summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs7/pk7_lib.c
diff options
context:
space:
mode:
authorbeck <>2017-01-29 17:49:23 +0000
committerbeck <>2017-01-29 17:49:23 +0000
commit957b11334a7afb14537322f0e4795b2e368b3f59 (patch)
tree1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/pkcs7/pk7_lib.c
parentdf96e020e729c6c37a8c7fe311fdd1fe6a8718c5 (diff)
downloadopenbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.gz
openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.bz2
openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.zip
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/pkcs7/pk7_lib.c')
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_lib.c61
1 files changed, 23 insertions, 38 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c
index b3dc068f3d..dc407dad55 100644
--- a/src/lib/libcrypto/pkcs7/pk7_lib.c
+++ b/src/lib/libcrypto/pkcs7/pk7_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_lib.c,v 1.18 2015/09/30 18:41:06 jsing Exp $ */ 1/* $OpenBSD: pk7_lib.c,v 1.19 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -83,8 +83,7 @@ PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
83 p7->d.sign->contents->d.data = NULL; 83 p7->d.sign->contents->d.data = NULL;
84 } 84 }
85 } else { 85 } else {
86 PKCS7err(PKCS7_F_PKCS7_CTRL, 86 PKCS7error(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
87 PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
88 ret = 0; 87 ret = 0;
89 } 88 }
90 break; 89 break;
@@ -97,14 +96,13 @@ PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
97 96
98 p7->detached = ret; 97 p7->detached = ret;
99 } else { 98 } else {
100 PKCS7err(PKCS7_F_PKCS7_CTRL, 99 PKCS7error(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
101 PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
102 ret = 0; 100 ret = 0;
103 } 101 }
104 102
105 break; 103 break;
106 default: 104 default:
107 PKCS7err(PKCS7_F_PKCS7_CTRL, PKCS7_R_UNKNOWN_OPERATION); 105 PKCS7error(PKCS7_R_UNKNOWN_OPERATION);
108 ret = 0; 106 ret = 0;
109 } 107 }
110 return (ret); 108 return (ret);
@@ -151,8 +149,7 @@ PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
151 case NID_pkcs7_signedAndEnveloped: 149 case NID_pkcs7_signedAndEnveloped:
152 case NID_pkcs7_encrypted: 150 case NID_pkcs7_encrypted:
153 default: 151 default:
154 PKCS7err(PKCS7_F_PKCS7_SET_CONTENT, 152 PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
155 PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
156 goto err; 153 goto err;
157 } 154 }
158 return (1); 155 return (1);
@@ -222,8 +219,7 @@ PKCS7_set_type(PKCS7 *p7, int type)
222 goto err; 219 goto err;
223 break; 220 break;
224 default: 221 default:
225 PKCS7err(PKCS7_F_PKCS7_SET_TYPE, 222 PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
226 PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
227 goto err; 223 goto err;
228 } 224 }
229 return (1); 225 return (1);
@@ -258,7 +254,7 @@ PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
258 md_sk = p7->d.signed_and_enveloped->md_algs; 254 md_sk = p7->d.signed_and_enveloped->md_algs;
259 break; 255 break;
260 default: 256 default:
261 PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, PKCS7_R_WRONG_CONTENT_TYPE); 257 PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE);
262 return (0); 258 return (0);
263 } 259 }
264 260
@@ -278,8 +274,7 @@ PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
278 if (!(alg = X509_ALGOR_new()) || 274 if (!(alg = X509_ALGOR_new()) ||
279 !(alg->parameter = ASN1_TYPE_new())) { 275 !(alg->parameter = ASN1_TYPE_new())) {
280 X509_ALGOR_free(alg); 276 X509_ALGOR_free(alg);
281 PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, 277 PKCS7error(ERR_R_MALLOC_FAILURE);
282 ERR_R_MALLOC_FAILURE);
283 return (0); 278 return (0);
284 } 279 }
285 alg->algorithm = OBJ_nid2obj(nid); 280 alg->algorithm = OBJ_nid2obj(nid);
@@ -310,15 +305,14 @@ PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
310 sk = &(p7->d.signed_and_enveloped->cert); 305 sk = &(p7->d.signed_and_enveloped->cert);
311 break; 306 break;
312 default: 307 default:
313 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, 308 PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE);
314 PKCS7_R_WRONG_CONTENT_TYPE);
315 return (0); 309 return (0);
316 } 310 }
317 311
318 if (*sk == NULL) 312 if (*sk == NULL)
319 *sk = sk_X509_new_null(); 313 *sk = sk_X509_new_null();
320 if (*sk == NULL) { 314 if (*sk == NULL) {
321 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE); 315 PKCS7error(ERR_R_MALLOC_FAILURE);
322 return 0; 316 return 0;
323 } 317 }
324 CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); 318 CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
@@ -344,14 +338,14 @@ PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
344 sk = &(p7->d.signed_and_enveloped->crl); 338 sk = &(p7->d.signed_and_enveloped->crl);
345 break; 339 break;
346 default: 340 default:
347 PKCS7err(PKCS7_F_PKCS7_ADD_CRL, PKCS7_R_WRONG_CONTENT_TYPE); 341 PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE);
348 return (0); 342 return (0);
349 } 343 }
350 344
351 if (*sk == NULL) 345 if (*sk == NULL)
352 *sk = sk_X509_CRL_new_null(); 346 *sk = sk_X509_CRL_new_null();
353 if (*sk == NULL) { 347 if (*sk == NULL) {
354 PKCS7err(PKCS7_F_PKCS7_ADD_CRL, ERR_R_MALLOC_FAILURE); 348 PKCS7error(ERR_R_MALLOC_FAILURE);
355 return 0; 349 return 0;
356 } 350 }
357 351
@@ -398,13 +392,11 @@ PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
398 if (ret > 0) 392 if (ret > 0)
399 return 1; 393 return 1;
400 if (ret != -2) { 394 if (ret != -2) {
401 PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, 395 PKCS7error(PKCS7_R_SIGNING_CTRL_FAILURE);
402 PKCS7_R_SIGNING_CTRL_FAILURE);
403 return 0; 396 return 0;
404 } 397 }
405 } 398 }
406 PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, 399 PKCS7error(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
407 PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
408err: 400err:
409 return 0; 401 return 0;
410} 402}
@@ -420,8 +412,7 @@ PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst)
420 goto err; 412 goto err;
421 dgst = EVP_get_digestbynid(def_nid); 413 dgst = EVP_get_digestbynid(def_nid);
422 if (dgst == NULL) { 414 if (dgst == NULL) {
423 PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE, 415 PKCS7error(PKCS7_R_NO_DEFAULT_DIGEST);
424 PKCS7_R_NO_DEFAULT_DIGEST);
425 goto err; 416 goto err;
426 } 417 }
427 } 418 }
@@ -444,8 +435,7 @@ PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
444{ 435{
445 if (PKCS7_type_is_digest(p7)) { 436 if (PKCS7_type_is_digest(p7)) {
446 if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) { 437 if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) {
447 PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, 438 PKCS7error(ERR_R_MALLOC_FAILURE);
448 ERR_R_MALLOC_FAILURE);
449 return 0; 439 return 0;
450 } 440 }
451 p7->d.digest->md->parameter->type = V_ASN1_NULL; 441 p7->d.digest->md->parameter->type = V_ASN1_NULL;
@@ -453,7 +443,7 @@ PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
453 return 1; 443 return 1;
454 } 444 }
455 445
456 PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, PKCS7_R_WRONG_CONTENT_TYPE); 446 PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE);
457 return 1; 447 return 1;
458} 448}
459 449
@@ -522,8 +512,7 @@ PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
522 sk = p7->d.enveloped->recipientinfo; 512 sk = p7->d.enveloped->recipientinfo;
523 break; 513 break;
524 default: 514 default:
525 PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO, 515 PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE);
526 PKCS7_R_WRONG_CONTENT_TYPE);
527 return (0); 516 return (0);
528 } 517 }
529 518
@@ -551,21 +540,18 @@ PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
551 pkey = X509_get_pubkey(x509); 540 pkey = X509_get_pubkey(x509);
552 541
553 if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) { 542 if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) {
554 PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, 543 PKCS7error(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
555 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
556 goto err; 544 goto err;
557 } 545 }
558 546
559 ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, 547 ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT,
560 0, p7i); 548 0, p7i);
561 if (ret == -2) { 549 if (ret == -2) {
562 PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, 550 PKCS7error(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
563 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
564 goto err; 551 goto err;
565 } 552 }
566 if (ret <= 0) { 553 if (ret <= 0) {
567 PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, 554 PKCS7error(PKCS7_R_ENCRYPTION_CTRL_FAILURE);
568 PKCS7_R_ENCRYPTION_CTRL_FAILURE);
569 goto err; 555 goto err;
570 } 556 }
571 557
@@ -607,15 +593,14 @@ PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
607 ec = p7->d.enveloped->enc_data; 593 ec = p7->d.enveloped->enc_data;
608 break; 594 break;
609 default: 595 default:
610 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER, PKCS7_R_WRONG_CONTENT_TYPE); 596 PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE);
611 return (0); 597 return (0);
612 } 598 }
613 599
614 /* Check cipher OID exists and has data in it*/ 600 /* Check cipher OID exists and has data in it*/
615 i = EVP_CIPHER_type(cipher); 601 i = EVP_CIPHER_type(cipher);
616 if (i == NID_undef) { 602 if (i == NID_undef) {
617 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER, 603 PKCS7error(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
618 PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
619 return (0); 604 return (0);
620 } 605 }
621 606
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 22:36:23 +0000