summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs7
diff options
context:
space:
mode:
authormiod <>2016-11-05 15:19:07 +0000
committermiod <>2016-11-05 15:19:07 +0000
commit866700544190d5e3245e7a8248a04e1fe84d25a6 (patch)
tree3f02dcd580cfce0c78cacb42a3c3edbbfd1ed15e /src/lib/libcrypto/pkcs7
parent482e0652b689cf7aba0aa4855d6c8407310fcf3b (diff)
downloadopenbsd-866700544190d5e3245e7a8248a04e1fe84d25a6.tar.gz
openbsd-866700544190d5e3245e7a8248a04e1fe84d25a6.tar.bz2
openbsd-866700544190d5e3245e7a8248a04e1fe84d25a6.zip
More X509_STORE_CTX_set_*() return value checks.
ok beck@ jsing@
Diffstat (limited to 'src/lib/libcrypto/pkcs7')
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c13
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_smime.c9
2 files changed, 12 insertions, 10 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index 50e4fe39c1..bd873143c1 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_doit.c,v 1.38 2015/09/30 18:41:06 jsing Exp $ */ 1/* $OpenBSD: pk7_doit.c,v 1.39 2016/11/05 15:19:07 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -811,11 +811,7 @@ PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
811 811
812 j = OBJ_obj2nid(si->digest_alg->algorithm); 812 j = OBJ_obj2nid(si->digest_alg->algorithm);
813 813
814 btmp = bio; 814 if ((btmp = PKCS7_find_digest(&mdc, bio, j)) == NULL)
815
816 btmp = PKCS7_find_digest(&mdc, btmp, j);
817
818 if (btmp == NULL)
819 goto err; 815 goto err;
820 816
821 /* We now have the EVP_MD_CTX, lets do the 817 /* We now have the EVP_MD_CTX, lets do the
@@ -997,7 +993,10 @@ PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
997 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB); 993 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
998 goto err; 994 goto err;
999 } 995 }
1000 X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN); 996 if (X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN) == 0) {
997 X509_STORE_CTX_cleanup(ctx);
998 goto err;
999 }
1001 i = X509_verify_cert(ctx); 1000 i = X509_verify_cert(ctx);
1002 if (i <= 0) { 1001 if (i <= 0) {
1003 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB); 1002 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c
index 1c00e5914a..a2f23b37f3 100644
--- a/src/lib/libcrypto/pkcs7/pk7_smime.c
+++ b/src/lib/libcrypto/pkcs7/pk7_smime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_smime.c,v 1.20 2015/02/07 14:21:41 doug Exp $ */ 1/* $OpenBSD: pk7_smime.c,v 1.21 2016/11/05 15:19:07 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -324,8 +324,11 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata,
324 sk_X509_free(signers); 324 sk_X509_free(signers);
325 return 0; 325 return 0;
326 } 326 }
327 X509_STORE_CTX_set_default(&cert_ctx, 327 if (X509_STORE_CTX_set_default(&cert_ctx,
328 "smime_sign"); 328 "smime_sign") == 0) {
329 sk_X509_free(signers);
330 return 0;
331 }
329 } else if (!X509_STORE_CTX_init(&cert_ctx, store, 332 } else if (!X509_STORE_CTX_init(&cert_ctx, store,
330 signer, NULL)) { 333 signer, NULL)) {
331 PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); 334 PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 05:45:51 +0000