diff options
| author | beck <> | 2017-01-29 17:49:23 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-29 17:49:23 +0000 |
| commit | 957b11334a7afb14537322f0e4795b2e368b3f59 (patch) | |
| tree | 1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/pkcs7/pk7_smime.c | |
| parent | df96e020e729c6c37a8c7fe311fdd1fe6a8718c5 (diff) | |
| download | openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.gz openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.bz2 openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.zip | |
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/pkcs7/pk7_smime.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/pk7_smime.c | 81 |
1 files changed, 34 insertions, 47 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c index a2f23b37f3..bf9f2dd82a 100644 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ b/src/lib/libcrypto/pkcs7/pk7_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pk7_smime.c,v 1.21 2016/11/05 15:19:07 miod Exp $ */ | 1 | /* $OpenBSD: pk7_smime.c,v 1.22 2017/01/29 17:49:23 beck Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -74,7 +74,7 @@ PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, | |||
| 74 | int i; | 74 | int i; |
| 75 | 75 | ||
| 76 | if (!(p7 = PKCS7_new())) { | 76 | if (!(p7 = PKCS7_new())) { |
| 77 | PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE); | 77 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 78 | return NULL; | 78 | return NULL; |
| 79 | } | 79 | } |
| 80 | 80 | ||
| @@ -85,7 +85,7 @@ PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, | |||
| 85 | goto err; | 85 | goto err; |
| 86 | 86 | ||
| 87 | if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) { | 87 | if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) { |
| 88 | PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR); | 88 | PKCS7error(PKCS7_R_PKCS7_ADD_SIGNER_ERROR); |
| 89 | goto err; | 89 | goto err; |
| 90 | } | 90 | } |
| 91 | 91 | ||
| @@ -117,7 +117,7 @@ PKCS7_final(PKCS7 *p7, BIO *data, int flags) | |||
| 117 | int ret = 0; | 117 | int ret = 0; |
| 118 | 118 | ||
| 119 | if (!(p7bio = PKCS7_dataInit(p7, NULL))) { | 119 | if (!(p7bio = PKCS7_dataInit(p7, NULL))) { |
| 120 | PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE); | 120 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 121 | return 0; | 121 | return 0; |
| 122 | } | 122 | } |
| 123 | 123 | ||
| @@ -126,7 +126,7 @@ PKCS7_final(PKCS7 *p7, BIO *data, int flags) | |||
| 126 | (void)BIO_flush(p7bio); | 126 | (void)BIO_flush(p7bio); |
| 127 | 127 | ||
| 128 | if (!PKCS7_dataFinal(p7, p7bio)) { | 128 | if (!PKCS7_dataFinal(p7, p7bio)) { |
| 129 | PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN); | 129 | PKCS7error(PKCS7_R_PKCS7_DATASIGN); |
| 130 | goto err; | 130 | goto err; |
| 131 | } | 131 | } |
| 132 | 132 | ||
| @@ -164,14 +164,12 @@ PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, | |||
| 164 | STACK_OF(X509_ALGOR) *smcap = NULL; | 164 | STACK_OF(X509_ALGOR) *smcap = NULL; |
| 165 | 165 | ||
| 166 | if (!X509_check_private_key(signcert, pkey)) { | 166 | if (!X509_check_private_key(signcert, pkey)) { |
| 167 | PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, | 167 | PKCS7error(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); |
| 168 | PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); | ||
| 169 | return NULL; | 168 | return NULL; |
| 170 | } | 169 | } |
| 171 | 170 | ||
| 172 | if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) { | 171 | if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) { |
| 173 | PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, | 172 | PKCS7error(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); |
| 174 | PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); | ||
| 175 | return NULL; | 173 | return NULL; |
| 176 | } | 174 | } |
| 177 | 175 | ||
| @@ -186,8 +184,7 @@ PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, | |||
| 186 | /* Add SMIMECapabilities */ | 184 | /* Add SMIMECapabilities */ |
| 187 | if (!(flags & PKCS7_NOSMIMECAP)) { | 185 | if (!(flags & PKCS7_NOSMIMECAP)) { |
| 188 | if (!(smcap = sk_X509_ALGOR_new_null())) { | 186 | if (!(smcap = sk_X509_ALGOR_new_null())) { |
| 189 | PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, | 187 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 190 | ERR_R_MALLOC_FAILURE); | ||
| 191 | goto err; | 188 | goto err; |
| 192 | } | 189 | } |
| 193 | if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) || | 190 | if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) || |
| @@ -253,8 +250,7 @@ pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si) | |||
| 253 | if (osdig) | 250 | if (osdig) |
| 254 | return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length); | 251 | return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length); |
| 255 | 252 | ||
| 256 | PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST, | 253 | PKCS7error(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND); |
| 257 | PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND); | ||
| 258 | return 0; | 254 | return 0; |
| 259 | } | 255 | } |
| 260 | 256 | ||
| @@ -273,18 +269,18 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 273 | BIO *tmpin, *tmpout; | 269 | BIO *tmpin, *tmpout; |
| 274 | 270 | ||
| 275 | if (!p7) { | 271 | if (!p7) { |
| 276 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_INVALID_NULL_POINTER); | 272 | PKCS7error(PKCS7_R_INVALID_NULL_POINTER); |
| 277 | return 0; | 273 | return 0; |
| 278 | } | 274 | } |
| 279 | 275 | ||
| 280 | if (!PKCS7_type_is_signed(p7)) { | 276 | if (!PKCS7_type_is_signed(p7)) { |
| 281 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_WRONG_CONTENT_TYPE); | 277 | PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); |
| 282 | return 0; | 278 | return 0; |
| 283 | } | 279 | } |
| 284 | 280 | ||
| 285 | /* Check for no data and no content: no data to verify signature */ | 281 | /* Check for no data and no content: no data to verify signature */ |
| 286 | if (PKCS7_get_detached(p7) && !indata) { | 282 | if (PKCS7_get_detached(p7) && !indata) { |
| 287 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT); | 283 | PKCS7error(PKCS7_R_NO_CONTENT); |
| 288 | return 0; | 284 | return 0; |
| 289 | } | 285 | } |
| 290 | 286 | ||
| @@ -294,14 +290,14 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 294 | */ | 290 | */ |
| 295 | /* Check for data and content: two sets of data */ | 291 | /* Check for data and content: two sets of data */ |
| 296 | if (!PKCS7_get_detached(p7) && indata) { | 292 | if (!PKCS7_get_detached(p7) && indata) { |
| 297 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT); | 293 | PKCS7error(PKCS7_R_CONTENT_AND_DATA_PRESENT); |
| 298 | return 0; | 294 | return 0; |
| 299 | } | 295 | } |
| 300 | 296 | ||
| 301 | sinfos = PKCS7_get_signer_info(p7); | 297 | sinfos = PKCS7_get_signer_info(p7); |
| 302 | 298 | ||
| 303 | if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) { | 299 | if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) { |
| 304 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_SIGNATURES_ON_DATA); | 300 | PKCS7error(PKCS7_R_NO_SIGNATURES_ON_DATA); |
| 305 | return 0; | 301 | return 0; |
| 306 | } | 302 | } |
| 307 | 303 | ||
| @@ -319,8 +315,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 319 | if (!(flags & PKCS7_NOCHAIN)) { | 315 | if (!(flags & PKCS7_NOCHAIN)) { |
| 320 | if (!X509_STORE_CTX_init(&cert_ctx, store, | 316 | if (!X509_STORE_CTX_init(&cert_ctx, store, |
| 321 | signer, p7->d.sign->cert)) { | 317 | signer, p7->d.sign->cert)) { |
| 322 | PKCS7err(PKCS7_F_PKCS7_VERIFY, | 318 | PKCS7error(ERR_R_X509_LIB); |
| 323 | ERR_R_X509_LIB); | ||
| 324 | sk_X509_free(signers); | 319 | sk_X509_free(signers); |
| 325 | return 0; | 320 | return 0; |
| 326 | } | 321 | } |
| @@ -331,7 +326,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 331 | } | 326 | } |
| 332 | } else if (!X509_STORE_CTX_init(&cert_ctx, store, | 327 | } else if (!X509_STORE_CTX_init(&cert_ctx, store, |
| 333 | signer, NULL)) { | 328 | signer, NULL)) { |
| 334 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); | 329 | PKCS7error(ERR_R_X509_LIB); |
| 335 | sk_X509_free(signers); | 330 | sk_X509_free(signers); |
| 336 | return 0; | 331 | return 0; |
| 337 | } | 332 | } |
| @@ -342,8 +337,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 342 | j = X509_STORE_CTX_get_error(&cert_ctx); | 337 | j = X509_STORE_CTX_get_error(&cert_ctx); |
| 343 | X509_STORE_CTX_cleanup(&cert_ctx); | 338 | X509_STORE_CTX_cleanup(&cert_ctx); |
| 344 | if (i <= 0) { | 339 | if (i <= 0) { |
| 345 | PKCS7err(PKCS7_F_PKCS7_VERIFY, | 340 | PKCS7error(PKCS7_R_CERTIFICATE_VERIFY_ERROR); |
| 346 | PKCS7_R_CERTIFICATE_VERIFY_ERROR); | ||
| 347 | ERR_asprintf_error_data("Verify error:%s", | 341 | ERR_asprintf_error_data("Verify error:%s", |
| 348 | X509_verify_cert_error_string(j)); | 342 | X509_verify_cert_error_string(j)); |
| 349 | sk_X509_free(signers); | 343 | sk_X509_free(signers); |
| @@ -366,7 +360,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 366 | len = BIO_get_mem_data(indata, &ptr); | 360 | len = BIO_get_mem_data(indata, &ptr); |
| 367 | tmpin = BIO_new_mem_buf(ptr, len); | 361 | tmpin = BIO_new_mem_buf(ptr, len); |
| 368 | if (tmpin == NULL) { | 362 | if (tmpin == NULL) { |
| 369 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE); | 363 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 370 | return 0; | 364 | return 0; |
| 371 | } | 365 | } |
| 372 | } else | 366 | } else |
| @@ -378,7 +372,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 378 | 372 | ||
| 379 | if (flags & PKCS7_TEXT) { | 373 | if (flags & PKCS7_TEXT) { |
| 380 | if (!(tmpout = BIO_new(BIO_s_mem()))) { | 374 | if (!(tmpout = BIO_new(BIO_s_mem()))) { |
| 381 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE); | 375 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 382 | goto err; | 376 | goto err; |
| 383 | } | 377 | } |
| 384 | BIO_set_mem_eof_return(tmpout, 0); | 378 | BIO_set_mem_eof_return(tmpout, 0); |
| @@ -396,8 +390,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 396 | 390 | ||
| 397 | if (flags & PKCS7_TEXT) { | 391 | if (flags & PKCS7_TEXT) { |
| 398 | if (!SMIME_text(tmpout, out)) { | 392 | if (!SMIME_text(tmpout, out)) { |
| 399 | PKCS7err(PKCS7_F_PKCS7_VERIFY, | 393 | PKCS7error(PKCS7_R_SMIME_TEXT_ERROR); |
| 400 | PKCS7_R_SMIME_TEXT_ERROR); | ||
| 401 | BIO_free(tmpout); | 394 | BIO_free(tmpout); |
| 402 | goto err; | 395 | goto err; |
| 403 | } | 396 | } |
| @@ -411,8 +404,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 411 | signer = sk_X509_value (signers, i); | 404 | signer = sk_X509_value (signers, i); |
| 412 | j = PKCS7_signatureVerify(p7bio, p7, si, signer); | 405 | j = PKCS7_signatureVerify(p7bio, p7, si, signer); |
| 413 | if (j <= 0) { | 406 | if (j <= 0) { |
| 414 | PKCS7err(PKCS7_F_PKCS7_VERIFY, | 407 | PKCS7error(PKCS7_R_SIGNATURE_FAILURE); |
| 415 | PKCS7_R_SIGNATURE_FAILURE); | ||
| 416 | goto err; | 408 | goto err; |
| 417 | } | 409 | } |
| 418 | } | 410 | } |
| @@ -441,26 +433,24 @@ PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | |||
| 441 | int i; | 433 | int i; |
| 442 | 434 | ||
| 443 | if (!p7) { | 435 | if (!p7) { |
| 444 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, | 436 | PKCS7error(PKCS7_R_INVALID_NULL_POINTER); |
| 445 | PKCS7_R_INVALID_NULL_POINTER); | ||
| 446 | return NULL; | 437 | return NULL; |
| 447 | } | 438 | } |
| 448 | 439 | ||
| 449 | if (!PKCS7_type_is_signed(p7)) { | 440 | if (!PKCS7_type_is_signed(p7)) { |
| 450 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, | 441 | PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); |
| 451 | PKCS7_R_WRONG_CONTENT_TYPE); | ||
| 452 | return NULL; | 442 | return NULL; |
| 453 | } | 443 | } |
| 454 | 444 | ||
| 455 | /* Collect all the signers together */ | 445 | /* Collect all the signers together */ |
| 456 | sinfos = PKCS7_get_signer_info(p7); | 446 | sinfos = PKCS7_get_signer_info(p7); |
| 457 | if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) { | 447 | if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) { |
| 458 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_NO_SIGNERS); | 448 | PKCS7error(PKCS7_R_NO_SIGNERS); |
| 459 | return 0; | 449 | return 0; |
| 460 | } | 450 | } |
| 461 | 451 | ||
| 462 | if (!(signers = sk_X509_new_null())) { | 452 | if (!(signers = sk_X509_new_null())) { |
| 463 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE); | 453 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 464 | return NULL; | 454 | return NULL; |
| 465 | } | 455 | } |
| 466 | 456 | ||
| @@ -477,8 +467,7 @@ PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | |||
| 477 | X509_find_by_issuer_and_serial(p7->d.sign->cert, | 467 | X509_find_by_issuer_and_serial(p7->d.sign->cert, |
| 478 | ias->issuer, ias->serial); | 468 | ias->issuer, ias->serial); |
| 479 | if (!signer) { | 469 | if (!signer) { |
| 480 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, | 470 | PKCS7error(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); |
| 481 | PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); | ||
| 482 | sk_X509_free(signers); | 471 | sk_X509_free(signers); |
| 483 | return 0; | 472 | return 0; |
| 484 | } | 473 | } |
| @@ -503,22 +492,21 @@ PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, | |||
| 503 | X509 *x509; | 492 | X509 *x509; |
| 504 | 493 | ||
| 505 | if (!(p7 = PKCS7_new())) { | 494 | if (!(p7 = PKCS7_new())) { |
| 506 | PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE); | 495 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 507 | return NULL; | 496 | return NULL; |
| 508 | } | 497 | } |
| 509 | 498 | ||
| 510 | if (!PKCS7_set_type(p7, NID_pkcs7_enveloped)) | 499 | if (!PKCS7_set_type(p7, NID_pkcs7_enveloped)) |
| 511 | goto err; | 500 | goto err; |
| 512 | if (!PKCS7_set_cipher(p7, cipher)) { | 501 | if (!PKCS7_set_cipher(p7, cipher)) { |
| 513 | PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_SETTING_CIPHER); | 502 | PKCS7error(PKCS7_R_ERROR_SETTING_CIPHER); |
| 514 | goto err; | 503 | goto err; |
| 515 | } | 504 | } |
| 516 | 505 | ||
| 517 | for (i = 0; i < sk_X509_num(certs); i++) { | 506 | for (i = 0; i < sk_X509_num(certs); i++) { |
| 518 | x509 = sk_X509_value(certs, i); | 507 | x509 = sk_X509_value(certs, i); |
| 519 | if (!PKCS7_add_recipient(p7, x509)) { | 508 | if (!PKCS7_add_recipient(p7, x509)) { |
| 520 | PKCS7err(PKCS7_F_PKCS7_ENCRYPT, | 509 | PKCS7error(PKCS7_R_ERROR_ADDING_RECIPIENT); |
| 521 | PKCS7_R_ERROR_ADDING_RECIPIENT); | ||
| 522 | goto err; | 510 | goto err; |
| 523 | } | 511 | } |
| 524 | } | 512 | } |
| @@ -543,23 +531,22 @@ PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) | |||
| 543 | char buf[4096]; | 531 | char buf[4096]; |
| 544 | 532 | ||
| 545 | if (!p7) { | 533 | if (!p7) { |
| 546 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_INVALID_NULL_POINTER); | 534 | PKCS7error(PKCS7_R_INVALID_NULL_POINTER); |
| 547 | return 0; | 535 | return 0; |
| 548 | } | 536 | } |
| 549 | 537 | ||
| 550 | if (!PKCS7_type_is_enveloped(p7)) { | 538 | if (!PKCS7_type_is_enveloped(p7)) { |
| 551 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_WRONG_CONTENT_TYPE); | 539 | PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); |
| 552 | return 0; | 540 | return 0; |
| 553 | } | 541 | } |
| 554 | 542 | ||
| 555 | if (cert && !X509_check_private_key(cert, pkey)) { | 543 | if (cert && !X509_check_private_key(cert, pkey)) { |
| 556 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, | 544 | PKCS7error(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); |
| 557 | PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); | ||
| 558 | return 0; | 545 | return 0; |
| 559 | } | 546 | } |
| 560 | 547 | ||
| 561 | if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) { | 548 | if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) { |
| 562 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR); | 549 | PKCS7error(PKCS7_R_DECRYPT_ERROR); |
| 563 | return 0; | 550 | return 0; |
| 564 | } | 551 | } |
| 565 | 552 | ||
| @@ -568,7 +555,7 @@ PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) | |||
| 568 | 555 | ||
| 569 | /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ | 556 | /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ |
| 570 | if (!(tmpbuf = BIO_new(BIO_f_buffer()))) { | 557 | if (!(tmpbuf = BIO_new(BIO_f_buffer()))) { |
| 571 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); | 558 | PKCS7error(ERR_R_MALLOC_FAILURE); |
| 572 | BIO_free_all(tmpmem); | 559 | BIO_free_all(tmpmem); |
| 573 | return 0; | 560 | return 0; |
| 574 | } | 561 | } |