Use p==NULL not !p (in if statements, mainly)
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
parent
344c271eb3
commit
75ebbd9aa4
@ -502,11 +502,12 @@ int add_oid_section(CONF *conf)
|
|||||||
STACK_OF(CONF_VALUE) *sktmp;
|
STACK_OF(CONF_VALUE) *sktmp;
|
||||||
CONF_VALUE *cnf;
|
CONF_VALUE *cnf;
|
||||||
int i;
|
int i;
|
||||||
if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) {
|
|
||||||
|
if ((p = NCONF_get_string(conf, NULL, "oid_section")) == NULL) {
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if (!(sktmp = NCONF_get_section(conf, p))) {
|
if ((sktmp = NCONF_get_section(conf, p)) == NULL) {
|
||||||
BIO_printf(bio_err, "problem loading oid section %s\n", p);
|
BIO_printf(bio_err, "problem loading oid section %s\n", p);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -1703,7 +1703,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
|
|||||||
* Its best to dup the subject DN and then delete any email addresses
|
* Its best to dup the subject DN and then delete any email addresses
|
||||||
* because this retains its structure.
|
* because this retains its structure.
|
||||||
*/
|
*/
|
||||||
if (!(dn_subject = X509_NAME_dup(subject))) {
|
if ((dn_subject = X509_NAME_dup(subject)) == NULL) {
|
||||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
22
apps/cms.c
22
apps/cms.c
@ -717,8 +717,8 @@ int cms_main(int argc, char **argv)
|
|||||||
if ((encerts = sk_X509_new_null()) == NULL)
|
if ((encerts = sk_X509_new_null()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
while (*argv) {
|
while (*argv) {
|
||||||
if (!(cert = load_cert(*argv, FORMAT_PEM,
|
if ((cert = load_cert(*argv, FORMAT_PEM, NULL, e,
|
||||||
NULL, e, "recipient certificate file")))
|
"recipient certificate file")) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
sk_X509_push(encerts, cert);
|
sk_X509_push(encerts, cert);
|
||||||
cert = NULL;
|
cert = NULL;
|
||||||
@ -727,24 +727,24 @@ int cms_main(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (certfile) {
|
if (certfile) {
|
||||||
if (!(other = load_certs(certfile, FORMAT_PEM, NULL,
|
if ((other = load_certs(certfile, FORMAT_PEM, NULL, e,
|
||||||
e, "certificate file"))) {
|
"certificate file")) == NULL) {
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (recipfile && (operation == SMIME_DECRYPT)) {
|
if (recipfile && (operation == SMIME_DECRYPT)) {
|
||||||
if (!(recip = load_cert(recipfile, FORMAT_PEM, NULL,
|
if ((recip = load_cert(recipfile, FORMAT_PEM, NULL, e,
|
||||||
e, "recipient certificate file"))) {
|
"recipient certificate file")) == NULL) {
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (operation == SMIME_SIGN_RECEIPT) {
|
if (operation == SMIME_SIGN_RECEIPT) {
|
||||||
if (!(signer = load_cert(signerfile, FORMAT_PEM, NULL,
|
if ((signer = load_cert(signerfile, FORMAT_PEM, NULL, e,
|
||||||
e, "receipt signer certificate file"))) {
|
"receipt signer certificate file")) == NULL) {
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@ -787,7 +787,7 @@ int cms_main(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
if (contfile) {
|
if (contfile) {
|
||||||
BIO_free(indata);
|
BIO_free(indata);
|
||||||
if (!(indata = BIO_new_file(contfile, "rb"))) {
|
if ((indata = BIO_new_file(contfile, "rb")) == NULL) {
|
||||||
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
|
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@ -807,7 +807,7 @@ int cms_main(int argc, char **argv)
|
|||||||
|
|
||||||
if (rctfile) {
|
if (rctfile) {
|
||||||
char *rctmode = (rctformat == FORMAT_ASN1) ? "rb" : "r";
|
char *rctmode = (rctformat == FORMAT_ASN1) ? "rb" : "r";
|
||||||
if (!(rctin = BIO_new_file(rctfile, rctmode))) {
|
if ((rctin = BIO_new_file(rctfile, rctmode)) == NULL) {
|
||||||
BIO_printf(bio_err, "Can't open receipt file %s\n", rctfile);
|
BIO_printf(bio_err, "Can't open receipt file %s\n", rctfile);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@ -834,7 +834,7 @@ int cms_main(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT)) {
|
if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT)) {
|
||||||
if (!(store = setup_verify(CAfile, CApath)))
|
if ((store = setup_verify(CAfile, CApath)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
X509_STORE_set_verify_cb(store, cms_cb);
|
X509_STORE_set_verify_cb(store, cms_cb);
|
||||||
if (vpmtouched)
|
if (vpmtouched)
|
||||||
|
@ -222,7 +222,7 @@ int crl_main(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
if (do_ver) {
|
if (do_ver) {
|
||||||
if (!(store = setup_verify(CAfile, CApath)))
|
if ((store = setup_verify(CAfile, CApath)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
|
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
|
||||||
if (lookup == NULL)
|
if (lookup == NULL)
|
||||||
|
@ -135,7 +135,8 @@ int crl2pkcs7_main(int argc, char **argv)
|
|||||||
nocrl = 1;
|
nocrl = 1;
|
||||||
break;
|
break;
|
||||||
case OPT_CERTFILE:
|
case OPT_CERTFILE:
|
||||||
if (!certflst && !(certflst = sk_OPENSSL_STRING_new_null()))
|
if ((certflst == NULL)
|
||||||
|
&& (certflst = sk_OPENSSL_STRING_new_null()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
if (!sk_OPENSSL_STRING_push(certflst, *(++argv))) {
|
if (!sk_OPENSSL_STRING_push(certflst, *(++argv))) {
|
||||||
sk_OPENSSL_STRING_free(certflst);
|
sk_OPENSSL_STRING_free(certflst);
|
||||||
|
@ -421,8 +421,8 @@ int pkcs12_main(int argc, char **argv)
|
|||||||
/* Add any more certificates asked for */
|
/* Add any more certificates asked for */
|
||||||
if (certfile) {
|
if (certfile) {
|
||||||
STACK_OF(X509) *morecerts = NULL;
|
STACK_OF(X509) *morecerts = NULL;
|
||||||
if (!(morecerts = load_certs(certfile, FORMAT_PEM, NULL, e,
|
if ((morecerts = load_certs(certfile, FORMAT_PEM, NULL, e,
|
||||||
"certificates from certfile")))
|
"certificates from certfile")) == NULL)
|
||||||
goto export_end;
|
goto export_end;
|
||||||
while (sk_X509_num(morecerts) > 0)
|
while (sk_X509_num(morecerts) > 0)
|
||||||
sk_X509_push(certs, sk_X509_shift(morecerts));
|
sk_X509_push(certs, sk_X509_shift(morecerts));
|
||||||
@ -434,7 +434,7 @@ int pkcs12_main(int argc, char **argv)
|
|||||||
int vret;
|
int vret;
|
||||||
STACK_OF(X509) *chain2;
|
STACK_OF(X509) *chain2;
|
||||||
X509_STORE *store;
|
X509_STORE *store;
|
||||||
if (!(store = setup_verify(CAfile, CApath)))
|
if ((store = setup_verify(CAfile, CApath)) == NULL)
|
||||||
goto export_end;
|
goto export_end;
|
||||||
|
|
||||||
vret = get_cert_chain(ucert, store, &chain2);
|
vret = get_cert_chain(ucert, store, &chain2);
|
||||||
@ -511,7 +511,7 @@ int pkcs12_main(int argc, char **argv)
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(p12 = d2i_PKCS12_bio(in, NULL))) {
|
if ((p12 = d2i_PKCS12_bio(in, NULL)) == NULL) {
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@ -570,7 +570,7 @@ int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass,
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
PKCS7 *p7;
|
PKCS7 *p7;
|
||||||
|
|
||||||
if (!(asafes = PKCS12_unpack_authsafes(p12)))
|
if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
|
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
|
||||||
p7 = sk_PKCS7_value(asafes, i);
|
p7 = sk_PKCS7_value(asafes, i);
|
||||||
@ -634,7 +634,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
|
|||||||
return 1;
|
return 1;
|
||||||
print_attribs(out, bag->attrib, "Bag Attributes");
|
print_attribs(out, bag->attrib, "Bag Attributes");
|
||||||
p8 = bag->value.keybag;
|
p8 = bag->value.keybag;
|
||||||
if (!(pkey = EVP_PKCS82PKEY(p8)))
|
if ((pkey = EVP_PKCS82PKEY(p8)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
print_attribs(out, p8->attributes, "Key Attributes");
|
print_attribs(out, p8->attributes, "Key Attributes");
|
||||||
PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
|
PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
|
||||||
@ -649,9 +649,9 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
|
|||||||
if (options & NOKEYS)
|
if (options & NOKEYS)
|
||||||
return 1;
|
return 1;
|
||||||
print_attribs(out, bag->attrib, "Bag Attributes");
|
print_attribs(out, bag->attrib, "Bag Attributes");
|
||||||
if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
|
if ((p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!(pkey = EVP_PKCS82PKEY(p8))) {
|
if ((pkey = EVP_PKCS82PKEY(p8)) == NULL) {
|
||||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -674,7 +674,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
|
|||||||
print_attribs(out, bag->attrib, "Bag Attributes");
|
print_attribs(out, bag->attrib, "Bag Attributes");
|
||||||
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
|
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(x509 = PKCS12_certbag2x509(bag)))
|
if ((x509 = PKCS12_certbag2x509(bag)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
dump_cert_text(out, x509);
|
dump_cert_text(out, x509);
|
||||||
PEM_write_bio_X509(out, x509);
|
PEM_write_bio_X509(out, x509);
|
||||||
|
10
apps/pkcs8.c
10
apps/pkcs8.c
@ -211,7 +211,7 @@ int pkcs8_main(int argc, char **argv)
|
|||||||
pkey = load_key(infile, informat, 1, passin, e, "key");
|
pkey = load_key(infile, informat, 1, passin, e, "key");
|
||||||
if (!pkey)
|
if (!pkey)
|
||||||
goto end;
|
goto end;
|
||||||
if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
|
if ((p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken)) == NULL) {
|
||||||
BIO_printf(bio_err, "Error converting key\n");
|
BIO_printf(bio_err, "Error converting key\n");
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
@ -235,9 +235,9 @@ int pkcs8_main(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
app_RAND_load_file(NULL, 0);
|
app_RAND_load_file(NULL, 0);
|
||||||
if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
|
if ((p8 = PKCS8_encrypt(pbe_nid, cipher,
|
||||||
p8pass, strlen(p8pass),
|
p8pass, strlen(p8pass),
|
||||||
NULL, 0, iter, p8inf))) {
|
NULL, 0, iter, p8inf)) == NULL) {
|
||||||
BIO_printf(bio_err, "Error encrypting key\n");
|
BIO_printf(bio_err, "Error encrypting key\n");
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
@ -296,7 +296,7 @@ int pkcs8_main(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
|
if ((pkey = EVP_PKCS82PKEY(p8inf)) == NULL) {
|
||||||
BIO_printf(bio_err, "Error converting key\n");
|
BIO_printf(bio_err, "Error converting key\n");
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
|
@ -962,7 +962,7 @@ static int build_subject(X509_REQ *req, char *subject, unsigned long chtype,
|
|||||||
{
|
{
|
||||||
X509_NAME *n;
|
X509_NAME *n;
|
||||||
|
|
||||||
if (!(n = parse_name(subject, chtype, multirdn)))
|
if ((n = parse_name(subject, chtype, multirdn)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (!X509_REQ_set_subject_name(req, n)) {
|
if (!X509_REQ_set_subject_name(req, n)) {
|
||||||
|
@ -345,7 +345,8 @@ static int ssl_srp_verify_param_cb(SSL *s, void *arg)
|
|||||||
{
|
{
|
||||||
SRP_ARG *srp_arg = (SRP_ARG *)arg;
|
SRP_ARG *srp_arg = (SRP_ARG *)arg;
|
||||||
BIGNUM *N = NULL, *g = NULL;
|
BIGNUM *N = NULL, *g = NULL;
|
||||||
if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
|
|
||||||
|
if (((N = SSL_get_srp_N(s)) == NULL) || ((g = SSL_get_srp_g(s)) == NULL))
|
||||||
return 0;
|
return 0;
|
||||||
if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1) {
|
if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1) {
|
||||||
BIO_printf(bio_err, "SRP parameters:\n");
|
BIO_printf(bio_err, "SRP parameters:\n");
|
||||||
|
12
apps/smime.c
12
apps/smime.c
@ -463,16 +463,16 @@ int smime_main(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (certfile) {
|
if (certfile) {
|
||||||
if (!(other = load_certs(certfile, FORMAT_PEM, NULL,
|
if ((other = load_certs(certfile, FORMAT_PEM, NULL,
|
||||||
e, "certificate file"))) {
|
e, "certificate file")) == NULL) {
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (recipfile && (operation == SMIME_DECRYPT)) {
|
if (recipfile && (operation == SMIME_DECRYPT)) {
|
||||||
if (!(recip = load_cert(recipfile, FORMAT_PEM, NULL,
|
if ((recip = load_cert(recipfile, FORMAT_PEM, NULL,
|
||||||
e, "recipient certificate file"))) {
|
e, "recipient certificate file")) == NULL) {
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@ -515,7 +515,7 @@ int smime_main(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
if (contfile) {
|
if (contfile) {
|
||||||
BIO_free(indata);
|
BIO_free(indata);
|
||||||
if (!(indata = BIO_new_file(contfile, "rb"))) {
|
if ((indata = BIO_new_file(contfile, "rb")) == NULL) {
|
||||||
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
|
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@ -527,7 +527,7 @@ int smime_main(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
if (operation == SMIME_VERIFY) {
|
if (operation == SMIME_VERIFY) {
|
||||||
if (!(store = setup_verify(CAfile, CApath)))
|
if ((store = setup_verify(CAfile, CApath)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
X509_STORE_set_verify_cb(store, smime_cb);
|
X509_STORE_set_verify_cb(store, smime_cb);
|
||||||
if (vpmtouched)
|
if (vpmtouched)
|
||||||
|
27
apps/srp.c
27
apps/srp.c
@ -516,10 +516,13 @@ int srp_main(int argc, char **argv)
|
|||||||
row[DB_srptype] = BUF_strdup("v");
|
row[DB_srptype] = BUF_strdup("v");
|
||||||
row[DB_srpgN] = BUF_strdup(gNid);
|
row[DB_srpgN] = BUF_strdup(gNid);
|
||||||
|
|
||||||
if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype]
|
if ((row[DB_srpid] == NULL)
|
||||||
|| !row[DB_srpverifier] || !row[DB_srpsalt]
|
|| (row[DB_srpgN] == NULL)
|
||||||
|| (userinfo &&
|
|| (row[DB_srptype] == NULL)
|
||||||
(!(row [DB_srpinfo] = BUF_strdup (userinfo))))
|
|| (row[DB_srpverifier] == NULL)
|
||||||
|
|| (row[DB_srpsalt] == NULL)
|
||||||
|
|| (userinfo
|
||||||
|
&& ((row[DB_srpinfo] = BUF_strdup(userinfo)) == NULL))
|
||||||
|| !update_index(db, row)) {
|
|| !update_index(db, row)) {
|
||||||
OPENSSL_free(row[DB_srpid]);
|
OPENSSL_free(row[DB_srpid]);
|
||||||
OPENSSL_free(row[DB_srpgN]);
|
OPENSSL_free(row[DB_srpgN]);
|
||||||
@ -596,10 +599,14 @@ int srp_main(int argc, char **argv)
|
|||||||
row[DB_srptype][0] = 'v';
|
row[DB_srptype][0] = 'v';
|
||||||
row[DB_srpgN] = BUF_strdup(gNid);
|
row[DB_srpgN] = BUF_strdup(gNid);
|
||||||
|
|
||||||
if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype]
|
if (row[DB_srpid] == NULL
|
||||||
|| !row[DB_srpverifier] || !row[DB_srpsalt]
|
|| row[DB_srpgN] == NULL
|
||||||
|
|| row[DB_srptype] == NULL
|
||||||
|
|| row[DB_srpverifier] == NULL
|
||||||
|
|| row[DB_srpsalt] == NULL
|
||||||
|| (userinfo
|
|| (userinfo
|
||||||
&& (!(row[DB_srpinfo] = BUF_strdup(userinfo)))))
|
&& ((row[DB_srpinfo] = BUF_strdup(userinfo))
|
||||||
|
== NULL)))
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
doupdatedb = 1;
|
doupdatedb = 1;
|
||||||
@ -612,12 +619,10 @@ int srp_main(int argc, char **argv)
|
|||||||
user);
|
user);
|
||||||
errors++;
|
errors++;
|
||||||
} else {
|
} else {
|
||||||
char **xpp =
|
char **xpp = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
|
||||||
sk_OPENSSL_PSTRING_value(db->db->data, userindex);
|
|
||||||
BIO_printf(bio_err, "user \"%s\" revoked. t\n", user);
|
BIO_printf(bio_err, "user \"%s\" revoked. t\n", user);
|
||||||
|
|
||||||
xpp[DB_srptype][0] = 'R';
|
xpp[DB_srptype][0] = 'R';
|
||||||
|
|
||||||
doupdatedb = 1;
|
doupdatedb = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
82
apps/ts.c
82
apps/ts.c
@ -381,7 +381,7 @@ static ASN1_OBJECT *txt2obj(const char *oid)
|
|||||||
{
|
{
|
||||||
ASN1_OBJECT *oid_obj = NULL;
|
ASN1_OBJECT *oid_obj = NULL;
|
||||||
|
|
||||||
if (!(oid_obj = OBJ_txt2obj(oid, 0)))
|
if ((oid_obj = OBJ_txt2obj(oid, 0)) == NULL)
|
||||||
BIO_printf(bio_err, "cannot convert %s to OID\n", oid);
|
BIO_printf(bio_err, "cannot convert %s to OID\n", oid);
|
||||||
|
|
||||||
return oid_obj;
|
return oid_obj;
|
||||||
@ -398,8 +398,8 @@ static CONF *load_config_file(const char *configfile)
|
|||||||
configfile = getenv("SSLEAY_CONF");
|
configfile = getenv("SSLEAY_CONF");
|
||||||
|
|
||||||
if (configfile &&
|
if (configfile &&
|
||||||
(!(conf = NCONF_new(NULL)) ||
|
((conf = NCONF_new(NULL)) == NULL
|
||||||
NCONF_load(conf, configfile, &errorline) <= 0)) {
|
|| NCONF_load(conf, configfile, &errorline) <= 0)) {
|
||||||
if (errorline <= 0)
|
if (errorline <= 0)
|
||||||
BIO_printf(bio_err, "error loading the config file "
|
BIO_printf(bio_err, "error loading the config file "
|
||||||
"'%s'\n", configfile);
|
"'%s'\n", configfile);
|
||||||
@ -449,7 +449,8 @@ static int query_command(const char *data, char *digest, const EVP_MD *md,
|
|||||||
query = d2i_TS_REQ_bio(in_bio, NULL);
|
query = d2i_TS_REQ_bio(in_bio, NULL);
|
||||||
} else {
|
} else {
|
||||||
/* Open the file if no explicit digest bytes were specified. */
|
/* Open the file if no explicit digest bytes were specified. */
|
||||||
if (!digest && !(data_bio = bio_open_default(data, "rb")))
|
if (digest == NULL
|
||||||
|
&& (data_bio = bio_open_default(data, "rb")) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
query = create_query(data_bio, digest, md, policy, no_nonce, cert);
|
query = create_query(data_bio, digest, md, policy, no_nonce, cert);
|
||||||
}
|
}
|
||||||
@ -496,11 +497,11 @@ static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
|
|||||||
ASN1_INTEGER *nonce_asn1 = NULL;
|
ASN1_INTEGER *nonce_asn1 = NULL;
|
||||||
|
|
||||||
/* Setting default message digest. */
|
/* Setting default message digest. */
|
||||||
if (!md && !(md = EVP_get_digestbyname("sha1")))
|
if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Creating request object. */
|
/* Creating request object. */
|
||||||
if (!(ts_req = TS_REQ_new()))
|
if ((ts_req = TS_REQ_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Setting version. */
|
/* Setting version. */
|
||||||
@ -508,15 +509,15 @@ static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Creating and adding MSG_IMPRINT object. */
|
/* Creating and adding MSG_IMPRINT object. */
|
||||||
if (!(msg_imprint = TS_MSG_IMPRINT_new()))
|
if ((msg_imprint = TS_MSG_IMPRINT_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Adding algorithm. */
|
/* Adding algorithm. */
|
||||||
if (!(algo = X509_ALGOR_new()))
|
if ((algo = X509_ALGOR_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(algo->algorithm = OBJ_nid2obj(EVP_MD_type(md))))
|
if ((algo->algorithm = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(algo->parameter = ASN1_TYPE_new()))
|
if ((algo->parameter = ASN1_TYPE_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
algo->parameter->type = V_ASN1_NULL;
|
algo->parameter->type = V_ASN1_NULL;
|
||||||
if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo))
|
if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo))
|
||||||
@ -532,13 +533,13 @@ static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Setting policy if requested. */
|
/* Setting policy if requested. */
|
||||||
if (policy && !(policy_obj = txt2obj(policy)))
|
if (policy && (policy_obj = txt2obj(policy)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj))
|
if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Setting nonce if requested. */
|
/* Setting nonce if requested. */
|
||||||
if (!no_nonce && !(nonce_asn1 = create_nonce(NONCE_LENGTH)))
|
if (!no_nonce && (nonce_asn1 = create_nonce(NONCE_LENGTH)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1))
|
if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1))
|
||||||
goto err;
|
goto err;
|
||||||
@ -615,8 +616,9 @@ static ASN1_INTEGER *create_nonce(int bits)
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Find the first non-zero byte and creating ASN1_INTEGER object. */
|
/* Find the first non-zero byte and creating ASN1_INTEGER object. */
|
||||||
for (i = 0; i < len && !buf[i]; ++i) ;
|
for (i = 0; i < len && !buf[i]; ++i)
|
||||||
if (!(nonce = ASN1_INTEGER_new()))
|
continue;
|
||||||
|
if ((nonce = ASN1_INTEGER_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
OPENSSL_free(nonce->data);
|
OPENSSL_free(nonce->data);
|
||||||
/* Allocate at least one byte. */
|
/* Allocate at least one byte. */
|
||||||
@ -725,17 +727,17 @@ static TS_RESP *read_PKCS7(BIO *in_bio)
|
|||||||
TS_STATUS_INFO *si = NULL;
|
TS_STATUS_INFO *si = NULL;
|
||||||
|
|
||||||
/* Read PKCS7 object and extract the signed time stamp info. */
|
/* Read PKCS7 object and extract the signed time stamp info. */
|
||||||
if (!(token = d2i_PKCS7_bio(in_bio, NULL)))
|
if ((token = d2i_PKCS7_bio(in_bio, NULL)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
if (!(tst_info = PKCS7_to_TS_TST_INFO(token)))
|
if ((tst_info = PKCS7_to_TS_TST_INFO(token)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Creating response object. */
|
/* Creating response object. */
|
||||||
if (!(resp = TS_RESP_new()))
|
if ((resp = TS_RESP_new()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Create granted status info. */
|
/* Create granted status info. */
|
||||||
if (!(si = TS_STATUS_INFO_new()))
|
if ((si = TS_STATUS_INFO_new()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED)))
|
if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED)))
|
||||||
goto end;
|
goto end;
|
||||||
@ -769,15 +771,15 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
|
|||||||
BIO *query_bio = NULL;
|
BIO *query_bio = NULL;
|
||||||
TS_RESP_CTX *resp_ctx = NULL;
|
TS_RESP_CTX *resp_ctx = NULL;
|
||||||
|
|
||||||
if (!(query_bio = BIO_new_file(queryfile, "rb")))
|
if ((query_bio = BIO_new_file(queryfile, "rb")) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Getting TSA configuration section. */
|
/* Getting TSA configuration section. */
|
||||||
if (!(section = TS_CONF_get_tsa_section(conf, section)))
|
if ((section = TS_CONF_get_tsa_section(conf, section)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Setting up response generation context. */
|
/* Setting up response generation context. */
|
||||||
if (!(resp_ctx = TS_RESP_CTX_new()))
|
if ((resp_ctx = TS_RESP_CTX_new()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Setting serial number provider callback. */
|
/* Setting serial number provider callback. */
|
||||||
@ -834,7 +836,7 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
|
|||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Creating the response. */
|
/* Creating the response. */
|
||||||
if (!(response = TS_RESP_create_response(resp_ctx, query_bio)))
|
if ((response = TS_RESP_create_response(resp_ctx, query_bio)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@ -872,10 +874,10 @@ static ASN1_INTEGER *next_serial(const char *serialfile)
|
|||||||
ASN1_INTEGER *serial = NULL;
|
ASN1_INTEGER *serial = NULL;
|
||||||
BIGNUM *bn = NULL;
|
BIGNUM *bn = NULL;
|
||||||
|
|
||||||
if (!(serial = ASN1_INTEGER_new()))
|
if ((serial = ASN1_INTEGER_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!(in = BIO_new_file(serialfile, "r"))) {
|
if ((in = BIO_new_file(serialfile, "r")) == NULL) {
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
BIO_printf(bio_err, "Warning: could not open file %s for "
|
BIO_printf(bio_err, "Warning: could not open file %s for "
|
||||||
"reading, using serial number: 1\n", serialfile);
|
"reading, using serial number: 1\n", serialfile);
|
||||||
@ -888,13 +890,13 @@ static ASN1_INTEGER *next_serial(const char *serialfile)
|
|||||||
serialfile);
|
serialfile);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(bn = ASN1_INTEGER_to_BN(serial, NULL)))
|
if ((bn = ASN1_INTEGER_to_BN(serial, NULL)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
ASN1_INTEGER_free(serial);
|
ASN1_INTEGER_free(serial);
|
||||||
serial = NULL;
|
serial = NULL;
|
||||||
if (!BN_add_word(bn, 1))
|
if (!BN_add_word(bn, 1))
|
||||||
goto err;
|
goto err;
|
||||||
if (!(serial = BN_to_ASN1_INTEGER(bn, NULL)))
|
if ((serial = BN_to_ASN1_INTEGER(bn, NULL)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@ -913,7 +915,7 @@ static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial)
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
BIO *out = NULL;
|
BIO *out = NULL;
|
||||||
|
|
||||||
if (!(out = BIO_new_file(serialfile, "w")))
|
if ((out = BIO_new_file(serialfile, "w")) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (i2a_ASN1_INTEGER(out, serial) <= 0)
|
if (i2a_ASN1_INTEGER(out, serial) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
@ -943,18 +945,18 @@ static int verify_command(char *data, char *digest, char *queryfile,
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
/* Decode the token (PKCS7) or response (TS_RESP) files. */
|
/* Decode the token (PKCS7) or response (TS_RESP) files. */
|
||||||
if (!(in_bio = BIO_new_file(in, "rb")))
|
if ((in_bio = BIO_new_file(in, "rb")) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
if (token_in) {
|
if (token_in) {
|
||||||
if (!(token = d2i_PKCS7_bio(in_bio, NULL)))
|
if ((token = d2i_PKCS7_bio(in_bio, NULL)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
} else {
|
} else {
|
||||||
if (!(response = d2i_TS_RESP_bio(in_bio, NULL)))
|
if ((response = d2i_TS_RESP_bio(in_bio, NULL)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(verify_ctx = create_verify_ctx(data, digest, queryfile,
|
if ((verify_ctx = create_verify_ctx(data, digest, queryfile,
|
||||||
CApath, CAfile, untrusted)))
|
CApath, CAfile, untrusted)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Checking the token or response against the request. */
|
/* Checking the token or response against the request. */
|
||||||
@ -991,17 +993,17 @@ static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
if (data != NULL || digest != NULL) {
|
if (data != NULL || digest != NULL) {
|
||||||
if (!(ctx = TS_VERIFY_CTX_new()))
|
if ((ctx = TS_VERIFY_CTX_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER;
|
ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER;
|
||||||
if (data != NULL) {
|
if (data != NULL) {
|
||||||
ctx->flags |= TS_VFY_DATA;
|
ctx->flags |= TS_VFY_DATA;
|
||||||
if (!(ctx->data = BIO_new_file(data, "rb")))
|
if ((ctx->data = BIO_new_file(data, "rb")) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
} else if (digest != NULL) {
|
} else if (digest != NULL) {
|
||||||
long imprint_len;
|
long imprint_len;
|
||||||
ctx->flags |= TS_VFY_IMPRINT;
|
ctx->flags |= TS_VFY_IMPRINT;
|
||||||
if (!(ctx->imprint = string_to_hex(digest, &imprint_len))) {
|
if ((ctx->imprint = string_to_hex(digest, &imprint_len)) == NULL) {
|
||||||
BIO_printf(bio_err, "invalid digest string\n");
|
BIO_printf(bio_err, "invalid digest string\n");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -1013,11 +1015,11 @@ static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
|
|||||||
* The request has just to be read, decoded and converted to a verify
|
* The request has just to be read, decoded and converted to a verify
|
||||||
* context object.
|
* context object.
|
||||||
*/
|
*/
|
||||||
if (!(input = BIO_new_file(queryfile, "rb")))
|
if ((input = BIO_new_file(queryfile, "rb")) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(request = d2i_TS_REQ_bio(input, NULL)))
|
if ((request = d2i_TS_REQ_bio(input, NULL)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL)))
|
if ((ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
} else
|
} else
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -1026,11 +1028,11 @@ static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
|
|||||||
ctx->flags |= TS_VFY_SIGNATURE;
|
ctx->flags |= TS_VFY_SIGNATURE;
|
||||||
|
|
||||||
/* Initialising the X509_STORE object. */
|
/* Initialising the X509_STORE object. */
|
||||||
if (!(ctx->store = create_cert_store(CApath, CAfile)))
|
if ((ctx->store = create_cert_store(CApath, CAfile)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Loading untrusted certificates. */
|
/* Loading untrusted certificates. */
|
||||||
if (untrusted && !(ctx->certs = TS_CONF_load_certs(untrusted)))
|
if (untrusted && (ctx->certs = TS_CONF_load_certs(untrusted)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
@ -177,7 +177,7 @@ int verify_main(int argc, char **argv)
|
|||||||
argc = opt_num_rest();
|
argc = opt_num_rest();
|
||||||
argv = opt_rest();
|
argv = opt_rest();
|
||||||
|
|
||||||
if (!(store = setup_verify(CAfile, CApath)))
|
if ((store = setup_verify(CAfile, CApath)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
X509_STORE_set_verify_cb(store, cb);
|
X509_STORE_set_verify_cb(store, cb);
|
||||||
|
|
||||||
|
@ -1021,11 +1021,9 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
|
|||||||
}
|
}
|
||||||
if (sno)
|
if (sno)
|
||||||
bs = sno;
|
bs = sno;
|
||||||
else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
|
else if ((bs = x509_load_serial(CAfile, serialfile, create)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* NOTE: this certificate can/should be self signed, unless it was a
|
* NOTE: this certificate can/should be self signed, unless it was a
|
||||||
* certificate request in which case it is not.
|
* certificate request in which case it is not.
|
||||||
|
@ -235,7 +235,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
|
|||||||
cpyfunc = cpy_utf8;
|
cpyfunc = cpy_utf8;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (!(p = OPENSSL_malloc(outlen + 1))) {
|
if ((p = OPENSSL_malloc(outlen + 1)) == NULL) {
|
||||||
if (free_out)
|
if (free_out)
|
||||||
ASN1_STRING_free(dest);
|
ASN1_STRING_free(dest);
|
||||||
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
|
||||||
|
@ -116,8 +116,8 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
|
|||||||
if (!ASN1_TIME_check(t))
|
if (!ASN1_TIME_check(t))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (!out || !*out) {
|
if (out == NULL || *out == NULL) {
|
||||||
if (!(ret = ASN1_GENERALIZEDTIME_new()))
|
if ((ret = ASN1_GENERALIZEDTIME_new()) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (out)
|
if (out)
|
||||||
*out = ret;
|
*out = ret;
|
||||||
|
@ -492,15 +492,12 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
|
|||||||
|
|
||||||
if (derlen < 0)
|
if (derlen < 0)
|
||||||
goto bad;
|
goto bad;
|
||||||
|
if ((ret = ASN1_TYPE_new()) == NULL)
|
||||||
if (!(ret = ASN1_TYPE_new()))
|
|
||||||
goto bad;
|
goto bad;
|
||||||
|
if ((ret->value.asn1_string = ASN1_STRING_type_new(utype)) == NULL)
|
||||||
if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))
|
|
||||||
goto bad;
|
goto bad;
|
||||||
|
|
||||||
ret->type = utype;
|
ret->type = utype;
|
||||||
|
|
||||||
ret->value.asn1_string->data = der;
|
ret->value.asn1_string->data = der;
|
||||||
ret->value.asn1_string->length = derlen;
|
ret->value.asn1_string->length = derlen;
|
||||||
|
|
||||||
@ -631,15 +628,12 @@ static int asn1_str2tag(const char *tagstr, int len)
|
|||||||
static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
|
static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
|
||||||
{
|
{
|
||||||
ASN1_TYPE *atmp = NULL;
|
ASN1_TYPE *atmp = NULL;
|
||||||
|
|
||||||
CONF_VALUE vtmp;
|
CONF_VALUE vtmp;
|
||||||
|
|
||||||
unsigned char *rdata;
|
unsigned char *rdata;
|
||||||
long rdlen;
|
long rdlen;
|
||||||
|
|
||||||
int no_unused = 1;
|
int no_unused = 1;
|
||||||
|
|
||||||
if (!(atmp = ASN1_TYPE_new())) {
|
if ((atmp = ASN1_TYPE_new()) == NULL) {
|
||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -676,7 +670,8 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
|
|||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
|
||||||
goto bad_form;
|
goto bad_form;
|
||||||
}
|
}
|
||||||
if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) {
|
if ((atmp->value.integer
|
||||||
|
= s2i_ASN1_INTEGER(NULL, (char *)str)) == NULL) {
|
||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
|
||||||
goto bad_str;
|
goto bad_str;
|
||||||
}
|
}
|
||||||
@ -687,7 +682,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
|
|||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
|
||||||
goto bad_form;
|
goto bad_form;
|
||||||
}
|
}
|
||||||
if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
|
if ((atmp->value.object = OBJ_txt2obj(str, 0)) == NULL) {
|
||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
|
||||||
goto bad_str;
|
goto bad_str;
|
||||||
}
|
}
|
||||||
@ -699,7 +694,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
|
|||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
|
||||||
goto bad_form;
|
goto bad_form;
|
||||||
}
|
}
|
||||||
if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
|
if ((atmp->value.asn1_string = ASN1_STRING_new()) == NULL) {
|
||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
|
||||||
goto bad_str;
|
goto bad_str;
|
||||||
}
|
}
|
||||||
@ -724,7 +719,6 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
|
|||||||
case V_ASN1_UNIVERSALSTRING:
|
case V_ASN1_UNIVERSALSTRING:
|
||||||
case V_ASN1_GENERALSTRING:
|
case V_ASN1_GENERALSTRING:
|
||||||
case V_ASN1_NUMERICSTRING:
|
case V_ASN1_NUMERICSTRING:
|
||||||
|
|
||||||
if (format == ASN1_GEN_FORMAT_ASCII)
|
if (format == ASN1_GEN_FORMAT_ASCII)
|
||||||
format = MBSTRING_ASC;
|
format = MBSTRING_ASC;
|
||||||
else if (format == ASN1_GEN_FORMAT_UTF8)
|
else if (format == ASN1_GEN_FORMAT_UTF8)
|
||||||
@ -743,25 +737,20 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case V_ASN1_BIT_STRING:
|
case V_ASN1_BIT_STRING:
|
||||||
|
|
||||||
case V_ASN1_OCTET_STRING:
|
case V_ASN1_OCTET_STRING:
|
||||||
|
if ((atmp->value.asn1_string = ASN1_STRING_new()) == NULL) {
|
||||||
if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
|
|
||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
|
||||||
goto bad_form;
|
goto bad_form;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (format == ASN1_GEN_FORMAT_HEX) {
|
if (format == ASN1_GEN_FORMAT_HEX) {
|
||||||
|
if ((rdata = string_to_hex((char *)str, &rdlen)) == NULL) {
|
||||||
if (!(rdata = string_to_hex((char *)str, &rdlen))) {
|
|
||||||
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
|
ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
|
||||||
goto bad_str;
|
goto bad_str;
|
||||||
}
|
}
|
||||||
|
|
||||||
atmp->value.asn1_string->data = rdata;
|
atmp->value.asn1_string->data = rdata;
|
||||||
atmp->value.asn1_string->length = rdlen;
|
atmp->value.asn1_string->length = rdlen;
|
||||||
atmp->value.asn1_string->type = utype;
|
atmp->value.asn1_string->type = utype;
|
||||||
|
|
||||||
} else if (format == ASN1_GEN_FORMAT_ASCII)
|
} else if (format == ASN1_GEN_FORMAT_ASCII)
|
||||||
ASN1_STRING_set(atmp->value.asn1_string, str, -1);
|
ASN1_STRING_set(atmp->value.asn1_string, str, -1);
|
||||||
else if ((format == ASN1_GEN_FORMAT_BITLIST)
|
else if ((format == ASN1_GEN_FORMAT_BITLIST)
|
||||||
|
@ -180,7 +180,8 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
|
|||||||
{
|
{
|
||||||
BIO *b64;
|
BIO *b64;
|
||||||
ASN1_VALUE *val;
|
ASN1_VALUE *val;
|
||||||
if (!(b64 = BIO_new(BIO_f_base64()))) {
|
|
||||||
|
if ((b64 = BIO_new(BIO_f_base64())) == NULL) {
|
||||||
ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -427,12 +428,13 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
|
|||||||
if (bcont)
|
if (bcont)
|
||||||
*bcont = NULL;
|
*bcont = NULL;
|
||||||
|
|
||||||
if (!(headers = mime_parse_hdr(bio))) {
|
if ((headers = mime_parse_hdr(bio)) == NULL) {
|
||||||
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
|
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
|
if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
|
||||||
|
|| hdr->value == NULL) {
|
||||||
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
||||||
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
|
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -459,7 +461,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
|
|||||||
/* Parse the signature piece */
|
/* Parse the signature piece */
|
||||||
asnin = sk_BIO_value(parts, 1);
|
asnin = sk_BIO_value(parts, 1);
|
||||||
|
|
||||||
if (!(headers = mime_parse_hdr(asnin))) {
|
if ((headers = mime_parse_hdr(asnin)) == NULL) {
|
||||||
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
|
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
|
||||||
sk_BIO_pop_free(parts, BIO_vfree);
|
sk_BIO_pop_free(parts, BIO_vfree);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -467,7 +469,8 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
|
|||||||
|
|
||||||
/* Get content type */
|
/* Get content type */
|
||||||
|
|
||||||
if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
|
if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
|
||||||
|
|| hdr->value == NULL) {
|
||||||
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
||||||
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
|
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -483,7 +486,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
|
|||||||
}
|
}
|
||||||
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
||||||
/* Read in ASN1 */
|
/* Read in ASN1 */
|
||||||
if (!(val = b64_read_asn1(asnin, it))) {
|
if ((val = b64_read_asn1(asnin, it)) == NULL) {
|
||||||
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
|
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
|
||||||
sk_BIO_pop_free(parts, BIO_vfree);
|
sk_BIO_pop_free(parts, BIO_vfree);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -510,7 +513,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
|
|||||||
|
|
||||||
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
||||||
|
|
||||||
if (!(val = b64_read_asn1(bio, it))) {
|
if ((val = b64_read_asn1(bio, it)) == NULL) {
|
||||||
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
|
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -573,11 +576,12 @@ int SMIME_text(BIO *in, BIO *out)
|
|||||||
STACK_OF(MIME_HEADER) *headers;
|
STACK_OF(MIME_HEADER) *headers;
|
||||||
MIME_HEADER *hdr;
|
MIME_HEADER *hdr;
|
||||||
|
|
||||||
if (!(headers = mime_parse_hdr(in))) {
|
if ((headers = mime_parse_hdr(in)) == NULL) {
|
||||||
ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
|
ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
|
if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
|
||||||
|
|| hdr->value == NULL) {
|
||||||
ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
|
ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
|
||||||
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
||||||
return 0;
|
return 0;
|
||||||
@ -822,8 +826,9 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
|
|||||||
MIME_HEADER *mhdr = NULL;
|
MIME_HEADER *mhdr = NULL;
|
||||||
char *tmpname = NULL, *tmpval = NULL, *p;
|
char *tmpname = NULL, *tmpval = NULL, *p;
|
||||||
int c;
|
int c;
|
||||||
|
|
||||||
if (name) {
|
if (name) {
|
||||||
if (!(tmpname = BUF_strdup(name)))
|
if ((tmpname = BUF_strdup(name)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
for (p = tmpname; *p; p++) {
|
for (p = tmpname; *p; p++) {
|
||||||
c = (unsigned char)*p;
|
c = (unsigned char)*p;
|
||||||
@ -834,7 +839,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (value) {
|
if (value) {
|
||||||
if (!(tmpval = BUF_strdup(value)))
|
if ((tmpval = BUF_strdup(value)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
for (p = tmpval; *p; p++) {
|
for (p = tmpval; *p; p++) {
|
||||||
c = (unsigned char)*p;
|
c = (unsigned char)*p;
|
||||||
@ -849,7 +854,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
|
|||||||
goto err;
|
goto err;
|
||||||
mhdr->name = tmpname;
|
mhdr->name = tmpname;
|
||||||
mhdr->value = tmpval;
|
mhdr->value = tmpval;
|
||||||
if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)))
|
if ((mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
return mhdr;
|
return mhdr;
|
||||||
|
|
||||||
|
@ -76,8 +76,9 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
|
|||||||
const char *oid_section;
|
const char *oid_section;
|
||||||
STACK_OF(CONF_VALUE) *sktmp;
|
STACK_OF(CONF_VALUE) *sktmp;
|
||||||
CONF_VALUE *oval;
|
CONF_VALUE *oval;
|
||||||
|
|
||||||
oid_section = CONF_imodule_get_value(md);
|
oid_section = CONF_imodule_get_value(md);
|
||||||
if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
|
if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
|
||||||
ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
|
ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -70,8 +70,9 @@ static int stbl_module_init(CONF_IMODULE *md, const CONF *cnf)
|
|||||||
const char *stbl_section;
|
const char *stbl_section;
|
||||||
STACK_OF(CONF_VALUE) *sktmp;
|
STACK_OF(CONF_VALUE) *sktmp;
|
||||||
CONF_VALUE *mval;
|
CONF_VALUE *mval;
|
||||||
|
|
||||||
stbl_section = CONF_imodule_get_value(md);
|
stbl_section = CONF_imodule_get_value(md);
|
||||||
if (!(sktmp = NCONF_get_section(cnf, stbl_section))) {
|
if ((sktmp = NCONF_get_section(cnf, stbl_section)) == NULL) {
|
||||||
ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
|
ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -67,8 +67,8 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
|
|||||||
{
|
{
|
||||||
ASN1_STRING *octmp;
|
ASN1_STRING *octmp;
|
||||||
|
|
||||||
if (!oct || !*oct) {
|
if (oct == NULL|| *oct== NULL) {
|
||||||
if (!(octmp = ASN1_STRING_new())) {
|
if ((octmp = ASN1_STRING_new()) == NULL) {
|
||||||
ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -80,7 +80,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
|
|||||||
OPENSSL_free(octmp->data);
|
OPENSSL_free(octmp->data);
|
||||||
octmp->data = NULL;
|
octmp->data = NULL;
|
||||||
|
|
||||||
if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
|
if ((octmp->length = ASN1_item_i2d(obj, &octmp->data, it)) == 0) {
|
||||||
ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR);
|
ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -99,7 +99,7 @@ void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
|
|||||||
void *ret;
|
void *ret;
|
||||||
|
|
||||||
p = oct->data;
|
p = oct->data;
|
||||||
if (!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
|
if ((ret = ASN1_item_d2i(NULL, &p, oct->length, it)) == NULL)
|
||||||
ASN1err(ASN1_F_ASN1_ITEM_UNPACK, ASN1_R_DECODE_ERROR);
|
ASN1err(ASN1_F_ASN1_ITEM_UNPACK, ASN1_R_DECODE_ERROR);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -106,14 +106,13 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||||||
}
|
}
|
||||||
obj = OBJ_nid2obj(alg_nid);
|
obj = OBJ_nid2obj(alg_nid);
|
||||||
|
|
||||||
if (!(pbe2 = PBE2PARAM_new()))
|
if ((pbe2 = PBE2PARAM_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
|
|
||||||
/* Setup the AlgorithmIdentifier for the encryption scheme */
|
/* Setup the AlgorithmIdentifier for the encryption scheme */
|
||||||
scheme = pbe2->encryption;
|
scheme = pbe2->encryption;
|
||||||
|
|
||||||
scheme->algorithm = obj;
|
scheme->algorithm = obj;
|
||||||
if (!(scheme->parameter = ASN1_TYPE_new()))
|
if ((scheme->parameter = ASN1_TYPE_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
|
|
||||||
/* Create random IV */
|
/* Create random IV */
|
||||||
@ -163,7 +162,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||||||
|
|
||||||
/* Now set up top level AlgorithmIdentifier */
|
/* Now set up top level AlgorithmIdentifier */
|
||||||
|
|
||||||
if (!(ret = X509_ALGOR_new()))
|
if ((ret = X509_ALGOR_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
|
|
||||||
ret->algorithm = OBJ_nid2obj(NID_pbes2);
|
ret->algorithm = OBJ_nid2obj(NID_pbes2);
|
||||||
@ -205,17 +204,17 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
|
|||||||
PBKDF2PARAM *kdf = NULL;
|
PBKDF2PARAM *kdf = NULL;
|
||||||
ASN1_OCTET_STRING *osalt = NULL;
|
ASN1_OCTET_STRING *osalt = NULL;
|
||||||
|
|
||||||
if (!(kdf = PBKDF2PARAM_new()))
|
if ((kdf = PBKDF2PARAM_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!(osalt = ASN1_OCTET_STRING_new()))
|
if ((osalt = ASN1_OCTET_STRING_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
|
|
||||||
kdf->salt->value.octet_string = osalt;
|
kdf->salt->value.octet_string = osalt;
|
||||||
kdf->salt->type = V_ASN1_OCTET_STRING;
|
kdf->salt->type = V_ASN1_OCTET_STRING;
|
||||||
|
|
||||||
if (!saltlen)
|
if (saltlen == 0)
|
||||||
saltlen = PKCS5_SALT_LEN;
|
saltlen = PKCS5_SALT_LEN;
|
||||||
if (!(osalt->data = OPENSSL_malloc(saltlen)))
|
if ((osalt->data = OPENSSL_malloc(saltlen)) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
|
|
||||||
osalt->length = saltlen;
|
osalt->length = saltlen;
|
||||||
@ -234,7 +233,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
|
|||||||
/* If have a key len set it up */
|
/* If have a key len set it up */
|
||||||
|
|
||||||
if (keylen > 0) {
|
if (keylen > 0) {
|
||||||
if (!(kdf->keylength = ASN1_INTEGER_new()))
|
if ((kdf->keylength = ASN1_INTEGER_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!ASN1_INTEGER_set(kdf->keylength, keylen))
|
if (!ASN1_INTEGER_set(kdf->keylength, keylen))
|
||||||
goto merr;
|
goto merr;
|
||||||
|
@ -84,9 +84,9 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
|
|||||||
|
|
||||||
static X509_CERT_AUX *aux_get(X509 *x)
|
static X509_CERT_AUX *aux_get(X509 *x)
|
||||||
{
|
{
|
||||||
if (!x)
|
if (x == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
|
if (x->aux == NULL && (x->aux = X509_CERT_AUX_new()) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
return x->aux;
|
return x->aux;
|
||||||
}
|
}
|
||||||
@ -101,9 +101,9 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len)
|
|||||||
x->aux->alias = NULL;
|
x->aux->alias = NULL;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if (!(aux = aux_get(x)))
|
if ((aux = aux_get(x)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
|
if (aux->alias == NULL && (aux->alias = ASN1_UTF8STRING_new()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
return ASN1_STRING_set(aux->alias, name, len);
|
return ASN1_STRING_set(aux->alias, name, len);
|
||||||
}
|
}
|
||||||
@ -118,9 +118,10 @@ int X509_keyid_set1(X509 *x, unsigned char *id, int len)
|
|||||||
x->aux->keyid = NULL;
|
x->aux->keyid = NULL;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if (!(aux = aux_get(x)))
|
if ((aux = aux_get(x)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
|
if (aux->keyid ==NULL
|
||||||
|
&& (aux->keyid = ASN1_OCTET_STRING_new()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
return ASN1_STRING_set(aux->keyid, id, len);
|
return ASN1_STRING_set(aux->keyid, id, len);
|
||||||
}
|
}
|
||||||
@ -152,9 +153,10 @@ int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
|
|||||||
if (!objtmp)
|
if (!objtmp)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!(aux = aux_get(x)))
|
if ((aux = aux_get(x)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
|
if (aux->trust == NULL
|
||||||
|
&& (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp))
|
if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp))
|
||||||
return 1;
|
return 1;
|
||||||
@ -167,11 +169,12 @@ int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
|
|||||||
{
|
{
|
||||||
X509_CERT_AUX *aux;
|
X509_CERT_AUX *aux;
|
||||||
ASN1_OBJECT *objtmp;
|
ASN1_OBJECT *objtmp;
|
||||||
if (!(objtmp = OBJ_dup(obj)))
|
if ((objtmp = OBJ_dup(obj)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!(aux = aux_get(x)))
|
if ((aux = aux_get(x)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
|
if (aux->reject == NULL
|
||||||
|
&& (aux->reject = sk_ASN1_OBJECT_new_null()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
return sk_ASN1_OBJECT_push(aux->reject, objtmp);
|
return sk_ASN1_OBJECT_push(aux->reject, objtmp);
|
||||||
}
|
}
|
||||||
|
@ -102,7 +102,7 @@ static int nbiof_new(BIO *bi)
|
|||||||
{
|
{
|
||||||
NBIO_TEST *nt;
|
NBIO_TEST *nt;
|
||||||
|
|
||||||
if (!(nt = OPENSSL_malloc(sizeof(*nt))))
|
if ((nt = OPENSSL_malloc(sizeof(*nt))) == NULL)
|
||||||
return (0);
|
return (0);
|
||||||
nt->lrn = -1;
|
nt->lrn = -1;
|
||||||
nt->lwn = -1;
|
nt->lwn = -1;
|
||||||
|
@ -269,7 +269,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (cb != NULL) {
|
if (cb != NULL) {
|
||||||
if (!(ret = cb((BIO *)b, c->state, ret)))
|
if ((ret = cb((BIO *)b, c->state, ret)) == 0)
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1406,7 +1406,7 @@ static int dgram_sctp_write(BIO *b, const char *in, int inl)
|
|||||||
if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
|
if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
|
||||||
char *tmp;
|
char *tmp;
|
||||||
data->saved_message.bio = b;
|
data->saved_message.bio = b;
|
||||||
if (!(tmp = OPENSSL_malloc(inl))) {
|
if ((tmp = OPENSSL_malloc(inl)) == NULL) {
|
||||||
BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
|
BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
@ -97,12 +97,12 @@ BIO *BIO_new_mem_buf(void *buf, int len)
|
|||||||
BUF_MEM *b;
|
BUF_MEM *b;
|
||||||
size_t sz;
|
size_t sz;
|
||||||
|
|
||||||
if (!buf) {
|
if (buf == NULL) {
|
||||||
BIOerr(BIO_F_BIO_NEW_MEM_BUF, BIO_R_NULL_PARAMETER);
|
BIOerr(BIO_F_BIO_NEW_MEM_BUF, BIO_R_NULL_PARAMETER);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
sz = (len < 0) ? strlen(buf) : (size_t)len;
|
sz = (len < 0) ? strlen(buf) : (size_t)len;
|
||||||
if (!(ret = BIO_new(BIO_s_mem())))
|
if ((ret = BIO_new(BIO_s_mem())) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
b = (BUF_MEM *)ret->ptr;
|
b = (BUF_MEM *)ret->ptr;
|
||||||
b->data = buf;
|
b->data = buf;
|
||||||
|
@ -801,7 +801,8 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
|
|||||||
{
|
{
|
||||||
BIO *cmsbio;
|
BIO *cmsbio;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
if (!(cmsbio = CMS_dataInit(cms, dcont))) {
|
|
||||||
|
if ((cmsbio = CMS_dataInit(cms, dcont)) == NULL) {
|
||||||
CMSerr(CMS_F_CMS_FINAL, ERR_R_MALLOC_FAILURE);
|
CMSerr(CMS_F_CMS_FINAL, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -357,7 +357,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
|
|||||||
p++;
|
p++;
|
||||||
*p = '\0';
|
*p = '\0';
|
||||||
|
|
||||||
if (!(v = OPENSSL_malloc(sizeof(*v)))) {
|
if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) {
|
||||||
CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
|
CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -118,7 +118,7 @@ LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
|
|||||||
{
|
{
|
||||||
BIO *btmp;
|
BIO *btmp;
|
||||||
LHASH_OF(CONF_VALUE) *ltmp;
|
LHASH_OF(CONF_VALUE) *ltmp;
|
||||||
if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
|
if ((btmp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
|
||||||
CONFerr(CONF_F_CONF_LOAD_FP, ERR_R_BUF_LIB);
|
CONFerr(CONF_F_CONF_LOAD_FP, ERR_R_BUF_LIB);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -200,7 +200,7 @@ int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out)
|
|||||||
BIO *btmp;
|
BIO *btmp;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
|
if ((btmp = BIO_new_fp(out, BIO_NOCLOSE)) == NULL) {
|
||||||
CONFerr(CONF_F_CONF_DUMP_FP, ERR_R_BUF_LIB);
|
CONFerr(CONF_F_CONF_DUMP_FP, ERR_R_BUF_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -270,7 +270,7 @@ int NCONF_load_fp(CONF *conf, FILE *fp, long *eline)
|
|||||||
{
|
{
|
||||||
BIO *btmp;
|
BIO *btmp;
|
||||||
int ret;
|
int ret;
|
||||||
if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
|
if ((btmp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
|
||||||
CONFerr(CONF_F_NCONF_LOAD_FP, ERR_R_BUF_LIB);
|
CONFerr(CONF_F_NCONF_LOAD_FP, ERR_R_BUF_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -354,7 +354,7 @@ int NCONF_dump_fp(const CONF *conf, FILE *out)
|
|||||||
{
|
{
|
||||||
BIO *btmp;
|
BIO *btmp;
|
||||||
int ret;
|
int ret;
|
||||||
if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
|
if ((btmp = BIO_new_fp(out, BIO_NOCLOSE)) == NULL) {
|
||||||
CONFerr(CONF_F_NCONF_DUMP_FP, ERR_R_BUF_LIB);
|
CONFerr(CONF_F_NCONF_DUMP_FP, ERR_R_BUF_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -119,18 +119,18 @@ static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
|
|||||||
pm = pstr->data;
|
pm = pstr->data;
|
||||||
pmlen = pstr->length;
|
pmlen = pstr->length;
|
||||||
|
|
||||||
if (!(dh = d2i_dhp(pkey, &pm, pmlen))) {
|
if ((dh = d2i_dhp(pkey, &pm, pmlen)) == NULL) {
|
||||||
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
|
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
|
if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
|
||||||
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
|
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* We have parameters now set public key */
|
/* We have parameters now set public key */
|
||||||
if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
|
if ((dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
|
||||||
DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
|
DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -218,17 +218,17 @@ static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
|
|
||||||
if (ptype != V_ASN1_SEQUENCE)
|
if (ptype != V_ASN1_SEQUENCE)
|
||||||
goto decerr;
|
goto decerr;
|
||||||
|
if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
|
||||||
if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
|
|
||||||
goto decerr;
|
goto decerr;
|
||||||
|
|
||||||
pstr = pval;
|
pstr = pval;
|
||||||
pm = pstr->data;
|
pm = pstr->data;
|
||||||
pmlen = pstr->length;
|
pmlen = pstr->length;
|
||||||
if (!(dh = d2i_dhp(pkey, &pm, pmlen)))
|
if ((dh = d2i_dhp(pkey, &pm, pmlen)) == NULL)
|
||||||
goto decerr;
|
goto decerr;
|
||||||
|
|
||||||
/* We have parameters now set private key */
|
/* We have parameters now set private key */
|
||||||
if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
|
if ((dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)) == NULL) {
|
||||||
DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
|
DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
|
||||||
goto dherr;
|
goto dherr;
|
||||||
}
|
}
|
||||||
@ -310,7 +310,8 @@ static int dh_param_decode(EVP_PKEY *pkey,
|
|||||||
const unsigned char **pder, int derlen)
|
const unsigned char **pder, int derlen)
|
||||||
{
|
{
|
||||||
DH *dh;
|
DH *dh;
|
||||||
if (!(dh = d2i_dhp(pkey, pder, derlen))) {
|
|
||||||
|
if ((dh = d2i_dhp(pkey, pder, derlen)) == NULL) {
|
||||||
DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
|
DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -679,13 +680,13 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
|
|||||||
if (!p || !plen)
|
if (!p || !plen)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, plen))) {
|
if ((public_key = d2i_ASN1_INTEGER(NULL, &p, plen)) == NULL) {
|
||||||
DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_DECODE_ERROR);
|
DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* We have parameters now set public key */
|
/* We have parameters now set public key */
|
||||||
if (!(dhpeer->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
|
if ((dhpeer->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
|
||||||
DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_BN_DECODE_ERROR);
|
DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_BN_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -88,13 +88,13 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
|
|||||||
pm = pstr->data;
|
pm = pstr->data;
|
||||||
pmlen = pstr->length;
|
pmlen = pstr->length;
|
||||||
|
|
||||||
if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
|
if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
|
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
} else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
|
} else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
|
||||||
if (!(dsa = DSA_new())) {
|
if ((dsa = DSA_new()) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
|
DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -103,12 +103,12 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
|
if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
|
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
|
if ((dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
|
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -201,7 +201,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
/* Check for broken DSA PKCS#8, UGH! */
|
/* Check for broken DSA PKCS#8, UGH! */
|
||||||
if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
|
if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
|
||||||
ASN1_TYPE *t1, *t2;
|
ASN1_TYPE *t1, *t2;
|
||||||
if (!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
|
if ((ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)) == NULL)
|
||||||
goto decerr;
|
goto decerr;
|
||||||
if (sk_ASN1_TYPE_num(ndsa) != 2)
|
if (sk_ASN1_TYPE_num(ndsa) != 2)
|
||||||
goto decerr;
|
goto decerr;
|
||||||
@ -227,12 +227,12 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
privkey = t2->value.integer;
|
privkey = t2->value.integer;
|
||||||
} else {
|
} else {
|
||||||
const unsigned char *q = p;
|
const unsigned char *q = p;
|
||||||
if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
|
if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
|
||||||
goto decerr;
|
goto decerr;
|
||||||
if (privkey->type == V_ASN1_NEG_INTEGER) {
|
if (privkey->type == V_ASN1_NEG_INTEGER) {
|
||||||
p8->broken = PKCS8_NEG_PRIVKEY;
|
p8->broken = PKCS8_NEG_PRIVKEY;
|
||||||
ASN1_STRING_clear_free(privkey);
|
ASN1_STRING_clear_free(privkey);
|
||||||
if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
|
if ((privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)) == NULL)
|
||||||
goto decerr;
|
goto decerr;
|
||||||
}
|
}
|
||||||
if (ptype != V_ASN1_SEQUENCE)
|
if (ptype != V_ASN1_SEQUENCE)
|
||||||
@ -242,19 +242,19 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
pstr = pval;
|
pstr = pval;
|
||||||
pm = pstr->data;
|
pm = pstr->data;
|
||||||
pmlen = pstr->length;
|
pmlen = pstr->length;
|
||||||
if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
|
if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
|
||||||
goto decerr;
|
goto decerr;
|
||||||
/* We have parameters now set private key */
|
/* We have parameters now set private key */
|
||||||
if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
|
if ((dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
|
DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
|
||||||
goto dsaerr;
|
goto dsaerr;
|
||||||
}
|
}
|
||||||
/* Calculate public key */
|
/* Calculate public key */
|
||||||
if (!(dsa->pub_key = BN_new())) {
|
if ((dsa->pub_key = BN_new()) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
|
DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
|
||||||
goto dsaerr;
|
goto dsaerr;
|
||||||
}
|
}
|
||||||
if (!(ctx = BN_CTX_new())) {
|
if ((ctx = BN_CTX_new()) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
|
DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
|
||||||
goto dsaerr;
|
goto dsaerr;
|
||||||
}
|
}
|
||||||
@ -477,7 +477,8 @@ static int dsa_param_decode(EVP_PKEY *pkey,
|
|||||||
const unsigned char **pder, int derlen)
|
const unsigned char **pder, int derlen)
|
||||||
{
|
{
|
||||||
DSA *dsa;
|
DSA *dsa;
|
||||||
if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
|
|
||||||
|
if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) {
|
||||||
DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
|
DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -512,7 +513,8 @@ static int old_dsa_priv_decode(EVP_PKEY *pkey,
|
|||||||
const unsigned char **pder, int derlen)
|
const unsigned char **pder, int derlen)
|
||||||
{
|
{
|
||||||
DSA *dsa;
|
DSA *dsa;
|
||||||
if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) {
|
|
||||||
|
if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) {
|
||||||
DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
|
DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -145,7 +145,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval)
|
|||||||
int pmlen;
|
int pmlen;
|
||||||
pm = pstr->data;
|
pm = pstr->data;
|
||||||
pmlen = pstr->length;
|
pmlen = pstr->length;
|
||||||
if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen))) {
|
if ((eckey = d2i_ECParameters(NULL, &pm, pmlen)) == NULL) {
|
||||||
ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
|
ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
|
||||||
goto ecerr;
|
goto ecerr;
|
||||||
}
|
}
|
||||||
@ -510,7 +510,8 @@ static int eckey_param_decode(EVP_PKEY *pkey,
|
|||||||
const unsigned char **pder, int derlen)
|
const unsigned char **pder, int derlen)
|
||||||
{
|
{
|
||||||
EC_KEY *eckey;
|
EC_KEY *eckey;
|
||||||
if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) {
|
|
||||||
|
if ((eckey = d2i_ECParameters(NULL, pder, derlen)) == NULL) {
|
||||||
ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
|
ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -545,7 +546,8 @@ static int old_ec_priv_decode(EVP_PKEY *pkey,
|
|||||||
const unsigned char **pder, int derlen)
|
const unsigned char **pder, int derlen)
|
||||||
{
|
{
|
||||||
EC_KEY *ec;
|
EC_KEY *ec;
|
||||||
if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) {
|
|
||||||
|
if ((ec = d2i_ECPrivateKey(NULL, pder, derlen)) == NULL) {
|
||||||
ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
|
ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -838,7 +838,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
|
|||||||
/* extract seed (optional) */
|
/* extract seed (optional) */
|
||||||
if (params->curve->seed != NULL) {
|
if (params->curve->seed != NULL) {
|
||||||
OPENSSL_free(ret->seed);
|
OPENSSL_free(ret->seed);
|
||||||
if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length))) {
|
if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL) {
|
||||||
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
|
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -3049,9 +3049,9 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
|
|||||||
params = (const unsigned char *)(data + 1); /* skip header */
|
params = (const unsigned char *)(data + 1); /* skip header */
|
||||||
params += seed_len; /* skip seed */
|
params += seed_len; /* skip seed */
|
||||||
|
|
||||||
if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL))
|
if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL
|
||||||
|| !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL))
|
|| (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL
|
||||||
|| !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) {
|
|| (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) {
|
||||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -3085,8 +3085,8 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL))
|
if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL
|
||||||
|| !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) {
|
|| (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) {
|
||||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -3094,7 +3094,7 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
|
|||||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL))
|
if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL
|
||||||
|| !BN_set_word(x, (BN_ULONG)data->cofactor)) {
|
|| !BN_set_word(x, (BN_ULONG)data->cofactor)) {
|
||||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -465,7 +465,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(tmp = EC_POINT_new(group)))
|
if ((tmp = EC_POINT_new(group)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
@ -674,7 +674,8 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) {
|
if ((tmp_point = EC_POINT_new(group)) == NULL
|
||||||
|
|| (base = EC_POINT_new(group)) == NULL) {
|
||||||
ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
|
ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -427,7 +427,7 @@ static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
|
|||||||
return EVP_PKEY_CTX_set_ec_param_enc(ctx, param_enc);
|
return EVP_PKEY_CTX_set_ec_param_enc(ctx, param_enc);
|
||||||
} else if (strcmp(type, "ecdh_kdf_md") == 0) {
|
} else if (strcmp(type, "ecdh_kdf_md") == 0) {
|
||||||
const EVP_MD *md;
|
const EVP_MD *md;
|
||||||
if (!(md = EVP_get_digestbyname(value))) {
|
if ((md = EVP_get_digestbyname(value)) == NULL) {
|
||||||
ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_DIGEST);
|
ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_DIGEST);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -74,8 +74,9 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
|
|||||||
const char *oid_section;
|
const char *oid_section;
|
||||||
STACK_OF(CONF_VALUE) *sktmp;
|
STACK_OF(CONF_VALUE) *sktmp;
|
||||||
CONF_VALUE *oval;
|
CONF_VALUE *oval;
|
||||||
|
|
||||||
oid_section = CONF_imodule_get_value(md);
|
oid_section = CONF_imodule_get_value(md);
|
||||||
if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
|
if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
|
||||||
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
|
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -227,9 +227,9 @@ int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
|
|||||||
{
|
{
|
||||||
EVP_PBE_CTL *pbe_tmp;
|
EVP_PBE_CTL *pbe_tmp;
|
||||||
|
|
||||||
if (!pbe_algs)
|
if (pbe_algs == NULL)
|
||||||
pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
|
pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
|
||||||
if (!(pbe_tmp = OPENSSL_malloc(sizeof(*pbe_tmp)))) {
|
if ((pbe_tmp = OPENSSL_malloc(sizeof(*pbe_tmp))) == NULL) {
|
||||||
EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
|
EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -247,6 +247,7 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
|
|||||||
EVP_PBE_KEYGEN *keygen)
|
EVP_PBE_KEYGEN *keygen)
|
||||||
{
|
{
|
||||||
int cipher_nid, md_nid;
|
int cipher_nid, md_nid;
|
||||||
|
|
||||||
if (cipher)
|
if (cipher)
|
||||||
cipher_nid = EVP_CIPHER_nid(cipher);
|
cipher_nid = EVP_CIPHER_nid(cipher);
|
||||||
else
|
else
|
||||||
|
@ -75,7 +75,7 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
|
if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (!(pkey = EVP_PKEY_new())) {
|
if ((pkey = EVP_PKEY_new()) == NULL) {
|
||||||
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
|
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -115,7 +115,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
|
|||||||
{
|
{
|
||||||
PKCS8_PRIV_KEY_INFO *p8;
|
PKCS8_PRIV_KEY_INFO *p8;
|
||||||
|
|
||||||
if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
|
if ((p8 = PKCS8_PRIV_KEY_INFO_new()) == NULL) {
|
||||||
EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
|
EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -416,7 +416,7 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
|
|||||||
}
|
}
|
||||||
if (strcmp(name, "digest") == 0) {
|
if (strcmp(name, "digest") == 0) {
|
||||||
const EVP_MD *md;
|
const EVP_MD *md;
|
||||||
if (!value || !(md = EVP_get_digestbyname(value))) {
|
if (value == NULL || (md = EVP_get_digestbyname(value)) == NULL) {
|
||||||
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_INVALID_DIGEST);
|
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_INVALID_DIGEST);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -255,16 +255,16 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
|
|||||||
return (0);
|
return (0);
|
||||||
if ((o = OBJ_dup(obj)) == NULL)
|
if ((o = OBJ_dup(obj)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ao[ADDED_NID] = OPENSSL_malloc(sizeof(*ao))))
|
if ((ao[ADDED_NID] = OPENSSL_malloc(sizeof(*ao))) == NULL)
|
||||||
goto err2;
|
goto err2;
|
||||||
if ((o->length != 0) && (obj->data != NULL))
|
if ((o->length != 0) && (obj->data != NULL))
|
||||||
if (!(ao[ADDED_DATA] = OPENSSL_malloc(sizeof(*ao))))
|
if ((ao[ADDED_DATA] = OPENSSL_malloc(sizeof(*ao))) == NULL)
|
||||||
goto err2;
|
goto err2;
|
||||||
if (o->sn != NULL)
|
if (o->sn != NULL)
|
||||||
if (!(ao[ADDED_SNAME] = OPENSSL_malloc(sizeof(*ao))))
|
if ((ao[ADDED_SNAME] = OPENSSL_malloc(sizeof(*ao))) == NULL)
|
||||||
goto err2;
|
goto err2;
|
||||||
if (o->ln != NULL)
|
if (o->ln != NULL)
|
||||||
if (!(ao[ADDED_LNAME] = OPENSSL_malloc(sizeof(*ao))))
|
if ((ao[ADDED_LNAME] = OPENSSL_malloc(sizeof(*ao))) == NULL)
|
||||||
goto err2;
|
goto err2;
|
||||||
|
|
||||||
for (i = ADDED_DATA; i <= ADDED_NID; i++) {
|
for (i = ADDED_DATA; i <= ADDED_NID; i++) {
|
||||||
@ -507,7 +507,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
|
|||||||
if (!(c & 0x80))
|
if (!(c & 0x80))
|
||||||
break;
|
break;
|
||||||
if (!use_bn && (l > (ULONG_MAX >> 7L))) {
|
if (!use_bn && (l > (ULONG_MAX >> 7L))) {
|
||||||
if (!bl && !(bl = BN_new()))
|
if (bl == NULL && (bl = BN_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!BN_set_word(bl, l))
|
if (!BN_set_word(bl, l))
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -89,7 +89,7 @@ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
|
|||||||
{
|
{
|
||||||
OCSP_ONEREQ *one = NULL;
|
OCSP_ONEREQ *one = NULL;
|
||||||
|
|
||||||
if (!(one = OCSP_ONEREQ_new()))
|
if ((one = OCSP_ONEREQ_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
OCSP_CERTID_free(one->reqCert);
|
OCSP_CERTID_free(one->reqCert);
|
||||||
one->reqCert = cid;
|
one->reqCert = cid;
|
||||||
@ -132,7 +132,8 @@ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
|
|||||||
return 0;
|
return 0;
|
||||||
if (!cert)
|
if (!cert)
|
||||||
return 1;
|
return 1;
|
||||||
if (!sig->certs && !(sig->certs = sk_X509_new_null()))
|
if (sig->certs == NULL
|
||||||
|
&& (sig->certs = sk_X509_new_null()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (!sk_X509_push(sig->certs, cert))
|
if (!sk_X509_push(sig->certs, cert))
|
||||||
@ -159,7 +160,7 @@ int OCSP_request_sign(OCSP_REQUEST *req,
|
|||||||
if (!OCSP_request_set1_name(req, X509_get_subject_name(signer)))
|
if (!OCSP_request_set1_name(req, X509_get_subject_name(signer)))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!(req->optionalSignature = OCSP_SIGNATURE_new()))
|
if ((req->optionalSignature = OCSP_SIGNATURE_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (key) {
|
if (key) {
|
||||||
if (!X509_check_private_key(signer, key)) {
|
if (!X509_check_private_key(signer, key)) {
|
||||||
|
@ -415,22 +415,22 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
|
|||||||
X509_EXTENSION *x = NULL;
|
X509_EXTENSION *x = NULL;
|
||||||
OCSP_CRLID *cid = NULL;
|
OCSP_CRLID *cid = NULL;
|
||||||
|
|
||||||
if (!(cid = OCSP_CRLID_new()))
|
if ((cid = OCSP_CRLID_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (url) {
|
if (url) {
|
||||||
if (!(cid->crlUrl = ASN1_IA5STRING_new()))
|
if ((cid->crlUrl = ASN1_IA5STRING_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
|
if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (n) {
|
if (n) {
|
||||||
if (!(cid->crlNum = ASN1_INTEGER_new()))
|
if ((cid->crlNum = ASN1_INTEGER_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
|
if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (tim) {
|
if (tim) {
|
||||||
if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new()))
|
if ((cid->crlTime = ASN1_GENERALIZEDTIME_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
|
if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
|
||||||
goto err;
|
goto err;
|
||||||
@ -449,7 +449,7 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids)
|
|||||||
ASN1_OBJECT *o = NULL;
|
ASN1_OBJECT *o = NULL;
|
||||||
X509_EXTENSION *x = NULL;
|
X509_EXTENSION *x = NULL;
|
||||||
|
|
||||||
if (!(sk = sk_ASN1_OBJECT_new_null()))
|
if ((sk = sk_ASN1_OBJECT_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
while (oids && *oids) {
|
while (oids && *oids) {
|
||||||
if ((nid = OBJ_txt2nid(*oids)) != NID_undef && (o = OBJ_nid2obj(nid)))
|
if ((nid = OBJ_txt2nid(*oids)) != NID_undef && (o = OBJ_nid2obj(nid)))
|
||||||
@ -468,7 +468,7 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char *tim)
|
|||||||
X509_EXTENSION *x = NULL;
|
X509_EXTENSION *x = NULL;
|
||||||
ASN1_GENERALIZEDTIME *gt = NULL;
|
ASN1_GENERALIZEDTIME *gt = NULL;
|
||||||
|
|
||||||
if (!(gt = ASN1_GENERALIZEDTIME_new()))
|
if ((gt = ASN1_GENERALIZEDTIME_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
|
if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
|
||||||
goto err;
|
goto err;
|
||||||
@ -490,20 +490,21 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
|
|||||||
OCSP_SERVICELOC *sloc = NULL;
|
OCSP_SERVICELOC *sloc = NULL;
|
||||||
ACCESS_DESCRIPTION *ad = NULL;
|
ACCESS_DESCRIPTION *ad = NULL;
|
||||||
|
|
||||||
if (!(sloc = OCSP_SERVICELOC_new()))
|
if ((sloc = OCSP_SERVICELOC_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(sloc->issuer = X509_NAME_dup(issuer)))
|
if ((sloc->issuer = X509_NAME_dup(issuer)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (urls && *urls && !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null()))
|
if (urls && *urls
|
||||||
|
&& (sloc->locator = sk_ACCESS_DESCRIPTION_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
while (urls && *urls) {
|
while (urls && *urls) {
|
||||||
if (!(ad = ACCESS_DESCRIPTION_new()))
|
if ((ad = ACCESS_DESCRIPTION_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP)))
|
if ((ad->method = OBJ_nid2obj(NID_ad_OCSP)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ad->location = GENERAL_NAME_new()))
|
if ((ad->location = GENERAL_NAME_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ia5 = ASN1_IA5STRING_new()))
|
if ((ia5 = ASN1_IA5STRING_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_STRING_set((ASN1_STRING *)ia5, *urls, -1))
|
if (!ASN1_STRING_set((ASN1_STRING *)ia5, *urls, -1))
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -106,7 +106,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
|
|||||||
OCSP_CERTID *cid = NULL;
|
OCSP_CERTID *cid = NULL;
|
||||||
unsigned char md[EVP_MAX_MD_SIZE];
|
unsigned char md[EVP_MAX_MD_SIZE];
|
||||||
|
|
||||||
if (!(cid = OCSP_CERTID_new()))
|
if ((cid = OCSP_CERTID_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
alg = cid->hashAlgorithm;
|
alg = cid->hashAlgorithm;
|
||||||
@ -115,7 +115,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
|
|||||||
OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);
|
OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(alg->algorithm = OBJ_nid2obj(nid)))
|
if ((alg->algorithm = OBJ_nid2obj(nid)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if ((alg->parameter = ASN1_TYPE_new()) == NULL)
|
if ((alg->parameter = ASN1_TYPE_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
@ -135,7 +135,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
|
|||||||
|
|
||||||
if (serialNumber) {
|
if (serialNumber) {
|
||||||
ASN1_INTEGER_free(cid->serialNumber);
|
ASN1_INTEGER_free(cid->serialNumber);
|
||||||
if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber)))
|
if ((cid->serialNumber = ASN1_INTEGER_dup(serialNumber)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
return cid;
|
return cid;
|
||||||
|
@ -214,7 +214,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags)
|
|||||||
}
|
}
|
||||||
|
|
||||||
i = ASN1_STRING_length(rb->response);
|
i = ASN1_STRING_length(rb->response);
|
||||||
if (!(br = OCSP_response_get1_basic(o)))
|
if ((br = OCSP_response_get1_basic(o)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
rd = br->tbsResponseData;
|
rd = br->tbsResponseData;
|
||||||
l = ASN1_INTEGER_get(rd->version);
|
l = ASN1_INTEGER_get(rd->version);
|
||||||
|
@ -116,13 +116,13 @@ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs)
|
|||||||
{
|
{
|
||||||
OCSP_RESPONSE *rsp = NULL;
|
OCSP_RESPONSE *rsp = NULL;
|
||||||
|
|
||||||
if (!(rsp = OCSP_RESPONSE_new()))
|
if ((rsp = OCSP_RESPONSE_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ASN1_ENUMERATED_set(rsp->responseStatus, status)))
|
if (!(ASN1_ENUMERATED_set(rsp->responseStatus, status)))
|
||||||
goto err;
|
goto err;
|
||||||
if (!bs)
|
if (!bs)
|
||||||
return rsp;
|
return rsp;
|
||||||
if (!(rsp->responseBytes = OCSP_RESPBYTES_new()))
|
if ((rsp->responseBytes = OCSP_RESPBYTES_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
rsp->responseBytes->responseType = OBJ_nid2obj(NID_id_pkix_OCSP_basic);
|
rsp->responseBytes->responseType = OBJ_nid2obj(NID_id_pkix_OCSP_basic);
|
||||||
if (!ASN1_item_pack
|
if (!ASN1_item_pack
|
||||||
@ -145,11 +145,12 @@ OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
|
|||||||
OCSP_CERTSTATUS *cs;
|
OCSP_CERTSTATUS *cs;
|
||||||
OCSP_REVOKEDINFO *ri;
|
OCSP_REVOKEDINFO *ri;
|
||||||
|
|
||||||
if (!rsp->tbsResponseData->responses &&
|
if (rsp->tbsResponseData->responses == NULL
|
||||||
!(rsp->tbsResponseData->responses = sk_OCSP_SINGLERESP_new_null()))
|
&& (rsp->tbsResponseData->responses
|
||||||
|
= sk_OCSP_SINGLERESP_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!(single = OCSP_SINGLERESP_new()))
|
if ((single = OCSP_SINGLERESP_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!ASN1_TIME_to_generalizedtime(thisupd, &single->thisUpdate))
|
if (!ASN1_TIME_to_generalizedtime(thisupd, &single->thisUpdate))
|
||||||
@ -160,7 +161,7 @@ OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
|
|||||||
|
|
||||||
OCSP_CERTID_free(single->certId);
|
OCSP_CERTID_free(single->certId);
|
||||||
|
|
||||||
if (!(single->certId = OCSP_CERTID_dup(cid)))
|
if ((single->certId = OCSP_CERTID_dup(cid)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
cs = single->certStatus;
|
cs = single->certStatus;
|
||||||
@ -170,12 +171,12 @@ OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
|
|||||||
OCSPerr(OCSP_F_OCSP_BASIC_ADD1_STATUS, OCSP_R_NO_REVOKED_TIME);
|
OCSPerr(OCSP_F_OCSP_BASIC_ADD1_STATUS, OCSP_R_NO_REVOKED_TIME);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(cs->value.revoked = ri = OCSP_REVOKEDINFO_new()))
|
if ((cs->value.revoked = ri = OCSP_REVOKEDINFO_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_TIME_to_generalizedtime(revtime, &ri->revocationTime))
|
if (!ASN1_TIME_to_generalizedtime(revtime, &ri->revocationTime))
|
||||||
goto err;
|
goto err;
|
||||||
if (reason != OCSP_REVOKED_STATUS_NOSTATUS) {
|
if (reason != OCSP_REVOKED_STATUS_NOSTATUS) {
|
||||||
if (!(ri->revocationReason = ASN1_ENUMERATED_new()))
|
if ((ri->revocationReason = ASN1_ENUMERATED_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ASN1_ENUMERATED_set(ri->revocationReason, reason)))
|
if (!(ASN1_ENUMERATED_set(ri->revocationReason, reason)))
|
||||||
goto err;
|
goto err;
|
||||||
@ -206,7 +207,8 @@ OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
|
|||||||
|
|
||||||
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
|
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
|
||||||
{
|
{
|
||||||
if (!resp->certs && !(resp->certs = sk_X509_new_null()))
|
if (resp->certs == NULL
|
||||||
|
&& (resp->certs = sk_X509_new_null()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (!sk_X509_push(resp->certs, cert))
|
if (!sk_X509_push(resp->certs, cert))
|
||||||
@ -242,7 +244,7 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp,
|
|||||||
if (flags & OCSP_RESPID_KEY) {
|
if (flags & OCSP_RESPID_KEY) {
|
||||||
unsigned char md[SHA_DIGEST_LENGTH];
|
unsigned char md[SHA_DIGEST_LENGTH];
|
||||||
X509_pubkey_digest(signer, EVP_sha1(), md, NULL);
|
X509_pubkey_digest(signer, EVP_sha1(), md, NULL);
|
||||||
if (!(rid->value.byKey = ASN1_OCTET_STRING_new()))
|
if ((rid->value.byKey = ASN1_OCTET_STRING_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ASN1_OCTET_STRING_set(rid->value.byKey, md, SHA_DIGEST_LENGTH)))
|
if (!(ASN1_OCTET_STRING_set(rid->value.byKey, md, SHA_DIGEST_LENGTH)))
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -314,7 +314,8 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
|
|||||||
X509_NAME *iname;
|
X509_NAME *iname;
|
||||||
int mdlen;
|
int mdlen;
|
||||||
unsigned char md[EVP_MAX_MD_SIZE];
|
unsigned char md[EVP_MAX_MD_SIZE];
|
||||||
if (!(dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))) {
|
if ((dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))
|
||||||
|
== NULL) {
|
||||||
OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID,
|
OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID,
|
||||||
OCSP_R_UNKNOWN_MESSAGE_DIGEST);
|
OCSP_R_UNKNOWN_MESSAGE_DIGEST);
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -116,7 +116,8 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid,
|
|||||||
PKCS8_PRIV_KEY_INFO *p8inf;
|
PKCS8_PRIV_KEY_INFO *p8inf;
|
||||||
char buf[PEM_BUFSIZE];
|
char buf[PEM_BUFSIZE];
|
||||||
int ret;
|
int ret;
|
||||||
if (!(p8inf = EVP_PKEY2PKCS8(x))) {
|
|
||||||
|
if ((p8inf = EVP_PKEY2PKCS8(x)) == NULL) {
|
||||||
PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
|
PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -224,7 +225,8 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid,
|
|||||||
{
|
{
|
||||||
BIO *bp;
|
BIO *bp;
|
||||||
int ret;
|
int ret;
|
||||||
if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
|
|
||||||
|
if ((bp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
|
||||||
PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB);
|
PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB);
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
@ -238,7 +240,8 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
|
|||||||
{
|
{
|
||||||
BIO *bp;
|
BIO *bp;
|
||||||
EVP_PKEY *ret;
|
EVP_PKEY *ret;
|
||||||
if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
|
|
||||||
|
if ((bp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
|
||||||
PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB);
|
PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -316,13 +316,12 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
|
|||||||
if (!read_lebn(&p, 20, &dsa->priv_key))
|
if (!read_lebn(&p, 20, &dsa->priv_key))
|
||||||
goto memerr;
|
goto memerr;
|
||||||
/* Calculate public key */
|
/* Calculate public key */
|
||||||
if (!(dsa->pub_key = BN_new()))
|
if ((dsa->pub_key = BN_new()) == NULL)
|
||||||
goto memerr;
|
goto memerr;
|
||||||
if (!(ctx = BN_CTX_new()))
|
if ((ctx = BN_CTX_new()) == NULL)
|
||||||
goto memerr;
|
goto memerr;
|
||||||
|
|
||||||
if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
|
if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
|
||||||
|
|
||||||
goto memerr;
|
goto memerr;
|
||||||
BN_CTX_free(ctx);
|
BN_CTX_free(ctx);
|
||||||
}
|
}
|
||||||
|
@ -68,7 +68,8 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
|
|||||||
{
|
{
|
||||||
PKCS12_BAGS *bag;
|
PKCS12_BAGS *bag;
|
||||||
PKCS12_SAFEBAG *safebag;
|
PKCS12_SAFEBAG *safebag;
|
||||||
if (!(bag = PKCS12_BAGS_new())) {
|
|
||||||
|
if ((bag = PKCS12_BAGS_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -77,7 +78,7 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
|
|||||||
PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (!(safebag = PKCS12_SAFEBAG_new())) {
|
if ((safebag = PKCS12_SAFEBAG_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -91,7 +92,8 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
|
|||||||
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
|
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
|
||||||
{
|
{
|
||||||
PKCS12_SAFEBAG *bag;
|
PKCS12_SAFEBAG *bag;
|
||||||
if (!(bag = PKCS12_SAFEBAG_new())) {
|
|
||||||
|
if ((bag = PKCS12_SAFEBAG_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -111,7 +113,7 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
|
|||||||
const EVP_CIPHER *pbe_ciph;
|
const EVP_CIPHER *pbe_ciph;
|
||||||
|
|
||||||
/* Set up the safe bag */
|
/* Set up the safe bag */
|
||||||
if (!(bag = PKCS12_SAFEBAG_new())) {
|
if ((bag = PKCS12_SAFEBAG_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -137,12 +139,13 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
|
|||||||
PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
|
PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
|
||||||
{
|
{
|
||||||
PKCS7 *p7;
|
PKCS7 *p7;
|
||||||
if (!(p7 = PKCS7_new())) {
|
|
||||||
|
if ((p7 = PKCS7_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
p7->type = OBJ_nid2obj(NID_pkcs7_data);
|
p7->type = OBJ_nid2obj(NID_pkcs7_data);
|
||||||
if (!(p7->d.data = ASN1_OCTET_STRING_new())) {
|
if ((p7->d.data = ASN1_OCTET_STRING_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -174,7 +177,8 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
|
|||||||
PKCS7 *p7;
|
PKCS7 *p7;
|
||||||
X509_ALGOR *pbe;
|
X509_ALGOR *pbe;
|
||||||
const EVP_CIPHER *pbe_ciph;
|
const EVP_CIPHER *pbe_ciph;
|
||||||
if (!(p7 = PKCS7_new())) {
|
|
||||||
|
if ((p7 = PKCS7_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -129,7 +129,8 @@ ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
|
|||||||
char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
|
char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
|
||||||
{
|
{
|
||||||
ASN1_TYPE *atype;
|
ASN1_TYPE *atype;
|
||||||
if (!(atype = PKCS12_get_attr(bag, NID_friendlyName)))
|
|
||||||
|
if ((atype = PKCS12_get_attr(bag, NID_friendlyName)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (atype->type != V_ASN1_BMPSTRING)
|
if (atype->type != V_ASN1_BMPSTRING)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
@ -189,7 +189,7 @@ PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert)
|
|||||||
int keyidlen = -1;
|
int keyidlen = -1;
|
||||||
|
|
||||||
/* Add user certificate */
|
/* Add user certificate */
|
||||||
if (!(bag = PKCS12_x5092certbag(cert)))
|
if ((bag = PKCS12_x5092certbag(cert)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -226,7 +226,7 @@ PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
|
|||||||
PKCS8_PRIV_KEY_INFO *p8 = NULL;
|
PKCS8_PRIV_KEY_INFO *p8 = NULL;
|
||||||
|
|
||||||
/* Make a PKCS#8 structure */
|
/* Make a PKCS#8 structure */
|
||||||
if (!(p8 = EVP_PKEY2PKCS8(key)))
|
if ((p8 = EVP_PKEY2PKCS8(key)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
|
if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -88,7 +88,8 @@ unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
|
if ((out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))
|
||||||
|
== NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -174,7 +175,8 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
|
|||||||
ASN1_OCTET_STRING *oct = NULL;
|
ASN1_OCTET_STRING *oct = NULL;
|
||||||
unsigned char *in = NULL;
|
unsigned char *in = NULL;
|
||||||
int inlen;
|
int inlen;
|
||||||
if (!(oct = ASN1_OCTET_STRING_new())) {
|
|
||||||
|
if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -66,7 +66,8 @@
|
|||||||
PKCS12 *PKCS12_init(int mode)
|
PKCS12 *PKCS12_init(int mode)
|
||||||
{
|
{
|
||||||
PKCS12 *pkcs12;
|
PKCS12 *pkcs12;
|
||||||
if (!(pkcs12 = PKCS12_new())) {
|
|
||||||
|
if ((pkcs12 = PKCS12_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -74,7 +75,7 @@ PKCS12 *PKCS12_init(int mode)
|
|||||||
pkcs12->authsafes->type = OBJ_nid2obj(mode);
|
pkcs12->authsafes->type = OBJ_nid2obj(mode);
|
||||||
switch (mode) {
|
switch (mode) {
|
||||||
case NID_pkcs7_data:
|
case NID_pkcs7_data:
|
||||||
if (!(pkcs12->authsafes->d.data = ASN1_OCTET_STRING_new())) {
|
if ((pkcs12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -179,7 +179,7 @@ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
|
|||||||
int i, bagnid;
|
int i, bagnid;
|
||||||
PKCS7 *p7;
|
PKCS7 *p7;
|
||||||
|
|
||||||
if (!(asafes = PKCS12_unpack_authsafes(p12)))
|
if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
|
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
|
||||||
p7 = sk_PKCS7_value(asafes, i);
|
p7 = sk_PKCS7_value(asafes, i);
|
||||||
@ -236,14 +236,14 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
|
|||||||
case NID_keyBag:
|
case NID_keyBag:
|
||||||
if (!pkey || *pkey)
|
if (!pkey || *pkey)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag)))
|
if ((*pkey = EVP_PKCS82PKEY(bag->value.keybag)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case NID_pkcs8ShroudedKeyBag:
|
case NID_pkcs8ShroudedKeyBag:
|
||||||
if (!pkey || *pkey)
|
if (!pkey || *pkey)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
|
if ((p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
*pkey = EVP_PKCS82PKEY(p8);
|
*pkey = EVP_PKCS82PKEY(p8);
|
||||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
@ -254,7 +254,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
|
|||||||
case NID_certBag:
|
case NID_certBag:
|
||||||
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
|
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(x509 = PKCS12_certbag2x509(bag)))
|
if ((x509 = PKCS12_certbag2x509(bag)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
|
if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
|
||||||
X509_free(x509);
|
X509_free(x509);
|
||||||
|
@ -84,7 +84,8 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
|
|||||||
iter = 1;
|
iter = 1;
|
||||||
else
|
else
|
||||||
iter = ASN1_INTEGER_get(p12->mac->iter);
|
iter = ASN1_INTEGER_get(p12->mac->iter);
|
||||||
if (!(md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm))) {
|
if ((md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm))
|
||||||
|
== NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
|
PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -157,10 +158,10 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
|
|||||||
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
|
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
|
||||||
const EVP_MD *md_type)
|
const EVP_MD *md_type)
|
||||||
{
|
{
|
||||||
if (!(p12->mac = PKCS12_MAC_DATA_new()))
|
if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL)
|
||||||
return PKCS12_ERROR;
|
return PKCS12_ERROR;
|
||||||
if (iter > 1) {
|
if (iter > 1) {
|
||||||
if (!(p12->mac->iter = ASN1_INTEGER_new())) {
|
if ((p12->mac->iter = ASN1_INTEGER_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -172,7 +173,7 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
|
|||||||
if (!saltlen)
|
if (!saltlen)
|
||||||
saltlen = PKCS12_SALT_LEN;
|
saltlen = PKCS12_SALT_LEN;
|
||||||
p12->mac->salt->length = saltlen;
|
p12->mac->salt->length = saltlen;
|
||||||
if (!(p12->mac->salt->data = OPENSSL_malloc(saltlen))) {
|
if ((p12->mac->salt->data = OPENSSL_malloc(saltlen)) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -182,7 +183,7 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
|
|||||||
} else
|
} else
|
||||||
memcpy(p12->mac->salt->data, salt, saltlen);
|
memcpy(p12->mac->salt->data, salt, saltlen);
|
||||||
p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
|
p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
|
||||||
if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
|
if ((p12->mac->dinfo->algor->parameter = ASN1_TYPE_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -113,9 +113,9 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
|
|||||||
unsigned char mac[EVP_MAX_MD_SIZE];
|
unsigned char mac[EVP_MAX_MD_SIZE];
|
||||||
unsigned int maclen;
|
unsigned int maclen;
|
||||||
|
|
||||||
if (!(asafes = PKCS12_unpack_authsafes(p12)))
|
if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!(newsafes = sk_PKCS7_new_null()))
|
if ((newsafes = sk_PKCS7_new_null()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
|
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
|
||||||
p7 = sk_PKCS7_value(asafes, i);
|
p7 = sk_PKCS7_value(asafes, i);
|
||||||
@ -158,14 +158,14 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
|
|||||||
/* Repack safe: save old safe in case of error */
|
/* Repack safe: save old safe in case of error */
|
||||||
|
|
||||||
p12_data_tmp = p12->authsafes->d.data;
|
p12_data_tmp = p12->authsafes->d.data;
|
||||||
if (!(p12->authsafes->d.data = ASN1_OCTET_STRING_new()))
|
if ((p12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL)
|
||||||
goto saferr;
|
goto saferr;
|
||||||
if (!PKCS12_pack_authsafes(p12, newsafes))
|
if (!PKCS12_pack_authsafes(p12, newsafes))
|
||||||
goto saferr;
|
goto saferr;
|
||||||
|
|
||||||
if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
|
if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
|
||||||
goto saferr;
|
goto saferr;
|
||||||
if (!(macnew = ASN1_OCTET_STRING_new()))
|
if ((macnew = ASN1_OCTET_STRING_new()) == NULL)
|
||||||
goto saferr;
|
goto saferr;
|
||||||
if (!ASN1_OCTET_STRING_set(macnew, mac, maclen))
|
if (!ASN1_OCTET_STRING_set(macnew, mac, maclen))
|
||||||
goto saferr;
|
goto saferr;
|
||||||
@ -206,12 +206,12 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
|
|||||||
if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
|
if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)))
|
if ((p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen))
|
if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen))
|
||||||
return 0;
|
return 0;
|
||||||
if (!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
|
if ((p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
|
||||||
p8_iter, p8)))
|
p8_iter, p8)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
X509_SIG_free(bag->value.shkeybag);
|
X509_SIG_free(bag->value.shkeybag);
|
||||||
bag->value.shkeybag = p8new;
|
bag->value.shkeybag = p8new;
|
||||||
|
@ -66,10 +66,10 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
|
|||||||
unsigned char *salt, int saltlen, int iter,
|
unsigned char *salt, int saltlen, int iter,
|
||||||
PKCS8_PRIV_KEY_INFO *p8inf)
|
PKCS8_PRIV_KEY_INFO *p8inf)
|
||||||
{
|
{
|
||||||
X509_SIG *p8 = NULL;
|
X509_SIG *p8;
|
||||||
X509_ALGOR *pbe;
|
X509_ALGOR *pbe;
|
||||||
|
|
||||||
if (!(p8 = X509_SIG_new())) {
|
if ((p8 = X509_SIG_new()) == NULL) {
|
||||||
PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
|
PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -68,10 +68,11 @@ unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
|
|||||||
{
|
{
|
||||||
int ulen, i;
|
int ulen, i;
|
||||||
unsigned char *unitmp;
|
unsigned char *unitmp;
|
||||||
|
|
||||||
if (asclen == -1)
|
if (asclen == -1)
|
||||||
asclen = strlen(asc);
|
asclen = strlen(asc);
|
||||||
ulen = asclen * 2 + 2;
|
ulen = asclen * 2 + 2;
|
||||||
if (!(unitmp = OPENSSL_malloc(ulen)))
|
if ((unitmp = OPENSSL_malloc(ulen)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
for (i = 0; i < ulen - 2; i += 2) {
|
for (i = 0; i < ulen - 2; i += 2) {
|
||||||
unitmp[i] = 0;
|
unitmp[i] = 0;
|
||||||
@ -91,12 +92,13 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
|
|||||||
{
|
{
|
||||||
int asclen, i;
|
int asclen, i;
|
||||||
char *asctmp;
|
char *asctmp;
|
||||||
|
|
||||||
asclen = unilen / 2;
|
asclen = unilen / 2;
|
||||||
/* If no terminating zero allow for one */
|
/* If no terminating zero allow for one */
|
||||||
if (!unilen || uni[unilen - 1])
|
if (!unilen || uni[unilen - 1])
|
||||||
asclen++;
|
asclen++;
|
||||||
uni++;
|
uni++;
|
||||||
if (!(asctmp = OPENSSL_malloc(asclen)))
|
if ((asctmp = OPENSSL_malloc(asclen)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
for (i = 0; i < unilen; i += 2)
|
for (i = 0; i < unilen; i += 2)
|
||||||
asctmp[i >> 1] = uni[i];
|
asctmp[i >> 1] = uni[i];
|
||||||
|
@ -71,7 +71,8 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
|
|||||||
STACK_OF(X509_ALGOR) *cap)
|
STACK_OF(X509_ALGOR) *cap)
|
||||||
{
|
{
|
||||||
ASN1_STRING *seq;
|
ASN1_STRING *seq;
|
||||||
if (!(seq = ASN1_STRING_new())) {
|
|
||||||
|
if ((seq = ASN1_STRING_new()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -87,7 +88,7 @@ STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
|
|||||||
const unsigned char *p;
|
const unsigned char *p;
|
||||||
|
|
||||||
cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
|
cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
|
||||||
if (!cap || (cap->type != V_ASN1_SEQUENCE))
|
if (cap == NULL || (cap->type != V_ASN1_SEQUENCE))
|
||||||
return NULL;
|
return NULL;
|
||||||
p = cap->value.sequence->data;
|
p = cap->value.sequence->data;
|
||||||
return (STACK_OF(X509_ALGOR) *)
|
return (STACK_OF(X509_ALGOR) *)
|
||||||
@ -100,7 +101,7 @@ int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
|
|||||||
{
|
{
|
||||||
X509_ALGOR *alg;
|
X509_ALGOR *alg;
|
||||||
|
|
||||||
if (!(alg = X509_ALGOR_new())) {
|
if ((alg = X509_ALGOR_new()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -108,11 +109,11 @@ int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
|
|||||||
alg->algorithm = OBJ_nid2obj(nid);
|
alg->algorithm = OBJ_nid2obj(nid);
|
||||||
if (arg > 0) {
|
if (arg > 0) {
|
||||||
ASN1_INTEGER *nbit;
|
ASN1_INTEGER *nbit;
|
||||||
if (!(alg->parameter = ASN1_TYPE_new())) {
|
if ((alg->parameter = ASN1_TYPE_new()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!(nbit = ASN1_INTEGER_new())) {
|
if ((nbit = ASN1_INTEGER_new()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -139,7 +140,7 @@ int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
|
|||||||
|
|
||||||
int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
|
int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
|
||||||
{
|
{
|
||||||
if (!t && !(t = X509_gmtime_adj(NULL, 0))) {
|
if (t == NULL && (t = X509_gmtime_adj(NULL, 0)) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
|
PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
|
||||||
ERR_R_MALLOC_FAILURE);
|
ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -1104,7 +1104,7 @@ static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
|
|||||||
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
|
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
|
||||||
{
|
{
|
||||||
ASN1_TYPE *astype;
|
ASN1_TYPE *astype;
|
||||||
if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest)))
|
if ((astype = get_attribute(sk, NID_pkcs9_messageDigest)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
return astype->value.octet_string;
|
return astype->value.octet_string;
|
||||||
}
|
}
|
||||||
@ -1165,11 +1165,10 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
|
|||||||
X509_ATTRIBUTE *attr = NULL;
|
X509_ATTRIBUTE *attr = NULL;
|
||||||
|
|
||||||
if (*sk == NULL) {
|
if (*sk == NULL) {
|
||||||
*sk = sk_X509_ATTRIBUTE_new_null();
|
if ((*sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
|
||||||
if (*sk == NULL)
|
|
||||||
return 0;
|
return 0;
|
||||||
new_attrib:
|
new_attrib:
|
||||||
if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
|
if ((attr = X509_ATTRIBUTE_create(nid, atrtype, value)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
|
if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
|
||||||
X509_ATTRIBUTE_free(attr);
|
X509_ATTRIBUTE_free(attr);
|
||||||
|
@ -265,8 +265,8 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!j) { /* we need to add another algorithm */
|
if (!j) { /* we need to add another algorithm */
|
||||||
if (!(alg = X509_ALGOR_new())
|
if ((alg = X509_ALGOR_new()) == NULL
|
||||||
|| !(alg->parameter = ASN1_TYPE_new())) {
|
|| (alg->parameter = ASN1_TYPE_new()) == NULL) {
|
||||||
X509_ALGOR_free(alg);
|
X509_ALGOR_free(alg);
|
||||||
PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
|
||||||
return (0);
|
return (0);
|
||||||
@ -426,7 +426,7 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
|
|||||||
int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
|
int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
|
||||||
{
|
{
|
||||||
if (PKCS7_type_is_digest(p7)) {
|
if (PKCS7_type_is_digest(p7)) {
|
||||||
if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) {
|
if ((p7->d.digest->md->parameter = ASN1_TYPE_new()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -72,7 +72,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
|
|||||||
PKCS7 *p7;
|
PKCS7 *p7;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (!(p7 = PKCS7_new())) {
|
if ((p7 = PKCS7_new()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -113,7 +113,7 @@ int PKCS7_final(PKCS7 *p7, BIO *data, int flags)
|
|||||||
{
|
{
|
||||||
BIO *p7bio;
|
BIO *p7bio;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
|
if ((p7bio = PKCS7_dataInit(p7, NULL)) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -164,7 +164,7 @@ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) {
|
if ((si = PKCS7_add_signature(p7, signcert, pkey, md)) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
|
PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
|
||||||
PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
|
PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -180,7 +180,7 @@ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
|
|||||||
goto err;
|
goto err;
|
||||||
/* Add SMIMECapabilities */
|
/* Add SMIMECapabilities */
|
||||||
if (!(flags & PKCS7_NOSMIMECAP)) {
|
if (!(flags & PKCS7_NOSMIMECAP)) {
|
||||||
if (!(smcap = sk_X509_ALGOR_new_null())) {
|
if ((smcap = sk_X509_ALGOR_new_null()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -353,11 +353,11 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
|||||||
} else
|
} else
|
||||||
tmpin = indata;
|
tmpin = indata;
|
||||||
|
|
||||||
if (!(p7bio = PKCS7_dataInit(p7, tmpin)))
|
if ((p7bio = PKCS7_dataInit(p7, tmpin)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (flags & PKCS7_TEXT) {
|
if (flags & PKCS7_TEXT) {
|
||||||
if (!(tmpout = BIO_new(BIO_s_mem()))) {
|
if ((tmpout = BIO_new(BIO_s_mem())) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -439,7 +439,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(signers = sk_X509_new_null())) {
|
if ((signers = sk_X509_new_null()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -481,7 +481,7 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
|
|||||||
BIO *p7bio = NULL;
|
BIO *p7bio = NULL;
|
||||||
int i;
|
int i;
|
||||||
X509 *x509;
|
X509 *x509;
|
||||||
if (!(p7 = PKCS7_new())) {
|
if ((p7 = PKCS7_new()) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -537,7 +537,7 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
|
if ((tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert)) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
|
PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -545,12 +545,12 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
|
|||||||
if (flags & PKCS7_TEXT) {
|
if (flags & PKCS7_TEXT) {
|
||||||
BIO *tmpbuf, *bread;
|
BIO *tmpbuf, *bread;
|
||||||
/* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
|
/* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
|
||||||
if (!(tmpbuf = BIO_new(BIO_f_buffer()))) {
|
if ((tmpbuf = BIO_new(BIO_f_buffer())) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
|
||||||
BIO_free_all(tmpmem);
|
BIO_free_all(tmpmem);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!(bread = BIO_push(tmpbuf, tmpmem))) {
|
if ((bread = BIO_push(tmpbuf, tmpmem)) == NULL) {
|
||||||
PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
|
PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
|
||||||
BIO_free_all(tmpbuf);
|
BIO_free_all(tmpbuf);
|
||||||
BIO_free_all(tmpmem);
|
BIO_free_all(tmpmem);
|
||||||
|
@ -93,9 +93,10 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
|
|||||||
const unsigned char *p;
|
const unsigned char *p;
|
||||||
int pklen;
|
int pklen;
|
||||||
RSA *rsa = NULL;
|
RSA *rsa = NULL;
|
||||||
|
|
||||||
if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
|
if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
|
||||||
return 0;
|
return 0;
|
||||||
if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen))) {
|
if ((rsa = d2i_RSAPublicKey(NULL, &p, pklen)) == NULL) {
|
||||||
RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
|
RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -115,7 +116,8 @@ static int old_rsa_priv_decode(EVP_PKEY *pkey,
|
|||||||
const unsigned char **pder, int derlen)
|
const unsigned char **pder, int derlen)
|
||||||
{
|
{
|
||||||
RSA *rsa;
|
RSA *rsa;
|
||||||
if (!(rsa = d2i_RSAPrivateKey(NULL, pder, derlen))) {
|
|
||||||
|
if ((rsa = d2i_RSAPrivateKey(NULL, pder, derlen)) == NULL) {
|
||||||
RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
|
RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -606,7 +606,7 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
|
|||||||
|
|
||||||
if (strcmp(type, "rsa_mgf1_md") == 0) {
|
if (strcmp(type, "rsa_mgf1_md") == 0) {
|
||||||
const EVP_MD *md;
|
const EVP_MD *md;
|
||||||
if (!(md = EVP_get_digestbyname(value))) {
|
if ((md = EVP_get_digestbyname(value)) == NULL) {
|
||||||
RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
|
RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -615,7 +615,7 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
|
|||||||
|
|
||||||
if (strcmp(type, "rsa_oaep_md") == 0) {
|
if (strcmp(type, "rsa_oaep_md") == 0) {
|
||||||
const EVP_MD *md;
|
const EVP_MD *md;
|
||||||
if (!(md = EVP_get_digestbyname(value))) {
|
if ((md = EVP_get_digestbyname(value)) == NULL) {
|
||||||
RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
|
RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -127,7 +127,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
|
|||||||
EVP_DigestFinal_ex(&ctxt, cu, NULL);
|
EVP_DigestFinal_ex(&ctxt, cu, NULL);
|
||||||
EVP_MD_CTX_cleanup(&ctxt);
|
EVP_MD_CTX_cleanup(&ctxt);
|
||||||
|
|
||||||
if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
|
if ((u = BN_bin2bn(cu, sizeof(cu), NULL)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!BN_is_zero(u))
|
if (!BN_is_zero(u))
|
||||||
return u;
|
return u;
|
||||||
@ -178,10 +178,10 @@ BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
|
|||||||
|
|
||||||
/* B = g**b + k*v */
|
/* B = g**b + k*v */
|
||||||
|
|
||||||
if (!BN_mod_exp(gb, g, b, N, bn_ctx) ||
|
if (!BN_mod_exp(gb, g, b, N, bn_ctx)
|
||||||
!(k = srp_Calc_k(N, g)) ||
|
|| (k = srp_Calc_k(N, g)) == NULL
|
||||||
!BN_mod_mul(kv, v, k, N, bn_ctx) ||
|
|| !BN_mod_mul(kv, v, k, N, bn_ctx)
|
||||||
!BN_mod_add(B, gb, kv, N, bn_ctx)) {
|
|| !BN_mod_add(B, gb, kv, N, bn_ctx)) {
|
||||||
BN_free(B);
|
BN_free(B);
|
||||||
B = NULL;
|
B = NULL;
|
||||||
}
|
}
|
||||||
@ -257,13 +257,12 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
|
|||||||
|
|
||||||
if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
|
if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
|
||||||
goto err;
|
goto err;
|
||||||
if (!(k = srp_Calc_k(N, g)))
|
if ((k = srp_Calc_k(N, g)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))
|
if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))
|
||||||
goto err;
|
goto err;
|
||||||
if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
|
if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!BN_mod_mul(tmp3, u, x, N, bn_ctx))
|
if (!BN_mod_mul(tmp3, u, x, N, bn_ctx))
|
||||||
goto err;
|
goto err;
|
||||||
if (!BN_mod_add(tmp2, a, tmp3, N, bn_ctx))
|
if (!BN_mod_add(tmp2, a, tmp3, N, bn_ctx))
|
||||||
|
@ -253,8 +253,8 @@ SRP_VBASE *SRP_VBASE_new(char *seed_key)
|
|||||||
|
|
||||||
if (vb == NULL)
|
if (vb == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
|
if ((vb->users_pwd = sk_SRP_user_pwd_new_null()) == NULL
|
||||||
!(vb->gN_cache = sk_SRP_gN_cache_new_null())) {
|
|| (vb->gN_cache = sk_SRP_gN_cache_new_null()) == NULL) {
|
||||||
OPENSSL_free(vb);
|
OPENSSL_free(vb);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -394,10 +394,11 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
|
|||||||
if ((gN = OPENSSL_malloc(sizeof(*gN))) == NULL)
|
if ((gN = OPENSSL_malloc(sizeof(*gN))) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!(gN->id = BUF_strdup(pp[DB_srpid]))
|
if ((gN->id = BUF_strdup(pp[DB_srpid])) == NULL
|
||||||
|| !(gN->N =
|
|| (gN->N = SRP_gN_place_bn(vb->gN_cache, pp[DB_srpverifier]))
|
||||||
SRP_gN_place_bn(vb->gN_cache, pp[DB_srpverifier]))
|
== NULL
|
||||||
|| !(gN->g = SRP_gN_place_bn(vb->gN_cache, pp[DB_srpsalt]))
|
|| (gN->g = SRP_gN_place_bn(vb->gN_cache, pp[DB_srpsalt]))
|
||||||
|
== NULL
|
||||||
|| sk_SRP_gN_insert(SRP_gN_tab, gN, 0) == 0)
|
|| sk_SRP_gN_insert(SRP_gN_tab, gN, 0) == 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
@ -533,10 +534,10 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (N) {
|
if (N) {
|
||||||
if (!(len = t_fromb64(tmp, N)))
|
if ((len = t_fromb64(tmp, N)) == 0)
|
||||||
goto err;
|
goto err;
|
||||||
N_bn = BN_bin2bn(tmp, len, NULL);
|
N_bn = BN_bin2bn(tmp, len, NULL);
|
||||||
if (!(len = t_fromb64(tmp, g)))
|
if ((len = t_fromb64(tmp, g)) == 0)
|
||||||
goto err;
|
goto err;
|
||||||
g_bn = BN_bin2bn(tmp, len, NULL);
|
g_bn = BN_bin2bn(tmp, len, NULL);
|
||||||
defgNid = "*";
|
defgNid = "*";
|
||||||
@ -555,7 +556,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
|
|||||||
|
|
||||||
s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
|
s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
|
||||||
} else {
|
} else {
|
||||||
if (!(len = t_fromb64(tmp2, *salt)))
|
if ((len = t_fromb64(tmp2, *salt)) == 0)
|
||||||
goto err;
|
goto err;
|
||||||
s = BN_bin2bn(tmp2, len, NULL);
|
s = BN_bin2bn(tmp2, len, NULL);
|
||||||
}
|
}
|
||||||
|
@ -114,11 +114,11 @@ STACK_OF(X509) *TS_CONF_load_certs(const char *file)
|
|||||||
STACK_OF(X509_INFO) *allcerts = NULL;
|
STACK_OF(X509_INFO) *allcerts = NULL;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (!(certs = BIO_new_file(file, "r")))
|
if ((certs = BIO_new_file(file, "r")) == NULL)
|
||||||
|
goto end;
|
||||||
|
if ((othercerts = sk_X509_new_null()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
if (!(othercerts = sk_X509_new_null()))
|
|
||||||
goto end;
|
|
||||||
allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
|
allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
|
||||||
for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
|
for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
|
||||||
X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
|
X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
|
||||||
@ -140,7 +140,7 @@ EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass)
|
|||||||
BIO *key = NULL;
|
BIO *key = NULL;
|
||||||
EVP_PKEY *pkey = NULL;
|
EVP_PKEY *pkey = NULL;
|
||||||
|
|
||||||
if (!(key = BIO_new_file(file, "r")))
|
if ((key = BIO_new_file(file, "r")) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *)pass);
|
pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *)pass);
|
||||||
end:
|
end:
|
||||||
@ -195,7 +195,7 @@ int TS_CONF_set_crypto_device(CONF *conf, const char *section,
|
|||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
if (!device)
|
if (device == NULL)
|
||||||
device = NCONF_get_string(conf, section, ENV_CRYPTO_DEVICE);
|
device = NCONF_get_string(conf, section, ENV_CRYPTO_DEVICE);
|
||||||
|
|
||||||
if (device && !TS_CONF_set_default_engine(device)) {
|
if (device && !TS_CONF_set_default_engine(device)) {
|
||||||
@ -216,8 +216,9 @@ int TS_CONF_set_default_engine(const char *name)
|
|||||||
if (strcmp(name, "builtin") == 0)
|
if (strcmp(name, "builtin") == 0)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
if (!(e = ENGINE_by_id(name)))
|
if ((e = ENGINE_by_id(name)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Enable the use of the NCipher HSM for forked children. */
|
/* Enable the use of the NCipher HSM for forked children. */
|
||||||
if (strcmp(name, "chil") == 0)
|
if (strcmp(name, "chil") == 0)
|
||||||
ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
|
ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
|
||||||
@ -241,13 +242,15 @@ int TS_CONF_set_signer_cert(CONF *conf, const char *section,
|
|||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
X509 *cert_obj = NULL;
|
X509 *cert_obj = NULL;
|
||||||
if (!cert)
|
|
||||||
|
if (cert == NULL) {
|
||||||
cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT);
|
cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT);
|
||||||
if (!cert) {
|
if (cert == NULL) {
|
||||||
TS_CONF_lookup_fail(section, ENV_SIGNER_CERT);
|
TS_CONF_lookup_fail(section, ENV_SIGNER_CERT);
|
||||||
goto err;
|
goto err;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (!(cert_obj = TS_CONF_load_cert(cert)))
|
if ((cert_obj = TS_CONF_load_cert(cert)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!TS_RESP_CTX_set_signer_cert(ctx, cert_obj))
|
if (!TS_RESP_CTX_set_signer_cert(ctx, cert_obj))
|
||||||
goto err;
|
goto err;
|
||||||
@ -263,12 +266,13 @@ int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
|
|||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
STACK_OF(X509) *certs_obj = NULL;
|
STACK_OF(X509) *certs_obj = NULL;
|
||||||
if (!certs)
|
|
||||||
certs = NCONF_get_string(conf, section, ENV_CERTS);
|
if (certs == NULL) {
|
||||||
/* Certificate chain is optional. */
|
/* Certificate chain is optional. */
|
||||||
if (!certs)
|
if ((certs = NCONF_get_string(conf, section, ENV_CERTS)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
if (!(certs_obj = TS_CONF_load_certs(certs)))
|
}
|
||||||
|
if ((certs_obj = TS_CONF_load_certs(certs)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!TS_RESP_CTX_set_certs(ctx, certs_obj))
|
if (!TS_RESP_CTX_set_certs(ctx, certs_obj))
|
||||||
goto err;
|
goto err;
|
||||||
@ -291,7 +295,7 @@ int TS_CONF_set_signer_key(CONF *conf, const char *section,
|
|||||||
TS_CONF_lookup_fail(section, ENV_SIGNER_KEY);
|
TS_CONF_lookup_fail(section, ENV_SIGNER_KEY);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(key_obj = TS_CONF_load_key(key, pass)))
|
if ((key_obj = TS_CONF_load_key(key, pass)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!TS_RESP_CTX_set_signer_key(ctx, key_obj))
|
if (!TS_RESP_CTX_set_signer_key(ctx, key_obj))
|
||||||
goto err;
|
goto err;
|
||||||
@ -313,7 +317,7 @@ int TS_CONF_set_def_policy(CONF *conf, const char *section,
|
|||||||
TS_CONF_lookup_fail(section, ENV_DEFAULT_POLICY);
|
TS_CONF_lookup_fail(section, ENV_DEFAULT_POLICY);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(policy_obj = OBJ_txt2obj(policy, 0))) {
|
if ((policy_obj = OBJ_txt2obj(policy, 0)) == NULL) {
|
||||||
TS_CONF_invalid(section, ENV_DEFAULT_POLICY);
|
TS_CONF_invalid(section, ENV_DEFAULT_POLICY);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -331,10 +335,10 @@ int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx)
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
int i;
|
int i;
|
||||||
STACK_OF(CONF_VALUE) *list = NULL;
|
STACK_OF(CONF_VALUE) *list = NULL;
|
||||||
char *policies = NCONF_get_string(conf, section,
|
char *policies = NCONF_get_string(conf, section, ENV_OTHER_POLICIES);
|
||||||
ENV_OTHER_POLICIES);
|
|
||||||
/* If no other policy is specified, that's fine. */
|
/* If no other policy is specified, that's fine. */
|
||||||
if (policies && !(list = X509V3_parse_list(policies))) {
|
if (policies && (list = X509V3_parse_list(policies)) == NULL) {
|
||||||
TS_CONF_invalid(section, ENV_OTHER_POLICIES);
|
TS_CONF_invalid(section, ENV_OTHER_POLICIES);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -342,7 +346,8 @@ int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx)
|
|||||||
CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
|
CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
|
||||||
const char *extval = val->value ? val->value : val->name;
|
const char *extval = val->value ? val->value : val->name;
|
||||||
ASN1_OBJECT *objtmp;
|
ASN1_OBJECT *objtmp;
|
||||||
if (!(objtmp = OBJ_txt2obj(extval, 0))) {
|
|
||||||
|
if ((objtmp = OBJ_txt2obj(extval, 0)) == NULL) {
|
||||||
TS_CONF_invalid(section, ENV_OTHER_POLICIES);
|
TS_CONF_invalid(section, ENV_OTHER_POLICIES);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -363,11 +368,12 @@ int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx)
|
|||||||
int i;
|
int i;
|
||||||
STACK_OF(CONF_VALUE) *list = NULL;
|
STACK_OF(CONF_VALUE) *list = NULL;
|
||||||
char *digests = NCONF_get_string(conf, section, ENV_DIGESTS);
|
char *digests = NCONF_get_string(conf, section, ENV_DIGESTS);
|
||||||
if (!digests) {
|
|
||||||
|
if (digests == NULL) {
|
||||||
TS_CONF_lookup_fail(section, ENV_DIGESTS);
|
TS_CONF_lookup_fail(section, ENV_DIGESTS);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(list = X509V3_parse_list(digests))) {
|
if ((list = X509V3_parse_list(digests)) == NULL) {
|
||||||
TS_CONF_invalid(section, ENV_DIGESTS);
|
TS_CONF_invalid(section, ENV_DIGESTS);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -379,7 +385,8 @@ int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx)
|
|||||||
CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
|
CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
|
||||||
const char *extval = val->value ? val->value : val->name;
|
const char *extval = val->value ? val->value : val->name;
|
||||||
const EVP_MD *md;
|
const EVP_MD *md;
|
||||||
if (!(md = EVP_get_digestbyname(extval))) {
|
|
||||||
|
if ((md = EVP_get_digestbyname(extval)) == NULL) {
|
||||||
TS_CONF_invalid(section, ENV_DIGESTS);
|
TS_CONF_invalid(section, ENV_DIGESTS);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -401,7 +408,7 @@ int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx)
|
|||||||
STACK_OF(CONF_VALUE) *list = NULL;
|
STACK_OF(CONF_VALUE) *list = NULL;
|
||||||
char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
|
char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
|
||||||
|
|
||||||
if (accuracy && !(list = X509V3_parse_list(accuracy))) {
|
if (accuracy && (list = X509V3_parse_list(accuracy)) == NULL) {
|
||||||
TS_CONF_invalid(section, ENV_ACCURACY);
|
TS_CONF_invalid(section, ENV_ACCURACY);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -169,7 +169,7 @@ TS_RESP_CTX *TS_RESP_CTX_new()
|
|||||||
{
|
{
|
||||||
TS_RESP_CTX *ctx;
|
TS_RESP_CTX *ctx;
|
||||||
|
|
||||||
if (!(ctx = OPENSSL_malloc(sizeof(*ctx)))) {
|
if ((ctx = OPENSSL_malloc(sizeof(*ctx))) == NULL) {
|
||||||
TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -225,7 +225,7 @@ int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
|
|||||||
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
|
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
|
||||||
{
|
{
|
||||||
ASN1_OBJECT_free(ctx->default_policy);
|
ASN1_OBJECT_free(ctx->default_policy);
|
||||||
if (!(ctx->default_policy = OBJ_dup(def_policy)))
|
if ((ctx->default_policy = OBJ_dup(def_policy)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
return 1;
|
return 1;
|
||||||
err:
|
err:
|
||||||
@ -240,7 +240,7 @@ int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
|
|||||||
ctx->certs = NULL;
|
ctx->certs = NULL;
|
||||||
if (!certs)
|
if (!certs)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(ctx->certs = X509_chain_up_ref(certs))) {
|
if ((ctx->certs = X509_chain_up_ref(certs)) == NULL) {
|
||||||
TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -253,9 +253,10 @@ int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
|
|||||||
ASN1_OBJECT *copy = NULL;
|
ASN1_OBJECT *copy = NULL;
|
||||||
|
|
||||||
/* Create new policy stack if necessary. */
|
/* Create new policy stack if necessary. */
|
||||||
if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null()))
|
if (ctx->policies == NULL
|
||||||
|
&& (ctx->policies = sk_ASN1_OBJECT_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(copy = OBJ_dup(policy)))
|
if ((copy = OBJ_dup(policy)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!sk_ASN1_OBJECT_push(ctx->policies, copy))
|
if (!sk_ASN1_OBJECT_push(ctx->policies, copy))
|
||||||
goto err;
|
goto err;
|
||||||
@ -270,7 +271,8 @@ int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
|
|||||||
int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
|
int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
|
||||||
{
|
{
|
||||||
/* Create new md stack if necessary. */
|
/* Create new md stack if necessary. */
|
||||||
if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null()))
|
if (ctx->mds == NULL
|
||||||
|
&& (ctx->mds = sk_EVP_MD_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
/* Add the shared md, no copy needed. */
|
/* Add the shared md, no copy needed. */
|
||||||
if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md))
|
if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md))
|
||||||
@ -295,14 +297,17 @@ int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
|
|||||||
{
|
{
|
||||||
|
|
||||||
TS_RESP_CTX_accuracy_free(ctx);
|
TS_RESP_CTX_accuracy_free(ctx);
|
||||||
if (secs && (!(ctx->seconds = ASN1_INTEGER_new())
|
if (secs
|
||||||
|| !ASN1_INTEGER_set(ctx->seconds, secs)))
|
&& ((ctx->seconds = ASN1_INTEGER_new()) == NULL
|
||||||
|
|| !ASN1_INTEGER_set(ctx->seconds, secs)))
|
||||||
goto err;
|
goto err;
|
||||||
if (millis && (!(ctx->millis = ASN1_INTEGER_new())
|
if (millis
|
||||||
|| !ASN1_INTEGER_set(ctx->millis, millis)))
|
&& ((ctx->millis = ASN1_INTEGER_new()) == NULL
|
||||||
|
|| !ASN1_INTEGER_set(ctx->millis, millis)))
|
||||||
goto err;
|
goto err;
|
||||||
if (micros && (!(ctx->micros = ASN1_INTEGER_new())
|
if (micros
|
||||||
|| !ASN1_INTEGER_set(ctx->micros, micros)))
|
&& ((ctx->micros = ASN1_INTEGER_new()) == NULL
|
||||||
|
|| !ASN1_INTEGER_set(ctx->micros, micros)))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
@ -343,15 +348,16 @@ int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
|
|||||||
ASN1_UTF8STRING *utf8_text = NULL;
|
ASN1_UTF8STRING *utf8_text = NULL;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
if (!(si = TS_STATUS_INFO_new()))
|
if ((si = TS_STATUS_INFO_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_INTEGER_set(si->status, status))
|
if (!ASN1_INTEGER_set(si->status, status))
|
||||||
goto err;
|
goto err;
|
||||||
if (text) {
|
if (text) {
|
||||||
if (!(utf8_text = ASN1_UTF8STRING_new())
|
if ((utf8_text = ASN1_UTF8STRING_new()) == NULL
|
||||||
|| !ASN1_STRING_set(utf8_text, text, strlen(text)))
|
|| !ASN1_STRING_set(utf8_text, text, strlen(text)))
|
||||||
goto err;
|
goto err;
|
||||||
if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null()))
|
if (si->text == NULL
|
||||||
|
&& (si->text = sk_ASN1_UTF8STRING_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text))
|
if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text))
|
||||||
goto err;
|
goto err;
|
||||||
@ -384,7 +390,8 @@ int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
|
|||||||
int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
|
int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
|
||||||
{
|
{
|
||||||
TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
|
TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
|
||||||
if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new()))
|
if (si->failure_info == NULL
|
||||||
|
&& (si->failure_info = ASN1_BIT_STRING_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1))
|
if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1))
|
||||||
goto err;
|
goto err;
|
||||||
@ -423,13 +430,13 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
|
|||||||
TS_RESP_CTX_init(ctx);
|
TS_RESP_CTX_init(ctx);
|
||||||
|
|
||||||
/* Creating the response object. */
|
/* Creating the response object. */
|
||||||
if (!(ctx->response = TS_RESP_new())) {
|
if ((ctx->response = TS_RESP_new()) == NULL) {
|
||||||
TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Parsing DER request. */
|
/* Parsing DER request. */
|
||||||
if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL))) {
|
if ((ctx->request = d2i_TS_REQ_bio(req_bio, NULL)) == NULL) {
|
||||||
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
|
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
|
||||||
"Bad request format or " "system error.");
|
"Bad request format or " "system error.");
|
||||||
TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
|
TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
|
||||||
@ -445,11 +452,11 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
|
|||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Checking acceptable policies. */
|
/* Checking acceptable policies. */
|
||||||
if (!(policy = TS_RESP_get_policy(ctx)))
|
if ((policy = TS_RESP_get_policy(ctx)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Creating the TS_TST_INFO object. */
|
/* Creating the TS_TST_INFO object. */
|
||||||
if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy)))
|
if ((ctx->tst_info = TS_RESP_create_tst_info(ctx, policy)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Processing extensions. */
|
/* Processing extensions. */
|
||||||
@ -602,7 +609,7 @@ static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
|
|||||||
const ASN1_INTEGER *nonce;
|
const ASN1_INTEGER *nonce;
|
||||||
GENERAL_NAME *tsa_name = NULL;
|
GENERAL_NAME *tsa_name = NULL;
|
||||||
|
|
||||||
if (!(tst_info = TS_TST_INFO_new()))
|
if ((tst_info = TS_TST_INFO_new()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
if (!TS_TST_INFO_set_version(tst_info, 1))
|
if (!TS_TST_INFO_set_version(tst_info, 1))
|
||||||
goto end;
|
goto end;
|
||||||
@ -610,19 +617,19 @@ static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
|
|||||||
goto end;
|
goto end;
|
||||||
if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint))
|
if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint))
|
||||||
goto end;
|
goto end;
|
||||||
if (!(serial = (*ctx->serial_cb) (ctx, ctx->serial_cb_data))
|
if ((serial = ctx->serial_cb(ctx, ctx->serial_cb_data)) == NULL
|
||||||
|| !TS_TST_INFO_set_serial(tst_info, serial))
|
|| !TS_TST_INFO_set_serial(tst_info, serial))
|
||||||
goto end;
|
goto end;
|
||||||
if (!(*ctx->time_cb) (ctx, ctx->time_cb_data, &sec, &usec)
|
if (!ctx->time_cb(ctx, ctx->time_cb_data, &sec, &usec)
|
||||||
|| !(asn1_time = TS_RESP_set_genTime_with_precision(NULL,
|
|| (asn1_time =
|
||||||
sec, usec,
|
TS_RESP_set_genTime_with_precision(NULL, sec, usec,
|
||||||
ctx->clock_precision_digits))
|
ctx->clock_precision_digits)) == NULL
|
||||||
|| !TS_TST_INFO_set_time(tst_info, asn1_time))
|
|| !TS_TST_INFO_set_time(tst_info, asn1_time))
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* Setting accuracy if needed. */
|
/* Setting accuracy if needed. */
|
||||||
if ((ctx->seconds || ctx->millis || ctx->micros)
|
if ((ctx->seconds || ctx->millis || ctx->micros)
|
||||||
&& !(accuracy = TS_ACCURACY_new()))
|
&& (accuracy = TS_ACCURACY_new()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds))
|
if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds))
|
||||||
@ -646,7 +653,7 @@ static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
|
|||||||
|
|
||||||
/* Setting TSA name to subject of signer certificate. */
|
/* Setting TSA name to subject of signer certificate. */
|
||||||
if (ctx->flags & TS_TSA_NAME) {
|
if (ctx->flags & TS_TSA_NAME) {
|
||||||
if (!(tsa_name = GENERAL_NAME_new()))
|
if ((tsa_name = GENERAL_NAME_new()) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
tsa_name->type = GEN_DIRNAME;
|
tsa_name->type = GEN_DIRNAME;
|
||||||
tsa_name->d.dirn =
|
tsa_name->d.dirn =
|
||||||
@ -715,7 +722,7 @@ static int TS_RESP_sign(TS_RESP_CTX *ctx)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Create a new PKCS7 signed object. */
|
/* Create a new PKCS7 signed object. */
|
||||||
if (!(p7 = PKCS7_new())) {
|
if ((p7 = PKCS7_new()) == NULL) {
|
||||||
TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -738,8 +745,8 @@ static int TS_RESP_sign(TS_RESP_CTX *ctx)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Add a new signer info. */
|
/* Add a new signer info. */
|
||||||
if (!(si = PKCS7_add_signature(p7, ctx->signer_cert,
|
if ((si = PKCS7_add_signature(p7, ctx->signer_cert,
|
||||||
ctx->signer_key, EVP_sha1()))) {
|
ctx->signer_key, EVP_sha1())) == NULL) {
|
||||||
TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
|
TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -757,7 +764,7 @@ static int TS_RESP_sign(TS_RESP_CTX *ctx)
|
|||||||
* certificate id and optionally the certificate chain.
|
* certificate id and optionally the certificate chain.
|
||||||
*/
|
*/
|
||||||
certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
|
certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
|
||||||
if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs)))
|
if ((sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Add SigningCertificate signed attribute to the signer info. */
|
/* Add SigningCertificate signed attribute to the signer info. */
|
||||||
@ -771,7 +778,7 @@ static int TS_RESP_sign(TS_RESP_CTX *ctx)
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Add the DER encoded tst_info to the PKCS7 structure. */
|
/* Add the DER encoded tst_info to the PKCS7 structure. */
|
||||||
if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
|
if ((p7bio = PKCS7_dataInit(p7, NULL)) == NULL) {
|
||||||
TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -813,19 +820,20 @@ static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
|
|||||||
int i;
|
int i;
|
||||||
|
|
||||||
/* Creating the ESS_CERT_ID stack. */
|
/* Creating the ESS_CERT_ID stack. */
|
||||||
if (!(sc = ESS_SIGNING_CERT_new()))
|
if ((sc = ESS_SIGNING_CERT_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null()))
|
if (sc->cert_ids == NULL
|
||||||
|
&& (sc->cert_ids = sk_ESS_CERT_ID_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Adding the signing certificate id. */
|
/* Adding the signing certificate id. */
|
||||||
if (!(cid = ESS_CERT_ID_new_init(signcert, 0))
|
if ((cid = ESS_CERT_ID_new_init(signcert, 0)) == NULL
|
||||||
|| !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
|
|| !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
|
||||||
goto err;
|
goto err;
|
||||||
/* Adding the certificate chain ids. */
|
/* Adding the certificate chain ids. */
|
||||||
for (i = 0; i < sk_X509_num(certs); ++i) {
|
for (i = 0; i < sk_X509_num(certs); ++i) {
|
||||||
X509 *cert = sk_X509_value(certs, i);
|
X509 *cert = sk_X509_value(certs, i);
|
||||||
if (!(cid = ESS_CERT_ID_new_init(cert, 1))
|
if ((cid = ESS_CERT_ID_new_init(cert, 1)) == NULL
|
||||||
|| !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
|
|| !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -845,7 +853,7 @@ static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
|
|||||||
/* Recompute SHA1 hash of certificate if necessary (side effect). */
|
/* Recompute SHA1 hash of certificate if necessary (side effect). */
|
||||||
X509_check_purpose(cert, -1, 0);
|
X509_check_purpose(cert, -1, 0);
|
||||||
|
|
||||||
if (!(cid = ESS_CERT_ID_new()))
|
if ((cid = ESS_CERT_ID_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash,
|
if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash,
|
||||||
sizeof(cert->sha1_hash)))
|
sizeof(cert->sha1_hash)))
|
||||||
@ -854,14 +862,14 @@ static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
|
|||||||
/* Setting the issuer/serial if requested. */
|
/* Setting the issuer/serial if requested. */
|
||||||
if (issuer_needed) {
|
if (issuer_needed) {
|
||||||
/* Creating issuer/serial structure. */
|
/* Creating issuer/serial structure. */
|
||||||
if (!cid->issuer_serial
|
if (cid->issuer_serial == NULL
|
||||||
&& !(cid->issuer_serial = ESS_ISSUER_SERIAL_new()))
|
&& (cid->issuer_serial = ESS_ISSUER_SERIAL_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
/* Creating general name from the certificate issuer. */
|
/* Creating general name from the certificate issuer. */
|
||||||
if (!(name = GENERAL_NAME_new()))
|
if ((name = GENERAL_NAME_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
name->type = GEN_DIRNAME;
|
name->type = GEN_DIRNAME;
|
||||||
if (!(name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)))
|
if ((name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name))
|
if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name))
|
||||||
goto err;
|
goto err;
|
||||||
@ -887,12 +895,12 @@ static int TS_TST_INFO_content_new(PKCS7 *p7)
|
|||||||
ASN1_OCTET_STRING *octet_string = NULL;
|
ASN1_OCTET_STRING *octet_string = NULL;
|
||||||
|
|
||||||
/* Create new encapsulated NID_id_smime_ct_TSTInfo content. */
|
/* Create new encapsulated NID_id_smime_ct_TSTInfo content. */
|
||||||
if (!(ret = PKCS7_new()))
|
if ((ret = PKCS7_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(ret->d.other = ASN1_TYPE_new()))
|
if ((ret->d.other = ASN1_TYPE_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
|
ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
|
||||||
if (!(octet_string = ASN1_OCTET_STRING_new()))
|
if ((octet_string = ASN1_OCTET_STRING_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string);
|
ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string);
|
||||||
octet_string = NULL;
|
octet_string = NULL;
|
||||||
@ -915,13 +923,13 @@ static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
|
|||||||
int len;
|
int len;
|
||||||
|
|
||||||
len = i2d_ESS_SIGNING_CERT(sc, NULL);
|
len = i2d_ESS_SIGNING_CERT(sc, NULL);
|
||||||
if (!(pp = OPENSSL_malloc(len))) {
|
if ((pp = OPENSSL_malloc(len)) == NULL) {
|
||||||
TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
p = pp;
|
p = pp;
|
||||||
i2d_ESS_SIGNING_CERT(sc, &p);
|
i2d_ESS_SIGNING_CERT(sc, &p);
|
||||||
if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) {
|
if ((seq = ASN1_STRING_new()) == NULL || !ASN1_STRING_set(seq, pp, len)) {
|
||||||
TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -950,7 +958,7 @@ static ASN1_GENERALIZEDTIME
|
|||||||
if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
|
if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!(tm = gmtime(&time_sec)))
|
if ((tm = gmtime(&time_sec)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -1001,7 +1009,8 @@ static ASN1_GENERALIZEDTIME
|
|||||||
*p++ = '\0';
|
*p++ = '\0';
|
||||||
|
|
||||||
/* Now call OpenSSL to check and set our genTime value */
|
/* Now call OpenSSL to check and set our genTime value */
|
||||||
if (!asn1_time && !(asn1_time = ASN1_GENERALIZEDTIME_new()))
|
if (asn1_time == NULL
|
||||||
|
&& (asn1_time = ASN1_GENERALIZEDTIME_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str)) {
|
if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str)) {
|
||||||
ASN1_GENERALIZEDTIME_free(asn1_time);
|
ASN1_GENERALIZEDTIME_free(asn1_time);
|
||||||
|
@ -511,7 +511,7 @@ static int TS_check_status_info(TS_RESP *response)
|
|||||||
|
|
||||||
/* Set the embedded_status_text to the returned description. */
|
/* Set the embedded_status_text to the returned description. */
|
||||||
if (sk_ASN1_UTF8STRING_num(info->text) > 0
|
if (sk_ASN1_UTF8STRING_num(info->text) > 0
|
||||||
&& !(embedded_status_text = TS_get_status_text(info->text)))
|
&& (embedded_status_text = TS_get_status_text(info->text)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
/* Filling in failure_text with the failure information. */
|
/* Filling in failure_text with the failure information. */
|
||||||
@ -558,7 +558,7 @@ static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
|
|||||||
length += 1; /* separator character */
|
length += 1; /* separator character */
|
||||||
}
|
}
|
||||||
/* Allocate memory (closing '\0' included). */
|
/* Allocate memory (closing '\0' included). */
|
||||||
if (!(result = OPENSSL_malloc(length))) {
|
if ((result = OPENSSL_malloc(length)) == NULL) {
|
||||||
TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -604,11 +604,11 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
|
|||||||
*imprint = NULL;
|
*imprint = NULL;
|
||||||
|
|
||||||
/* Return the MD algorithm of the response. */
|
/* Return the MD algorithm of the response. */
|
||||||
if (!(*md_alg = X509_ALGOR_dup(md_alg_resp)))
|
if ((*md_alg = X509_ALGOR_dup(md_alg_resp)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Getting the MD object. */
|
/* Getting the MD object. */
|
||||||
if (!(md = EVP_get_digestbyobj((*md_alg)->algorithm))) {
|
if ((md = EVP_get_digestbyobj((*md_alg)->algorithm)) == NULL) {
|
||||||
TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
|
TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -618,7 +618,7 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
|
|||||||
if (length < 0)
|
if (length < 0)
|
||||||
goto err;
|
goto err;
|
||||||
*imprint_len = length;
|
*imprint_len = length;
|
||||||
if (!(*imprint = OPENSSL_malloc(*imprint_len))) {
|
if ((*imprint = OPENSSL_malloc(*imprint_len)) == NULL) {
|
||||||
TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
|
TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -708,15 +708,16 @@ static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
|
|||||||
|
|
||||||
/* Check all the alternative names. */
|
/* Check all the alternative names. */
|
||||||
gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
|
gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
|
||||||
while (gen_names != NULL
|
while (gen_names != NULL) {
|
||||||
&& !(found = TS_find_name(gen_names, tsa_name) >= 0)) {
|
found = TS_find_name(gen_names, tsa_name) >= 0;
|
||||||
|
if (found)
|
||||||
|
break;
|
||||||
/*
|
/*
|
||||||
* Get the next subject alternative name, although there should be no
|
* Get the next subject alternative name, although there should be no
|
||||||
* more than one.
|
* more than one.
|
||||||
*/
|
*/
|
||||||
GENERAL_NAMES_free(gen_names);
|
GENERAL_NAMES_free(gen_names);
|
||||||
gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
|
gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
|
||||||
NULL, &idx);
|
|
||||||
}
|
}
|
||||||
GENERAL_NAMES_free(gen_names);
|
GENERAL_NAMES_free(gen_names);
|
||||||
|
|
||||||
|
@ -121,7 +121,7 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
|
|||||||
OPENSSL_assert(req != NULL);
|
OPENSSL_assert(req != NULL);
|
||||||
if (ret)
|
if (ret)
|
||||||
TS_VERIFY_CTX_cleanup(ret);
|
TS_VERIFY_CTX_cleanup(ret);
|
||||||
else if (!(ret = TS_VERIFY_CTX_new()))
|
else if ((ret = TS_VERIFY_CTX_new()) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
/* Setting flags. */
|
/* Setting flags. */
|
||||||
@ -129,7 +129,7 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
|
|||||||
|
|
||||||
/* Setting policy. */
|
/* Setting policy. */
|
||||||
if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
|
if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
|
||||||
if (!(ret->policy = OBJ_dup(policy)))
|
if ((ret->policy = OBJ_dup(policy)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
} else
|
} else
|
||||||
ret->flags &= ~TS_VFY_POLICY;
|
ret->flags &= ~TS_VFY_POLICY;
|
||||||
@ -137,17 +137,17 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
|
|||||||
/* Setting md_alg, imprint and imprint_len. */
|
/* Setting md_alg, imprint and imprint_len. */
|
||||||
imprint = TS_REQ_get_msg_imprint(req);
|
imprint = TS_REQ_get_msg_imprint(req);
|
||||||
md_alg = TS_MSG_IMPRINT_get_algo(imprint);
|
md_alg = TS_MSG_IMPRINT_get_algo(imprint);
|
||||||
if (!(ret->md_alg = X509_ALGOR_dup(md_alg)))
|
if ((ret->md_alg = X509_ALGOR_dup(md_alg)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
msg = TS_MSG_IMPRINT_get_msg(imprint);
|
msg = TS_MSG_IMPRINT_get_msg(imprint);
|
||||||
ret->imprint_len = ASN1_STRING_length(msg);
|
ret->imprint_len = ASN1_STRING_length(msg);
|
||||||
if (!(ret->imprint = OPENSSL_malloc(ret->imprint_len)))
|
if ((ret->imprint = OPENSSL_malloc(ret->imprint_len)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
|
memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
|
||||||
|
|
||||||
/* Setting nonce. */
|
/* Setting nonce. */
|
||||||
if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
|
if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
|
||||||
if (!(ret->nonce = ASN1_INTEGER_dup(nonce)))
|
if ((ret->nonce = ASN1_INTEGER_dup(nonce)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
} else
|
} else
|
||||||
ret->flags &= ~TS_VFY_NONCE;
|
ret->flags &= ~TS_VFY_NONCE;
|
||||||
|
@ -123,7 +123,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
|
|||||||
continue;
|
continue;
|
||||||
else {
|
else {
|
||||||
buf->data[offset - 1] = '\0'; /* blat the '\n' */
|
buf->data[offset - 1] = '\0'; /* blat the '\n' */
|
||||||
if (!(p = OPENSSL_malloc(add + offset)))
|
if ((p = OPENSSL_malloc(add + offset)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
offset = 0;
|
offset = 0;
|
||||||
}
|
}
|
||||||
|
@ -309,7 +309,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
|
|||||||
}
|
}
|
||||||
atype = stmp->type;
|
atype = stmp->type;
|
||||||
} else if (len != -1) {
|
} else if (len != -1) {
|
||||||
if (!(stmp = ASN1_STRING_type_new(attrtype)))
|
if ((stmp = ASN1_STRING_type_new(attrtype)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_STRING_set(stmp, data, len))
|
if (!ASN1_STRING_set(stmp, data, len))
|
||||||
goto err;
|
goto err;
|
||||||
@ -322,7 +322,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
|
|||||||
*/
|
*/
|
||||||
if (attrtype == 0)
|
if (attrtype == 0)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(ttmp = ASN1_TYPE_new()))
|
if ((ttmp = ASN1_TYPE_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
|
if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
|
||||||
if (!ASN1_TYPE_set1(ttmp, attrtype, data))
|
if (!ASN1_TYPE_set1(ttmp, attrtype, data))
|
||||||
|
@ -188,7 +188,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
|
|||||||
idx = X509_TRUST_get_by_id(id);
|
idx = X509_TRUST_get_by_id(id);
|
||||||
/* Need a new entry */
|
/* Need a new entry */
|
||||||
if (idx == -1) {
|
if (idx == -1) {
|
||||||
if (!(trtmp = OPENSSL_malloc(sizeof(*trtmp)))) {
|
if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) {
|
||||||
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
|
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -200,7 +200,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
|
|||||||
if (trtmp->flags & X509_TRUST_DYNAMIC_NAME)
|
if (trtmp->flags & X509_TRUST_DYNAMIC_NAME)
|
||||||
OPENSSL_free(trtmp->name);
|
OPENSSL_free(trtmp->name);
|
||||||
/* dup supplied name */
|
/* dup supplied name */
|
||||||
if (!(trtmp->name = BUF_strdup(name))) {
|
if ((trtmp->name = BUF_strdup(name)) == NULL) {
|
||||||
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
|
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -216,7 +216,8 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
|
|||||||
|
|
||||||
/* If its a new entry manage the dynamic table */
|
/* If its a new entry manage the dynamic table */
|
||||||
if (idx == -1) {
|
if (idx == -1) {
|
||||||
if (!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) {
|
if (trtable == NULL
|
||||||
|
&& (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) {
|
||||||
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
|
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -85,7 +85,7 @@ NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len)
|
|||||||
NETSCAPE_SPKI *spki;
|
NETSCAPE_SPKI *spki;
|
||||||
if (len <= 0)
|
if (len <= 0)
|
||||||
len = strlen(str);
|
len = strlen(str);
|
||||||
if (!(spki_der = OPENSSL_malloc(len + 1))) {
|
if ((spki_der = OPENSSL_malloc(len + 1)) == NULL) {
|
||||||
X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
|
X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -532,7 +532,7 @@ static int tree_calculate_authority_set(X509_POLICY_TREE *tree,
|
|||||||
* If no anyPolicy node on this this level it can't appear on lower
|
* If no anyPolicy node on this this level it can't appear on lower
|
||||||
* levels so end search.
|
* levels so end search.
|
||||||
*/
|
*/
|
||||||
if (!(anyptr = curr->anyPolicy))
|
if ((anyptr = curr->anyPolicy) == NULL)
|
||||||
break;
|
break;
|
||||||
curr++;
|
curr++;
|
||||||
for (j = 0; j < sk_X509_POLICY_NODE_num(curr->nodes); j++) {
|
for (j = 0; j < sk_X509_POLICY_NODE_num(curr->nodes); j++) {
|
||||||
|
@ -177,12 +177,12 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(akeyid = AUTHORITY_KEYID_new()))
|
if ((akeyid = AUTHORITY_KEYID_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (isname) {
|
if (isname) {
|
||||||
if (!(gens = sk_GENERAL_NAME_new_null())
|
if ((gens = sk_GENERAL_NAME_new_null()) == NULL
|
||||||
|| !(gen = GENERAL_NAME_new())
|
|| (gen = GENERAL_NAME_new()) == NULL
|
||||||
|| !sk_GENERAL_NAME_push(gens, gen)) {
|
|| !sk_GENERAL_NAME_push(gens, gen)) {
|
||||||
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -243,7 +243,8 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
|
|||||||
GENERAL_NAMES *gens = NULL;
|
GENERAL_NAMES *gens = NULL;
|
||||||
CONF_VALUE *cnf;
|
CONF_VALUE *cnf;
|
||||||
int i;
|
int i;
|
||||||
if (!(gens = sk_GENERAL_NAME_new_null())) {
|
|
||||||
|
if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -255,7 +256,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
|
|||||||
goto err;
|
goto err;
|
||||||
} else {
|
} else {
|
||||||
GENERAL_NAME *gen;
|
GENERAL_NAME *gen;
|
||||||
if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
|
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
sk_GENERAL_NAME_push(gens, gen);
|
sk_GENERAL_NAME_push(gens, gen);
|
||||||
}
|
}
|
||||||
@ -274,6 +275,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
|
|||||||
GENERAL_NAME *gen;
|
GENERAL_NAME *gen;
|
||||||
X509_EXTENSION *ext;
|
X509_EXTENSION *ext;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (ctx && (ctx->flags == CTX_TEST))
|
if (ctx && (ctx->flags == CTX_TEST))
|
||||||
return 1;
|
return 1;
|
||||||
if (!ctx || !ctx->issuer_cert) {
|
if (!ctx || !ctx->issuer_cert) {
|
||||||
@ -283,8 +285,8 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
|
|||||||
i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
|
i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
|
||||||
if (i < 0)
|
if (i < 0)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
|
if ((ext = X509_get_ext(ctx->issuer_cert, i)) == NULL
|
||||||
!(ialt = X509V3_EXT_d2i(ext))) {
|
|| (ialt = X509V3_EXT_d2i(ext)) == NULL) {
|
||||||
X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_ISSUER_DECODE_ERROR);
|
X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_ISSUER_DECODE_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -312,7 +314,8 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
|
|||||||
GENERAL_NAMES *gens = NULL;
|
GENERAL_NAMES *gens = NULL;
|
||||||
CONF_VALUE *cnf;
|
CONF_VALUE *cnf;
|
||||||
int i;
|
int i;
|
||||||
if (!(gens = sk_GENERAL_NAME_new_null())) {
|
|
||||||
|
if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_SUBJECT_ALT, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_SUBJECT_ALT, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -328,7 +331,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
|
|||||||
goto err;
|
goto err;
|
||||||
} else {
|
} else {
|
||||||
GENERAL_NAME *gen;
|
GENERAL_NAME *gen;
|
||||||
if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
|
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
sk_GENERAL_NAME_push(gens, gen);
|
sk_GENERAL_NAME_push(gens, gen);
|
||||||
}
|
}
|
||||||
@ -373,7 +376,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
|
|||||||
X509_NAME_ENTRY_free(ne);
|
X509_NAME_ENTRY_free(ne);
|
||||||
i--;
|
i--;
|
||||||
}
|
}
|
||||||
if (!email || !(gen = GENERAL_NAME_new())) {
|
if (email == NULL || (gen = GENERAL_NAME_new()) == NULL) {
|
||||||
X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -403,13 +406,14 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
|
|||||||
GENERAL_NAMES *gens = NULL;
|
GENERAL_NAMES *gens = NULL;
|
||||||
CONF_VALUE *cnf;
|
CONF_VALUE *cnf;
|
||||||
int i;
|
int i;
|
||||||
if (!(gens = sk_GENERAL_NAME_new_null())) {
|
|
||||||
|
if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_GENERAL_NAMES, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_GENERAL_NAMES, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||||
cnf = sk_CONF_VALUE_value(nval, i);
|
cnf = sk_CONF_VALUE_value(nval, i);
|
||||||
if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
|
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
sk_GENERAL_NAME_push(gens, gen);
|
sk_GENERAL_NAME_push(gens, gen);
|
||||||
}
|
}
|
||||||
@ -458,7 +462,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
|
|||||||
case GEN_RID:
|
case GEN_RID:
|
||||||
{
|
{
|
||||||
ASN1_OBJECT *obj;
|
ASN1_OBJECT *obj;
|
||||||
if (!(obj = OBJ_txt2obj(value, 0))) {
|
if ((obj = OBJ_txt2obj(value, 0)) == NULL) {
|
||||||
X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_OBJECT);
|
X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_OBJECT);
|
||||||
ERR_add_error_data(2, "value=", value);
|
ERR_add_error_data(2, "value=", value);
|
||||||
goto err;
|
goto err;
|
||||||
@ -498,7 +502,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (is_string) {
|
if (is_string) {
|
||||||
if (!(gen->d.ia5 = ASN1_IA5STRING_new()) ||
|
if ((gen->d.ia5 = ASN1_IA5STRING_new()) == NULL ||
|
||||||
!ASN1_STRING_set(gen->d.ia5, (unsigned char *)value,
|
!ASN1_STRING_set(gen->d.ia5, (unsigned char *)value,
|
||||||
strlen(value))) {
|
strlen(value))) {
|
||||||
X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
|
||||||
@ -560,16 +564,17 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
|
|||||||
{
|
{
|
||||||
char *objtmp = NULL, *p;
|
char *objtmp = NULL, *p;
|
||||||
int objlen;
|
int objlen;
|
||||||
if (!(p = strchr(value, ';')))
|
|
||||||
|
if ((p = strchr(value, ';')) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (!(gen->d.otherName = OTHERNAME_new()))
|
if ((gen->d.otherName = OTHERNAME_new()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
/*
|
/*
|
||||||
* Free this up because we will overwrite it. no need to free type_id
|
* Free this up because we will overwrite it. no need to free type_id
|
||||||
* because it is static
|
* because it is static
|
||||||
*/
|
*/
|
||||||
ASN1_TYPE_free(gen->d.otherName->value);
|
ASN1_TYPE_free(gen->d.otherName->value);
|
||||||
if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx)))
|
if ((gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
objlen = p - value;
|
objlen = p - value;
|
||||||
objtmp = OPENSSL_malloc(objlen + 1);
|
objtmp = OPENSSL_malloc(objlen + 1);
|
||||||
@ -588,8 +593,9 @@ static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
|
|||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
STACK_OF(CONF_VALUE) *sk = NULL;
|
STACK_OF(CONF_VALUE) *sk = NULL;
|
||||||
X509_NAME *nm = NULL;
|
X509_NAME *nm;
|
||||||
if (!(nm = X509_NAME_new()))
|
|
||||||
|
if ((nm = X509_NAME_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
sk = X509V3_get_section(ctx, value);
|
sk = X509V3_get_section(ctx, value);
|
||||||
if (!sk) {
|
if (!sk) {
|
||||||
|
@ -107,7 +107,8 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
|
|||||||
BASIC_CONSTRAINTS *bcons = NULL;
|
BASIC_CONSTRAINTS *bcons = NULL;
|
||||||
CONF_VALUE *val;
|
CONF_VALUE *val;
|
||||||
int i;
|
int i;
|
||||||
if (!(bcons = BASIC_CONSTRAINTS_new())) {
|
|
||||||
|
if ((bcons = BASIC_CONSTRAINTS_new()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -112,7 +112,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
|
|||||||
ASN1_BIT_STRING *bs;
|
ASN1_BIT_STRING *bs;
|
||||||
int i;
|
int i;
|
||||||
BIT_STRING_BITNAME *bnam;
|
BIT_STRING_BITNAME *bnam;
|
||||||
if (!(bs = ASN1_BIT_STRING_new())) {
|
if ((bs = ASN1_BIT_STRING_new()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -121,11 +121,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
|
|||||||
X509_EXTENSION *ext;
|
X509_EXTENSION *ext;
|
||||||
STACK_OF(CONF_VALUE) *nval;
|
STACK_OF(CONF_VALUE) *nval;
|
||||||
void *ext_struc;
|
void *ext_struc;
|
||||||
|
|
||||||
if (ext_nid == NID_undef) {
|
if (ext_nid == NID_undef) {
|
||||||
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION_NAME);
|
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION_NAME);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (!(method = X509V3_EXT_get_nid(ext_nid))) {
|
if ((method = X509V3_EXT_get_nid(ext_nid)) == NULL) {
|
||||||
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION);
|
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -148,14 +149,14 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
|
|||||||
if (!ext_struc)
|
if (!ext_struc)
|
||||||
return NULL;
|
return NULL;
|
||||||
} else if (method->s2i) {
|
} else if (method->s2i) {
|
||||||
if (!(ext_struc = method->s2i(method, ctx, value)))
|
if ((ext_struc = method->s2i(method, ctx, value)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
} else if (method->r2i) {
|
} else if (method->r2i) {
|
||||||
if (!ctx->db || !ctx->db_meth) {
|
if (!ctx->db || !ctx->db_meth) {
|
||||||
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_NO_CONFIG_DATABASE);
|
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_NO_CONFIG_DATABASE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (!(ext_struc = method->r2i(method, ctx, value)))
|
if ((ext_struc = method->r2i(method, ctx, value)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
} else {
|
} else {
|
||||||
X509V3err(X509V3_F_DO_EXT_NCONF,
|
X509V3err(X509V3_F_DO_EXT_NCONF,
|
||||||
@ -189,13 +190,14 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
|
|||||||
goto merr;
|
goto merr;
|
||||||
} else {
|
} else {
|
||||||
unsigned char *p;
|
unsigned char *p;
|
||||||
|
|
||||||
ext_len = method->i2d(ext_struc, NULL);
|
ext_len = method->i2d(ext_struc, NULL);
|
||||||
if (!(ext_der = OPENSSL_malloc(ext_len)))
|
if ((ext_der = OPENSSL_malloc(ext_len)) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
p = ext_der;
|
p = ext_der;
|
||||||
method->i2d(ext_struc, &p);
|
method->i2d(ext_struc, &p);
|
||||||
}
|
}
|
||||||
if (!(ext_oct = ASN1_OCTET_STRING_new()))
|
if ((ext_oct = ASN1_OCTET_STRING_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
ext_oct->data = ext_der;
|
ext_oct->data = ext_der;
|
||||||
ext_der = NULL;
|
ext_der = NULL;
|
||||||
@ -221,7 +223,8 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
|
|||||||
X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
|
X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
|
||||||
{
|
{
|
||||||
const X509V3_EXT_METHOD *method;
|
const X509V3_EXT_METHOD *method;
|
||||||
if (!(method = X509V3_EXT_get_nid(ext_nid))) {
|
|
||||||
|
if ((method = X509V3_EXT_get_nid(ext_nid)) == NULL) {
|
||||||
X509V3err(X509V3_F_X509V3_EXT_I2D, X509V3_R_UNKNOWN_EXTENSION);
|
X509V3err(X509V3_F_X509V3_EXT_I2D, X509V3_R_UNKNOWN_EXTENSION);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -271,7 +274,8 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
|
|||||||
ASN1_OBJECT *obj = NULL;
|
ASN1_OBJECT *obj = NULL;
|
||||||
ASN1_OCTET_STRING *oct = NULL;
|
ASN1_OCTET_STRING *oct = NULL;
|
||||||
X509_EXTENSION *extension = NULL;
|
X509_EXTENSION *extension = NULL;
|
||||||
if (!(obj = OBJ_txt2obj(ext, 0))) {
|
|
||||||
|
if ((obj = OBJ_txt2obj(ext, 0)) == NULL) {
|
||||||
X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
|
X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
|
||||||
X509V3_R_EXTENSION_NAME_ERROR);
|
X509V3_R_EXTENSION_NAME_ERROR);
|
||||||
ERR_add_error_data(2, "name=", ext);
|
ERR_add_error_data(2, "name=", ext);
|
||||||
@ -290,7 +294,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(oct = ASN1_OCTET_STRING_new())) {
|
if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
|
||||||
X509V3err(X509V3_F_V3_GENERIC_EXTENSION, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V3_GENERIC_EXTENSION, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -346,11 +350,12 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
|
|||||||
STACK_OF(CONF_VALUE) *nval;
|
STACK_OF(CONF_VALUE) *nval;
|
||||||
CONF_VALUE *val;
|
CONF_VALUE *val;
|
||||||
int i;
|
int i;
|
||||||
if (!(nval = NCONF_get_section(conf, section)))
|
|
||||||
|
if ((nval = NCONF_get_section(conf, section)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||||
val = sk_CONF_VALUE_value(nval, i);
|
val = sk_CONF_VALUE_value(nval, i);
|
||||||
if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
|
if ((ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
if (ctx->flags == X509V3_CTX_REPLACE)
|
if (ctx->flags == X509V3_CTX_REPLACE)
|
||||||
delete_ext(*sk, ext);
|
delete_ext(*sk, ext);
|
||||||
|
@ -176,10 +176,10 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
|
|||||||
}
|
}
|
||||||
pol = policy_section(ctx, polsect, ia5org);
|
pol = policy_section(ctx, polsect, ia5org);
|
||||||
X509V3_section_free(ctx, polsect);
|
X509V3_section_free(ctx, polsect);
|
||||||
if (!pol)
|
if (pol == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
} else {
|
} else {
|
||||||
if (!(pobj = OBJ_txt2obj(cnf->name, 0))) {
|
if ((pobj = OBJ_txt2obj(cnf->name, 0)) == NULL) {
|
||||||
X509V3err(X509V3_F_R2I_CERTPOL,
|
X509V3err(X509V3_F_R2I_CERTPOL,
|
||||||
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
||||||
X509V3_conf_err(cnf);
|
X509V3_conf_err(cnf);
|
||||||
@ -209,13 +209,14 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
|
|||||||
CONF_VALUE *cnf;
|
CONF_VALUE *cnf;
|
||||||
POLICYINFO *pol;
|
POLICYINFO *pol;
|
||||||
POLICYQUALINFO *qual;
|
POLICYQUALINFO *qual;
|
||||||
if (!(pol = POLICYINFO_new()))
|
|
||||||
|
if ((pol = POLICYINFO_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
|
for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
|
||||||
cnf = sk_CONF_VALUE_value(polstrs, i);
|
cnf = sk_CONF_VALUE_value(polstrs, i);
|
||||||
if (strcmp(cnf->name, "policyIdentifier") == 0) {
|
if (strcmp(cnf->name, "policyIdentifier") == 0) {
|
||||||
ASN1_OBJECT *pobj;
|
ASN1_OBJECT *pobj;
|
||||||
if (!(pobj = OBJ_txt2obj(cnf->value, 0))) {
|
if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) {
|
||||||
X509V3err(X509V3_F_POLICY_SECTION,
|
X509V3err(X509V3_F_POLICY_SECTION,
|
||||||
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
||||||
X509V3_conf_err(cnf);
|
X509V3_conf_err(cnf);
|
||||||
@ -224,17 +225,17 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
|
|||||||
pol->policyid = pobj;
|
pol->policyid = pobj;
|
||||||
|
|
||||||
} else if (!name_cmp(cnf->name, "CPS")) {
|
} else if (!name_cmp(cnf->name, "CPS")) {
|
||||||
if (!pol->qualifiers)
|
if (pol->qualifiers == NULL)
|
||||||
pol->qualifiers = sk_POLICYQUALINFO_new_null();
|
pol->qualifiers = sk_POLICYQUALINFO_new_null();
|
||||||
if (!(qual = POLICYQUALINFO_new()))
|
if ((qual = POLICYQUALINFO_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
|
if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) {
|
if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_cps)) == NULL) {
|
||||||
X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR);
|
X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(qual->d.cpsuri = ASN1_IA5STRING_new()))
|
if ((qual->d.cpsuri = ASN1_IA5STRING_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
|
if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
|
||||||
strlen(cnf->value)))
|
strlen(cnf->value)))
|
||||||
@ -292,19 +293,20 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
|
|||||||
CONF_VALUE *cnf;
|
CONF_VALUE *cnf;
|
||||||
USERNOTICE *not;
|
USERNOTICE *not;
|
||||||
POLICYQUALINFO *qual;
|
POLICYQUALINFO *qual;
|
||||||
if (!(qual = POLICYQUALINFO_new()))
|
|
||||||
|
if ((qual = POLICYQUALINFO_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) {
|
if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice)) == NULL) {
|
||||||
X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR);
|
X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!(not = USERNOTICE_new()))
|
if ((not = USERNOTICE_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
qual->d.usernotice = not;
|
qual->d.usernotice = not;
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
|
for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
|
||||||
cnf = sk_CONF_VALUE_value(unot, i);
|
cnf = sk_CONF_VALUE_value(unot, i);
|
||||||
if (strcmp(cnf->name, "explicitText") == 0) {
|
if (strcmp(cnf->name, "explicitText") == 0) {
|
||||||
if (!(not->exptext = ASN1_VISIBLESTRING_new()))
|
if ((not->exptext = ASN1_VISIBLESTRING_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!ASN1_STRING_set(not->exptext, cnf->value,
|
if (!ASN1_STRING_set(not->exptext, cnf->value,
|
||||||
strlen(cnf->value)))
|
strlen(cnf->value)))
|
||||||
@ -312,7 +314,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
|
|||||||
} else if (strcmp(cnf->name, "organization") == 0) {
|
} else if (strcmp(cnf->name, "organization") == 0) {
|
||||||
NOTICEREF *nref;
|
NOTICEREF *nref;
|
||||||
if (!not->noticeref) {
|
if (!not->noticeref) {
|
||||||
if (!(nref = NOTICEREF_new()))
|
if ((nref = NOTICEREF_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
not->noticeref = nref;
|
not->noticeref = nref;
|
||||||
} else
|
} else
|
||||||
@ -328,7 +330,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
|
|||||||
NOTICEREF *nref;
|
NOTICEREF *nref;
|
||||||
STACK_OF(CONF_VALUE) *nos;
|
STACK_OF(CONF_VALUE) *nos;
|
||||||
if (!not->noticeref) {
|
if (!not->noticeref) {
|
||||||
if (!(nref = NOTICEREF_new()))
|
if ((nref = NOTICEREF_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
not->noticeref = nref;
|
not->noticeref = nref;
|
||||||
} else
|
} else
|
||||||
@ -376,7 +378,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
|
|||||||
|
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(nos); i++) {
|
for (i = 0; i < sk_CONF_VALUE_num(nos); i++) {
|
||||||
cnf = sk_CONF_VALUE_value(nos, i);
|
cnf = sk_CONF_VALUE_value(nos, i);
|
||||||
if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
|
if ((aint = s2i_ASN1_INTEGER(NULL, cnf->name)) == NULL) {
|
||||||
X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER);
|
X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -291,7 +291,8 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method,
|
|||||||
GENERAL_NAME *gen = NULL;
|
GENERAL_NAME *gen = NULL;
|
||||||
CONF_VALUE *cnf;
|
CONF_VALUE *cnf;
|
||||||
int i;
|
int i;
|
||||||
if (!(crld = sk_DIST_POINT_new_null()))
|
|
||||||
|
if ((crld = sk_DIST_POINT_new_null()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||||
DIST_POINT *point;
|
DIST_POINT *point;
|
||||||
@ -310,20 +311,20 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method,
|
|||||||
goto merr;
|
goto merr;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
|
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(gens = GENERAL_NAMES_new()))
|
if ((gens = GENERAL_NAMES_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!sk_GENERAL_NAME_push(gens, gen))
|
if (!sk_GENERAL_NAME_push(gens, gen))
|
||||||
goto merr;
|
goto merr;
|
||||||
gen = NULL;
|
gen = NULL;
|
||||||
if (!(point = DIST_POINT_new()))
|
if ((point = DIST_POINT_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
if (!sk_DIST_POINT_push(crld, point)) {
|
if (!sk_DIST_POINT_push(crld, point)) {
|
||||||
DIST_POINT_free(point);
|
DIST_POINT_free(point);
|
||||||
goto merr;
|
goto merr;
|
||||||
}
|
}
|
||||||
if (!(point->distpoint = DIST_POINT_NAME_new()))
|
if ((point->distpoint = DIST_POINT_NAME_new()) == NULL)
|
||||||
goto merr;
|
goto merr;
|
||||||
point->distpoint->name.fullname = gens;
|
point->distpoint->name.fullname = gens;
|
||||||
point->distpoint->type = 0;
|
point->distpoint->type = 0;
|
||||||
|
@ -125,7 +125,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
|
|||||||
CONF_VALUE *val;
|
CONF_VALUE *val;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (!(extku = sk_ASN1_OBJECT_new_null())) {
|
if ((extku = sk_ASN1_OBJECT_new_null()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -136,7 +136,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
|
|||||||
extval = val->value;
|
extval = val->value;
|
||||||
else
|
else
|
||||||
extval = val->name;
|
extval = val->name;
|
||||||
if (!(objtmp = OBJ_txt2obj(extval, 0))) {
|
if ((objtmp = OBJ_txt2obj(extval, 0)) == NULL) {
|
||||||
sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
|
sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
|
||||||
X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
|
X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
|
||||||
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
||||||
|
@ -77,9 +77,10 @@ const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
|
|||||||
char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
|
char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
|
||||||
{
|
{
|
||||||
char *tmp;
|
char *tmp;
|
||||||
|
|
||||||
if (!ia5 || !ia5->length)
|
if (!ia5 || !ia5->length)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!(tmp = OPENSSL_malloc(ia5->length + 1))) {
|
if ((tmp = OPENSSL_malloc(ia5->length + 1)) == NULL) {
|
||||||
X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -97,7 +98,7 @@ ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
|
|||||||
X509V3_R_INVALID_NULL_ARGUMENT);
|
X509V3_R_INVALID_NULL_ARGUMENT);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (!(ia5 = ASN1_IA5STRING_new()))
|
if ((ia5 = ASN1_IA5STRING_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char *)str,
|
if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char *)str,
|
||||||
strlen(str))) {
|
strlen(str))) {
|
||||||
|
@ -153,13 +153,14 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
|
|||||||
ACCESS_DESCRIPTION *acc;
|
ACCESS_DESCRIPTION *acc;
|
||||||
int i, objlen;
|
int i, objlen;
|
||||||
char *objtmp, *ptmp;
|
char *objtmp, *ptmp;
|
||||||
if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
|
|
||||||
|
if ((ainfo = sk_ACCESS_DESCRIPTION_new_null()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||||
cnf = sk_CONF_VALUE_value(nval, i);
|
cnf = sk_CONF_VALUE_value(nval, i);
|
||||||
if (!(acc = ACCESS_DESCRIPTION_new())
|
if ((acc = ACCESS_DESCRIPTION_new()) == NULL
|
||||||
|| !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
|
|| !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
|
||||||
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
||||||
ERR_R_MALLOC_FAILURE);
|
ERR_R_MALLOC_FAILURE);
|
||||||
@ -176,7 +177,7 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
|
|||||||
ctmp.value = cnf->value;
|
ctmp.value = cnf->value;
|
||||||
if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
|
if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
|
||||||
goto err;
|
goto err;
|
||||||
if (!(objtmp = OPENSSL_malloc(objlen + 1))) {
|
if ((objtmp = OPENSSL_malloc(objlen + 1)) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
||||||
ERR_R_MALLOC_FAILURE);
|
ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -73,7 +73,8 @@ static void ext_list_free(X509V3_EXT_METHOD *ext);
|
|||||||
|
|
||||||
int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
|
int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
|
||||||
{
|
{
|
||||||
if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
|
if (ext_list == NULL
|
||||||
|
&& (ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp)) == NULL) {
|
||||||
X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -135,12 +136,11 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from)
|
|||||||
const X509V3_EXT_METHOD *ext;
|
const X509V3_EXT_METHOD *ext;
|
||||||
X509V3_EXT_METHOD *tmpext;
|
X509V3_EXT_METHOD *tmpext;
|
||||||
|
|
||||||
if (!(ext = X509V3_EXT_get_nid(nid_from))) {
|
if ((ext = X509V3_EXT_get_nid(nid_from)) == NULL) {
|
||||||
X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
|
X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, X509V3_R_EXTENSION_NOT_FOUND);
|
||||||
X509V3_R_EXTENSION_NOT_FOUND);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!(tmpext = OPENSSL_malloc(sizeof(*tmpext)))) {
|
if ((tmpext = OPENSSL_malloc(sizeof(*tmpext))) == NULL) {
|
||||||
X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -181,7 +181,7 @@ void *X509V3_EXT_d2i(X509_EXTENSION *ext)
|
|||||||
ASN1_STRING *extvalue;
|
ASN1_STRING *extvalue;
|
||||||
int extlen;
|
int extlen;
|
||||||
|
|
||||||
if (!(method = X509V3_EXT_get(ext)))
|
if ((method = X509V3_EXT_get(ext)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
extvalue = X509_EXTENSION_get_data(ext);
|
extvalue = X509_EXTENSION_get_data(ext);
|
||||||
p = ASN1_STRING_data(extvalue);
|
p = ASN1_STRING_data(extvalue);
|
||||||
@ -326,7 +326,8 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
|
if (*x == NULL
|
||||||
|
&& (*x = sk_X509_EXTENSION_new_null()) == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
if (!sk_X509_EXTENSION_push(*x, ext))
|
if (!sk_X509_EXTENSION_push(*x, ext))
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -86,7 +86,7 @@ static int process_pci_value(CONF_VALUE *val,
|
|||||||
X509V3_conf_err(val);
|
X509V3_conf_err(val);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!(*language = OBJ_txt2obj(val->value, 0))) {
|
if ((*language = OBJ_txt2obj(val->value, 0)) == NULL) {
|
||||||
X509V3err(X509V3_F_PROCESS_PCI_VALUE,
|
X509V3err(X509V3_F_PROCESS_PCI_VALUE,
|
||||||
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
||||||
X509V3_conf_err(val);
|
X509V3_conf_err(val);
|
||||||
|
@ -108,7 +108,8 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
|
|||||||
POLICY_CONSTRAINTS *pcons = NULL;
|
POLICY_CONSTRAINTS *pcons = NULL;
|
||||||
CONF_VALUE *val;
|
CONF_VALUE *val;
|
||||||
int i;
|
int i;
|
||||||
if (!(pcons = POLICY_CONSTRAINTS_new())) {
|
|
||||||
|
if ((pcons = POLICY_CONSTRAINTS_new()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -119,7 +119,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
|
|||||||
CONF_VALUE *val;
|
CONF_VALUE *val;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (!(pmaps = sk_POLICY_MAPPING_new_null())) {
|
if ((pmaps = sk_POLICY_MAPPING_new_null()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -131,7 +131,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
|
|||||||
p = ASN1_STRING_data(extoct);
|
p = ASN1_STRING_data(extoct);
|
||||||
extlen = ASN1_STRING_length(extoct);
|
extlen = ASN1_STRING_length(extoct);
|
||||||
|
|
||||||
if (!(method = X509V3_EXT_get(ext)))
|
if ((method = X509V3_EXT_get(ext)) == NULL)
|
||||||
return unknown_ext_print(out, p, extlen, flag, indent, 0);
|
return unknown_ext_print(out, p, extlen, flag, indent, 0);
|
||||||
if (method->it)
|
if (method->it)
|
||||||
ext_str = ASN1_item_d2i(NULL, &p, extlen, ASN1_ITEM_ptr(method->it));
|
ext_str = ASN1_item_d2i(NULL, &p, extlen, ASN1_ITEM_ptr(method->it));
|
||||||
@ -142,7 +142,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
|
|||||||
return unknown_ext_print(out, p, extlen, flag, indent, 1);
|
return unknown_ext_print(out, p, extlen, flag, indent, 1);
|
||||||
|
|
||||||
if (method->i2s) {
|
if (method->i2s) {
|
||||||
if (!(value = method->i2s(method, ext_str))) {
|
if ((value = method->i2s(method, ext_str)) == NULL) {
|
||||||
ok = 0;
|
ok = 0;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -162,7 +162,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
} else if (method->i2v) {
|
} else if (method->i2v) {
|
||||||
if (!(nval = method->i2v(method, ext_str, NULL))) {
|
if ((nval = method->i2v(method, ext_str, NULL)) == NULL) {
|
||||||
ok = 0;
|
ok = 0;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -249,7 +249,8 @@ int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
|
|||||||
{
|
{
|
||||||
BIO *bio_tmp;
|
BIO *bio_tmp;
|
||||||
int ret;
|
int ret;
|
||||||
if (!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE)))
|
|
||||||
|
if ((bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
|
ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
|
||||||
BIO_free(bio_tmp);
|
BIO_free(bio_tmp);
|
||||||
|
@ -209,7 +209,7 @@ int X509_PURPOSE_add(int id, int trust, int flags,
|
|||||||
idx = X509_PURPOSE_get_by_id(id);
|
idx = X509_PURPOSE_get_by_id(id);
|
||||||
/* Need a new entry */
|
/* Need a new entry */
|
||||||
if (idx == -1) {
|
if (idx == -1) {
|
||||||
if (!(ptmp = OPENSSL_malloc(sizeof(*ptmp)))) {
|
if ((ptmp = OPENSSL_malloc(sizeof(*ptmp))) == NULL) {
|
||||||
X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -241,7 +241,8 @@ int X509_PURPOSE_add(int id, int trust, int flags,
|
|||||||
|
|
||||||
/* If its a new entry manage the dynamic table */
|
/* If its a new entry manage the dynamic table */
|
||||||
if (idx == -1) {
|
if (idx == -1) {
|
||||||
if (!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {
|
if (xptable == NULL
|
||||||
|
&& (xptable = sk_X509_PURPOSE_new(xp_cmp)) == NULL) {
|
||||||
X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -83,12 +83,12 @@ ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
|
|||||||
ASN1_OCTET_STRING *oct;
|
ASN1_OCTET_STRING *oct;
|
||||||
long length;
|
long length;
|
||||||
|
|
||||||
if (!(oct = ASN1_OCTET_STRING_new())) {
|
if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
|
||||||
X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(oct->data = string_to_hex(str, &length))) {
|
if ((oct->data = string_to_hex(str, &length)) == NULL) {
|
||||||
ASN1_OCTET_STRING_free(oct);
|
ASN1_OCTET_STRING_free(oct);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -110,7 +110,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
|
|||||||
if (strcmp(str, "hash"))
|
if (strcmp(str, "hash"))
|
||||||
return s2i_ASN1_OCTET_STRING(method, ctx, str);
|
return s2i_ASN1_OCTET_STRING(method, ctx, str);
|
||||||
|
|
||||||
if (!(oct = ASN1_OCTET_STRING_new())) {
|
if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
|
||||||
X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -152,8 +152,9 @@ static SXNET *sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
|||||||
|
|
||||||
int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
|
int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
|
||||||
{
|
{
|
||||||
ASN1_INTEGER *izone = NULL;
|
ASN1_INTEGER *izone;
|
||||||
if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
|
|
||||||
|
if ((izone = s2i_ASN1_INTEGER(NULL, zone)) == NULL) {
|
||||||
X509V3err(X509V3_F_SXNET_ADD_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
|
X509V3err(X509V3_F_SXNET_ADD_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -165,8 +166,10 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
|
|||||||
int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
|
int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
|
||||||
int userlen)
|
int userlen)
|
||||||
{
|
{
|
||||||
ASN1_INTEGER *izone = NULL;
|
ASN1_INTEGER *izone;
|
||||||
if (!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
|
|
||||||
|
if ((izone = ASN1_INTEGER_new()) == NULL
|
||||||
|
|| !ASN1_INTEGER_set(izone, lzone)) {
|
||||||
X509V3err(X509V3_F_SXNET_ADD_ID_ULONG, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_SXNET_ADD_ID_ULONG, ERR_R_MALLOC_FAILURE);
|
||||||
ASN1_INTEGER_free(izone);
|
ASN1_INTEGER_free(izone);
|
||||||
return 0;
|
return 0;
|
||||||
@ -196,8 +199,8 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
|
|||||||
X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, X509V3_R_USER_TOO_LONG);
|
X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, X509V3_R_USER_TOO_LONG);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (!*psx) {
|
if (*psx == NULL) {
|
||||||
if (!(sx = SXNET_new()))
|
if ((sx = SXNET_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!ASN1_INTEGER_set(sx->version, 0))
|
if (!ASN1_INTEGER_set(sx->version, 0))
|
||||||
goto err;
|
goto err;
|
||||||
@ -209,7 +212,7 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(id = SXNETID_new()))
|
if ((id = SXNETID_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (userlen == -1)
|
if (userlen == -1)
|
||||||
userlen = strlen(user);
|
userlen = strlen(user);
|
||||||
@ -231,9 +234,10 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
|
|||||||
|
|
||||||
ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
|
ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
|
||||||
{
|
{
|
||||||
ASN1_INTEGER *izone = NULL;
|
ASN1_INTEGER *izone;
|
||||||
ASN1_OCTET_STRING *oct;
|
ASN1_OCTET_STRING *oct;
|
||||||
if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
|
|
||||||
|
if ((izone = s2i_ASN1_INTEGER(NULL, zone)) == NULL) {
|
||||||
X509V3err(X509V3_F_SXNET_GET_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
|
X509V3err(X509V3_F_SXNET_GET_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -244,9 +248,11 @@ ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
|
|||||||
|
|
||||||
ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
|
ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
|
||||||
{
|
{
|
||||||
ASN1_INTEGER *izone = NULL;
|
ASN1_INTEGER *izone;
|
||||||
ASN1_OCTET_STRING *oct;
|
ASN1_OCTET_STRING *oct;
|
||||||
if (!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
|
|
||||||
|
if ((izone = ASN1_INTEGER_new()) == NULL
|
||||||
|
|| !ASN1_INTEGER_set(izone, lzone)) {
|
||||||
X509V3err(X509V3_F_SXNET_GET_ID_ULONG, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_SXNET_GET_ID_ULONG, ERR_R_MALLOC_FAILURE);
|
||||||
ASN1_INTEGER_free(izone);
|
ASN1_INTEGER_free(izone);
|
||||||
return NULL;
|
return NULL;
|
||||||
|
@ -84,13 +84,14 @@ int X509V3_add_value(const char *name, const char *value,
|
|||||||
{
|
{
|
||||||
CONF_VALUE *vtmp = NULL;
|
CONF_VALUE *vtmp = NULL;
|
||||||
char *tname = NULL, *tvalue = NULL;
|
char *tname = NULL, *tvalue = NULL;
|
||||||
if (name && !(tname = BUF_strdup(name)))
|
|
||||||
|
if (name && (tname = BUF_strdup(name)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (value && !(tvalue = BUF_strdup(value)))
|
if (value && (tvalue = BUF_strdup(value)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!(vtmp = OPENSSL_malloc(sizeof(*vtmp))))
|
if ((vtmp = OPENSSL_malloc(sizeof(*vtmp))) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null()))
|
if (*extlist == NULL && (*extlist = sk_CONF_VALUE_new_null()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
vtmp->section = NULL;
|
vtmp->section = NULL;
|
||||||
vtmp->name = tname;
|
vtmp->name = tname;
|
||||||
@ -144,10 +145,11 @@ char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
|
|||||||
{
|
{
|
||||||
BIGNUM *bntmp = NULL;
|
BIGNUM *bntmp = NULL;
|
||||||
char *strtmp = NULL;
|
char *strtmp = NULL;
|
||||||
|
|
||||||
if (!a)
|
if (!a)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
|
if ((bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) == NULL
|
||||||
!(strtmp = BN_bn2dec(bntmp)))
|
|| (strtmp = BN_bn2dec(bntmp)) == NULL)
|
||||||
X509V3err(X509V3_F_I2S_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_I2S_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
|
||||||
BN_free(bntmp);
|
BN_free(bntmp);
|
||||||
return strtmp;
|
return strtmp;
|
||||||
@ -157,10 +159,11 @@ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
|
|||||||
{
|
{
|
||||||
BIGNUM *bntmp = NULL;
|
BIGNUM *bntmp = NULL;
|
||||||
char *strtmp = NULL;
|
char *strtmp = NULL;
|
||||||
|
|
||||||
if (!a)
|
if (!a)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
|
if ((bntmp = ASN1_INTEGER_to_BN(a, NULL)) == NULL
|
||||||
!(strtmp = BN_bn2dec(bntmp)))
|
|| (strtmp = BN_bn2dec(bntmp)) == NULL)
|
||||||
X509V3err(X509V3_F_I2S_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_I2S_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
|
||||||
BN_free(bntmp);
|
BN_free(bntmp);
|
||||||
return strtmp;
|
return strtmp;
|
||||||
@ -220,9 +223,10 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
|
|||||||
{
|
{
|
||||||
char *strtmp;
|
char *strtmp;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
if (!aint)
|
if (!aint)
|
||||||
return 1;
|
return 1;
|
||||||
if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))
|
if ((strtmp = i2s_ASN1_INTEGER(NULL, aint)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
ret = X509V3_add_value(name, strtmp, extlist);
|
ret = X509V3_add_value(name, strtmp, extlist);
|
||||||
OPENSSL_free(strtmp);
|
OPENSSL_free(strtmp);
|
||||||
@ -232,7 +236,8 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
|
|||||||
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
|
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
|
||||||
{
|
{
|
||||||
char *btmp;
|
char *btmp;
|
||||||
if (!(btmp = value->value))
|
|
||||||
|
if ((btmp = value->value) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (strcmp(btmp, "TRUE") == 0
|
if (strcmp(btmp, "TRUE") == 0
|
||||||
|| strcmp(btmp, "true") == 0
|
|| strcmp(btmp, "true") == 0
|
||||||
@ -262,7 +267,8 @@ int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
|
|||||||
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
|
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
|
||||||
{
|
{
|
||||||
ASN1_INTEGER *itmp;
|
ASN1_INTEGER *itmp;
|
||||||
if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
|
|
||||||
|
if ((itmp = s2i_ASN1_INTEGER(NULL, value->value)) == NULL) {
|
||||||
X509V3_conf_err(value);
|
X509V3_conf_err(value);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -401,7 +407,7 @@ char *hex_to_string(const unsigned char *buffer, long len)
|
|||||||
const static char hexdig[] = "0123456789ABCDEF";
|
const static char hexdig[] = "0123456789ABCDEF";
|
||||||
if (!buffer || !len)
|
if (!buffer || !len)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!(tmp = OPENSSL_malloc(len * 3 + 1))) {
|
if ((tmp = OPENSSL_malloc(len * 3 + 1)) == NULL) {
|
||||||
X509V3err(X509V3_F_HEX_TO_STRING, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_HEX_TO_STRING, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -431,7 +437,7 @@ unsigned char *string_to_hex(const char *str, long *len)
|
|||||||
X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_INVALID_NULL_ARGUMENT);
|
X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_INVALID_NULL_ARGUMENT);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (!(hexbuf = OPENSSL_malloc(strlen(str) >> 1)))
|
if ((hexbuf = OPENSSL_malloc(strlen(str) >> 1)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
for (p = (unsigned char *)str, q = hexbuf; *p;) {
|
for (p = (unsigned char *)str, q = hexbuf; *p;) {
|
||||||
ch = *p++;
|
ch = *p++;
|
||||||
|
@ -69,17 +69,18 @@ int main(int argc, char **argv)
|
|||||||
FILE *inf;
|
FILE *inf;
|
||||||
int i, count;
|
int i, count;
|
||||||
X509_EXTENSION *ext;
|
X509_EXTENSION *ext;
|
||||||
|
|
||||||
X509V3_add_standard_extensions();
|
X509V3_add_standard_extensions();
|
||||||
ERR_load_crypto_strings();
|
ERR_load_crypto_strings();
|
||||||
if (!argv[1]) {
|
if (!argv[1]) {
|
||||||
fprintf(stderr, "Usage v3prin cert.pem\n");
|
fprintf(stderr, "Usage v3prin cert.pem\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
if (!(inf = fopen(argv[1], "r"))) {
|
if ((inf = fopen(argv[1], "r")) == NULL) {
|
||||||
fprintf(stderr, "Can't open %s\n", argv[1]);
|
fprintf(stderr, "Can't open %s\n", argv[1]);
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
if (!(cert = PEM_read_X509(inf, NULL, NULL))) {
|
if ((cert = PEM_read_X509(inf, NULL, NULL)) == NULL) {
|
||||||
fprintf(stderr, "Can't read certificate %s\n", argv[1]);
|
fprintf(stderr, "Can't read certificate %s\n", argv[1]);
|
||||||
ERR_print_errors_fp(stderr);
|
ERR_print_errors_fp(stderr);
|
||||||
exit(1);
|
exit(1);
|
||||||
|
@ -319,23 +319,18 @@ int cluster_labs_init(ENGINE *e)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* bind functions */
|
/* bind functions */
|
||||||
if (!
|
#define BINDIT(t, name) (t *)DSO_bind_func(cluster_labs_dso, name)
|
||||||
(p1 =
|
if ((p1 = (cl_engine_init, CLUSTER_LABS_F1)) == NULL
|
||||||
(cl_engine_init *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F1))
|
|| (p2 = BINDIT(cl_mod_exp, CLUSTER_LABS_F2)) == NULL
|
||||||
|| !(p2 = (cl_mod_exp *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F2))
|
|| (p3 = BINDIT(cl_mod_exp_crt, CLUSTER_LABS_F3)) == NULL
|
||||||
|| !(p3 = (cl_mod_exp_crt *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F3))
|
|| (p4 = BINDIT(cl_rsa_mod_exp, CLUSTER_LABS_F4)) == NULL
|
||||||
|| !(p4 = (cl_rsa_mod_exp *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F4))
|
|| (p5 = BINDIT(cl_rsa_priv_enc, CLUSTER_LABS_F5)) == NULL
|
||||||
|| !(p5 =
|
|| (p6 = BINDIT(cl_rsa_priv_dec, CLUSTER_LABS_F6)) == NULL
|
||||||
(cl_rsa_priv_enc *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F5))
|
|| (p7 = BINDIT(cl_rsa_pub_enc, CLUSTER_LABS_F7)) == NULL
|
||||||
|| !(p6 =
|
|| (p8 = BINDIT(cl_rsa_pub_dec, CLUSTER_LABS_F8)) == NULL
|
||||||
(cl_rsa_priv_dec *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F6))
|
|| (p20 = BINDIT(cl_rand_bytes, CLUSTER_LABS_F20)) == NULL
|
||||||
|| !(p7 = (cl_rsa_pub_enc *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F7))
|
|| (p30 = BINDIT(cl_dsa_sign, CLUSTER_LABS_F30)) == NULL
|
||||||
|| !(p8 = (cl_rsa_pub_dec *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F8))
|
|| (p31 = BINDIT(cl_dsa_verify, CLUSTER_LABS_F31)) == NULL) {
|
||||||
|| !(p20 =
|
|
||||||
(cl_rand_bytes *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F20))
|
|
||||||
|| !(p30 = (cl_dsa_sign *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F30))
|
|
||||||
|| !(p31 =
|
|
||||||
(cl_dsa_verify *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F31))) {
|
|
||||||
CLerr(CL_F_CLUSTER_LABS_INIT, CL_R_DSO_FAILURE);
|
CLerr(CL_F_CLUSTER_LABS_INIT, CL_R_DSO_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -388,11 +388,11 @@ static int ibmca_init(ENGINE *e)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(p1 = DSO_bind_func(ibmca_dso, IBMCA_F1)) ||
|
if ((p1 = DSO_bind_func(ibmca_dso, IBMCA_F1)) == NULL
|
||||||
!(p2 = DSO_bind_func(ibmca_dso, IBMCA_F2)) ||
|
|| (p2 = DSO_bind_func(ibmca_dso, IBMCA_F2)) == NULL
|
||||||
!(p3 = DSO_bind_func(ibmca_dso, IBMCA_F3)) ||
|
|| (p3 = DSO_bind_func(ibmca_dso, IBMCA_F3)) == NULL
|
||||||
!(p4 = DSO_bind_func(ibmca_dso, IBMCA_F4)) ||
|
|| (p4 = DSO_bind_func(ibmca_dso, IBMCA_F4)) == NULL
|
||||||
!(p5 = DSO_bind_func(ibmca_dso, IBMCA_F5))) {
|
|| (p5 = DSO_bind_func(ibmca_dso, IBMCA_F5)) == NULL) {
|
||||||
IBMCAerr(IBMCA_F_IBMCA_INIT, IBMCA_R_DSO_FAILURE);
|
IBMCAerr(IBMCA_F_IBMCA_INIT, IBMCA_R_DSO_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
@ -538,46 +538,28 @@ static int zencod_init(ENGINE *e)
|
|||||||
/*
|
/*
|
||||||
* Trying to load Function from the Library
|
* Trying to load Function from the Library
|
||||||
*/
|
*/
|
||||||
if (!
|
#define BINDIT(t, name) (t*)DSO_bindfunc(zencod_dso, name)
|
||||||
(ptr_1 =
|
if ((ptr_1 = BINDIT(t_zencod_bytes2bits ZENCOD_Fct_1)) == NULL
|
||||||
(t_zencod_bytes2bits *) DSO_bind_func(zencod_dso, ZENCOD_Fct_1))
|
|| (ptr_2 = BINDIT(t_zencod_bits2bytes ZENCOD_Fct_2)) == NULL
|
||||||
|| !(ptr_2 = (t_zencod_bits2bytes *) DSO_bind_func(zencod_dso, ZENCOD_Fct_2))
|
|| (ptr_3 = BINDIT(t_zencod_new_number ZENCOD_Fct_3)) == NULL
|
||||||
|| !(ptr_3 = (t_zencod_new_number *) DSO_bind_func(zencod_dso, ZENCOD_Fct_3))
|
|| (ptr_4 = BINDIT(t_zencod_init_number ZENCOD_Fct_4)) == NULL
|
||||||
|| !(ptr_4 = (t_zencod_init_number *) DSO_bind_func(zencod_dso, ZENCOD_Fct_4))
|
|| (ptr_exp_1 = BINDIT(t_zencod_rsa_mod_exp, ZENCOD_Fct_exp_1)) == NULL
|
||||||
|| !(ptr_exp_1 =
|
|| (ptr_exp_2 = BINDIT(t_zencod_rsa_mod_exp_crt, ZENCOD_Fct_exp_2)) == NULL
|
||||||
(t_zencod_rsa_mod_exp *) DSO_bind_func(zencod_dso, ZENCOD_Fct_exp_1))
|
|| (ptr_dsa_1 = BINDIT(t_zencod_dsa_do_sign, ZENCOD_Fct_dsa_1)) == NULL
|
||||||
|| !(ptr_exp_2 =
|
|| (ptr_dsa_2 = BINDIT(t_zencod_dsa_do_verify, ZENCOD_Fct_dsa_2)) == NULL
|
||||||
(t_zencod_rsa_mod_exp_crt *) DSO_bind_func(zencod_dso, ZENCOD_Fct_exp_2))
|
|| (ptr_dh_1 = BINDIT(t_zencod_dh_generate_key, ZENCOD_Fct_dh_1)) == NULL
|
||||||
|| !(ptr_dsa_1 =
|
|| (ptr_dh_2 = BINDIT(t_zencod_dh_compute_key, ZENCOD_Fct_dh_2)) == NULL
|
||||||
(t_zencod_dsa_do_sign *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dsa_1))
|
|| (ptr_rand_1 = BINDIT(t_zencod_rand_bytes, ZENCOD_Fct_rand_1)) == NULL
|
||||||
|| !(ptr_dsa_2 =
|
|| (ptr_math_1 = BINDIT(t_zencod_math_mod_exp, ZENCOD_Fct_math_1)) == NULL
|
||||||
(t_zencod_dsa_do_verify *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dsa_2))
|
|| (ptr_0 = BINDIT(t_zencod_test, ZENCOD_Fct_0)) == NULL
|
||||||
|| !(ptr_dh_1 =
|
|| (ptr_md5_1 = BINDIT(t_zencod_md5_init, ZENCOD_Fct_md5_1)) == NULL
|
||||||
(t_zencod_dh_generate_key *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dh_1))
|
|| (ptr_md5_2 = BINDIT(t_zencod_md5_update, ZENCOD_Fct_md5_2)) == NULL
|
||||||
|| !(ptr_dh_2 =
|
|| (ptr_md5_3 = BINDIT(t_zencod_md5_do_final, ZENCOD_Fct_md5_3)) == NULL
|
||||||
(t_zencod_dh_compute_key *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dh_2))
|
|| (ptr_sha1_1 = BINDIT(t_zencod_sha1_init, ZENCOD_Fct_sha1_1)) == NULL
|
||||||
|| !(ptr_rand_1 =
|
|| (ptr_sha1_2 = BINDIT(t_zencod_sha1_update, ZENCOD_Fct_sha1_2)) == NULL
|
||||||
(t_zencod_rand_bytes *) DSO_bind_func(zencod_dso, ZENCOD_Fct_rand_1))
|
|| (ptr_sha1_3 = BINDIT(t_zencod_sha1_do_final, ZENCOD_Fct_sha1_3)) == NULL
|
||||||
|| !(ptr_math_1 =
|
|| (ptr_xdes_1 = BINDIT(t_zencod_xdes_cipher, ZENCOD_Fct_xdes_1)) == NULL
|
||||||
(t_zencod_math_mod_exp *) DSO_bind_func(zencod_dso, ZENCOD_Fct_math_1))
|
|| (ptr_rc4_1 = BINDIT(t_zencod_rc4_cipher, ZENCOD_Fct_rc4_1)) == NULL) {
|
||||||
|| !(ptr_0 = (t_zencod_test *) DSO_bind_func(zencod_dso, ZENCOD_Fct_0))
|
|
||||||
|| !(ptr_md5_1 =
|
|
||||||
(t_zencod_md5_init *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_1))
|
|
||||||
|| !(ptr_md5_2 =
|
|
||||||
(t_zencod_md5_update *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_2))
|
|
||||||
|| !(ptr_md5_3 =
|
|
||||||
(t_zencod_md5_do_final *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_3))
|
|
||||||
|| !(ptr_sha1_1 =
|
|
||||||
(t_zencod_sha1_init *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_1))
|
|
||||||
|| !(ptr_sha1_2 =
|
|
||||||
(t_zencod_sha1_update *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_2))
|
|
||||||
|| !(ptr_sha1_3 =
|
|
||||||
(t_zencod_sha1_do_final *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_3))
|
|
||||||
|| !(ptr_xdes_1 =
|
|
||||||
(t_zencod_xdes_cipher *) DSO_bind_func(zencod_dso, ZENCOD_Fct_xdes_1))
|
|
||||||
|| !(ptr_rc4_1 =
|
|
||||||
(t_zencod_rc4_cipher *) DSO_bind_func(zencod_dso, ZENCOD_Fct_rc4_1))) {
|
|
||||||
|
|
||||||
ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE);
|
ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -906,7 +888,7 @@ static DSA_SIG *DSA_zencod_do_sign(const unsigned char *dgst, int dlen,
|
|||||||
return meth->dsa_do_sign(dgst, dlen, dsa);
|
return meth->dsa_do_sign(dgst, dlen, dsa);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(bn_s = BN_new()) || !(bn_r = BN_new())) {
|
if ((bn_s = BN_new()) == NULL || (bn_r = BN_new()) == NULL) {
|
||||||
ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
|
ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
|
||||||
goto FAILED;
|
goto FAILED;
|
||||||
}
|
}
|
||||||
@ -935,7 +917,7 @@ static DSA_SIG *DSA_zencod_do_sign(const unsigned char *dgst, int dlen,
|
|||||||
goto FAILED;
|
goto FAILED;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(sig = DSA_SIG_new())) {
|
if ((sig = DSA_SIG_new()) == NULL) {
|
||||||
ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
|
ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
|
||||||
goto FAILED;
|
goto FAILED;
|
||||||
}
|
}
|
||||||
@ -1032,7 +1014,7 @@ static int DH_zencod_generate_key(DH *dh)
|
|||||||
bn_prv = dh->priv_key;
|
bn_prv = dh->priv_key;
|
||||||
generate_x = 0;
|
generate_x = 0;
|
||||||
} else {
|
} else {
|
||||||
if (!(bn_prv = BN_new())) {
|
if ((bn_prv = BN_new()) == NULL) {
|
||||||
ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
|
ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
|
||||||
goto FAILED;
|
goto FAILED;
|
||||||
}
|
}
|
||||||
@ -1042,7 +1024,7 @@ static int DH_zencod_generate_key(DH *dh)
|
|||||||
/* Public key */
|
/* Public key */
|
||||||
if (dh->pub_key)
|
if (dh->pub_key)
|
||||||
bn_pub = dh->pub_key;
|
bn_pub = dh->pub_key;
|
||||||
else if (!(bn_pub = BN_new())) {
|
else if ((bn_pub = BN_new()) == NULL) {
|
||||||
ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
|
ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
|
||||||
goto FAILED;
|
goto FAILED;
|
||||||
}
|
}
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user