openssl pkcs12: stop reaching into ASN1_STRING

Buy a t: rename hex_prin() to hex_print() and accept an ASN1_STRING so that we only need to use accessors once. Also avoid a printf %s NULL. ok kenjiro
author: tb <> 2025-11-27 08:26:32 +0000
committer: tb <> 2025-11-27 08:26:32 +0000
commit: e301ef23b53cd30d97d07468d49ce25c85bdea3e (patch)
tree: 4a3759942fd81e9b281f6cc1c2a68f8c93a97187 /src
parent: 9c2fb2d749c8780ed1220475b6050f4dbebf9d0a (diff)
download: openbsd-e301ef23b53cd30d97d07468d49ce25c85bdea3e.tar.gz
openbsd-e301ef23b53cd30d97d07468d49ce25c85bdea3e.tar.bz2
openbsd-e301ef23b53cd30d97d07468d49ce25c85bdea3e.zip
1 files changed, 17 insertions, 18 deletions
diff --git a/src/usr.bin/openssl/pkcs12.c b/src/usr.bin/openssl/pkcs12.c
index efd6d59163..d29a12ce60 100644
--- a/src/usr.bin/openssl/pkcs12.c
+++ b/src/usr.bin/openssl/pkcs12.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkcs12.c,v 1.30 2025/06/07 08:33:58 tb Exp $ */
+/* $OpenBSD: pkcs12.c,v 1.31 2025/11/27 08:26:32 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -88,7 +88,6 @@ static int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass,
    int passlen, int options, char *pempass);
 static int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
    const char *name);
-static void hex_prin(BIO *out, unsigned char *buf, int len);
 static int alg_print(BIO *x, const X509_ALGOR *alg);
 static int set_pbe(BIO *err, int *ppbe, const char *str);
@@ -1021,6 +1020,17 @@ alg_print(BIO *x, const X509_ALGOR *alg)
        return 1;
 }
+static void
+hex_print(BIO *out, const ASN1_STRING *str)
+{
+        const unsigned char *buf = ASN1_STRING_get0_data(str);
+        int len = ASN1_STRING_length(str);
+        int i;
+        for (i = 0; i < len; i++)
+                BIO_printf(out, "%02X ", buf[i]);
+}
 /* Generalised attribute print: handle PKCS#8 and bag attributes */
 static void
 print_attribute(BIO *out, const ASN1_TYPE *av)
@@ -1030,21 +1040,19 @@ print_attribute(BIO *out, const ASN1_TYPE *av)
        switch (av->type) {
        case V_ASN1_BMPSTRING:
                value = OPENSSL_uni2asc(
-                    av->value.bmpstring->data,
+                    ASN1_STRING_get0_data(av->value.bmpstring),
-                    av->value.bmpstring->length);
+                    ASN1_STRING_length(av->value.bmpstring));
-                BIO_printf(out, "%s\n", value);
+                BIO_printf(out, "%s\n", value != NULL ? value : "(null)");
                free(value);
                break;
        case V_ASN1_OCTET_STRING:
-                hex_prin(out, av->value.octet_string->data,
+                hex_print(out, av->value.octet_string);
-                    av->value.octet_string->length);
                BIO_printf(out, "\n");
                break;
        case V_ASN1_BIT_STRING:
-                hex_prin(out, av->value.bit_string->data,
+                hex_print(out, av->value.bit_string);
-                    av->value.bit_string->length);
                BIO_printf(out, "\n");
                break;
@@ -1096,15 +1104,6 @@ print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
        return 1;
 }
-static void
-hex_prin(BIO *out, unsigned char *buf, int len)
-{
-        int i;
-        for (i = 0; i < len; i++)
-                BIO_printf(out, "%02X ", buf[i]);
-}
 static int
 set_pbe(BIO *err, int *ppbe, const char *str)
 {
author	tb <>	2025-11-27 08:26:32 +0000
committer	tb <>	2025-11-27 08:26:32 +0000
commit	e301ef23b53cd30d97d07468d49ce25c85bdea3e (patch)
tree	4a3759942fd81e9b281f6cc1c2a68f8c93a97187 /src
parent	9c2fb2d749c8780ed1220475b6050f4dbebf9d0a (diff)
download	openbsd-e301ef23b53cd30d97d07468d49ce25c85bdea3e.tar.gz openbsd-e301ef23b53cd30d97d07468d49ce25c85bdea3e.tar.bz2 openbsd-e301ef23b53cd30d97d07468d49ce25c85bdea3e.zip