_enc_content_free(cms); OPENSSL_free(cms->ctx.propq); ASN1_item_free((ASN1_VALUE *)cms, ASN1_ITEM_rptr(CMS_ContentInfo)); } diff --git a/crypto/cms/cms_local.h b/crypto/cms/cms_local.h index 15b4a29ce03d..253f6819e435 100644 --- a/crypto/cms/cms_local.h +++ b/crypto/cms/cms_local.h @@ -1,5 +1,5 @@ /* - * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -444,6 +444,7 @@ BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms); int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain); BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms); int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio); +void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf); CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms); CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms); CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms); diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 34c021bba64a..53c8e378f318 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -233,9 +233,9 @@ static int cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd) int i; if (EVP_PKEY_is_a(pkey, "DSA") || EVP_PKEY_is_a(pkey, "EC")) - return ossl_cms_ecdsa_dsa_sign(si, cmd); + return ossl_cms_ecdsa_dsa_sign(si, cmd) > 0; else if (EVP_PKEY_is_a(pkey, "RSA") || EVP_PKEY_is_a(pkey, "RSA-PSS")) - return ossl_cms_rsa_sign(si, cmd); + return ossl_cms_rsa_sign(si, cmd) > 0; /* Something else? We'll give engines etc a chance to handle this */ if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL) |