-/* $OpenBSD: p12_add.c,v 1.22 2023/02/16 08:38:17 tb Exp $ */
+/* $OpenBSD: p12_add.c,v 1.23 2024/01/25 13:44:08 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
STACK_OF(PKCS12_SAFEBAG) *
PKCS12_unpack_p7data(PKCS7 *p7)
{
+ ASN1_OCTET_STRING *aos;
+
if (!PKCS7_type_is_data(p7)) {
PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);
return NULL;
}
- return ASN1_item_unpack(p7->d.data, &PKCS12_SAFEBAGS_it);
+ if ((aos = PKCS7_get_octet_string(p7)) == NULL)
+ return NULL;
+ return ASN1_item_unpack(aos, &PKCS12_SAFEBAGS_it);
}
LCRYPTO_ALIAS(PKCS12_unpack_p7data);
STACK_OF(PKCS12_SAFEBAG) *
PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen)
{
+ PKCS7_ENC_CONTENT *content;
+
if (!PKCS7_type_is_encrypted(p7))
return NULL;
- return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
- &PKCS12_SAFEBAGS_it, pass, passlen,
- p7->d.encrypted->enc_data->enc_data, 1);
+ if (p7->d.encrypted == NULL)
+ return NULL;
+ if ((content = p7->d.encrypted->enc_data) == NULL)
+ return NULL;
+ return PKCS12_item_decrypt_d2i(content->algorithm, &PKCS12_SAFEBAGS_it,
+ pass, passlen, content->enc_data, 1);
}
LCRYPTO_ALIAS(PKCS12_unpack_p7encdata);
STACK_OF(PKCS7) *
PKCS12_unpack_authsafes(const PKCS12 *p12)
{
+ ASN1_OCTET_STRING *aos;
+
if (!PKCS7_type_is_data(p12->authsafes)) {
PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);
return NULL;
}
- return ASN1_item_unpack(p12->authsafes->d.data,
- &PKCS12_AUTHSAFES_it);
+ if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL)
+ return NULL;
+ return ASN1_item_unpack(aos, &PKCS12_AUTHSAFES_it);
}
LCRYPTO_ALIAS(PKCS12_unpack_authsafes);
-/* $OpenBSD: p12_mutl.c,v 1.35 2023/02/16 08:38:17 tb Exp $ */
+/* $OpenBSD: p12_mutl.c,v 1.36 2024/01/25 13:44:08 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
{
const EVP_MD *md_type;
HMAC_CTX *hmac = NULL;
+ ASN1_OCTET_STRING *aos;
unsigned char key[EVP_MAX_MD_SIZE], *salt;
int saltlen, iter;
int md_size;
PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);
goto err;
}
+ if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL) {
+ PKCS12error(PKCS12_R_DECODE_ERROR);
+ goto err;
+ }
salt = p12->mac->salt->data;
saltlen = p12->mac->salt->length;
goto err;
if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL))
goto err;
- if (!HMAC_Update(hmac, p12->authsafes->d.data->data,
- p12->authsafes->d.data->length))
+ if (!HMAC_Update(hmac, aos->data, aos->length))
goto err;
if (!HMAC_Final(hmac, mac, maclen))
goto err;
-/* $OpenBSD: pkcs12_local.h,v 1.3 2022/11/26 17:23:18 tb Exp $ */
+/* $OpenBSD: pkcs12_local.h,v 1.4 2024/01/25 13:44:08 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
} value;
};
+/* XXX - should go into pkcs7_local.h. */
+ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7);
+
__END_HIDDEN_DECLS
#endif /* !HEADER_PKCS12_LOCAL_H */
-/* $OpenBSD: pk7_doit.c,v 1.54 2023/11/15 00:55:43 tb Exp $ */
+/* $OpenBSD: pk7_doit.c,v 1.55 2024/01/25 13:44:08 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
}
-static ASN1_OCTET_STRING *
+ASN1_OCTET_STRING *
PKCS7_get_octet_string(PKCS7 *p7)
{
if (PKCS7_type_is_data(p7))
-/* $OpenBSD: pk7_mime.c,v 1.19 2023/05/02 09:56:12 tb Exp $ */
+/* $OpenBSD: pk7_mime.c,v 1.20 2024/01/25 13:44:08 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
STACK_OF(X509_ALGOR) *mdalgs = NULL;
int ctype_nid;
- if ((ctype_nid = OBJ_obj2nid(p7->type)) == NID_pkcs7_signed)
+ if ((ctype_nid = OBJ_obj2nid(p7->type)) == NID_pkcs7_signed) {
+ if (p7->d.sign == NULL)
+ return 0;
mdalgs = p7->d.sign->md_algs;
+ }
flags ^= SMIME_OLDMIME;
projects / openbsd / commitdiff