diff options
Diffstat (limited to '')
| -rw-r--r-- | freebsd/crypto/openssl/crypto/pkcs7/pk7_lib.c | 164 |
1 files changed, 53 insertions, 111 deletions
diff --git a/freebsd/crypto/openssl/crypto/pkcs7/pk7_lib.c b/freebsd/crypto/openssl/crypto/pkcs7/pk7_lib.c index 03cab944..351e1eb1 100644 --- a/freebsd/crypto/openssl/crypto/pkcs7/pk7_lib.c +++ b/freebsd/crypto/openssl/crypto/pkcs7/pk7_lib.c @@ -1,68 +1,20 @@ #include <machine/rtems-bsd-user-space.h> -/* crypto/pkcs7/pk7_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/objects.h> #include <openssl/x509.h> -#include "asn1_locl.h" +#include "internal/asn1_int.h" +#include "internal/evp_int.h" long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) { @@ -107,7 +59,7 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) PKCS7err(PKCS7_F_PKCS7_CTRL, PKCS7_R_UNKNOWN_OPERATION); ret = 0; } - return (ret); + return ret; } int PKCS7_content_new(PKCS7 *p7, int type) @@ -121,11 +73,10 @@ int PKCS7_content_new(PKCS7 *p7, int type) if (!PKCS7_set_content(p7, ret)) goto err; - return (1); + return 1; err: - if (ret != NULL) - PKCS7_free(ret); - return (0); + PKCS7_free(ret); + return 0; } int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) @@ -135,13 +86,11 @@ int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) i = OBJ_obj2nid(p7->type); switch (i) { case NID_pkcs7_signed: - if (p7->d.sign->contents != NULL) - PKCS7_free(p7->d.sign->contents); + PKCS7_free(p7->d.sign->contents); p7->d.sign->contents = p7_data; break; case NID_pkcs7_digest: - if (p7->d.digest->contents != NULL) - PKCS7_free(p7->d.digest->contents); + PKCS7_free(p7->d.digest->contents); p7->d.digest->contents = p7_data; break; case NID_pkcs7_data: @@ -152,9 +101,9 @@ int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) PKCS7err(PKCS7_F_PKCS7_SET_CONTENT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE); goto err; } - return (1); + return 1; err: - return (0); + return 0; } int PKCS7_set_type(PKCS7 *p7, int type) @@ -179,7 +128,7 @@ int PKCS7_set_type(PKCS7 *p7, int type) break; case NID_pkcs7_data: p7->type = obj; - if ((p7->d.data = M_ASN1_OCTET_STRING_new()) == NULL) + if ((p7->d.data = ASN1_OCTET_STRING_new()) == NULL) goto err; break; case NID_pkcs7_signedAndEnveloped: @@ -187,7 +136,6 @@ int PKCS7_set_type(PKCS7 *p7, int type) if ((p7->d.signed_and_enveloped = PKCS7_SIGN_ENVELOPE_new()) == NULL) goto err; - ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1); if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1)) goto err; p7->d.signed_and_enveloped->enc_data->content_type @@ -224,9 +172,9 @@ int PKCS7_set_type(PKCS7 *p7, int type) PKCS7err(PKCS7_F_PKCS7_SET_TYPE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE); goto err; } - return (1); + return 1; err: - return (0); + return 0; } int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other) @@ -255,7 +203,7 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) break; default: PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, PKCS7_R_WRONG_CONTENT_TYPE); - return (0); + return 0; } nid = OBJ_obj2nid(psi->digest_alg->algorithm); @@ -270,11 +218,11 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) } } if (!j) { /* we need to add another algorithm */ - if (!(alg = X509_ALGOR_new()) - || !(alg->parameter = ASN1_TYPE_new())) { + if ((alg = X509_ALGOR_new()) == NULL + || (alg->parameter = ASN1_TYPE_new()) == NULL) { X509_ALGOR_free(alg); PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, ERR_R_MALLOC_FAILURE); - return (0); + return 0; } alg->algorithm = OBJ_nid2obj(nid); alg->parameter->type = V_ASN1_NULL; @@ -286,7 +234,7 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) if (!sk_PKCS7_SIGNER_INFO_push(signer_sk, psi)) return 0; - return (1); + return 1; } int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) @@ -304,7 +252,7 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) break; default: PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, PKCS7_R_WRONG_CONTENT_TYPE); - return (0); + return 0; } if (*sk == NULL) @@ -313,12 +261,12 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE); return 0; } - CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); + X509_up_ref(x509); if (!sk_X509_push(*sk, x509)) { X509_free(x509); return 0; } - return (1); + return 1; } int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) @@ -336,7 +284,7 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) break; default: PKCS7err(PKCS7_F_PKCS7_ADD_CRL, PKCS7_R_WRONG_CONTENT_TYPE); - return (0); + return 0; } if (*sk == NULL) @@ -346,12 +294,12 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) return 0; } - CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL); + X509_CRL_up_ref(crl); if (!sk_X509_CRL_push(*sk, crl)) { X509_CRL_free(crl); return 0; } - return (1); + return 1; } int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, @@ -370,13 +318,13 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, * because ASN1_INTEGER_set is used to set a 'long' we will do things the * ugly way. */ - M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); + ASN1_INTEGER_free(p7i->issuer_and_serial->serial); if (!(p7i->issuer_and_serial->serial = - M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) + ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) goto err; /* lets keep the pkey around for a while */ - CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + EVP_PKEY_up_ref(pkey); p7i->pkey = pkey; /* Set the algorithms */ @@ -422,17 +370,16 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, goto err; if (!PKCS7_add_signer(p7, si)) goto err; - return (si); + return si; err: - if (si) - PKCS7_SIGNER_INFO_free(si); - return (NULL); + PKCS7_SIGNER_INFO_free(si); + return NULL; } int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) { if (PKCS7_type_is_digest(p7)) { - if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) { + if ((p7->d.digest->md->parameter = ASN1_TYPE_new()) == NULL) { PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, ERR_R_MALLOC_FAILURE); return 0; } @@ -450,11 +397,11 @@ STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) if (p7 == NULL || p7->d.ptr == NULL) return NULL; if (PKCS7_type_is_signed(p7)) { - return (p7->d.sign->signer_info); + return p7->d.sign->signer_info; } else if (PKCS7_type_is_signedAndEnveloped(p7)) { - return (p7->d.signed_and_enveloped->signer_info); + return p7->d.signed_and_enveloped->signer_info; } else - return (NULL); + return NULL; } void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, @@ -486,8 +433,7 @@ PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) goto err; return ri; err: - if (ri) - PKCS7_RECIP_INFO_free(ri); + PKCS7_RECIP_INFO_free(ri); return NULL; } @@ -507,12 +453,12 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) default: PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO, PKCS7_R_WRONG_CONTENT_TYPE); - return (0); + return 0; } if (!sk_PKCS7_RECIP_INFO_push(sk, ri)) return 0; - return (1); + return 1; } int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) @@ -525,12 +471,12 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) X509_get_issuer_name(x509))) return 0; - M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); + ASN1_INTEGER_free(p7i->issuer_and_serial->serial); if (!(p7i->issuer_and_serial->serial = - M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) + ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) return 0; - pkey = X509_get_pubkey(x509); + pkey = X509_get0_pubkey(x509); if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) { PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, @@ -550,16 +496,12 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) goto err; } - EVP_PKEY_free(pkey); - - CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); + X509_up_ref(x509); p7i->cert = x509; return 1; err: - if (pkey) - EVP_PKEY_free(pkey); return 0; } @@ -571,7 +513,7 @@ X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) si-> issuer_and_serial->serial)); else - return (NULL); + return NULL; } int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) @@ -589,7 +531,7 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) break; default: PKCS7err(PKCS7_F_PKCS7_SET_CIPHER, PKCS7_R_WRONG_CONTENT_TYPE); - return (0); + return 0; } /* Check cipher OID exists and has data in it */ @@ -597,7 +539,7 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) if (i == NID_undef) { PKCS7err(PKCS7_F_PKCS7_SET_CIPHER, PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); - return (0); + return 0; } ec->cipher = cipher; @@ -616,7 +558,7 @@ int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) case NID_pkcs7_signedAndEnveloped: os = p7->d.signed_and_enveloped->enc_data->enc_data; if (os == NULL) { - os = M_ASN1_OCTET_STRING_new(); + os = ASN1_OCTET_STRING_new(); p7->d.signed_and_enveloped->enc_data->enc_data = os; } break; @@ -624,7 +566,7 @@ int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) case NID_pkcs7_enveloped: os = p7->d.enveloped->enc_data->enc_data; if (os == NULL) { - os = M_ASN1_OCTET_STRING_new(); + os = ASN1_OCTET_STRING_new(); p7->d.enveloped->enc_data->enc_data = os; } break; |