summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ts/ts_verify_ctx.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/ts/ts_verify_ctx.c')
-rw-r--r--src/lib/libcrypto/ts/ts_verify_ctx.c80
1 files changed, 44 insertions, 36 deletions
diff --git a/src/lib/libcrypto/ts/ts_verify_ctx.c b/src/lib/libcrypto/ts/ts_verify_ctx.c
index 629107aeec..3fc772678c 100644
--- a/src/lib/libcrypto/ts/ts_verify_ctx.c
+++ b/src/lib/libcrypto/ts/ts_verify_ctx.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -60,34 +60,40 @@
60#include <openssl/objects.h> 60#include <openssl/objects.h>
61#include <openssl/ts.h> 61#include <openssl/ts.h>
62 62
63TS_VERIFY_CTX *TS_VERIFY_CTX_new(void) 63TS_VERIFY_CTX *
64 { 64TS_VERIFY_CTX_new(void)
65 TS_VERIFY_CTX *ctx = 65{
66 (TS_VERIFY_CTX *) malloc(sizeof(TS_VERIFY_CTX)); 66 TS_VERIFY_CTX *ctx = (TS_VERIFY_CTX *) malloc(sizeof(TS_VERIFY_CTX));
67
67 if (ctx) 68 if (ctx)
68 memset(ctx, 0, sizeof(TS_VERIFY_CTX)); 69 memset(ctx, 0, sizeof(TS_VERIFY_CTX));
69 else 70 else
70 TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE); 71 TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE);
71 return ctx; 72 return ctx;
72 } 73}
73 74
74void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx) 75void
75 { 76TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
77{
76 OPENSSL_assert(ctx != NULL); 78 OPENSSL_assert(ctx != NULL);
77 memset(ctx, 0, sizeof(TS_VERIFY_CTX)); 79 memset(ctx, 0, sizeof(TS_VERIFY_CTX));
78 } 80}
79 81
80void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx) 82void
81 { 83TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx)
82 if (!ctx) return; 84{
85 if (!ctx)
86 return;
83 87
84 TS_VERIFY_CTX_cleanup(ctx); 88 TS_VERIFY_CTX_cleanup(ctx);
85 free(ctx); 89 free(ctx);
86 } 90}
87 91
88void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx) 92void
89 { 93TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
90 if (!ctx) return; 94{
95 if (!ctx)
96 return;
91 97
92 X509_STORE_free(ctx->store); 98 X509_STORE_free(ctx->store);
93 sk_X509_pop_free(ctx->certs, X509_free); 99 sk_X509_pop_free(ctx->certs, X509_free);
@@ -96,7 +102,7 @@ void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
96 102
97 X509_ALGOR_free(ctx->md_alg); 103 X509_ALGOR_free(ctx->md_alg);
98 free(ctx->imprint); 104 free(ctx->imprint);
99 105
100 BIO_free_all(ctx->data); 106 BIO_free_all(ctx->data);
101 107
102 ASN1_INTEGER_free(ctx->nonce); 108 ASN1_INTEGER_free(ctx->nonce);
@@ -104,10 +110,11 @@ void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
104 GENERAL_NAME_free(ctx->tsa_name); 110 GENERAL_NAME_free(ctx->tsa_name);
105 111
106 TS_VERIFY_CTX_init(ctx); 112 TS_VERIFY_CTX_init(ctx);
107 } 113}
108 114
109TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx) 115TS_VERIFY_CTX *
110 { 116TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
117{
111 TS_VERIFY_CTX *ret = ctx; 118 TS_VERIFY_CTX *ret = ctx;
112 ASN1_OBJECT *policy; 119 ASN1_OBJECT *policy;
113 TS_MSG_IMPRINT *imprint; 120 TS_MSG_IMPRINT *imprint;
@@ -118,42 +125,43 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
118 OPENSSL_assert(req != NULL); 125 OPENSSL_assert(req != NULL);
119 if (ret) 126 if (ret)
120 TS_VERIFY_CTX_cleanup(ret); 127 TS_VERIFY_CTX_cleanup(ret);
121 else 128 else if (!(ret = TS_VERIFY_CTX_new()))
122 if (!(ret = TS_VERIFY_CTX_new())) return NULL; 129 return NULL;
123 130
124 /* Setting flags. */ 131 /* Setting flags. */
125 ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE); 132 ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE);
126 133
127 /* Setting policy. */ 134 /* Setting policy. */
128 if ((policy = TS_REQ_get_policy_id(req)) != NULL) 135 if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
129 { 136 if (!(ret->policy = OBJ_dup(policy)))
130 if (!(ret->policy = OBJ_dup(policy))) goto err; 137 goto err;
131 } 138 } else
132 else
133 ret->flags &= ~TS_VFY_POLICY; 139 ret->flags &= ~TS_VFY_POLICY;
134 140
135 /* Setting md_alg, imprint and imprint_len. */ 141 /* Setting md_alg, imprint and imprint_len. */
136 imprint = TS_REQ_get_msg_imprint(req); 142 imprint = TS_REQ_get_msg_imprint(req);
137 md_alg = TS_MSG_IMPRINT_get_algo(imprint); 143 md_alg = TS_MSG_IMPRINT_get_algo(imprint);
138 if (!(ret->md_alg = X509_ALGOR_dup(md_alg))) goto err; 144 if (!(ret->md_alg = X509_ALGOR_dup(md_alg)))
145 goto err;
139 msg = TS_MSG_IMPRINT_get_msg(imprint); 146 msg = TS_MSG_IMPRINT_get_msg(imprint);
140 ret->imprint_len = ASN1_STRING_length(msg); 147 ret->imprint_len = ASN1_STRING_length(msg);
141 if (!(ret->imprint = malloc(ret->imprint_len))) goto err; 148 if (!(ret->imprint = malloc(ret->imprint_len)))
149 goto err;
142 memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len); 150 memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
143 151
144 /* Setting nonce. */ 152 /* Setting nonce. */
145 if ((nonce = TS_REQ_get_nonce(req)) != NULL) 153 if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
146 { 154 if (!(ret->nonce = ASN1_INTEGER_dup(nonce)))
147 if (!(ret->nonce = ASN1_INTEGER_dup(nonce))) goto err; 155 goto err;
148 } 156 } else
149 else
150 ret->flags &= ~TS_VFY_NONCE; 157 ret->flags &= ~TS_VFY_NONCE;
151 158
152 return ret; 159 return ret;
153 err: 160
161err:
154 if (ctx) 162 if (ctx)
155 TS_VERIFY_CTX_cleanup(ctx); 163 TS_VERIFY_CTX_cleanup(ctx);
156 else 164 else
157 TS_VERIFY_CTX_free(ret); 165 TS_VERIFY_CTX_free(ret);
158 return NULL; 166 return NULL;
159 } 167}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 20:25:59 +0000