diff options
| author | inoguchi <> | 2019-11-18 12:43:27 +0000 |
|---|---|---|
| committer | inoguchi <> | 2019-11-18 12:43:27 +0000 |
| commit | 9296377ec578f58a1d51cbfc276ae923d3875f8b (patch) | |
| tree | 870b63ba12cab64207dd547c4a8810f5989dd247 /src | |
| parent | 51e3a318bbb89e27344cec8c4ff475ffb4a456f0 (diff) | |
| download | openbsd-9296377ec578f58a1d51cbfc276ae923d3875f8b.tar.gz openbsd-9296377ec578f58a1d51cbfc276ae923d3875f8b.tar.bz2 openbsd-9296377ec578f58a1d51cbfc276ae923d3875f8b.zip | |
Remove typedef and check sk_push return value in openssl(1) cms
- Remove typedef and use 'struct cms_key_param' instead
- Check return value of sk_X509_push and sk_OPENSSL_STRING_push
- Add a blank line to separate variable declarations from code
comments from jsing@
Diffstat (limited to 'src')
| -rw-r--r-- | src/usr.bin/openssl/cms.c | 56 |
1 files changed, 33 insertions, 23 deletions
diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c index 71e52fe52c..a4deb06188 100644 --- a/src/usr.bin/openssl/cms.c +++ b/src/usr.bin/openssl/cms.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cms.c,v 1.14 2019/11/18 11:34:41 inoguchi Exp $ */ | 1 | /* $OpenBSD: cms.c,v 1.15 2019/11/18 12:43:27 inoguchi Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -99,12 +99,10 @@ static int cms_set_pkey_param(EVP_PKEY_CTX *pctx, | |||
| 99 | 99 | ||
| 100 | int verify_err = 0; | 100 | int verify_err = 0; |
| 101 | 101 | ||
| 102 | typedef struct cms_key_param_st cms_key_param; | 102 | struct cms_key_param { |
| 103 | |||
| 104 | struct cms_key_param_st { | ||
| 105 | int idx; | 103 | int idx; |
| 106 | STACK_OF(OPENSSL_STRING) *param; | 104 | STACK_OF(OPENSSL_STRING) *param; |
| 107 | cms_key_param *next; | 105 | struct cms_key_param *next; |
| 108 | }; | 106 | }; |
| 109 | 107 | ||
| 110 | int | 108 | int |
| @@ -142,7 +140,7 @@ cms_main(int argc, char **argv) | |||
| 142 | unsigned char *pwri_pass = NULL, *pwri_tmp = NULL; | 140 | unsigned char *pwri_pass = NULL, *pwri_tmp = NULL; |
| 143 | size_t secret_keylen = 0, secret_keyidlen = 0; | 141 | size_t secret_keylen = 0, secret_keyidlen = 0; |
| 144 | 142 | ||
| 145 | cms_key_param *key_first = NULL, *key_param = NULL; | 143 | struct cms_key_param *key_first = NULL, *key_param = NULL; |
| 146 | 144 | ||
| 147 | ASN1_OBJECT *econtent_type = NULL; | 145 | ASN1_OBJECT *econtent_type = NULL; |
| 148 | 146 | ||
| @@ -278,14 +276,16 @@ cms_main(int argc, char **argv) | |||
| 278 | args++; | 276 | args++; |
| 279 | if (!rr_from) | 277 | if (!rr_from) |
| 280 | rr_from = sk_OPENSSL_STRING_new_null(); | 278 | rr_from = sk_OPENSSL_STRING_new_null(); |
| 281 | sk_OPENSSL_STRING_push(rr_from, *args); | 279 | if (!sk_OPENSSL_STRING_push(rr_from, *args)) |
| 280 | goto end; | ||
| 282 | } else if (!strcmp(*args, "-receipt_request_to")) { | 281 | } else if (!strcmp(*args, "-receipt_request_to")) { |
| 283 | if (!args[1]) | 282 | if (!args[1]) |
| 284 | goto argerr; | 283 | goto argerr; |
| 285 | args++; | 284 | args++; |
| 286 | if (!rr_to) | 285 | if (!rr_to) |
| 287 | rr_to = sk_OPENSSL_STRING_new_null(); | 286 | rr_to = sk_OPENSSL_STRING_new_null(); |
| 288 | sk_OPENSSL_STRING_push(rr_to, *args); | 287 | if (!sk_OPENSSL_STRING_push(rr_to, *args)) |
| 288 | goto end; | ||
| 289 | } else if (!strcmp(*args, "-print")) { | 289 | } else if (!strcmp(*args, "-print")) { |
| 290 | noout = 1; | 290 | noout = 1; |
| 291 | print = 1; | 291 | print = 1; |
| @@ -351,12 +351,14 @@ cms_main(int argc, char **argv) | |||
| 351 | if (!sksigners) | 351 | if (!sksigners) |
| 352 | sksigners = | 352 | sksigners = |
| 353 | sk_OPENSSL_STRING_new_null(); | 353 | sk_OPENSSL_STRING_new_null(); |
| 354 | sk_OPENSSL_STRING_push(sksigners, signerfile); | 354 | if (!sk_OPENSSL_STRING_push(sksigners, signerfile)) |
| 355 | goto end; | ||
| 355 | if (!keyfile) | 356 | if (!keyfile) |
| 356 | keyfile = signerfile; | 357 | keyfile = signerfile; |
| 357 | if (!skkeys) | 358 | if (!skkeys) |
| 358 | skkeys = sk_OPENSSL_STRING_new_null(); | 359 | skkeys = sk_OPENSSL_STRING_new_null(); |
| 359 | sk_OPENSSL_STRING_push(skkeys, keyfile); | 360 | if (!sk_OPENSSL_STRING_push(skkeys, keyfile)) |
| 361 | goto end; | ||
| 360 | keyfile = NULL; | 362 | keyfile = NULL; |
| 361 | } | 363 | } |
| 362 | signerfile = *++args; | 364 | signerfile = *++args; |
| @@ -371,7 +373,8 @@ cms_main(int argc, char **argv) | |||
| 371 | NULL, "recipient certificate file"); | 373 | NULL, "recipient certificate file"); |
| 372 | if (cert == NULL) | 374 | if (cert == NULL) |
| 373 | goto end; | 375 | goto end; |
| 374 | sk_X509_push(encerts, cert); | 376 | if (!sk_X509_push(encerts, cert)) |
| 377 | goto end; | ||
| 375 | cert = NULL; | 378 | cert = NULL; |
| 376 | } else { | 379 | } else { |
| 377 | recipfile = *++args; | 380 | recipfile = *++args; |
| @@ -402,11 +405,13 @@ cms_main(int argc, char **argv) | |||
| 402 | if (!sksigners) | 405 | if (!sksigners) |
| 403 | sksigners = | 406 | sksigners = |
| 404 | sk_OPENSSL_STRING_new_null(); | 407 | sk_OPENSSL_STRING_new_null(); |
| 405 | sk_OPENSSL_STRING_push(sksigners, signerfile); | 408 | if (!sk_OPENSSL_STRING_push(sksigners, signerfile)) |
| 409 | goto end; | ||
| 406 | signerfile = NULL; | 410 | signerfile = NULL; |
| 407 | if (!skkeys) | 411 | if (!skkeys) |
| 408 | skkeys = sk_OPENSSL_STRING_new_null(); | 412 | skkeys = sk_OPENSSL_STRING_new_null(); |
| 409 | sk_OPENSSL_STRING_push(skkeys, keyfile); | 413 | if (!sk_OPENSSL_STRING_push(skkeys, keyfile)) |
| 414 | goto end; | ||
| 410 | } | 415 | } |
| 411 | keyfile = *++args; | 416 | keyfile = *++args; |
| 412 | } else if (!strcmp(*args, "-keyform")) { | 417 | } else if (!strcmp(*args, "-keyform")) { |
| @@ -431,8 +436,8 @@ cms_main(int argc, char **argv) | |||
| 431 | goto argerr; | 436 | goto argerr; |
| 432 | } | 437 | } |
| 433 | if (key_param == NULL || key_param->idx != keyidx) { | 438 | if (key_param == NULL || key_param->idx != keyidx) { |
| 434 | cms_key_param *nparam; | 439 | struct cms_key_param *nparam; |
| 435 | if ((nparam = malloc(sizeof(cms_key_param))) == NULL) | 440 | if ((nparam = malloc(sizeof(struct cms_key_param))) == NULL) |
| 436 | goto end; | 441 | goto end; |
| 437 | nparam->idx = keyidx; | 442 | nparam->idx = keyidx; |
| 438 | if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) | 443 | if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) |
| @@ -444,7 +449,8 @@ cms_main(int argc, char **argv) | |||
| 444 | key_param->next = nparam; | 449 | key_param->next = nparam; |
| 445 | key_param = nparam; | 450 | key_param = nparam; |
| 446 | } | 451 | } |
| 447 | sk_OPENSSL_STRING_push(key_param->param, *++args); | 452 | if (!sk_OPENSSL_STRING_push(key_param->param, *++args)) |
| 453 | goto end; | ||
| 448 | } else if (!strcmp(*args, "-rctform")) { | 454 | } else if (!strcmp(*args, "-rctform")) { |
| 449 | if (!args[1]) | 455 | if (!args[1]) |
| 450 | goto argerr; | 456 | goto argerr; |
| @@ -509,12 +515,14 @@ cms_main(int argc, char **argv) | |||
| 509 | if (signerfile) { | 515 | if (signerfile) { |
| 510 | if (!sksigners) | 516 | if (!sksigners) |
| 511 | sksigners = sk_OPENSSL_STRING_new_null(); | 517 | sksigners = sk_OPENSSL_STRING_new_null(); |
| 512 | sk_OPENSSL_STRING_push(sksigners, signerfile); | 518 | if (!sk_OPENSSL_STRING_push(sksigners, signerfile)) |
| 519 | goto end; | ||
| 513 | if (!skkeys) | 520 | if (!skkeys) |
| 514 | skkeys = sk_OPENSSL_STRING_new_null(); | 521 | skkeys = sk_OPENSSL_STRING_new_null(); |
| 515 | if (!keyfile) | 522 | if (!keyfile) |
| 516 | keyfile = signerfile; | 523 | keyfile = signerfile; |
| 517 | sk_OPENSSL_STRING_push(skkeys, keyfile); | 524 | if (!sk_OPENSSL_STRING_push(skkeys, keyfile)) |
| 525 | goto end; | ||
| 518 | } | 526 | } |
| 519 | if (!sksigners) { | 527 | if (!sksigners) { |
| 520 | BIO_printf(bio_err, | 528 | BIO_printf(bio_err, |
| @@ -580,7 +588,7 @@ cms_main(int argc, char **argv) | |||
| 580 | BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); | 588 | BIO_printf(bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); |
| 581 | BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n"); | 589 | BIO_printf(bio_err, "-inkey file input private key (if not signer or recipient)\n"); |
| 582 | BIO_printf(bio_err, "-keyform arg input private key format (PEM)\n"); | 590 | BIO_printf(bio_err, "-keyform arg input private key format (PEM)\n"); |
| 583 | BIO_printf (bio_err, "-keyopt nm:v set public key parameters\n"); | 591 | BIO_printf(bio_err, "-keyopt nm:v set public key parameters\n"); |
| 584 | BIO_printf(bio_err, "-out file output file\n"); | 592 | BIO_printf(bio_err, "-out file output file\n"); |
| 585 | BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); | 593 | BIO_printf(bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); |
| 586 | BIO_printf(bio_err, "-content file supply or override content for detached signature\n"); | 594 | BIO_printf(bio_err, "-content file supply or override content for detached signature\n"); |
| @@ -641,7 +649,8 @@ cms_main(int argc, char **argv) | |||
| 641 | if (!(cert = load_cert(bio_err, *args, FORMAT_PEM, | 649 | if (!(cert = load_cert(bio_err, *args, FORMAT_PEM, |
| 642 | NULL, "recipient certificate file"))) | 650 | NULL, "recipient certificate file"))) |
| 643 | goto end; | 651 | goto end; |
| 644 | sk_X509_push(encerts, cert); | 652 | if (!sk_X509_push(encerts, cert)) |
| 653 | goto end; | ||
| 645 | cert = NULL; | 654 | cert = NULL; |
| 646 | args++; | 655 | args++; |
| 647 | } | 656 | } |
| @@ -786,7 +795,7 @@ cms_main(int argc, char **argv) | |||
| 786 | goto end; | 795 | goto end; |
| 787 | for (i = 0; i < sk_X509_num(encerts); i++) { | 796 | for (i = 0; i < sk_X509_num(encerts); i++) { |
| 788 | CMS_RecipientInfo *ri; | 797 | CMS_RecipientInfo *ri; |
| 789 | cms_key_param *kparam; | 798 | struct cms_key_param *kparam; |
| 790 | int tflags = flags; | 799 | int tflags = flags; |
| 791 | X509 *x = sk_X509_value(encerts, i); | 800 | X509 *x = sk_X509_value(encerts, i); |
| 792 | for (kparam = key_first; kparam; kparam = kparam->next) { | 801 | for (kparam = key_first; kparam; kparam = kparam->next) { |
| @@ -877,7 +886,7 @@ cms_main(int argc, char **argv) | |||
| 877 | flags |= CMS_REUSE_DIGEST; | 886 | flags |= CMS_REUSE_DIGEST; |
| 878 | for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { | 887 | for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { |
| 879 | CMS_SignerInfo *si; | 888 | CMS_SignerInfo *si; |
| 880 | cms_key_param *kparam; | 889 | struct cms_key_param *kparam; |
| 881 | int tflags = flags; | 890 | int tflags = flags; |
| 882 | signerfile = sk_OPENSSL_STRING_value(sksigners, i); | 891 | signerfile = sk_OPENSSL_STRING_value(sksigners, i); |
| 883 | keyfile = sk_OPENSSL_STRING_value(skkeys, i); | 892 | keyfile = sk_OPENSSL_STRING_value(skkeys, i); |
| @@ -1048,7 +1057,7 @@ cms_main(int argc, char **argv) | |||
| 1048 | sk_OPENSSL_STRING_free(rr_to); | 1057 | sk_OPENSSL_STRING_free(rr_to); |
| 1049 | sk_OPENSSL_STRING_free(rr_from); | 1058 | sk_OPENSSL_STRING_free(rr_from); |
| 1050 | for (key_param = key_first; key_param;) { | 1059 | for (key_param = key_first; key_param;) { |
| 1051 | cms_key_param *tparam; | 1060 | struct cms_key_param *tparam; |
| 1052 | sk_OPENSSL_STRING_free(key_param->param); | 1061 | sk_OPENSSL_STRING_free(key_param->param); |
| 1053 | tparam = key_param->next; | 1062 | tparam = key_param->next; |
| 1054 | free(key_param); | 1063 | free(key_param); |
| @@ -1240,6 +1249,7 @@ cms_set_pkey_param(EVP_PKEY_CTX *pctx, STACK_OF(OPENSSL_STRING) *param) | |||
| 1240 | { | 1249 | { |
| 1241 | char *keyopt; | 1250 | char *keyopt; |
| 1242 | int i; | 1251 | int i; |
| 1252 | |||
| 1243 | if (sk_OPENSSL_STRING_num(param) <= 0) | 1253 | if (sk_OPENSSL_STRING_num(param) <= 0) |
| 1244 | return 1; | 1254 | return 1; |
| 1245 | for (i = 0; i < sk_OPENSSL_STRING_num(param); i++) { | 1255 | for (i = 0; i < sk_OPENSSL_STRING_num(param); i++) { |