summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2019-08-11 10:38:27 +0000
committerjsing <>2019-08-11 10:38:27 +0000
commit66c480d1798005c797335d0f02a75fc501efcc7f (patch)
tree42de514d40b8fbdc31f900b32db6a05e12455f76 /src
parent08cb6e4d4d31afbeec6bc3bdd6594710504fd25b (diff)
downloadopenbsd-66c480d1798005c797335d0f02a75fc501efcc7f.tar.gz
openbsd-66c480d1798005c797335d0f02a75fc501efcc7f.tar.bz2
openbsd-66c480d1798005c797335d0f02a75fc501efcc7f.zip
Convert CMSerr() to CMSerror().
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/cms/cms_cd.c11
-rw-r--r--src/lib/libcrypto/cms/cms_dd.c10
-rw-r--r--src/lib/libcrypto/cms/cms_enc.c33
-rw-r--r--src/lib/libcrypto/cms/cms_env.c94
-rw-r--r--src/lib/libcrypto/cms/cms_ess.c41
-rw-r--r--src/lib/libcrypto/cms/cms_io.c4
-rw-r--r--src/lib/libcrypto/cms/cms_kari.c16
-rw-r--r--src/lib/libcrypto/cms/cms_lib.c39
-rw-r--r--src/lib/libcrypto/cms/cms_pwri.c43
-rw-r--r--src/lib/libcrypto/cms/cms_sd.c67
-rw-r--r--src/lib/libcrypto/cms/cms_smime.c73
11 files changed, 191 insertions, 240 deletions
diff --git a/src/lib/libcrypto/cms/cms_cd.c b/src/lib/libcrypto/cms/cms_cd.c
index e3e9f78e5b..752c808c65 100644
--- a/src/lib/libcrypto/cms/cms_cd.c
+++ b/src/lib/libcrypto/cms/cms_cd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_cd.c,v 1.13 2019/08/10 18:15:52 jsing Exp $ */ 1/* $OpenBSD: cms_cd.c,v 1.14 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -77,8 +77,7 @@ cms_CompressedData_create(int comp_nid)
77 * compression algorithm or parameters have some meaning... 77 * compression algorithm or parameters have some meaning...
78 */ 78 */
79 if (comp_nid != NID_zlib_compression) { 79 if (comp_nid != NID_zlib_compression) {
80 CMSerr(CMS_F_CMS_COMPRESSEDDATA_CREATE, 80 CMSerror(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
81 CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
82 return NULL; 81 return NULL;
83 } 82 }
84 cms = CMS_ContentInfo_new(); 83 cms = CMS_ContentInfo_new();
@@ -114,15 +113,13 @@ cms_CompressedData_init_bio(CMS_ContentInfo *cms)
114 const ASN1_OBJECT *compoid; 113 const ASN1_OBJECT *compoid;
115 114
116 if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData) { 115 if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData) {
117 CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO, 116 CMSerror(CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
118 CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
119 return NULL; 117 return NULL;
120 } 118 }
121 cd = cms->d.compressedData; 119 cd = cms->d.compressedData;
122 X509_ALGOR_get0(&compoid, NULL, NULL, cd->compressionAlgorithm); 120 X509_ALGOR_get0(&compoid, NULL, NULL, cd->compressionAlgorithm);
123 if (OBJ_obj2nid(compoid) != NID_zlib_compression) { 121 if (OBJ_obj2nid(compoid) != NID_zlib_compression) {
124 CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO, 122 CMSerror(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
125 CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
126 return NULL; 123 return NULL;
127 } 124 }
128 return BIO_new(BIO_f_zlib()); 125 return BIO_new(BIO_f_zlib());
diff --git a/src/lib/libcrypto/cms/cms_dd.c b/src/lib/libcrypto/cms/cms_dd.c
index b9422fab42..ac2fdbb30f 100644
--- a/src/lib/libcrypto/cms/cms_dd.c
+++ b/src/lib/libcrypto/cms/cms_dd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_dd.c,v 1.11 2019/08/10 18:15:52 jsing Exp $ */ 1/* $OpenBSD: cms_dd.c,v 1.12 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -113,7 +113,7 @@ cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
113 CMS_DigestedData *dd; 113 CMS_DigestedData *dd;
114 114
115 if (mctx == NULL) { 115 if (mctx == NULL) {
116 CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL, ERR_R_MALLOC_FAILURE); 116 CMSerror(ERR_R_MALLOC_FAILURE);
117 goto err; 117 goto err;
118 } 118 }
119 119
@@ -127,14 +127,12 @@ cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
127 127
128 if (verify) { 128 if (verify) {
129 if (mdlen != (unsigned int)dd->digest->length) { 129 if (mdlen != (unsigned int)dd->digest->length) {
130 CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL, 130 CMSerror(CMS_R_MESSAGEDIGEST_WRONG_LENGTH);
131 CMS_R_MESSAGEDIGEST_WRONG_LENGTH);
132 goto err; 131 goto err;
133 } 132 }
134 133
135 if (memcmp(md, dd->digest->data, mdlen)) 134 if (memcmp(md, dd->digest->data, mdlen))
136 CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL, 135 CMSerror(CMS_R_VERIFICATION_FAILURE);
137 CMS_R_VERIFICATION_FAILURE);
138 else 136 else
139 r = 1; 137 r = 1;
140 } else { 138 } else {
diff --git a/src/lib/libcrypto/cms/cms_enc.c b/src/lib/libcrypto/cms/cms_enc.c
index b3a00f67fa..a04c831f95 100644
--- a/src/lib/libcrypto/cms/cms_enc.c
+++ b/src/lib/libcrypto/cms/cms_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_enc.c,v 1.14 2019/08/10 18:15:52 jsing Exp $ */ 1/* $OpenBSD: cms_enc.c,v 1.15 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -84,7 +84,7 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
84 84
85 b = BIO_new(BIO_f_cipher()); 85 b = BIO_new(BIO_f_cipher());
86 if (b == NULL) { 86 if (b == NULL) {
87 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE); 87 CMSerror(ERR_R_MALLOC_FAILURE);
88 return NULL; 88 return NULL;
89 } 89 }
90 90
@@ -101,14 +101,13 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
101 ciph = EVP_get_cipherbyobj(calg->algorithm); 101 ciph = EVP_get_cipherbyobj(calg->algorithm);
102 102
103 if (!ciph) { 103 if (!ciph) {
104 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER); 104 CMSerror(CMS_R_UNKNOWN_CIPHER);
105 goto err; 105 goto err;
106 } 106 }
107 } 107 }
108 108
109 if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) { 109 if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
110 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 110 CMSerror(CMS_R_CIPHER_INITIALISATION_ERROR);
111 CMS_R_CIPHER_INITIALISATION_ERROR);
112 goto err; 111 goto err;
113 } 112 }
114 113
@@ -123,8 +122,7 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
123 piv = iv; 122 piv = iv;
124 } 123 }
125 } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) { 124 } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
126 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 125 CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
127 CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
128 goto err; 126 goto err;
129 } 127 }
130 tkeylen = EVP_CIPHER_CTX_key_length(ctx); 128 tkeylen = EVP_CIPHER_CTX_key_length(ctx);
@@ -132,7 +130,7 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
132 if (!enc || !ec->key) { 130 if (!enc || !ec->key) {
133 tkey = OPENSSL_malloc(tkeylen); 131 tkey = OPENSSL_malloc(tkeylen);
134 if (tkey == NULL) { 132 if (tkey == NULL) {
135 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE); 133 CMSerror(ERR_R_MALLOC_FAILURE);
136 goto err; 134 goto err;
137 } 135 }
138 if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0) 136 if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
@@ -158,8 +156,7 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
158 * which may be useful in MMA. 156 * which may be useful in MMA.
159 */ 157 */
160 if (enc || ec->debug) { 158 if (enc || ec->debug) {
161 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 159 CMSerror(CMS_R_INVALID_KEY_LENGTH);
162 CMS_R_INVALID_KEY_LENGTH);
163 goto err; 160 goto err;
164 } else { 161 } else {
165 /* Use random key */ 162 /* Use random key */
@@ -173,19 +170,17 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
173 } 170 }
174 171
175 if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) { 172 if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
176 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 173 CMSerror(CMS_R_CIPHER_INITIALISATION_ERROR);
177 CMS_R_CIPHER_INITIALISATION_ERROR);
178 goto err; 174 goto err;
179 } 175 }
180 if (enc) { 176 if (enc) {
181 calg->parameter = ASN1_TYPE_new(); 177 calg->parameter = ASN1_TYPE_new();
182 if (calg->parameter == NULL) { 178 if (calg->parameter == NULL) {
183 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE); 179 CMSerror(ERR_R_MALLOC_FAILURE);
184 goto err; 180 goto err;
185 } 181 }
186 if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) { 182 if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
187 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 183 CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
188 CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
189 goto err; 184 goto err;
190 } 185 }
191 /* If parameter type not set omit parameter */ 186 /* If parameter type not set omit parameter */
@@ -215,7 +210,7 @@ cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
215 ec->cipher = cipher; 210 ec->cipher = cipher;
216 if (key) { 211 if (key) {
217 if ((ec->key = OPENSSL_malloc(keylen)) == NULL) { 212 if ((ec->key = OPENSSL_malloc(keylen)) == NULL) {
218 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT, ERR_R_MALLOC_FAILURE); 213 CMSerror(ERR_R_MALLOC_FAILURE);
219 return 0; 214 return 0;
220 } 215 }
221 memcpy(ec->key, key, keylen); 216 memcpy(ec->key, key, keylen);
@@ -234,19 +229,19 @@ CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
234 CMS_EncryptedContentInfo *ec; 229 CMS_EncryptedContentInfo *ec;
235 230
236 if (!key || !keylen) { 231 if (!key || !keylen) {
237 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY); 232 CMSerror(CMS_R_NO_KEY);
238 return 0; 233 return 0;
239 } 234 }
240 if (ciph) { 235 if (ciph) {
241 cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData); 236 cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
242 if (!cms->d.encryptedData) { 237 if (!cms->d.encryptedData) {
243 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, ERR_R_MALLOC_FAILURE); 238 CMSerror(ERR_R_MALLOC_FAILURE);
244 return 0; 239 return 0;
245 } 240 }
246 cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted); 241 cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
247 cms->d.encryptedData->version = 0; 242 cms->d.encryptedData->version = 0;
248 } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) { 243 } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
249 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NOT_ENCRYPTED_DATA); 244 CMSerror(CMS_R_NOT_ENCRYPTED_DATA);
250 return 0; 245 return 0;
251 } 246 }
252 ec = cms->d.encryptedData->encryptedContentInfo; 247 ec = cms->d.encryptedData->encryptedContentInfo;
diff --git a/src/lib/libcrypto/cms/cms_env.c b/src/lib/libcrypto/cms/cms_env.c
index fbfbdd98ca..d6bf34c02a 100644
--- a/src/lib/libcrypto/cms/cms_env.c
+++ b/src/lib/libcrypto/cms/cms_env.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_env.c,v 1.16 2019/08/10 18:15:52 jsing Exp $ */ 1/* $OpenBSD: cms_env.c,v 1.17 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -69,8 +69,7 @@ CMS_EnvelopedData *
69cms_get0_enveloped(CMS_ContentInfo *cms) 69cms_get0_enveloped(CMS_ContentInfo *cms)
70{ 70{
71 if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) { 71 if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
72 CMSerr(CMS_F_CMS_GET0_ENVELOPED, 72 CMSerror(CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
73 CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
74 return NULL; 73 return NULL;
75 } 74 }
76 return cms->d.envelopedData; 75 return cms->d.envelopedData;
@@ -82,7 +81,7 @@ cms_enveloped_data_init(CMS_ContentInfo *cms)
82 if (cms->d.other == NULL) { 81 if (cms->d.other == NULL) {
83 cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData); 82 cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData);
84 if (!cms->d.envelopedData) { 83 if (!cms->d.envelopedData) {
85 CMSerr(CMS_F_CMS_ENVELOPED_DATA_INIT, ERR_R_MALLOC_FAILURE); 84 CMSerror(ERR_R_MALLOC_FAILURE);
86 return NULL; 85 return NULL;
87 } 86 }
88 cms->d.envelopedData->version = 0; 87 cms->d.envelopedData->version = 0;
@@ -116,12 +115,11 @@ cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
116 return 1; 115 return 1;
117 i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri); 116 i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri);
118 if (i == -2) { 117 if (i == -2) {
119 CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, 118 CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
120 CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
121 return 0; 119 return 0;
122 } 120 }
123 if (i <= 0) { 121 if (i <= 0) {
124 CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, CMS_R_CTRL_FAILURE); 122 CMSerror(CMS_R_CTRL_FAILURE);
125 return 0; 123 return 0;
126 } 124 }
127 125
@@ -177,7 +175,7 @@ CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
177 175
178 merr: 176 merr:
179 CMS_ContentInfo_free(cms); 177 CMS_ContentInfo_free(cms);
180 CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE); 178 CMSerror(ERR_R_MALLOC_FAILURE);
181 return NULL; 179 return NULL;
182} 180}
183 181
@@ -255,8 +253,7 @@ CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags)
255 253
256 pk = X509_get0_pubkey(recip); 254 pk = X509_get0_pubkey(recip);
257 if (!pk) { 255 if (!pk) {
258 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, 256 CMSerror(CMS_R_ERROR_GETTING_PUBLIC_KEY);
259 CMS_R_ERROR_GETTING_PUBLIC_KEY);
260 goto err; 257 goto err;
261 } 258 }
262 259
@@ -273,8 +270,7 @@ CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags)
273 break; 270 break;
274 271
275 default: 272 default:
276 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, 273 CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
277 CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
278 goto err; 274 goto err;
279 275
280 } 276 }
@@ -285,7 +281,7 @@ CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags)
285 return ri; 281 return ri;
286 282
287 merr: 283 merr:
288 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE); 284 CMSerror(ERR_R_MALLOC_FAILURE);
289 err: 285 err:
290 M_ASN1_free_of(ri, CMS_RecipientInfo); 286 M_ASN1_free_of(ri, CMS_RecipientInfo);
291 return NULL; 287 return NULL;
@@ -298,7 +294,7 @@ CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, EVP_PKEY **pk,
298 CMS_KeyTransRecipientInfo *ktri; 294 CMS_KeyTransRecipientInfo *ktri;
299 295
300 if (ri->type != CMS_RECIPINFO_TRANS) { 296 if (ri->type != CMS_RECIPINFO_TRANS) {
301 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS, CMS_R_NOT_KEY_TRANSPORT); 297 CMSerror(CMS_R_NOT_KEY_TRANSPORT);
302 return 0; 298 return 0;
303 } 299 }
304 300
@@ -321,8 +317,7 @@ CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
321 CMS_KeyTransRecipientInfo *ktri; 317 CMS_KeyTransRecipientInfo *ktri;
322 318
323 if (ri->type != CMS_RECIPINFO_TRANS) { 319 if (ri->type != CMS_RECIPINFO_TRANS) {
324 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID, 320 CMSerror(CMS_R_NOT_KEY_TRANSPORT);
325 CMS_R_NOT_KEY_TRANSPORT);
326 return 0; 321 return 0;
327 } 322 }
328 ktri = ri->d.ktri; 323 ktri = ri->d.ktri;
@@ -334,8 +329,7 @@ int
334CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert) 329CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
335{ 330{
336 if (ri->type != CMS_RECIPINFO_TRANS) { 331 if (ri->type != CMS_RECIPINFO_TRANS) {
337 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP, 332 CMSerror(CMS_R_NOT_KEY_TRANSPORT);
338 CMS_R_NOT_KEY_TRANSPORT);
339 return -2; 333 return -2;
340 } 334 }
341 335
@@ -346,7 +340,7 @@ int
346CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey) 340CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
347{ 341{
348 if (ri->type != CMS_RECIPINFO_TRANS) { 342 if (ri->type != CMS_RECIPINFO_TRANS) {
349 CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, CMS_R_NOT_KEY_TRANSPORT); 343 CMSerror(CMS_R_NOT_KEY_TRANSPORT);
350 return 0; 344 return 0;
351 } 345 }
352 EVP_PKEY_free(ri->d.ktri->pkey); 346 EVP_PKEY_free(ri->d.ktri->pkey);
@@ -369,7 +363,7 @@ cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
369 int ret = 0; 363 int ret = 0;
370 364
371 if (ri->type != CMS_RECIPINFO_TRANS) { 365 if (ri->type != CMS_RECIPINFO_TRANS) {
372 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_NOT_KEY_TRANSPORT); 366 CMSerror(CMS_R_NOT_KEY_TRANSPORT);
373 return 0; 367 return 0;
374 } 368 }
375 ktri = ri->d.ktri; 369 ktri = ri->d.ktri;
@@ -391,7 +385,7 @@ cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
391 385
392 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT, 386 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
393 EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) { 387 EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) {
394 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR); 388 CMSerror(CMS_R_CTRL_ERROR);
395 goto err; 389 goto err;
396 } 390 }
397 391
@@ -401,7 +395,7 @@ cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
401 ek = OPENSSL_malloc(eklen); 395 ek = OPENSSL_malloc(eklen);
402 396
403 if (ek == NULL) { 397 if (ek == NULL) {
404 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, ERR_R_MALLOC_FAILURE); 398 CMSerror(ERR_R_MALLOC_FAILURE);
405 goto err; 399 goto err;
406 } 400 }
407 401
@@ -436,7 +430,7 @@ cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
436 ec = cms->d.envelopedData->encryptedContentInfo; 430 ec = cms->d.envelopedData->encryptedContentInfo;
437 431
438 if (ktri->pkey == NULL) { 432 if (ktri->pkey == NULL) {
439 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_NO_PRIVATE_KEY); 433 CMSerror(CMS_R_NO_PRIVATE_KEY);
440 return 0; 434 return 0;
441 } 435 }
442 436
@@ -452,7 +446,7 @@ cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
452 446
453 if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT, 447 if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT,
454 EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) { 448 EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) {
455 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR); 449 CMSerror(CMS_R_CTRL_ERROR);
456 goto err; 450 goto err;
457 } 451 }
458 452
@@ -463,13 +457,13 @@ cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
463 ek = OPENSSL_malloc(eklen); 457 ek = OPENSSL_malloc(eklen);
464 458
465 if (ek == NULL) { 459 if (ek == NULL) {
466 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, ERR_R_MALLOC_FAILURE); 460 CMSerror(ERR_R_MALLOC_FAILURE);
467 goto err; 461 goto err;
468 } 462 }
469 463
470 if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen, ktri->encryptedKey->data, 464 if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen, ktri->encryptedKey->data,
471 ktri->encryptedKey->length) <= 0) { 465 ktri->encryptedKey->length) <= 0) {
472 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB); 466 CMSerror(CMS_R_CMS_LIB);
473 goto err; 467 goto err;
474 } 468 }
475 469
@@ -498,7 +492,7 @@ CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, const unsigned char *id,
498 CMS_KEKRecipientInfo *kekri; 492 CMS_KEKRecipientInfo *kekri;
499 493
500 if (ri->type != CMS_RECIPINFO_KEK) { 494 if (ri->type != CMS_RECIPINFO_KEK) {
501 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, CMS_R_NOT_KEK); 495 CMSerror(CMS_R_NOT_KEK);
502 return -2; 496 return -2;
503 } 497 }
504 kekri = ri->d.kekri; 498 kekri = ri->d.kekri;
@@ -558,7 +552,7 @@ CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key,
558 break; 552 break;
559 553
560 default: 554 default:
561 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH); 555 CMSerror(CMS_R_INVALID_KEY_LENGTH);
562 goto err; 556 goto err;
563 } 557 }
564 558
@@ -567,13 +561,12 @@ CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key,
567 size_t exp_keylen = aes_wrap_keylen(nid); 561 size_t exp_keylen = aes_wrap_keylen(nid);
568 562
569 if (!exp_keylen) { 563 if (!exp_keylen) {
570 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, 564 CMSerror(CMS_R_UNSUPPORTED_KEK_ALGORITHM);
571 CMS_R_UNSUPPORTED_KEK_ALGORITHM);
572 goto err; 565 goto err;
573 } 566 }
574 567
575 if (keylen != exp_keylen) { 568 if (keylen != exp_keylen) {
576 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH); 569 CMSerror(CMS_R_INVALID_KEY_LENGTH);
577 goto err; 570 goto err;
578 } 571 }
579 572
@@ -622,7 +615,7 @@ CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key,
622 return ri; 615 return ri;
623 616
624 merr: 617 merr:
625 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE); 618 CMSerror(ERR_R_MALLOC_FAILURE);
626 err: 619 err:
627 M_ASN1_free_of(ri, CMS_RecipientInfo); 620 M_ASN1_free_of(ri, CMS_RecipientInfo);
628 return NULL; 621 return NULL;
@@ -636,7 +629,7 @@ CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
636 CMS_KEKIdentifier *rkid; 629 CMS_KEKIdentifier *rkid;
637 630
638 if (ri->type != CMS_RECIPINFO_KEK) { 631 if (ri->type != CMS_RECIPINFO_KEK) {
639 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK); 632 CMSerror(CMS_R_NOT_KEK);
640 return 0; 633 return 0;
641 } 634 }
642 rkid = ri->d.kekri->kekid; 635 rkid = ri->d.kekri->kekid;
@@ -669,7 +662,7 @@ CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key,
669 CMS_KEKRecipientInfo *kekri; 662 CMS_KEKRecipientInfo *kekri;
670 663
671 if (ri->type != CMS_RECIPINFO_KEK) { 664 if (ri->type != CMS_RECIPINFO_KEK) {
672 CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_KEY, CMS_R_NOT_KEK); 665 CMSerror(CMS_R_NOT_KEK);
673 return 0; 666 return 0;
674 } 667 }
675 668
@@ -695,25 +688,24 @@ cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
695 kekri = ri->d.kekri; 688 kekri = ri->d.kekri;
696 689
697 if (!kekri->key) { 690 if (!kekri->key) {
698 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_KEY); 691 CMSerror(CMS_R_NO_KEY);
699 return 0; 692 return 0;
700 } 693 }
701 694
702 if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) { 695 if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
703 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, 696 CMSerror(CMS_R_ERROR_SETTING_KEY);
704 CMS_R_ERROR_SETTING_KEY);
705 goto err; 697 goto err;
706 } 698 }
707 699
708 wkey = OPENSSL_malloc(ec->keylen + 8); 700 wkey = OPENSSL_malloc(ec->keylen + 8);
709 if (wkey == NULL) { 701 if (wkey == NULL) {
710 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, ERR_R_MALLOC_FAILURE); 702 CMSerror(ERR_R_MALLOC_FAILURE);
711 goto err; 703 goto err;
712 } 704 }
713 705
714 wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen); 706 wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen);
715 if (wkeylen <= 0) { 707 if (wkeylen <= 0) {
716 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR); 708 CMSerror(CMS_R_WRAP_ERROR);
717 goto err; 709 goto err;
718 } 710 }
719 711
@@ -745,34 +737,31 @@ cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
745 kekri = ri->d.kekri; 737 kekri = ri->d.kekri;
746 738
747 if (!kekri->key) { 739 if (!kekri->key) {
748 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_KEY); 740 CMSerror(CMS_R_NO_KEY);
749 return 0; 741 return 0;
750 } 742 }
751 743
752 wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm); 744 wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm);
753 if (aes_wrap_keylen(wrap_nid) != kekri->keylen) { 745 if (aes_wrap_keylen(wrap_nid) != kekri->keylen) {
754 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, 746 CMSerror(CMS_R_INVALID_KEY_LENGTH);
755 CMS_R_INVALID_KEY_LENGTH);
756 return 0; 747 return 0;
757 } 748 }
758 749
759 /* If encrypted key length is invalid don't bother */ 750 /* If encrypted key length is invalid don't bother */
760 751
761 if (kekri->encryptedKey->length < 16) { 752 if (kekri->encryptedKey->length < 16) {
762 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, 753 CMSerror(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
763 CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
764 goto err; 754 goto err;
765 } 755 }
766 756
767 if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) { 757 if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
768 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, 758 CMSerror(CMS_R_ERROR_SETTING_KEY);
769 CMS_R_ERROR_SETTING_KEY);
770 goto err; 759 goto err;
771 } 760 }
772 761
773 ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8); 762 ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8);
774 if (ukey == NULL) { 763 if (ukey == NULL) {
775 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, ERR_R_MALLOC_FAILURE); 764 CMSerror(ERR_R_MALLOC_FAILURE);
776 goto err; 765 goto err;
777 } 766 }
778 767
@@ -780,7 +769,7 @@ cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
780 kekri->encryptedKey->length); 769 kekri->encryptedKey->length);
781 770
782 if (ukeylen <= 0) { 771 if (ukeylen <= 0) {
783 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_UNWRAP_ERROR); 772 CMSerror(CMS_R_UNWRAP_ERROR);
784 goto err; 773 goto err;
785 } 774 }
786 775
@@ -812,8 +801,7 @@ CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
812 return cms_RecipientInfo_pwri_crypt(cms, ri, 0); 801 return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
813 802
814 default: 803 default:
815 CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT, 804 CMSerror(CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE);
816 CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE);
817 return 0; 805 return 0;
818 } 806 }
819} 807}
@@ -835,8 +823,7 @@ CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
835 return cms_RecipientInfo_pwri_crypt(cms, ri, 1); 823 return cms_RecipientInfo_pwri_crypt(cms, ri, 1);
836 824
837 default: 825 default:
838 CMSerr(CMS_F_CMS_RECIPIENTINFO_ENCRYPT, 826 CMSerror(CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
839 CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
840 return 0; 827 return 0;
841 } 828 }
842} 829}
@@ -935,8 +922,7 @@ cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
935 for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) { 922 for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
936 ri = sk_CMS_RecipientInfo_value(rinfos, i); 923 ri = sk_CMS_RecipientInfo_value(rinfos, i);
937 if (CMS_RecipientInfo_encrypt(cms, ri) <= 0) { 924 if (CMS_RecipientInfo_encrypt(cms, ri) <= 0) {
938 CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO, 925 CMSerror(CMS_R_ERROR_SETTING_RECIPIENTINFO);
939 CMS_R_ERROR_SETTING_RECIPIENTINFO);
940 goto err; 926 goto err;
941 } 927 }
942 } 928 }
diff --git a/src/lib/libcrypto/cms/cms_ess.c b/src/lib/libcrypto/cms/cms_ess.c
index 5f0ab4995b..1d3f092ae8 100644
--- a/src/lib/libcrypto/cms/cms_ess.c
+++ b/src/lib/libcrypto/cms/cms_ess.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_ess.c,v 1.15 2019/08/11 10:15:30 jsing Exp $ */ 1/* $OpenBSD: cms_ess.c,v 1.16 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -145,7 +145,7 @@ CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst,
145 return rr; 145 return rr;
146 146
147 merr: 147 merr:
148 CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE); 148 CMSerror(ERR_R_MALLOC_FAILURE);
149 149
150 err: 150 err:
151 CMS_ReceiptRequest_free(rr); 151 CMS_ReceiptRequest_free(rr);
@@ -170,7 +170,7 @@ CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
170 170
171 merr: 171 merr:
172 if (!r) 172 if (!r)
173 CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE); 173 CMSerror(ERR_R_MALLOC_FAILURE);
174 174
175 OPENSSL_free(rrder); 175 OPENSSL_free(rrder);
176 176
@@ -225,12 +225,12 @@ cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
225 unsigned int diglen; 225 unsigned int diglen;
226 226
227 if (!cms_msgSigDigest(src, dig, &diglen)) { 227 if (!cms_msgSigDigest(src, dig, &diglen)) {
228 CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR); 228 CMSerror(CMS_R_MSGSIGDIGEST_ERROR);
229 return 0; 229 return 0;
230 } 230 }
231 if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest, 231 if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
232 V_ASN1_OCTET_STRING, dig, diglen)) { 232 V_ASN1_OCTET_STRING, dig, diglen)) {
233 CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE); 233 CMSerror(ERR_R_MALLOC_FAILURE);
234 return 0; 234 return 0;
235 } 235 }
236 236
@@ -259,27 +259,27 @@ cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
259 goto err; 259 goto err;
260 260
261 if (sk_CMS_SignerInfo_num(sis) != 1) { 261 if (sk_CMS_SignerInfo_num(sis) != 1) {
262 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER); 262 CMSerror(CMS_R_NEED_ONE_SIGNER);
263 goto err; 263 goto err;
264 } 264 }
265 265
266 /* Check receipt content type */ 266 /* Check receipt content type */
267 if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) { 267 if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
268 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT); 268 CMSerror(CMS_R_NOT_A_SIGNED_RECEIPT);
269 goto err; 269 goto err;
270 } 270 }
271 271
272 /* Extract and decode receipt content */ 272 /* Extract and decode receipt content */
273 pcont = CMS_get0_content(cms); 273 pcont = CMS_get0_content(cms);
274 if (!pcont || !*pcont) { 274 if (!pcont || !*pcont) {
275 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT); 275 CMSerror(CMS_R_NO_CONTENT);
276 goto err; 276 goto err;
277 } 277 }
278 278
279 rct = ASN1_item_unpack(*pcont, &CMS_Receipt_it); 279 rct = ASN1_item_unpack(*pcont, &CMS_Receipt_it);
280 280
281 if (!rct) { 281 if (!rct) {
282 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR); 282 CMSerror(CMS_R_RECEIPT_DECODE_ERROR);
283 goto err; 283 goto err;
284 } 284 }
285 285
@@ -292,7 +292,7 @@ cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
292 } 292 }
293 293
294 if (i == sk_CMS_SignerInfo_num(osis)) { 294 if (i == sk_CMS_SignerInfo_num(osis)) {
295 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE); 295 CMSerror(CMS_R_NO_MATCHING_SIGNATURE);
296 goto err; 296 goto err;
297 } 297 }
298 298
@@ -304,23 +304,22 @@ cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
304 OBJ_nid2obj(NID_id_smime_aa_msgSigDigest), -3, V_ASN1_OCTET_STRING); 304 OBJ_nid2obj(NID_id_smime_aa_msgSigDigest), -3, V_ASN1_OCTET_STRING);
305 305
306 if (!msig) { 306 if (!msig) {
307 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST); 307 CMSerror(CMS_R_NO_MSGSIGDIGEST);
308 goto err; 308 goto err;
309 } 309 }
310 310
311 if (!cms_msgSigDigest(osi, dig, &diglen)) { 311 if (!cms_msgSigDigest(osi, dig, &diglen)) {
312 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR); 312 CMSerror(CMS_R_MSGSIGDIGEST_ERROR);
313 goto err; 313 goto err;
314 } 314 }
315 315
316 if (diglen != (unsigned int)msig->length) { 316 if (diglen != (unsigned int)msig->length) {
317 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH); 317 CMSerror(CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
318 goto err; 318 goto err;
319 } 319 }
320 320
321 if (memcmp(dig, msig->data, diglen)) { 321 if (memcmp(dig, msig->data, diglen)) {
322 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, 322 CMSerror(CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
323 CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
324 goto err; 323 goto err;
325 } 324 }
326 325
@@ -329,27 +328,27 @@ cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
329 octype = CMS_signed_get0_data_by_OBJ(osi, 328 octype = CMS_signed_get0_data_by_OBJ(osi,
330 OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT); 329 OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
331 if (!octype) { 330 if (!octype) {
332 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE); 331 CMSerror(CMS_R_NO_CONTENT_TYPE);
333 goto err; 332 goto err;
334 } 333 }
335 334
336 /* Compare details in receipt request */ 335 /* Compare details in receipt request */
337 336
338 if (OBJ_cmp(octype, rct->contentType)) { 337 if (OBJ_cmp(octype, rct->contentType)) {
339 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH); 338 CMSerror(CMS_R_CONTENT_TYPE_MISMATCH);
340 goto err; 339 goto err;
341 } 340 }
342 341
343 /* Get original receipt request details */ 342 /* Get original receipt request details */
344 343
345 if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) { 344 if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
346 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST); 345 CMSerror(CMS_R_NO_RECEIPT_REQUEST);
347 goto err; 346 goto err;
348 } 347 }
349 348
350 if (ASN1_STRING_cmp(rr->signedContentIdentifier, 349 if (ASN1_STRING_cmp(rr->signedContentIdentifier,
351 rct->signedContentIdentifier)) { 350 rct->signedContentIdentifier)) {
352 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH); 351 CMSerror(CMS_R_CONTENTIDENTIFIER_MISMATCH);
353 goto err; 352 goto err;
354 } 353 }
355 354
@@ -379,7 +378,7 @@ cms_encode_Receipt(CMS_SignerInfo *si)
379 /* Get original receipt request details */ 378 /* Get original receipt request details */
380 379
381 if (CMS_get1_ReceiptRequest(si, &rr) <= 0) { 380 if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
382 CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST); 381 CMSerror(CMS_R_NO_RECEIPT_REQUEST);
383 goto err; 382 goto err;
384 } 383 }
385 384
@@ -388,7 +387,7 @@ cms_encode_Receipt(CMS_SignerInfo *si)
388 ctype = CMS_signed_get0_data_by_OBJ(si, 387 ctype = CMS_signed_get0_data_by_OBJ(si,
389 OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT); 388 OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
390 if (!ctype) { 389 if (!ctype) {
391 CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE); 390 CMSerror(CMS_R_NO_CONTENT_TYPE);
392 goto err; 391 goto err;
393 } 392 }
394 393
diff --git a/src/lib/libcrypto/cms/cms_io.c b/src/lib/libcrypto/cms/cms_io.c
index 6eba856867..4466d6acf2 100644
--- a/src/lib/libcrypto/cms/cms_io.c
+++ b/src/lib/libcrypto/cms/cms_io.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_io.c,v 1.10 2019/08/11 10:15:30 jsing Exp $ */ 1/* $OpenBSD: cms_io.c,v 1.11 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -75,7 +75,7 @@ CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
75 *boundary = &(*pos)->data; 75 *boundary = &(*pos)->data;
76 return 1; 76 return 1;
77 } 77 }
78 CMSerr(CMS_F_CMS_STREAM, ERR_R_MALLOC_FAILURE); 78 CMSerror(ERR_R_MALLOC_FAILURE);
79 return 0; 79 return 0;
80} 80}
81 81
diff --git a/src/lib/libcrypto/cms/cms_kari.c b/src/lib/libcrypto/cms/cms_kari.c
index 3605baac41..e1f22cc43a 100644
--- a/src/lib/libcrypto/cms/cms_kari.c
+++ b/src/lib/libcrypto/cms/cms_kari.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_kari.c,v 1.6 2019/08/10 18:15:52 jsing Exp $ */ 1/* $OpenBSD: cms_kari.c,v 1.7 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -69,8 +69,7 @@ CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, X509_ALGOR **palg,
69 ASN1_OCTET_STRING **pukm) 69 ASN1_OCTET_STRING **pukm)
70{ 70{
71 if (ri->type != CMS_RECIPINFO_AGREE) { 71 if (ri->type != CMS_RECIPINFO_AGREE) {
72 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG, 72 CMSerror(CMS_R_NOT_KEY_AGREEMENT);
73 CMS_R_NOT_KEY_AGREEMENT);
74 return 0; 73 return 0;
75 } 74 }
76 if (palg) 75 if (palg)
@@ -87,8 +86,7 @@ STACK_OF(CMS_RecipientEncryptedKey) *
87CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri) 86CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri)
88{ 87{
89 if (ri->type != CMS_RECIPINFO_AGREE) { 88 if (ri->type != CMS_RECIPINFO_AGREE) {
90 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS, 89 CMSerror(CMS_R_NOT_KEY_AGREEMENT);
91 CMS_R_NOT_KEY_AGREEMENT);
92 return NULL; 90 return NULL;
93 } 91 }
94 return ri->d.kari->recipientEncryptedKeys; 92 return ri->d.kari->recipientEncryptedKeys;
@@ -102,8 +100,7 @@ CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, X509_ALGOR **pubalg,
102 CMS_OriginatorIdentifierOrKey *oik; 100 CMS_OriginatorIdentifierOrKey *oik;
103 101
104 if (ri->type != CMS_RECIPINFO_AGREE) { 102 if (ri->type != CMS_RECIPINFO_AGREE) {
105 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID, 103 CMSerror(CMS_R_NOT_KEY_AGREEMENT);
106 CMS_R_NOT_KEY_AGREEMENT);
107 return 0; 104 return 0;
108 } 105 }
109 oik = ri->d.kari->originator; 106 oik = ri->d.kari->originator;
@@ -142,8 +139,7 @@ CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
142 CMS_OriginatorIdentifierOrKey *oik; 139 CMS_OriginatorIdentifierOrKey *oik;
143 140
144 if (ri->type != CMS_RECIPINFO_AGREE) { 141 if (ri->type != CMS_RECIPINFO_AGREE) {
145 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP, 142 CMSerror(CMS_R_NOT_KEY_AGREEMENT);
146 CMS_R_NOT_KEY_AGREEMENT);
147 return -2; 143 return -2;
148 } 144 }
149 oik = ri->d.kari->originator; 145 oik = ri->d.kari->originator;
@@ -439,7 +435,7 @@ cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
439 int i; 435 int i;
440 436
441 if (ri->type != CMS_RECIPINFO_AGREE) { 437 if (ri->type != CMS_RECIPINFO_AGREE) {
442 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, CMS_R_NOT_KEY_AGREEMENT); 438 CMSerror(CMS_R_NOT_KEY_AGREEMENT);
443 return 0; 439 return 0;
444 } 440 }
445 kari = ri->d.kari; 441 kari = ri->d.kari;
diff --git a/src/lib/libcrypto/cms/cms_lib.c b/src/lib/libcrypto/cms/cms_lib.c
index 7f02d6daae..b022d19d4b 100644
--- a/src/lib/libcrypto/cms/cms_lib.c
+++ b/src/lib/libcrypto/cms/cms_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_lib.c,v 1.11 2019/08/11 10:15:30 jsing Exp $ */ 1/* $OpenBSD: cms_lib.c,v 1.12 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -144,7 +144,7 @@ CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
144 else 144 else
145 cont = cms_content_bio(cms); 145 cont = cms_content_bio(cms);
146 if (!cont) { 146 if (!cont) {
147 CMSerr(CMS_F_CMS_DATAINIT, CMS_R_NO_CONTENT); 147 CMSerror(CMS_R_NO_CONTENT);
148 return NULL; 148 return NULL;
149 } 149 }
150 switch (OBJ_obj2nid(cms->contentType)) { 150 switch (OBJ_obj2nid(cms->contentType)) {
@@ -174,7 +174,7 @@ CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
174 break; 174 break;
175 175
176 default: 176 default:
177 CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE); 177 CMSerror(CMS_R_UNSUPPORTED_TYPE);
178 return NULL; 178 return NULL;
179 } 179 }
180 180
@@ -201,7 +201,7 @@ CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
201 long contlen; 201 long contlen;
202 mbio = BIO_find_type(cmsbio, BIO_TYPE_MEM); 202 mbio = BIO_find_type(cmsbio, BIO_TYPE_MEM);
203 if (!mbio) { 203 if (!mbio) {
204 CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_CONTENT_NOT_FOUND); 204 CMSerror(CMS_R_CONTENT_NOT_FOUND);
205 return 0; 205 return 0;
206 } 206 }
207 contlen = BIO_get_mem_data(mbio, &cont); 207 contlen = BIO_get_mem_data(mbio, &cont);
@@ -228,7 +228,7 @@ CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
228 return cms_DigestedData_do_final(cms, cmsbio, 0); 228 return cms_DigestedData_do_final(cms, cmsbio, 0);
229 229
230 default: 230 default:
231 CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_UNSUPPORTED_TYPE); 231 CMSerror(CMS_R_UNSUPPORTED_TYPE);
232 return 0; 232 return 0;
233 } 233 }
234} 234}
@@ -266,7 +266,7 @@ CMS_get0_content(CMS_ContentInfo *cms)
266 default: 266 default:
267 if (cms->d.other->type == V_ASN1_OCTET_STRING) 267 if (cms->d.other->type == V_ASN1_OCTET_STRING)
268 return &cms->d.other->value.octet_string; 268 return &cms->d.other->value.octet_string;
269 CMSerr(CMS_F_CMS_GET0_CONTENT, CMS_R_UNSUPPORTED_CONTENT_TYPE); 269 CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE);
270 return NULL; 270 return NULL;
271 } 271 }
272} 272}
@@ -299,7 +299,7 @@ cms_get0_econtent_type(CMS_ContentInfo *cms)
299 return &cms->d.compressedData->encapContentInfo->eContentType; 299 return &cms->d.compressedData->encapContentInfo->eContentType;
300 300
301 default: 301 default:
302 CMSerr(CMS_F_CMS_GET0_ECONTENT_TYPE, CMS_R_UNSUPPORTED_CONTENT_TYPE); 302 CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE);
303 return NULL; 303 return NULL;
304 } 304 }
305} 305}
@@ -371,7 +371,7 @@ CMS_set_detached(CMS_ContentInfo *cms, int detached)
371 (*pos)->flags |= ASN1_STRING_FLAG_CONT; 371 (*pos)->flags |= ASN1_STRING_FLAG_CONT;
372 return 1; 372 return 1;
373 } 373 }
374 CMSerr(CMS_F_CMS_SET_DETACHED, ERR_R_MALLOC_FAILURE); 374 CMSerror(ERR_R_MALLOC_FAILURE);
375 375
376 return 0; 376 return 0;
377} 377}
@@ -388,13 +388,12 @@ cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
388 X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm); 388 X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
389 digest = EVP_get_digestbyobj(digestoid); 389 digest = EVP_get_digestbyobj(digestoid);
390 if (!digest) { 390 if (!digest) {
391 CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, 391 CMSerror(CMS_R_UNKNOWN_DIGEST_ALGORITHM);
392 CMS_R_UNKNOWN_DIGEST_ALGORITHM);
393 goto err; 392 goto err;
394 } 393 }
395 mdbio = BIO_new(BIO_f_md()); 394 mdbio = BIO_new(BIO_f_md());
396 if (mdbio == NULL || !BIO_set_md(mdbio, digest)) { 395 if (mdbio == NULL || !BIO_set_md(mdbio, digest)) {
397 CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, CMS_R_MD_BIO_INIT_ERROR); 396 CMSerror(CMS_R_MD_BIO_INIT_ERROR);
398 goto err; 397 goto err;
399 } 398 }
400 return mdbio; 399 return mdbio;
@@ -420,8 +419,7 @@ cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, X509_ALGOR *mdalg)
420 EVP_MD_CTX *mtmp; 419 EVP_MD_CTX *mtmp;
421 chain = BIO_find_type(chain, BIO_TYPE_MD); 420 chain = BIO_find_type(chain, BIO_TYPE_MD);
422 if (chain == NULL) { 421 if (chain == NULL) {
423 CMSerr(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX, 422 CMSerror(CMS_R_NO_MATCHING_DIGEST);
424 CMS_R_NO_MATCHING_DIGEST);
425 return 0; 423 return 0;
426 } 424 }
427 BIO_get_md_ctx(chain, &mtmp); 425 BIO_get_md_ctx(chain, &mtmp);
@@ -449,8 +447,7 @@ cms_get0_certificate_choices(CMS_ContentInfo *cms)
449 return &cms->d.envelopedData->originatorInfo->certificates; 447 return &cms->d.envelopedData->originatorInfo->certificates;
450 448
451 default: 449 default:
452 CMSerr(CMS_F_CMS_GET0_CERTIFICATE_CHOICES, 450 CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE);
453 CMS_R_UNSUPPORTED_CONTENT_TYPE);
454 return NULL; 451 return NULL;
455 } 452 }
456} 453}
@@ -493,8 +490,7 @@ CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert)
493 cch = sk_CMS_CertificateChoices_value(*pcerts, i); 490 cch = sk_CMS_CertificateChoices_value(*pcerts, i);
494 if (cch->type == CMS_CERTCHOICE_CERT) { 491 if (cch->type == CMS_CERTCHOICE_CERT) {
495 if (!X509_cmp(cch->d.certificate, cert)) { 492 if (!X509_cmp(cch->d.certificate, cert)) {
496 CMSerr(CMS_F_CMS_ADD0_CERT, 493 CMSerror(CMS_R_CERTIFICATE_ALREADY_PRESENT);
497 CMS_R_CERTIFICATE_ALREADY_PRESENT);
498 return 0; 494 return 0;
499 } 495 }
500 } 496 }
@@ -533,8 +529,7 @@ cms_get0_revocation_choices(CMS_ContentInfo *cms)
533 return &cms->d.envelopedData->originatorInfo->crls; 529 return &cms->d.envelopedData->originatorInfo->crls;
534 530
535 default: 531 default:
536 CMSerr(CMS_F_CMS_GET0_REVOCATION_CHOICES, 532 CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE);
537 CMS_R_UNSUPPORTED_CONTENT_TYPE);
538 return NULL; 533 return NULL;
539 } 534 }
540} 535}
@@ -689,7 +684,7 @@ cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
689 684
690 err: 685 err:
691 M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber); 686 M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber);
692 CMSerr(CMS_F_CMS_SET1_IAS, ERR_R_MALLOC_FAILURE); 687 CMSerror(ERR_R_MALLOC_FAILURE);
693 688
694 return 0; 689 return 0;
695} 690}
@@ -702,12 +697,12 @@ cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
702 697
703 cert_keyid = X509_get0_subject_key_id(cert); 698 cert_keyid = X509_get0_subject_key_id(cert);
704 if (cert_keyid == NULL) { 699 if (cert_keyid == NULL) {
705 CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID); 700 CMSerror(CMS_R_CERTIFICATE_HAS_NO_KEYID);
706 return 0; 701 return 0;
707 } 702 }
708 keyid = ASN1_STRING_dup(cert_keyid); 703 keyid = ASN1_STRING_dup(cert_keyid);
709 if (!keyid) { 704 if (!keyid) {
710 CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE); 705 CMSerror(ERR_R_MALLOC_FAILURE);
711 return 0; 706 return 0;
712 } 707 }
713 ASN1_OCTET_STRING_free(*pkeyid); 708 ASN1_OCTET_STRING_free(*pkeyid);
diff --git a/src/lib/libcrypto/cms/cms_pwri.c b/src/lib/libcrypto/cms/cms_pwri.c
index a3251f58b7..dd66541409 100644
--- a/src/lib/libcrypto/cms/cms_pwri.c
+++ b/src/lib/libcrypto/cms/cms_pwri.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_pwri.c,v 1.19 2019/08/11 10:15:30 jsing Exp $ */ 1/* $OpenBSD: cms_pwri.c,v 1.20 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -70,7 +70,7 @@ CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass,
70 CMS_PasswordRecipientInfo *pwri; 70 CMS_PasswordRecipientInfo *pwri;
71 71
72 if (ri->type != CMS_RECIPINFO_PASS) { 72 if (ri->type != CMS_RECIPINFO_PASS) {
73 CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI); 73 CMSerror(CMS_R_NOT_PWRI);
74 return 0; 74 return 0;
75 } 75 }
76 76
@@ -111,12 +111,11 @@ CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, int wrap_nid,
111 kekciph = env->encryptedContentInfo->cipher; 111 kekciph = env->encryptedContentInfo->cipher;
112 112
113 if (kekciph == NULL) { 113 if (kekciph == NULL) {
114 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER); 114 CMSerror(CMS_R_NO_CIPHER);
115 return NULL; 115 return NULL;
116 } 116 }
117 if (wrap_nid != NID_id_alg_PWRI_KEK) { 117 if (wrap_nid != NID_id_alg_PWRI_KEK) {
118 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, 118 CMSerror(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
119 CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
120 return NULL; 119 return NULL;
121 } 120 }
122 121
@@ -128,7 +127,7 @@ CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, int wrap_nid,
128 ctx = EVP_CIPHER_CTX_new(); 127 ctx = EVP_CIPHER_CTX_new();
129 128
130 if (EVP_EncryptInit_ex(ctx, kekciph, NULL, NULL, NULL) <= 0) { 129 if (EVP_EncryptInit_ex(ctx, kekciph, NULL, NULL, NULL) <= 0) {
131 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB); 130 CMSerror(ERR_R_EVP_LIB);
132 goto err; 131 goto err;
133 } 132 }
134 133
@@ -138,17 +137,16 @@ CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, int wrap_nid,
138 if (RAND_bytes(iv, ivlen) <= 0) 137 if (RAND_bytes(iv, ivlen) <= 0)
139 goto err; 138 goto err;
140 if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) { 139 if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) {
141 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB); 140 CMSerror(ERR_R_EVP_LIB);
142 goto err; 141 goto err;
143 } 142 }
144 encalg->parameter = ASN1_TYPE_new(); 143 encalg->parameter = ASN1_TYPE_new();
145 if (!encalg->parameter) { 144 if (!encalg->parameter) {
146 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE); 145 CMSerror(ERR_R_MALLOC_FAILURE);
147 goto err; 146 goto err;
148 } 147 }
149 if (EVP_CIPHER_param_to_asn1(ctx, encalg->parameter) <= 0) { 148 if (EVP_CIPHER_param_to_asn1(ctx, encalg->parameter) <= 0) {
150 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, 149 CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
151 CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
152 goto err; 150 goto err;
153 } 151 }
154 } 152 }
@@ -203,7 +201,7 @@ CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, int wrap_nid,
203 return ri; 201 return ri;
204 202
205 merr: 203 merr:
206 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE); 204 CMSerror(ERR_R_MALLOC_FAILURE);
207 err: 205 err:
208 EVP_CIPHER_CTX_free(ctx); 206 EVP_CIPHER_CTX_free(ctx);
209 if (ri) 207 if (ri)
@@ -235,7 +233,7 @@ kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in,
235 return 0; 233 return 0;
236 } 234 }
237 if ((tmp = OPENSSL_malloc(inlen)) == NULL) { 235 if ((tmp = OPENSSL_malloc(inlen)) == NULL) {
238 CMSerr(CMS_F_KEK_UNWRAP_KEY, ERR_R_MALLOC_FAILURE); 236 CMSerror(ERR_R_MALLOC_FAILURE);
239 return 0; 237 return 0;
240 } 238 }
241 239
@@ -339,14 +337,13 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
339 pwri = ri->d.pwri; 337 pwri = ri->d.pwri;
340 338
341 if (!pwri->pass) { 339 if (!pwri->pass) {
342 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD); 340 CMSerror(CMS_R_NO_PASSWORD);
343 return 0; 341 return 0;
344 } 342 }
345 algtmp = pwri->keyEncryptionAlgorithm; 343 algtmp = pwri->keyEncryptionAlgorithm;
346 344
347 if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) { 345 if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
348 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, 346 CMSerror(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
349 CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
350 return 0; 347 return 0;
351 } 348 }
352 349
@@ -354,20 +351,19 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
354 algtmp->parameter); 351 algtmp->parameter);
355 352
356 if (kekalg == NULL) { 353 if (kekalg == NULL) {
357 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, 354 CMSerror(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
358 CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
359 return 0; 355 return 0;
360 } 356 }
361 357
362 kekcipher = EVP_get_cipherbyobj(kekalg->algorithm); 358 kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
363 if (!kekcipher) { 359 if (!kekcipher) {
364 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER); 360 CMSerror(CMS_R_UNKNOWN_CIPHER);
365 return 0; 361 return 0;
366 } 362 }
367 363
368 kekctx = EVP_CIPHER_CTX_new(); 364 kekctx = EVP_CIPHER_CTX_new();
369 if (kekctx == NULL) { 365 if (kekctx == NULL) {
370 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE); 366 CMSerror(ERR_R_MALLOC_FAILURE);
371 return 0; 367 return 0;
372 } 368 }
373 /* Fixup cipher based on AlgorithmIdentifier to set IV etc */ 369 /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
@@ -375,8 +371,7 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
375 goto err; 371 goto err;
376 EVP_CIPHER_CTX_set_padding(kekctx, 0); 372 EVP_CIPHER_CTX_set_padding(kekctx, 0);
377 if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) { 373 if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) {
378 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, 374 CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
379 CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
380 goto err; 375 goto err;
381 } 376 }
382 377
@@ -386,7 +381,7 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
386 381
387 if (EVP_PBE_CipherInit(algtmp->algorithm, (char *)pwri->pass, 382 if (EVP_PBE_CipherInit(algtmp->algorithm, (char *)pwri->pass,
388 pwri->passlen, algtmp->parameter, kekctx, en_de) < 0) { 383 pwri->passlen, algtmp->parameter, kekctx, en_de) < 0) {
389 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB); 384 CMSerror(ERR_R_EVP_LIB);
390 goto err; 385 goto err;
391 } 386 }
392 387
@@ -407,12 +402,12 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
407 } else { 402 } else {
408 key = OPENSSL_malloc(pwri->encryptedKey->length); 403 key = OPENSSL_malloc(pwri->encryptedKey->length);
409 if (key == NULL) { 404 if (key == NULL) {
410 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE); 405 CMSerror(ERR_R_MALLOC_FAILURE);
411 goto err; 406 goto err;
412 } 407 }
413 if (!kek_unwrap_key(key, &keylen, pwri->encryptedKey->data, 408 if (!kek_unwrap_key(key, &keylen, pwri->encryptedKey->data,
414 pwri->encryptedKey->length, kekctx)) { 409 pwri->encryptedKey->length, kekctx)) {
415 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNWRAP_FAILURE); 410 CMSerror(CMS_R_UNWRAP_FAILURE);
416 goto err; 411 goto err;
417 } 412 }
418 413
diff --git a/src/lib/libcrypto/cms/cms_sd.c b/src/lib/libcrypto/cms/cms_sd.c
index 2289c7e8a3..7072ce7dac 100644
--- a/src/lib/libcrypto/cms/cms_sd.c
+++ b/src/lib/libcrypto/cms/cms_sd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_sd.c,v 1.18 2019/08/11 10:15:30 jsing Exp $ */ 1/* $OpenBSD: cms_sd.c,v 1.19 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -69,7 +69,7 @@ static CMS_SignedData *
69cms_get0_signed(CMS_ContentInfo *cms) 69cms_get0_signed(CMS_ContentInfo *cms)
70{ 70{
71 if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed) { 71 if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed) {
72 CMSerr(CMS_F_CMS_GET0_SIGNED, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA); 72 CMSerror(CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA);
73 return NULL; 73 return NULL;
74 } 74 }
75 return cms->d.signedData; 75 return cms->d.signedData;
@@ -81,7 +81,7 @@ cms_signed_data_init(CMS_ContentInfo *cms)
81 if (cms->d.other == NULL) { 81 if (cms->d.other == NULL) {
82 cms->d.signedData = M_ASN1_new_of(CMS_SignedData); 82 cms->d.signedData = M_ASN1_new_of(CMS_SignedData);
83 if (!cms->d.signedData) { 83 if (!cms->d.signedData) {
84 CMSerr(CMS_F_CMS_SIGNED_DATA_INIT, ERR_R_MALLOC_FAILURE); 84 CMSerror(ERR_R_MALLOC_FAILURE);
85 return NULL; 85 return NULL;
86 } 86 }
87 cms->d.signedData->version = 1; 87 cms->d.signedData->version = 1;
@@ -180,8 +180,7 @@ cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
180 messageDigest = CMS_signed_get0_data_by_OBJ(sitmp, 180 messageDigest = CMS_signed_get0_data_by_OBJ(sitmp,
181 OBJ_nid2obj(NID_pkcs9_messageDigest), -3, V_ASN1_OCTET_STRING); 181 OBJ_nid2obj(NID_pkcs9_messageDigest), -3, V_ASN1_OCTET_STRING);
182 if (!messageDigest) { 182 if (!messageDigest) {
183 CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST, 183 CMSerror(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
184 CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
185 return 0; 184 return 0;
186 } 185 }
187 186
@@ -192,7 +191,7 @@ cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
192 return 0; 191 return 0;
193 } 192 }
194 193
195 CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST, CMS_R_NO_MATCHING_DIGEST); 194 CMSerror(CMS_R_NO_MATCHING_DIGEST);
196 195
197 return 0; 196 return 0;
198} 197}
@@ -212,7 +211,7 @@ cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
212 break; 211 break;
213 212
214 default: 213 default:
215 CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, CMS_R_UNKNOWN_ID); 214 CMSerror(CMS_R_UNKNOWN_ID);
216 return 0; 215 return 0;
217 } 216 }
218 217
@@ -260,11 +259,11 @@ cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd)
260 return 1; 259 return 1;
261 i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_SIGN, cmd, si); 260 i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_SIGN, cmd, si);
262 if (i == -2) { 261 if (i == -2) {
263 CMSerr(CMS_F_CMS_SD_ASN1_CTRL, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); 262 CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
264 return 0; 263 return 0;
265 } 264 }
266 if (i <= 0) { 265 if (i <= 0) {
267 CMSerr(CMS_F_CMS_SD_ASN1_CTRL, CMS_R_CTRL_FAILURE); 266 CMSerror(CMS_R_CTRL_FAILURE);
268 return 0; 267 return 0;
269 } 268 }
270 269
@@ -281,8 +280,7 @@ CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
281 int i, type; 280 int i, type;
282 281
283 if (!X509_check_private_key(signer, pk)) { 282 if (!X509_check_private_key(signer, pk)) {
284 CMSerr(CMS_F_CMS_ADD1_SIGNER, 283 CMSerror(CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
285 CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
286 return NULL; 284 return NULL;
287 } 285 }
288 sd = cms_signed_data_init(cms); 286 sd = cms_signed_data_init(cms);
@@ -303,7 +301,7 @@ CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
303 si->pctx = NULL; 301 si->pctx = NULL;
304 302
305 if (si->mctx == NULL) { 303 if (si->mctx == NULL) {
306 CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE); 304 CMSerror(ERR_R_MALLOC_FAILURE);
307 goto err; 305 goto err;
308 } 306 }
309 307
@@ -326,13 +324,13 @@ CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
326 goto err; 324 goto err;
327 md = EVP_get_digestbynid(def_nid); 325 md = EVP_get_digestbynid(def_nid);
328 if (md == NULL) { 326 if (md == NULL) {
329 CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DEFAULT_DIGEST); 327 CMSerror(CMS_R_NO_DEFAULT_DIGEST);
330 goto err; 328 goto err;
331 } 329 }
332 } 330 }
333 331
334 if (!md) { 332 if (!md) {
335 CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET); 333 CMSerror(CMS_R_NO_DIGEST_SET);
336 goto err; 334 goto err;
337 } 335 }
338 336
@@ -418,7 +416,7 @@ CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
418 return si; 416 return si;
419 417
420 merr: 418 merr:
421 CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE); 419 CMSerror(ERR_R_MALLOC_FAILURE);
422 err: 420 err:
423 M_ASN1_free_of(si, CMS_SignerInfo); 421 M_ASN1_free_of(si, CMS_SignerInfo);
424 422
@@ -449,7 +447,7 @@ cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t)
449 if (!t) 447 if (!t)
450 ASN1_TIME_free(tt); 448 ASN1_TIME_free(tt);
451 if (!r) 449 if (!r)
452 CMSerr(CMS_F_CMS_ADD1_SIGNINGTIME, ERR_R_MALLOC_FAILURE); 450 CMSerror(ERR_R_MALLOC_FAILURE);
453 451
454 return r; 452 return r;
455} 453}
@@ -606,12 +604,12 @@ cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMS_SignerInfo *si, BIO *chain
606 EVP_PKEY_CTX *pctx = NULL; 604 EVP_PKEY_CTX *pctx = NULL;
607 605
608 if (mctx == NULL) { 606 if (mctx == NULL) {
609 CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE); 607 CMSerror(ERR_R_MALLOC_FAILURE);
610 return 0; 608 return 0;
611 } 609 }
612 610
613 if (!si->pkey) { 611 if (!si->pkey) {
614 CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY); 612 CMSerror(CMS_R_NO_PRIVATE_KEY);
615 goto err; 613 goto err;
616 } 614 }
617 615
@@ -654,7 +652,7 @@ cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMS_SignerInfo *si, BIO *chain
654 siglen = EVP_PKEY_size(si->pkey); 652 siglen = EVP_PKEY_size(si->pkey);
655 sig = OPENSSL_malloc(siglen); 653 sig = OPENSSL_malloc(siglen);
656 if (sig == NULL) { 654 if (sig == NULL) {
657 CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE); 655 CMSerror(ERR_R_MALLOC_FAILURE);
658 goto err; 656 goto err;
659 } 657 }
660 if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0) { 658 if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0) {
@@ -668,11 +666,11 @@ cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMS_SignerInfo *si, BIO *chain
668 666
669 sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey)); 667 sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey));
670 if (sig == NULL) { 668 if (sig == NULL) {
671 CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE); 669 CMSerror(ERR_R_MALLOC_FAILURE);
672 goto err; 670 goto err;
673 } 671 }
674 if (!EVP_SignFinal(mctx, sig, &siglen, si->pkey)) { 672 if (!EVP_SignFinal(mctx, sig, &siglen, si->pkey)) {
675 CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR); 673 CMSerror(CMS_R_SIGNFINAL_ERROR);
676 OPENSSL_free(sig); 674 OPENSSL_free(sig);
677 goto err; 675 goto err;
678 } 676 }
@@ -736,7 +734,7 @@ CMS_SignerInfo_sign(CMS_SignerInfo *si)
736 734
737 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, 735 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
738 EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) { 736 EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) {
739 CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR); 737 CMSerror(CMS_R_CTRL_ERROR);
740 goto err; 738 goto err;
741 } 739 }
742 740
@@ -757,7 +755,7 @@ CMS_SignerInfo_sign(CMS_SignerInfo *si)
757 755
758 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, 756 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
759 EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) { 757 EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) {
760 CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR); 758 CMSerror(CMS_R_CTRL_ERROR);
761 goto err; 759 goto err;
762 } 760 }
763 761
@@ -783,7 +781,7 @@ CMS_SignerInfo_verify(CMS_SignerInfo *si)
783 const EVP_MD *md = NULL; 781 const EVP_MD *md = NULL;
784 782
785 if (!si->pkey) { 783 if (!si->pkey) {
786 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_NO_PUBLIC_KEY); 784 CMSerror(CMS_R_NO_PUBLIC_KEY);
787 return -1; 785 return -1;
788 } 786 }
789 787
@@ -791,7 +789,7 @@ CMS_SignerInfo_verify(CMS_SignerInfo *si)
791 if (md == NULL) 789 if (md == NULL)
792 return -1; 790 return -1;
793 if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) { 791 if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) {
794 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, ERR_R_MALLOC_FAILURE); 792 CMSerror(ERR_R_MALLOC_FAILURE);
795 return -1; 793 return -1;
796 } 794 }
797 mctx = si->mctx; 795 mctx = si->mctx;
@@ -815,7 +813,7 @@ CMS_SignerInfo_verify(CMS_SignerInfo *si)
815 r = EVP_DigestVerifyFinal(mctx, si->signature->data, 813 r = EVP_DigestVerifyFinal(mctx, si->signature->data,
816 si->signature->length); 814 si->signature->length);
817 if (r <= 0) 815 if (r <= 0)
818 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE); 816 CMSerror(CMS_R_VERIFICATION_FAILURE);
819 817
820 err: 818 err:
821 EVP_MD_CTX_reset(mctx); 819 EVP_MD_CTX_reset(mctx);
@@ -869,7 +867,7 @@ CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
869 unsigned int mlen; 867 unsigned int mlen;
870 868
871 if (mctx == NULL) { 869 if (mctx == NULL) {
872 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, ERR_R_MALLOC_FAILURE); 870 CMSerror(ERR_R_MALLOC_FAILURE);
873 goto err; 871 goto err;
874 } 872 }
875 /* If we have any signed attributes look for messageDigest value */ 873 /* If we have any signed attributes look for messageDigest value */
@@ -878,8 +876,7 @@ CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
878 OBJ_nid2obj(NID_pkcs9_messageDigest), -3, 876 OBJ_nid2obj(NID_pkcs9_messageDigest), -3,
879 V_ASN1_OCTET_STRING); 877 V_ASN1_OCTET_STRING);
880 if (!os) { 878 if (!os) {
881 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, 879 CMSerror(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
882 CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
883 goto err; 880 goto err;
884 } 881 }
885 } 882 }
@@ -888,8 +885,7 @@ CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
888 goto err; 885 goto err;
889 886
890 if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) { 887 if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) {
891 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, 888 CMSerror(CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
892 CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
893 goto err; 889 goto err;
894 } 890 }
895 891
@@ -897,14 +893,12 @@ CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
897 893
898 if (os) { 894 if (os) {
899 if (mlen != (unsigned int)os->length) { 895 if (mlen != (unsigned int)os->length) {
900 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, 896 CMSerror(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH);
901 CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH);
902 goto err; 897 goto err;
903 } 898 }
904 899
905 if (memcmp(mval, os->data, mlen)) { 900 if (memcmp(mval, os->data, mlen)) {
906 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, 901 CMSerror(CMS_R_VERIFICATION_FAILURE);
907 CMS_R_VERIFICATION_FAILURE);
908 r = 0; 902 r = 0;
909 } else 903 } else
910 r = 1; 904 r = 1;
@@ -924,8 +918,7 @@ CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
924 r = EVP_PKEY_verify(pkctx, si->signature->data, 918 r = EVP_PKEY_verify(pkctx, si->signature->data,
925 si->signature->length, mval, mlen); 919 si->signature->length, mval, mlen);
926 if (r <= 0) { 920 if (r <= 0) {
927 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, 921 CMSerror(CMS_R_VERIFICATION_FAILURE);
928 CMS_R_VERIFICATION_FAILURE);
929 r = 0; 922 r = 0;
930 } 923 }
931 } 924 }
diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c
index 6e546593e7..2bb3c363c9 100644
--- a/src/lib/libcrypto/cms/cms_smime.c
+++ b/src/lib/libcrypto/cms/cms_smime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_smime.c,v 1.21 2019/08/11 06:47:18 jsing Exp $ */ 1/* $OpenBSD: cms_smime.c,v 1.22 2019/08/11 10:38:27 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -87,7 +87,7 @@ cms_copy_content(BIO *out, BIO *in, unsigned int flags)
87 tmpout = cms_get_text_bio(out, flags); 87 tmpout = cms_get_text_bio(out, flags);
88 88
89 if (tmpout == NULL) { 89 if (tmpout == NULL) {
90 CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE); 90 CMSerror(ERR_R_MALLOC_FAILURE);
91 goto err; 91 goto err;
92 } 92 }
93 93
@@ -110,7 +110,7 @@ cms_copy_content(BIO *out, BIO *in, unsigned int flags)
110 110
111 if (flags & CMS_TEXT) { 111 if (flags & CMS_TEXT) {
112 if (!SMIME_text(tmpout, out)) { 112 if (!SMIME_text(tmpout, out)) {
113 CMSerr(CMS_F_CMS_COPY_CONTENT, CMS_R_SMIME_TEXT_ERROR); 113 CMSerror(CMS_R_SMIME_TEXT_ERROR);
114 goto err; 114 goto err;
115 } 115 }
116 } 116 }
@@ -130,7 +130,7 @@ check_content(CMS_ContentInfo *cms)
130 ASN1_OCTET_STRING **pos = CMS_get0_content(cms); 130 ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
131 131
132 if (!pos || !*pos) { 132 if (!pos || !*pos) {
133 CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT); 133 CMSerror(CMS_R_NO_CONTENT);
134 return 0; 134 return 0;
135 } 135 }
136 136
@@ -159,7 +159,7 @@ CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
159 int r; 159 int r;
160 160
161 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) { 161 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) {
162 CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA); 162 CMSerror(CMS_R_TYPE_NOT_DATA);
163 return 0; 163 return 0;
164 } 164 }
165 cont = CMS_dataInit(cms, NULL); 165 cont = CMS_dataInit(cms, NULL);
@@ -195,7 +195,7 @@ CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags
195 int r; 195 int r;
196 196
197 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) { 197 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) {
198 CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA); 198 CMSerror(CMS_R_TYPE_NOT_DIGESTED_DATA);
199 return 0; 199 return 0;
200 } 200 }
201 201
@@ -243,8 +243,7 @@ CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key,
243 int r; 243 int r;
244 244
245 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) { 245 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) {
246 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT, 246 CMSerror(CMS_R_TYPE_NOT_ENCRYPTED_DATA);
247 CMS_R_TYPE_NOT_ENCRYPTED_DATA);
248 return 0; 247 return 0;
249 } 248 }
250 249
@@ -269,7 +268,7 @@ CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
269 CMS_ContentInfo *cms; 268 CMS_ContentInfo *cms;
270 269
271 if (!cipher) { 270 if (!cipher) {
272 CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER); 271 CMSerror(CMS_R_NO_CIPHER);
273 return NULL; 272 return NULL;
274 } 273 }
275 cms = CMS_ContentInfo_new(); 274 cms = CMS_ContentInfo_new();
@@ -299,12 +298,12 @@ cms_signerinfo_verify_cert(CMS_SignerInfo *si, X509_STORE *store,
299 int i, j, r = 0; 298 int i, j, r = 0;
300 299
301 if (ctx == NULL) { 300 if (ctx == NULL) {
302 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE); 301 CMSerror(ERR_R_MALLOC_FAILURE);
303 goto err; 302 goto err;
304 } 303 }
305 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); 304 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
306 if (!X509_STORE_CTX_init(ctx, store, signer, certs)) { 305 if (!X509_STORE_CTX_init(ctx, store, signer, certs)) {
307 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, CMS_R_STORE_INIT_ERROR); 306 CMSerror(CMS_R_STORE_INIT_ERROR);
308 goto err; 307 goto err;
309 } 308 }
310 X509_STORE_CTX_set_default(ctx, "smime_sign"); 309 X509_STORE_CTX_set_default(ctx, "smime_sign");
@@ -314,8 +313,7 @@ cms_signerinfo_verify_cert(CMS_SignerInfo *si, X509_STORE *store,
314 i = X509_verify_cert(ctx); 313 i = X509_verify_cert(ctx);
315 if (i <= 0) { 314 if (i <= 0) {
316 j = X509_STORE_CTX_get_error(ctx); 315 j = X509_STORE_CTX_get_error(ctx);
317 CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, 316 CMSerror(CMS_R_CERTIFICATE_VERIFY_ERROR);
318 CMS_R_CERTIFICATE_VERIFY_ERROR);
319 ERR_add_error_data(2, "Verify error:", 317 ERR_add_error_data(2, "Verify error:",
320 X509_verify_cert_error_string(j)); 318 X509_verify_cert_error_string(j));
321 goto err; 319 goto err;
@@ -352,7 +350,7 @@ CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
352 350
353 sinfos = CMS_get0_SignerInfos(cms); 351 sinfos = CMS_get0_SignerInfos(cms);
354 if (sk_CMS_SignerInfo_num(sinfos) <= 0) { 352 if (sk_CMS_SignerInfo_num(sinfos) <= 0) {
355 CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS); 353 CMSerror(CMS_R_NO_SIGNERS);
356 goto err; 354 goto err;
357 } 355 }
358 356
@@ -367,7 +365,7 @@ CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
367 scount += CMS_set1_signers_certs(cms, certs, flags); 365 scount += CMS_set1_signers_certs(cms, certs, flags);
368 366
369 if (scount != sk_CMS_SignerInfo_num(sinfos)) { 367 if (scount != sk_CMS_SignerInfo_num(sinfos)) {
370 CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND); 368 CMSerror(CMS_R_SIGNER_CERTIFICATE_NOT_FOUND);
371 goto err; 369 goto err;
372 } 370 }
373 371
@@ -410,7 +408,7 @@ CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
410 len = BIO_get_mem_data(dcont, &ptr); 408 len = BIO_get_mem_data(dcont, &ptr);
411 tmpin = BIO_new_mem_buf(ptr, len); 409 tmpin = BIO_new_mem_buf(ptr, len);
412 if (tmpin == NULL) { 410 if (tmpin == NULL) {
413 CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE); 411 CMSerror(ERR_R_MALLOC_FAILURE);
414 goto err2; 412 goto err2;
415 } 413 }
416 } else 414 } else
@@ -427,7 +425,7 @@ CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
427 */ 425 */
428 tmpout = cms_get_text_bio(out, flags); 426 tmpout = cms_get_text_bio(out, flags);
429 if (!tmpout) { 427 if (!tmpout) {
430 CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE); 428 CMSerror(ERR_R_MALLOC_FAILURE);
431 goto err; 429 goto err;
432 } 430 }
433 cmsbio = CMS_dataInit(cms, tmpout); 431 cmsbio = CMS_dataInit(cms, tmpout);
@@ -441,7 +439,7 @@ CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
441 439
442 if (flags & CMS_TEXT) { 440 if (flags & CMS_TEXT) {
443 if (!SMIME_text(tmpout, out)) { 441 if (!SMIME_text(tmpout, out)) {
444 CMSerr(CMS_F_CMS_VERIFY, CMS_R_SMIME_TEXT_ERROR); 442 CMSerror(CMS_R_SMIME_TEXT_ERROR);
445 goto err; 443 goto err;
446 } 444 }
447 } 445 }
@@ -458,7 +456,7 @@ CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
458 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { 456 for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
459 si = sk_CMS_SignerInfo_value(sinfos, i); 457 si = sk_CMS_SignerInfo_value(sinfos, i);
460 if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) { 458 if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) {
461 CMSerr(CMS_F_CMS_VERIFY, CMS_R_CONTENT_VERIFY_ERROR); 459 CMSerror(CMS_R_CONTENT_VERIFY_ERROR);
462 goto err; 460 goto err;
463 } 461 }
464 } 462 }
@@ -517,7 +515,7 @@ CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data,
517 goto err; 515 goto err;
518 516
519 if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) { 517 if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
520 CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR); 518 CMSerror(CMS_R_ADD_SIGNER_ERROR);
521 goto err; 519 goto err;
522 } 520 }
523 521
@@ -537,7 +535,7 @@ CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data,
537 goto err; 535 goto err;
538 536
539 merr: 537 merr:
540 CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE); 538 CMSerror(ERR_R_MALLOC_FAILURE);
541 539
542 err: 540 err:
543 CMS_ContentInfo_free(cms); 541 CMS_ContentInfo_free(cms);
@@ -559,7 +557,7 @@ CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey,
559 /* Not really detached but avoids content being allocated */ 557 /* Not really detached but avoids content being allocated */
560 flags |= CMS_PARTIAL | CMS_BINARY | CMS_DETACHED; 558 flags |= CMS_PARTIAL | CMS_BINARY | CMS_DETACHED;
561 if (!pkey || !signcert) { 559 if (!pkey || !signcert) {
562 CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT); 560 CMSerror(CMS_R_NO_KEY_OR_CERT);
563 return NULL; 561 return NULL;
564 } 562 }
565 563
@@ -575,7 +573,7 @@ CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey,
575 573
576 rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags); 574 rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags);
577 if (!rct_si) { 575 if (!rct_si) {
578 CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR); 576 CMSerror(CMS_R_ADD_SIGNER_ERROR);
579 goto err; 577 goto err;
580 } 578 }
581 579
@@ -626,7 +624,7 @@ CMS_encrypt(STACK_OF(X509) *certs, BIO *data, const EVP_CIPHER *cipher,
626 for (i = 0; i < sk_X509_num(certs); i++) { 624 for (i = 0; i < sk_X509_num(certs); i++) {
627 recip = sk_X509_value(certs, i); 625 recip = sk_X509_value(certs, i);
628 if (!CMS_add1_recipient_cert(cms, recip, flags)) { 626 if (!CMS_add1_recipient_cert(cms, recip, flags)) {
629 CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR); 627 CMSerror(CMS_R_RECIPIENT_ERROR);
630 goto err; 628 goto err;
631 } 629 }
632 } 630 }
@@ -641,7 +639,7 @@ CMS_encrypt(STACK_OF(X509) *certs, BIO *data, const EVP_CIPHER *cipher,
641 goto err; 639 goto err;
642 640
643 merr: 641 merr:
644 CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE); 642 CMSerror(ERR_R_MALLOC_FAILURE);
645 err: 643 err:
646 CMS_ContentInfo_free(cms); 644 CMS_ContentInfo_free(cms);
647 645
@@ -687,8 +685,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
687 debug = cms->d.envelopedData->encryptedContentInfo->debug; 685 debug = cms->d.envelopedData->encryptedContentInfo->debug;
688 ri_type = cms_pkey_get_ri_type(pk); 686 ri_type = cms_pkey_get_ri_type(pk);
689 if (ri_type == CMS_RECIPINFO_NONE) { 687 if (ri_type == CMS_RECIPINFO_NONE) {
690 CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, 688 CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
691 CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
692 return 0; 689 return 0;
693 } 690 }
694 691
@@ -724,7 +721,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
724 } 721 }
725 if (r > 0) 722 if (r > 0)
726 return 1; 723 return 1;
727 CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_DECRYPT_ERROR); 724 CMSerror(CMS_R_DECRYPT_ERROR);
728 return 0; 725 return 0;
729 } 726 }
730 /* 727 /*
@@ -742,7 +739,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
742 return 1; 739 return 1;
743 } 740 }
744 741
745 CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT); 742 CMSerror(CMS_R_NO_MATCHING_RECIPIENT);
746 743
747 return 0; 744 return 0;
748} 745}
@@ -772,14 +769,14 @@ CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key, size_t keylen,
772 if (r > 0) 769 if (r > 0)
773 return 1; 770 return 1;
774 if (id) { 771 if (id) {
775 CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_DECRYPT_ERROR); 772 CMSerror(CMS_R_DECRYPT_ERROR);
776 return 0; 773 return 0;
777 } 774 }
778 ERR_clear_error(); 775 ERR_clear_error();
779 } 776 }
780 } 777 }
781 778
782 CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT); 779 CMSerror(CMS_R_NO_MATCHING_RECIPIENT);
783 780
784 return 0; 781 return 0;
785} 782}
@@ -804,7 +801,7 @@ CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass,
804 return 1; 801 return 1;
805 } 802 }
806 803
807 CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT); 804 CMSerror(CMS_R_NO_MATCHING_RECIPIENT);
808 805
809 return 0; 806 return 0;
810} 807}
@@ -817,7 +814,7 @@ CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, BIO *dcont,
817 BIO *cont; 814 BIO *cont;
818 815
819 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) { 816 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) {
820 CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA); 817 CMSerror(CMS_R_TYPE_NOT_ENVELOPED_DATA);
821 return 0; 818 return 0;
822 } 819 }
823 if (!dcont && !check_content(cms)) 820 if (!dcont && !check_content(cms))
@@ -846,7 +843,7 @@ CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
846 int ret = 0; 843 int ret = 0;
847 844
848 if ((cmsbio = CMS_dataInit(cms, dcont)) == NULL) { 845 if ((cmsbio = CMS_dataInit(cms, dcont)) == NULL) {
849 CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_LIB); 846 CMSerror(CMS_R_CMS_LIB);
850 return 0; 847 return 0;
851 } 848 }
852 849
@@ -855,7 +852,7 @@ CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
855 (void)BIO_flush(cmsbio); 852 (void)BIO_flush(cmsbio);
856 853
857 if (!CMS_dataFinal(cms, cmsbio)) { 854 if (!CMS_dataFinal(cms, cmsbio)) {
858 CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_DATAFINAL_ERROR); 855 CMSerror(CMS_R_CMS_DATAFINAL_ERROR);
859 goto err; 856 goto err;
860 } 857 }
861 858
@@ -876,7 +873,7 @@ CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags)
876 int r; 873 int r;
877 874
878 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) { 875 if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) {
879 CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_TYPE_NOT_COMPRESSED_DATA); 876 CMSerror(CMS_R_TYPE_NOT_COMPRESSED_DATA);
880 return 0; 877 return 0;
881 } 878 }
882 879
@@ -919,14 +916,14 @@ CMS_compress(BIO *in, int comp_nid, unsigned int flags)
919int 916int
920CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags) 917CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags)
921{ 918{
922 CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM); 919 CMSerror(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
923 return 0; 920 return 0;
924} 921}
925 922
926CMS_ContentInfo * 923CMS_ContentInfo *
927CMS_compress(BIO *in, int comp_nid, unsigned int flags) 924CMS_compress(BIO *in, int comp_nid, unsigned int flags)
928{ 925{
929 CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM); 926 CMSerror(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
930 return NULL; 927 return NULL;
931} 928}
932 929
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 22:12:03 +0000