diff options
| author | tedu <> | 2014-04-18 00:58:49 +0000 |
|---|---|---|
| committer | tedu <> | 2014-04-18 00:58:49 +0000 |
| commit | a1df5b66c7ad477a535e56a504d8da47e1998cfa (patch) | |
| tree | b216ca6fba673789f2c494699c4cf41d23337bfa /src/lib/libcrypto/asn1/a_verify.c | |
| parent | 07f5c09b19f56c323fa22ebd5efb5a4df9f5dc4d (diff) | |
| download | openbsd-a1df5b66c7ad477a535e56a504d8da47e1998cfa.tar.gz openbsd-a1df5b66c7ad477a535e56a504d8da47e1998cfa.tar.bz2 openbsd-a1df5b66c7ad477a535e56a504d8da47e1998cfa.zip | |
lob a few more knf grenades in here to soften things up.
Diffstat (limited to 'src/lib/libcrypto/asn1/a_verify.c')
| -rw-r--r-- | src/lib/libcrypto/asn1/a_verify.c | 34 |
1 files changed, 11 insertions, 23 deletions
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c index 59c5b876b5..8df0b038d1 100644 --- a/src/lib/libcrypto/asn1/a_verify.c +++ b/src/lib/libcrypto/asn1/a_verify.c | |||
| @@ -81,8 +81,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, | |||
| 81 | 81 | ||
| 82 | int mdnid, pknid; | 82 | int mdnid, pknid; |
| 83 | 83 | ||
| 84 | if (!pkey) | 84 | if (!pkey) { |
| 85 | { | ||
| 86 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | 85 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); |
| 87 | return -1; | 86 | return -1; |
| 88 | } | 87 | } |
| @@ -90,15 +89,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, | |||
| 90 | EVP_MD_CTX_init(&ctx); | 89 | EVP_MD_CTX_init(&ctx); |
| 91 | 90 | ||
| 92 | /* Convert signature OID into digest and public key OIDs */ | 91 | /* Convert signature OID into digest and public key OIDs */ |
| 93 | if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) | 92 | if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) { |
| 94 | { | ||
| 95 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); | 93 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); |
| 96 | goto err; | 94 | goto err; |
| 97 | } | 95 | } |
| 98 | if (mdnid == NID_undef) | 96 | if (mdnid == NID_undef) { |
| 99 | { | 97 | if (!pkey->ameth || !pkey->ameth->item_verify) { |
| 100 | if (!pkey->ameth || !pkey->ameth->item_verify) | ||
| 101 | { | ||
| 102 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); | 98 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); |
| 103 | goto err; | 99 | goto err; |
| 104 | } | 100 | } |
| @@ -111,26 +107,21 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, | |||
| 111 | if (ret != 2) | 107 | if (ret != 2) |
| 112 | goto err; | 108 | goto err; |
| 113 | ret = -1; | 109 | ret = -1; |
| 114 | } | 110 | } else { |
| 115 | else | ||
| 116 | { | ||
| 117 | const EVP_MD *type; | 111 | const EVP_MD *type; |
| 118 | type=EVP_get_digestbynid(mdnid); | 112 | type=EVP_get_digestbynid(mdnid); |
| 119 | if (type == NULL) | 113 | if (type == NULL) { |
| 120 | { | ||
| 121 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); | 114 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); |
| 122 | goto err; | 115 | goto err; |
| 123 | } | 116 | } |
| 124 | 117 | ||
| 125 | /* Check public key OID matches public key type */ | 118 | /* Check public key OID matches public key type */ |
| 126 | if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) | 119 | if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) { |
| 127 | { | ||
| 128 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); | 120 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); |
| 129 | goto err; | 121 | goto err; |
| 130 | } | 122 | } |
| 131 | 123 | ||
| 132 | if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) | 124 | if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) { |
| 133 | { | ||
| 134 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); | 125 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); |
| 135 | ret=0; | 126 | ret=0; |
| 136 | goto err; | 127 | goto err; |
| @@ -140,14 +131,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, | |||
| 140 | 131 | ||
| 141 | inl = ASN1_item_i2d(asn, &buf_in, it); | 132 | inl = ASN1_item_i2d(asn, &buf_in, it); |
| 142 | 133 | ||
| 143 | if (buf_in == NULL) | 134 | if (buf_in == NULL) { |
| 144 | { | ||
| 145 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); | 135 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); |
| 146 | goto err; | 136 | goto err; |
| 147 | } | 137 | } |
| 148 | 138 | ||
| 149 | if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) | 139 | if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) { |
| 150 | { | ||
| 151 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); | 140 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); |
| 152 | ret=0; | 141 | ret=0; |
| 153 | goto err; | 142 | goto err; |
| @@ -157,8 +146,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, | |||
| 157 | free(buf_in); | 146 | free(buf_in); |
| 158 | 147 | ||
| 159 | if (EVP_DigestVerifyFinal(&ctx,signature->data, | 148 | if (EVP_DigestVerifyFinal(&ctx,signature->data, |
| 160 | (size_t)signature->length) <= 0) | 149 | (size_t)signature->length) <= 0) { |
| 161 | { | ||
| 162 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); | 150 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); |
| 163 | ret=0; | 151 | ret=0; |
| 164 | goto err; | 152 | goto err; |