summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs7/pk7_doit.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/pkcs7/pk7_doit.c')
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c57
1 files changed, 17 insertions, 40 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index 4ab24a86f5..099e9651c1 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -189,7 +189,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
189 EVP_PKEY_free(pkey); 189 EVP_PKEY_free(pkey);
190 if (max < jj) max=jj; 190 if (max < jj) max=jj;
191 } 191 }
192 if ((tmp=(unsigned char *)Malloc(max)) == NULL) 192 if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL)
193 { 193 {
194 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE); 194 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE);
195 goto err; 195 goto err;
@@ -203,12 +203,12 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
203 if (jj <= 0) 203 if (jj <= 0)
204 { 204 {
205 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB); 205 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB);
206 Free(tmp); 206 OPENSSL_free(tmp);
207 goto err; 207 goto err;
208 } 208 }
209 M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); 209 M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
210 } 210 }
211 Free(tmp); 211 OPENSSL_free(tmp);
212 memset(key, 0, keylen); 212 memset(key, 0, keylen);
213 213
214 if (out == NULL) 214 if (out == NULL)
@@ -265,13 +265,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
265 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; 265 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
266 X509_ALGOR *xalg=NULL; 266 X509_ALGOR *xalg=NULL;
267 PKCS7_RECIP_INFO *ri=NULL; 267 PKCS7_RECIP_INFO *ri=NULL;
268#ifndef NO_RC2
269 char is_rc2 = 0;
270#endif
271/* EVP_PKEY *pkey; */
272#if 0
273 X509_STORE_CTX s_ctx;
274#endif
275 268
276 i=OBJ_obj2nid(p7->type); 269 i=OBJ_obj2nid(p7->type);
277 p7->state=PKCS7_S_HEADER; 270 p7->state=PKCS7_S_HEADER;
@@ -312,16 +305,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
312 goto err; 305 goto err;
313 } 306 }
314 307
315 if(EVP_CIPHER_nid(evp_cipher) == NID_rc2_cbc)
316 {
317#ifndef NO_RC2
318 is_rc2 = 1;
319#else
320 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
321 goto err;
322#endif
323 }
324
325 /* We will be checking the signature */ 308 /* We will be checking the signature */
326 if (md_sk != NULL) 309 if (md_sk != NULL)
327 { 310 {
@@ -391,7 +374,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
391 } 374 }
392 375
393 jj=EVP_PKEY_size(pkey); 376 jj=EVP_PKEY_size(pkey);
394 tmp=(unsigned char *)Malloc(jj+10); 377 tmp=(unsigned char *)OPENSSL_malloc(jj+10);
395 if (tmp == NULL) 378 if (tmp == NULL)
396 { 379 {
397 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE); 380 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE);
@@ -413,24 +396,18 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
413 return(NULL); 396 return(NULL);
414 397
415 if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) { 398 if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
416 /* HACK: some S/MIME clients don't use the same key 399 /* Some S/MIME clients don't use the same key
417 * and effective key length. The key length is 400 * and effective key length. The key length is
418 * determined by the size of the decrypted RSA key. 401 * determined by the size of the decrypted RSA key.
419 * So we hack things to manually set the RC2 key
420 * because we currently can't do this with the EVP
421 * interface.
422 */ 402 */
423#ifndef NO_RC2 403 if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj))
424 if(is_rc2) RC2_set_key(&(evp_ctx->c.rc2_ks),jj, tmp,
425 EVP_CIPHER_CTX_key_length(evp_ctx)*8);
426 else
427#endif
428 { 404 {
429 PKCS7err(PKCS7_F_PKCS7_DATADECODE, 405 PKCS7err(PKCS7_F_PKCS7_DATADECODE,
430 PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH); 406 PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
431 goto err; 407 goto err;
432 } 408 }
433 } else EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0); 409 }
410 EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
434 411
435 memset(tmp,0,jj); 412 memset(tmp,0,jj);
436 413
@@ -479,7 +456,7 @@ err:
479 out=NULL; 456 out=NULL;
480 } 457 }
481 if (tmp != NULL) 458 if (tmp != NULL)
482 Free(tmp); 459 OPENSSL_free(tmp);
483 return(out); 460 return(out);
484 } 461 }
485 462
@@ -557,7 +534,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
557 if (EVP_MD_CTX_type(mdc) == j) 534 if (EVP_MD_CTX_type(mdc) == j)
558 break; 535 break;
559 else 536 else
560 btmp=btmp->next_bio; 537 btmp=BIO_next(btmp);
561 } 538 }
562 539
563 /* We now have the EVP_MD_CTX, lets do the 540 /* We now have the EVP_MD_CTX, lets do the
@@ -601,13 +578,13 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
601 x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL, 578 x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,
602 i2d_X509_ATTRIBUTE, 579 i2d_X509_ATTRIBUTE,
603 V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); 580 V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
604 pp=(unsigned char *)Malloc(x); 581 pp=(unsigned char *)OPENSSL_malloc(x);
605 p=pp; 582 p=pp;
606 i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p, 583 i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,
607 i2d_X509_ATTRIBUTE, 584 i2d_X509_ATTRIBUTE,
608 V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); 585 V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
609 EVP_SignUpdate(&ctx_tmp,pp,x); 586 EVP_SignUpdate(&ctx_tmp,pp,x);
610 Free(pp); 587 OPENSSL_free(pp);
611 pp=NULL; 588 pp=NULL;
612 } 589 }
613 590
@@ -650,7 +627,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
650 (unsigned char *)buf_mem->data,buf_mem->length); 627 (unsigned char *)buf_mem->data,buf_mem->length);
651#endif 628#endif
652 } 629 }
653 if (pp != NULL) Free(pp); 630 if (pp != NULL) OPENSSL_free(pp);
654 pp=NULL; 631 pp=NULL;
655 632
656 ret=1; 633 ret=1;
@@ -749,7 +726,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
749 } 726 }
750 if (EVP_MD_CTX_type(mdc) == md_type) 727 if (EVP_MD_CTX_type(mdc) == md_type)
751 break; 728 break;
752 btmp=btmp->next_bio; 729 btmp=BIO_next(btmp);
753 } 730 }
754 731
755 /* mdc is the digest ctx that we want, unless there are attributes, 732 /* mdc is the digest ctx that we want, unless there are attributes,
@@ -795,13 +772,13 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
795 */ 772 */
796 i=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,i2d_X509_ATTRIBUTE, 773 i=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,i2d_X509_ATTRIBUTE,
797 V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE); 774 V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
798 pp=Malloc(i); 775 pp=OPENSSL_malloc(i);
799 p=pp; 776 p=pp;
800 i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,i2d_X509_ATTRIBUTE, 777 i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,i2d_X509_ATTRIBUTE,
801 V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE); 778 V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
802 EVP_VerifyUpdate(&mdc_tmp,pp,i); 779 EVP_VerifyUpdate(&mdc_tmp,pp,i);
803 780
804 Free(pp); 781 OPENSSL_free(pp);
805 } 782 }
806 783
807 os=si->enc_digest; 784 os=si->enc_digest;
@@ -932,7 +909,7 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
932 909
933 if (*sk == NULL) 910 if (*sk == NULL)
934 { 911 {
935 *sk = sk_X509_ATTRIBUTE_new(NULL); 912 *sk = sk_X509_ATTRIBUTE_new_null();
936new_attrib: 913new_attrib:
937 attr=X509_ATTRIBUTE_create(nid,atrtype,value); 914 attr=X509_ATTRIBUTE_create(nid,atrtype,value);
938 sk_X509_ATTRIBUTE_push(*sk,attr); 915 sk_X509_ATTRIBUTE_push(*sk,attr);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-09 12:04:06 +0000