summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1/a_sign.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/asn1/a_sign.c')
-rw-r--r--src/lib/libcrypto/asn1/a_sign.c34
1 files changed, 14 insertions, 20 deletions
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
index 349422fe9a..046f3b4a99 100644
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ b/src/lib/libcrypto/asn1/a_sign.c
@@ -131,8 +131,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
131{ 131{
132 EVP_MD_CTX ctx; 132 EVP_MD_CTX ctx;
133 EVP_MD_CTX_init(&ctx); 133 EVP_MD_CTX_init(&ctx);
134 if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) 134 if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
135 {
136 EVP_MD_CTX_cleanup(&ctx); 135 EVP_MD_CTX_cleanup(&ctx);
137 return 0; 136 return 0;
138 } 137 }
@@ -154,14 +153,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
154 type = EVP_MD_CTX_md(ctx); 153 type = EVP_MD_CTX_md(ctx);
155 pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); 154 pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
156 155
157 if (!type || !pkey) 156 if (!type || !pkey) {
158 {
159 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); 157 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
160 return 0; 158 return 0;
161 } 159 }
162 160
163 if (pkey->ameth->item_sign) 161 if (pkey->ameth->item_sign) {
164 {
165 rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, 162 rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
166 signature); 163 signature);
167 if (rv == 1) 164 if (rv == 1)
@@ -180,15 +177,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
180 else 177 else
181 rv = 2; 178 rv = 2;
182 179
183 if (rv == 2) 180 if (rv == 2) {
184 { 181 if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
185 if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
186 {
187 if (!pkey->ameth || 182 if (!pkey->ameth ||
188 !OBJ_find_sigid_by_algs(&signid, 183 !OBJ_find_sigid_by_algs(&signid,
189 EVP_MD_nid(type), 184 EVP_MD_nid(type),
190 pkey->ameth->pkey_id)) 185 pkey->ameth->pkey_id)) {
191 {
192 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, 186 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
193 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); 187 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
194 return 0; 188 return 0;
@@ -212,16 +206,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
212 inl=ASN1_item_i2d(asn,&buf_in, it); 206 inl=ASN1_item_i2d(asn,&buf_in, it);
213 outll=outl=EVP_PKEY_size(pkey); 207 outll=outl=EVP_PKEY_size(pkey);
214 buf_out=malloc((unsigned int)outl); 208 buf_out=malloc((unsigned int)outl);
215 if ((buf_in == NULL) || (buf_out == NULL)) 209 if ((buf_in == NULL) || (buf_out == NULL)) {
216 {
217 outl=0; 210 outl=0;
218 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE); 211 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE);
219 goto err; 212 goto err;
220 } 213 }
221 214
222 if (!EVP_DigestSignUpdate(ctx, buf_in, inl) 215 if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
223 || !EVP_DigestSignFinal(ctx, buf_out, &outl)) 216 || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
224 {
225 outl=0; 217 outl=0;
226 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB); 218 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB);
227 goto err; 219 goto err;
@@ -237,9 +229,11 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
237 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; 229 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
238err: 230err:
239 EVP_MD_CTX_cleanup(ctx); 231 EVP_MD_CTX_cleanup(ctx);
240 if (buf_in != NULL) 232 if (buf_in != NULL) {
241 { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in); } 233 OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in);
242 if (buf_out != NULL) 234 }
243 { OPENSSL_cleanse((char *)buf_out,outll); free(buf_out); } 235 if (buf_out != NULL) {
236 OPENSSL_cleanse((char *)buf_out,outll); free(buf_out);
237 }
244 return(outl); 238 return(outl);
245} 239}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 20:22:34 +0000