1 files changed, 26 insertions, 32 deletions
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
index 190ca0e9bf..35c7dcd0b3 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
@@ -91,17 +91,19 @@ static int PKCS7_type_is_other(PKCS7* p7)
        }
-static int PKCS7_type_is_octet_string(PKCS7* p7)
+static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
        {
-        if ( 0==PKCS7_type_is_other(p7) )
+        if ( PKCS7_type_is_data(p7))
-                return 0;
+                return p7->d.data;
+        if ( PKCS7_type_is_other(p7) && p7->d.other
-        return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0;
+                && (p7->d.other->type == V_ASN1_OCTET_STRING))
+                return p7->d.other->value.octet_string;
+        return NULL;
        }
 BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
        {
-        int i,j;
+        int i;
        BIO *out=NULL,*btmp=NULL;
        X509_ALGOR *xa;
        const EVP_MD *evp_md;
@@ -159,8 +161,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
                                goto err;
                                }
-                        j=OBJ_obj2nid(xa->algorithm);
+                        evp_md=EVP_get_digestbyobj(xa->algorithm);
-                        evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
                        if (evp_md == NULL)
                                {
                                PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@@ -250,29 +251,22 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
                btmp=NULL;
                }
-        if (bio == NULL) {
+        if (bio == NULL)
+                {
                if (PKCS7_is_detached(p7))
                        bio=BIO_new(BIO_s_null());
-                else {
+                else
-                        if (PKCS7_type_is_signed(p7) ) { 
+                        {
-                                if ( PKCS7_type_is_data(p7->d.sign->contents)) {
+                        ASN1_OCTET_STRING *os;
-                                        ASN1_OCTET_STRING *os;
+                        os = PKCS7_get_octet_string(p7->d.sign->contents);
-                                        os=p7->d.sign->contents->d.data;
+                        if (os && os->length > 0)
-                                        if (os->length > 0)
+                                bio = BIO_new_mem_buf(os->data, os->length);
-                                                bio = BIO_new_mem_buf(os->data, os->length);
+                        if(bio == NULL)
-                                }
+                                {
-                                else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
-                                        ASN1_OCTET_STRING *os;
-                                        os=p7->d.sign->contents->d.other->value.octet_string;
-                                        if (os->length > 0)
-                                                bio = BIO_new_mem_buf(os->data, os->length);
-                                }
-                        }
-                        if(bio == NULL) {
                                bio=BIO_new(BIO_s_mem());
                                BIO_set_mem_eof_return(bio,0);
+                                }
                        }
-                }
        }
        BIO_push(out,bio);
        bio=NULL;
@@ -311,7 +305,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
        switch (i)
                {
        case NID_pkcs7_signed:
-                data_body=p7->d.sign->contents->d.data;
+                data_body=PKCS7_get_octet_string(p7->d.sign->contents);
                md_sk=p7->d.sign->md_algs;
                break;
        case NID_pkcs7_signedAndEnveloped:
@@ -319,7 +313,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                md_sk=p7->d.signed_and_enveloped->md_algs;
                data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
                enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
-                evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
+                evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
                if (evp_cipher == NULL)
                        {
                        PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -331,7 +325,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                rsk=p7->d.enveloped->recipientinfo;
                enc_alg=p7->d.enveloped->enc_data->algorithm;
                data_body=p7->d.enveloped->enc_data->enc_data;
-                evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
+                evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
                if (evp_cipher == NULL)
                        {
                        PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -357,7 +351,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                                }
                        j=OBJ_obj2nid(xa->algorithm);
-                        evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
+                        evp_md=EVP_get_digestbynid(j);
                        if (evp_md == NULL)
                                {
                                PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@@ -531,9 +525,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                break;
        case NID_pkcs7_signed:
                si_sk=p7->d.sign->signer_info;
-                os=p7->d.sign->contents->d.data;
+                os=PKCS7_get_octet_string(p7->d.sign->contents);
                /* If detached data then the content is excluded */
-                if(p7->detached) {
+                if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
                        M_ASN1_OCTET_STRING_free(os);
                        p7->d.sign->contents->d.data = NULL;
                }

diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c index 190ca0e9bf..35c7dcd0b3 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
@@ -91,17 +91,19 @@ static int PKCS7_type_is_other(PKCS7* p7)
91		91
92	}	92	}
93		93
94	static int PKCS7_type_is_octet_string(PKCS7* p7)	94	static ASN1_OCTET_STRING PKCS7_get_octet_string(PKCS7 p7)
95	{	95	{
96	if ( 0==PKCS7_type_is_other(p7) )	96	if ( PKCS7_type_is_data(p7))
97	return 0;	97	return p7->d.data;
98		98	if ( PKCS7_type_is_other(p7) && p7->d.other
99	return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0;	99	&& (p7->d.other->type == V_ASN1_OCTET_STRING))
		100	return p7->d.other->value.octet_string;
		101	return NULL;
100	}	102	}
101		103
102	BIO PKCS7_dataInit(PKCS7 p7, BIO *bio)	104	BIO PKCS7_dataInit(PKCS7 p7, BIO *bio)
103	{	105	{
104	int i,j;	106	int i;
105	BIO out=NULL,btmp=NULL;	107	BIO out=NULL,btmp=NULL;
106	X509_ALGOR *xa;	108	X509_ALGOR *xa;
107	const EVP_MD *evp_md;	109	const EVP_MD *evp_md;
@@ -159,8 +161,7 @@ BIO PKCS7_dataInit(PKCS7 p7, BIO *bio)
159	goto err;	161	goto err;
160	}	162	}
161		163
162	j=OBJ_obj2nid(xa->algorithm);	164	evp_md=EVP_get_digestbyobj(xa->algorithm);
163	evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
164	if (evp_md == NULL)	165	if (evp_md == NULL)
165	{	166	{
166	PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);	167	PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@@ -250,29 +251,22 @@ BIO PKCS7_dataInit(PKCS7 p7, BIO *bio)
250	btmp=NULL;	251	btmp=NULL;
251	}	252	}
252		253
253	if (bio == NULL) {	254	if (bio == NULL)
		255	{
254	if (PKCS7_is_detached(p7))	256	if (PKCS7_is_detached(p7))
255	bio=BIO_new(BIO_s_null());	257	bio=BIO_new(BIO_s_null());
256	else {	258	else
257	if (PKCS7_type_is_signed(p7) ) {	259	{
258	if ( PKCS7_type_is_data(p7->d.sign->contents)) {	260	ASN1_OCTET_STRING *os;
259	ASN1_OCTET_STRING *os;	261	os = PKCS7_get_octet_string(p7->d.sign->contents);
260	os=p7->d.sign->contents->d.data;	262	if (os && os->length > 0)
261	if (os->length > 0)	263	bio = BIO_new_mem_buf(os->data, os->length);
262	bio = BIO_new_mem_buf(os->data, os->length);	264	if(bio == NULL)
263	}	265	{
264	else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
265	ASN1_OCTET_STRING *os;
266	os=p7->d.sign->contents->d.other->value.octet_string;
267	if (os->length > 0)
268	bio = BIO_new_mem_buf(os->data, os->length);
269	}
270	}
271	if(bio == NULL) {
272	bio=BIO_new(BIO_s_mem());	266	bio=BIO_new(BIO_s_mem());
273	BIO_set_mem_eof_return(bio,0);	267	BIO_set_mem_eof_return(bio,0);
		268	}
274	}	269	}
275	}
276	}	270	}
277	BIO_push(out,bio);	271	BIO_push(out,bio);
278	bio=NULL;	272	bio=NULL;
@@ -311,7 +305,7 @@ BIO PKCS7_dataDecode(PKCS7 p7, EVP_PKEY pkey, BIO in_bio, X509 *pcert)
311	switch (i)	305	switch (i)
312	{	306	{
313	case NID_pkcs7_signed:	307	case NID_pkcs7_signed:
314	data_body=p7->d.sign->contents->d.data;	308	data_body=PKCS7_get_octet_string(p7->d.sign->contents);
315	md_sk=p7->d.sign->md_algs;	309	md_sk=p7->d.sign->md_algs;
316	break;	310	break;
317	case NID_pkcs7_signedAndEnveloped:	311	case NID_pkcs7_signedAndEnveloped:
@@ -319,7 +313,7 @@ BIO PKCS7_dataDecode(PKCS7 p7, EVP_PKEY pkey, BIO in_bio, X509 *pcert)
319	md_sk=p7->d.signed_and_enveloped->md_algs;	313	md_sk=p7->d.signed_and_enveloped->md_algs;
320	data_body=p7->d.signed_and_enveloped->enc_data->enc_data;	314	data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
321	enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;	315	enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
322	evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));	316	evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
323	if (evp_cipher == NULL)	317	if (evp_cipher == NULL)
324	{	318	{
325	PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);	319	PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -331,7 +325,7 @@ BIO PKCS7_dataDecode(PKCS7 p7, EVP_PKEY pkey, BIO in_bio, X509 *pcert)
331	rsk=p7->d.enveloped->recipientinfo;	325	rsk=p7->d.enveloped->recipientinfo;
332	enc_alg=p7->d.enveloped->enc_data->algorithm;	326	enc_alg=p7->d.enveloped->enc_data->algorithm;
333	data_body=p7->d.enveloped->enc_data->enc_data;	327	data_body=p7->d.enveloped->enc_data->enc_data;
334	evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));	328	evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
335	if (evp_cipher == NULL)	329	if (evp_cipher == NULL)
336	{	330	{
337	PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);	331	PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -357,7 +351,7 @@ BIO PKCS7_dataDecode(PKCS7 p7, EVP_PKEY pkey, BIO in_bio, X509 *pcert)
357	}	351	}
358		352
359	j=OBJ_obj2nid(xa->algorithm);	353	j=OBJ_obj2nid(xa->algorithm);
360	evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));	354	evp_md=EVP_get_digestbynid(j);
361	if (evp_md == NULL)	355	if (evp_md == NULL)
362	{	356	{
363	PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);	357	PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@@ -531,9 +525,9 @@ int PKCS7_dataFinal(PKCS7 p7, BIO bio)
531	break;	525	break;
532	case NID_pkcs7_signed:	526	case NID_pkcs7_signed:
533	si_sk=p7->d.sign->signer_info;	527	si_sk=p7->d.sign->signer_info;
534	os=p7->d.sign->contents->d.data;	528	os=PKCS7_get_octet_string(p7->d.sign->contents);
535	/* If detached data then the content is excluded */	529	/* If detached data then the content is excluded */
536	if(p7->detached) {	530	if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
537	M_ASN1_OCTET_STRING_free(os);	531	M_ASN1_OCTET_STRING_free(os);
538	p7->d.sign->contents->d.data = NULL;	532	p7->d.sign->contents->d.data = NULL;
539	}	533	}