summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorinoguchi <>2019-11-18 12:43:27 +0000
committerinoguchi <>2019-11-18 12:43:27 +0000
commit70c814f29131358571652be5c543265c82523bca (patch)
tree870b63ba12cab64207dd547c4a8810f5989dd247
parent20b2f29ba1a080176623746a32406f58e54313b4 (diff)
downloadopenbsd-70c814f29131358571652be5c543265c82523bca.tar.gz
openbsd-70c814f29131358571652be5c543265c82523bca.tar.bz2
openbsd-70c814f29131358571652be5c543265c82523bca.zip
Remove typedef and check sk_push return value in openssl(1) cms
- Remove typedef and use 'struct cms_key_param' instead - Check return value of sk_X509_push and sk_OPENSSL_STRING_push - Add a blank line to separate variable declarations from code comments from jsing@
Diffstat
-rw-r--r--src/usr.bin/openssl/cms.c56
1 files changed, 33 insertions, 23 deletions
diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c
index 71e52fe52c..a4deb06188 100644
--- a/src/usr.bin/openssl/cms.c
+++ b/src/usr.bin/openssl/cms.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms.c,v 1.14 2019/11/18 11:34:41 inoguchi Exp $ */ 1/* $OpenBSD: cms.c,v 1.15 2019/11/18 12:43:27 inoguchi Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -99,12 +99,10 @@ static int cms_set_pkey_param(EVP_PKEY_CTX *pctx,
99 99
100int verify_err = 0; 100int verify_err = 0;
101 101
102typedef struct cms_key_param_st cms_key_param; 102struct cms_key_param {
103
104struct cms_key_param_st {
105 int idx; 103 int idx;
106 STACK_OF(OPENSSL_STRING) *param; 104 STACK_OF(OPENSSL_STRING) *param;
107 cms_key_param *next; 105 struct cms_key_param *next;
108}; 106};
109 107
110int 108int
@@ -142,7 +140,7 @@ cms_main(int argc, char **argv)
142 unsigned char *pwri_pass = NULL, *pwri_tmp = NULL; 140 unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
143 size_t secret_keylen = 0, secret_keyidlen = 0; 141 size_t secret_keylen = 0, secret_keyidlen = 0;
144 142
145 cms_key_param *key_first = NULL, *key_param = NULL; 143 struct cms_key_param *key_first = NULL, *key_param = NULL;
146 144
147 ASN1_OBJECT *econtent_type = NULL; 145 ASN1_OBJECT *econtent_type = NULL;
148 146
@@ -278,14 +276,16 @@ cms_main(int argc, char **argv)
278 args++; 276 args++;
279 if (!rr_from) 277 if (!rr_from)
280 rr_from = sk_OPENSSL_STRING_new_null(); 278 rr_from = sk_OPENSSL_STRING_new_null();
281 sk_OPENSSL_STRING_push(rr_from, *args); 279 if (!sk_OPENSSL_STRING_push(rr_from, *args))
280 goto end;
282 } else if (!strcmp(*args, "-receipt_request_to")) { 281 } else if (!strcmp(*args, "-receipt_request_to")) {
283 if (!args[1]) 282 if (!args[1])
284 goto argerr; 283 goto argerr;
285 args++; 284 args++;
286 if (!rr_to) 285 if (!rr_to)
287 rr_to = sk_OPENSSL_STRING_new_null(); 286 rr_to = sk_OPENSSL_STRING_new_null();
288 sk_OPENSSL_STRING_push(rr_to, *args); 287 if (!sk_OPENSSL_STRING_push(rr_to, *args))
288 goto end;
289 } else if (!strcmp(*args, "-print")) { 289 } else if (!strcmp(*args, "-print")) {
290 noout = 1; 290 noout = 1;
291 print = 1; 291 print = 1;
@@ -351,12 +351,14 @@ cms_main(int argc, char **argv)
351 if (!sksigners) 351 if (!sksigners)
352 sksigners = 352 sksigners =
353 sk_OPENSSL_STRING_new_null(); 353 sk_OPENSSL_STRING_new_null();
354 sk_OPENSSL_STRING_push(sksigners, signerfile); 354 if (!sk_OPENSSL_STRING_push(sksigners, signerfile))
355 goto end;
355 if (!keyfile) 356 if (!keyfile)
356 keyfile = signerfile; 357 keyfile = signerfile;
357 if (!skkeys) 358 if (!skkeys)
358 skkeys = sk_OPENSSL_STRING_new_null(); 359 skkeys = sk_OPENSSL_STRING_new_null();
359 sk_OPENSSL_STRING_push(skkeys, keyfile); 360 if (!sk_OPENSSL_STRING_push(skkeys, keyfile))
361 goto end;
360 keyfile = NULL; 362 keyfile = NULL;
361 } 363 }
362 signerfile = *++args; 364 signerfile = *++args;
@@ -371,7 +373,8 @@ cms_main(int argc, char **argv)
371 NULL, "recipient certificate file"); 373 NULL, "recipient certificate file");
372 if (cert == NULL) 374 if (cert == NULL)
373 goto end; 375 goto end;
374 sk_X509_push(encerts, cert); 376 if (!sk_X509_push(encerts, cert))
377 goto end;
375 cert = NULL; 378 cert = NULL;
376 } else { 379 } else {
377 recipfile = *++args; 380 recipfile = *++args;
@@ -402,11 +405,13 @@ cms_main(int argc, char **argv)
402 if (!sksigners) 405 if (!sksigners)
403 sksigners = 406 sksigners =
404 sk_OPENSSL_STRING_new_null(); 407 sk_OPENSSL_STRING_new_null();
405 sk_OPENSSL_STRING_push(sksigners, signerfile); 408 if (!sk_OPENSSL_STRING_push(sksigners, signerfile))
409 goto end;
406 signerfile = NULL; 410 signerfile = NULL;
407 if (!skkeys) 411 if (!skkeys)
408 skkeys = sk_OPENSSL_STRING_new_null(); 412 skkeys = sk_OPENSSL_STRING_new_null();
409 sk_OPENSSL_STRING_push(skkeys, keyfile); 413 if (!sk_OPENSSL_STRING_push(skkeys, keyfile))
414 goto end;
410 } 415 }
411 keyfile = *++args; 416 keyfile = *++args;
412 } else if (!strcmp(*args, "-keyform")) { 417 } else if (!strcmp(*args, "-keyform")) {
@@ -431,8 +436,8 @@ cms_main(int argc, char **argv)
431 goto argerr; 436 goto argerr;
432 } 437 }
433 if (key_param == NULL || key_param->idx != keyidx) { 438 if (key_param == NULL || key_param->idx != keyidx) {
434 cms_key_param *nparam; 439 struct cms_key_param *nparam;
435 if ((nparam = malloc(sizeof(cms_key_param))) == NULL) 440 if ((nparam = malloc(sizeof(struct cms_key_param))) == NULL)
436 goto end; 441 goto end;
437 nparam->idx = keyidx; 442 nparam->idx = keyidx;
438 if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) 443 if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL)
@@ -444,7 +449,8 @@ cms_main(int argc, char **argv)
444 key_param->next = nparam; 449 key_param->next = nparam;
445 key_param = nparam; 450 key_param = nparam;
446 } 451 }
447 sk_OPENSSL_STRING_push(key_param->param, *++args); 452 if (!sk_OPENSSL_STRING_push(key_param->param, *++args))
453 goto end;
448 } else if (!strcmp(*args, "-rctform")) { 454 } else if (!strcmp(*args, "-rctform")) {
449 if (!args[1]) 455 if (!args[1])
450 goto argerr; 456 goto argerr;
@@ -509,12 +515,14 @@ cms_main(int argc, char **argv)
509 if (signerfile) { 515 if (signerfile) {
510 if (!sksigners) 516 if (!sksigners)
511 sksigners = sk_OPENSSL_STRING_new_null(); 517 sksigners = sk_OPENSSL_STRING_new_null();
512 sk_OPENSSL_STRING_push(sksigners, signerfile); 518 if (!sk_OPENSSL_STRING_push(sksigners, signerfile))
519 goto end;
513 if (!skkeys) 520 if (!skkeys)
514 skkeys = sk_OPENSSL_STRING_new_null(); 521 skkeys = sk_OPENSSL_STRING_new_null();
515 if (!keyfile) 522 if (!keyfile)
516 keyfile = signerfile; 523 keyfile = signerfile;
517 sk_OPENSSL_STRING_push(skkeys, keyfile); 524 if (!sk_OPENSSL_STRING_push(skkeys, keyfile))
525 goto end;
518 } 526 }
519 if (!sksigners) { 527 if (!sksigners) {
520 BIO_printf(bio_err, 528 BIO_printf(bio_err,
@@ -580,7 +588,7 @@ cms_main(int argc, char **argv)
580 BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); 588 BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n");
581 BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n"); 589 BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n");
582 BIO_printf(bio_err, "-keyform arg input private key format (PEM)\n"); 590 BIO_printf(bio_err, "-keyform arg input private key format (PEM)\n");
583 BIO_printf (bio_err, "-keyopt nm:v set public key parameters\n"); 591 BIO_printf(bio_err, "-keyopt nm:v set public key parameters\n");
584 BIO_printf(bio_err, "-out file output file\n"); 592 BIO_printf(bio_err, "-out file output file\n");
585 BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); 593 BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n");
586 BIO_printf(bio_err, "-content file supply or override content for detached signature\n"); 594 BIO_printf(bio_err, "-content file supply or override content for detached signature\n");
@@ -641,7 +649,8 @@ cms_main(int argc, char **argv)
641 if (!(cert = load_cert(bio_err, *args, FORMAT_PEM, 649 if (!(cert = load_cert(bio_err, *args, FORMAT_PEM,
642 NULL, "recipient certificate file"))) 650 NULL, "recipient certificate file")))
643 goto end; 651 goto end;
644 sk_X509_push(encerts, cert); 652 if (!sk_X509_push(encerts, cert))
653 goto end;
645 cert = NULL; 654 cert = NULL;
646 args++; 655 args++;
647 } 656 }
@@ -786,7 +795,7 @@ cms_main(int argc, char **argv)
786 goto end; 795 goto end;
787 for (i = 0; i < sk_X509_num(encerts); i++) { 796 for (i = 0; i < sk_X509_num(encerts); i++) {
788 CMS_RecipientInfo *ri; 797 CMS_RecipientInfo *ri;
789 cms_key_param *kparam; 798 struct cms_key_param *kparam;
790 int tflags = flags; 799 int tflags = flags;
791 X509 *x = sk_X509_value(encerts, i); 800 X509 *x = sk_X509_value(encerts, i);
792 for (kparam = key_first; kparam; kparam = kparam->next) { 801 for (kparam = key_first; kparam; kparam = kparam->next) {
@@ -877,7 +886,7 @@ cms_main(int argc, char **argv)
877 flags |= CMS_REUSE_DIGEST; 886 flags |= CMS_REUSE_DIGEST;
878 for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { 887 for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
879 CMS_SignerInfo *si; 888 CMS_SignerInfo *si;
880 cms_key_param *kparam; 889 struct cms_key_param *kparam;
881 int tflags = flags; 890 int tflags = flags;
882 signerfile = sk_OPENSSL_STRING_value(sksigners, i); 891 signerfile = sk_OPENSSL_STRING_value(sksigners, i);
883 keyfile = sk_OPENSSL_STRING_value(skkeys, i); 892 keyfile = sk_OPENSSL_STRING_value(skkeys, i);
@@ -1048,7 +1057,7 @@ cms_main(int argc, char **argv)
1048 sk_OPENSSL_STRING_free(rr_to); 1057 sk_OPENSSL_STRING_free(rr_to);
1049 sk_OPENSSL_STRING_free(rr_from); 1058 sk_OPENSSL_STRING_free(rr_from);
1050 for (key_param = key_first; key_param;) { 1059 for (key_param = key_first; key_param;) {
1051 cms_key_param *tparam; 1060 struct cms_key_param *tparam;
1052 sk_OPENSSL_STRING_free(key_param->param); 1061 sk_OPENSSL_STRING_free(key_param->param);
1053 tparam = key_param->next; 1062 tparam = key_param->next;
1054 free(key_param); 1063 free(key_param);
@@ -1240,6 +1249,7 @@ cms_set_pkey_param(EVP_PKEY_CTX *pctx, STACK_OF(OPENSSL_STRING) *param)
1240{ 1249{
1241 char *keyopt; 1250 char *keyopt;
1242 int i; 1251 int i;
1252
1243 if (sk_OPENSSL_STRING_num(param) <= 0) 1253 if (sk_OPENSSL_STRING_num(param) <= 0)
1244 return 1; 1254 return 1;
1245 for (i = 0; i < sk_OPENSSL_STRING_num(param); i++) { 1255 for (i = 0; i < sk_OPENSSL_STRING_num(param); i++) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 22:49:57 +0000