diff options
| author | jsing <> | 2014-04-19 13:11:41 +0000 |
|---|---|---|
| committer | jsing <> | 2014-04-19 13:11:41 +0000 |
| commit | 94b01fb1dea0219d681a8f31b420537fd56a8a20 (patch) | |
| tree | d852cc766d4c429b41b38d7046ec6dfc58a87f6b /src/lib/libcrypto/asn1/a_sign.c | |
| parent | 1a4bc92d69fa85768e8b6d9592f3ca13bfb70c6e (diff) | |
| download | openbsd-94b01fb1dea0219d681a8f31b420537fd56a8a20.tar.gz openbsd-94b01fb1dea0219d681a8f31b420537fd56a8a20.tar.bz2 openbsd-94b01fb1dea0219d681a8f31b420537fd56a8a20.zip | |
More KNF.
Diffstat (limited to 'src/lib/libcrypto/asn1/a_sign.c')
| -rw-r--r-- | src/lib/libcrypto/asn1/a_sign.c | 96 |
1 files changed, 50 insertions, 46 deletions
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c index 046f3b4a99..40c6809669 100644 --- a/src/lib/libcrypto/asn1/a_sign.c +++ b/src/lib/libcrypto/asn1/a_sign.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -63,7 +63,7 @@ | |||
| 63 | * are met: | 63 | * are met: |
| 64 | * | 64 | * |
| 65 | * 1. Redistributions of source code must retain the above copyright | 65 | * 1. Redistributions of source code must retain the above copyright |
| 66 | * notice, this list of conditions and the following disclaimer. | 66 | * notice, this list of conditions and the following disclaimer. |
| 67 | * | 67 | * |
| 68 | * 2. Redistributions in binary form must reproduce the above copyright | 68 | * 2. Redistributions in binary form must reproduce the above copyright |
| 69 | * notice, this list of conditions and the following disclaimer in | 69 | * notice, this list of conditions and the following disclaimer in |
| @@ -125,9 +125,9 @@ | |||
| 125 | #include <openssl/buffer.h> | 125 | #include <openssl/buffer.h> |
| 126 | #include "asn1_locl.h" | 126 | #include "asn1_locl.h" |
| 127 | 127 | ||
| 128 | int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | 128 | int |
| 129 | ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, | 129 | ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, |
| 130 | const EVP_MD *type) | 130 | ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type) |
| 131 | { | 131 | { |
| 132 | EVP_MD_CTX ctx; | 132 | EVP_MD_CTX ctx; |
| 133 | EVP_MD_CTX_init(&ctx); | 133 | EVP_MD_CTX_init(&ctx); |
| @@ -137,16 +137,16 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 137 | } | 137 | } |
| 138 | return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx); | 138 | return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx); |
| 139 | } | 139 | } |
| 140 | |||
| 141 | 140 | ||
| 142 | int ASN1_item_sign_ctx(const ASN1_ITEM *it, | 141 | |
| 143 | X509_ALGOR *algor1, X509_ALGOR *algor2, | 142 | int |
| 144 | ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx) | 143 | ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, |
| 144 | ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx) | ||
| 145 | { | 145 | { |
| 146 | const EVP_MD *type; | 146 | const EVP_MD *type; |
| 147 | EVP_PKEY *pkey; | 147 | EVP_PKEY *pkey; |
| 148 | unsigned char *buf_in=NULL,*buf_out=NULL; | 148 | unsigned char *buf_in = NULL, *buf_out = NULL; |
| 149 | size_t inl=0,outl=0,outll=0; | 149 | size_t inl = 0, outl = 0, outll = 0; |
| 150 | int signid, paramtype; | 150 | int signid, paramtype; |
| 151 | int rv; | 151 | int rv; |
| 152 | 152 | ||
| @@ -154,13 +154,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, | |||
| 154 | pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); | 154 | pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); |
| 155 | 155 | ||
| 156 | if (!type || !pkey) { | 156 | if (!type || !pkey) { |
| 157 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); | 157 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, |
| 158 | ASN1_R_CONTEXT_NOT_INITIALISED); | ||
| 158 | return 0; | 159 | return 0; |
| 159 | } | 160 | } |
| 160 | 161 | ||
| 161 | if (pkey->ameth->item_sign) { | 162 | if (pkey->ameth->item_sign) { |
| 162 | rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, | 163 | rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, |
| 163 | signature); | 164 | signature); |
| 164 | if (rv == 1) | 165 | if (rv == 1) |
| 165 | outl = signature->length; | 166 | outl = signature->length; |
| 166 | /* Return value meanings: | 167 | /* Return value meanings: |
| @@ -173,22 +174,19 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, | |||
| 173 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); | 174 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); |
| 174 | if (rv <= 1) | 175 | if (rv <= 1) |
| 175 | goto err; | 176 | goto err; |
| 176 | } | 177 | } else |
| 177 | else | ||
| 178 | rv = 2; | 178 | rv = 2; |
| 179 | 179 | ||
| 180 | if (rv == 2) { | 180 | if (rv == 2) { |
| 181 | if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { | 181 | if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { |
| 182 | if (!pkey->ameth || | 182 | if (!pkey->ameth || |
| 183 | !OBJ_find_sigid_by_algs(&signid, | 183 | !OBJ_find_sigid_by_algs(&signid, |
| 184 | EVP_MD_nid(type), | 184 | EVP_MD_nid(type), pkey->ameth->pkey_id)) { |
| 185 | pkey->ameth->pkey_id)) { | ||
| 186 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, | 185 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, |
| 187 | ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); | 186 | ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
| 188 | return 0; | 187 | return 0; |
| 189 | } | 188 | } |
| 190 | } | 189 | } else |
| 191 | else | ||
| 192 | signid = type->pkey_type; | 190 | signid = type->pkey_type; |
| 193 | 191 | ||
| 194 | if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) | 192 | if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) |
| @@ -197,43 +195,49 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, | |||
| 197 | paramtype = V_ASN1_UNDEF; | 195 | paramtype = V_ASN1_UNDEF; |
| 198 | 196 | ||
| 199 | if (algor1) | 197 | if (algor1) |
| 200 | X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL); | 198 | X509_ALGOR_set0(algor1, |
| 199 | OBJ_nid2obj(signid), paramtype, NULL); | ||
| 201 | if (algor2) | 200 | if (algor2) |
| 202 | X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL); | 201 | X509_ALGOR_set0(algor2, |
| 202 | OBJ_nid2obj(signid), paramtype, NULL); | ||
| 203 | 203 | ||
| 204 | } | 204 | } |
| 205 | 205 | ||
| 206 | inl=ASN1_item_i2d(asn,&buf_in, it); | 206 | inl = ASN1_item_i2d(asn, &buf_in, it); |
| 207 | outll=outl=EVP_PKEY_size(pkey); | 207 | outll = outl = EVP_PKEY_size(pkey); |
| 208 | buf_out=malloc((unsigned int)outl); | 208 | buf_out = malloc((unsigned int)outl); |
| 209 | if ((buf_in == NULL) || (buf_out == NULL)) { | 209 | if ((buf_in == NULL) || (buf_out == NULL)) { |
| 210 | outl=0; | 210 | outl = 0; |
| 211 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE); | 211 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE); |
| 212 | goto err; | 212 | goto err; |
| 213 | } | 213 | } |
| 214 | 214 | ||
| 215 | if (!EVP_DigestSignUpdate(ctx, buf_in, inl) | 215 | if (!EVP_DigestSignUpdate(ctx, buf_in, inl) || |
| 216 | || !EVP_DigestSignFinal(ctx, buf_out, &outl)) { | 216 | !EVP_DigestSignFinal(ctx, buf_out, &outl)) { |
| 217 | outl=0; | 217 | outl = 0; |
| 218 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB); | 218 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); |
| 219 | goto err; | 219 | goto err; |
| 220 | } | 220 | } |
| 221 | if (signature->data != NULL) free(signature->data); | 221 | if (signature->data != NULL) |
| 222 | signature->data=buf_out; | 222 | free(signature->data); |
| 223 | buf_out=NULL; | 223 | signature->data = buf_out; |
| 224 | signature->length=outl; | 224 | buf_out = NULL; |
| 225 | signature->length = outl; | ||
| 225 | /* In the interests of compatibility, I'll make sure that | 226 | /* In the interests of compatibility, I'll make sure that |
| 226 | * the bit string has a 'not-used bits' value of 0 | 227 | * the bit string has a 'not-used bits' value of 0 |
| 227 | */ | 228 | */ |
| 228 | signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); | 229 | signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); |
| 229 | signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; | 230 | signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; |
| 231 | |||
| 230 | err: | 232 | err: |
| 231 | EVP_MD_CTX_cleanup(ctx); | 233 | EVP_MD_CTX_cleanup(ctx); |
| 232 | if (buf_in != NULL) { | 234 | if (buf_in != NULL) { |
| 233 | OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in); | 235 | OPENSSL_cleanse((char *)buf_in, (unsigned int)inl); |
| 236 | free(buf_in); | ||
| 234 | } | 237 | } |
| 235 | if (buf_out != NULL) { | 238 | if (buf_out != NULL) { |
| 236 | OPENSSL_cleanse((char *)buf_out,outll); free(buf_out); | 239 | OPENSSL_cleanse((char *)buf_out, outll); |
| 240 | free(buf_out); | ||
| 237 | } | 241 | } |
| 238 | return(outl); | 242 | return (outl); |
| 239 | } | 243 | } |