-/* $OpenBSD: p12_kiss.c,v 1.22 2022/05/20 08:00:05 tb Exp $ */
+/* $OpenBSD: p12_kiss.c,v 1.23 2022/07/24 18:51:16 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
{
STACK_OF(X509) *ocerts = NULL;
X509 *x = NULL;
- /* Check for NULL PKCS12 structure */
- if (!p12) {
- PKCS12error(PKCS12_R_INVALID_NULL_PKCS12_POINTER);
- return 0;
- }
-
- if (pkey)
+ if (pkey != NULL)
*pkey = NULL;
- if (cert)
+ if (cert != NULL)
*cert = NULL;
+ if (p12 == NULL) {
+ PKCS12error(PKCS12_R_INVALID_NULL_PKCS12_POINTER);
+ goto err;
+ }
+
/* Check the mac */
/* If password is zero length or NULL then try verifying both cases
* password are two different things...
*/
- if (!pass || !*pass) {
+ if (pass == NULL || *pass == '\0') {
if (PKCS12_verify_mac(p12, NULL, 0))
pass = NULL;
else if (PKCS12_verify_mac(p12, "", 0))
}
/* Allocate stack for other certificates */
- ocerts = sk_X509_new_null();
- if (!ocerts) {
+ if ((ocerts = sk_X509_new_null()) == NULL) {
PKCS12error(ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;
}
if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
goto err;
}
- while ((x = sk_X509_pop(ocerts))) {
- if (pkey && *pkey && cert && !*cert) {
+ while ((x = sk_X509_pop(ocerts)) != NULL) {
+ if (pkey != NULL && *pkey != NULL &&
+ cert != NULL && *cert == NULL) {
ERR_set_mark();
if (X509_check_private_key(x, *pkey)) {
*cert = x;
ERR_pop_to_mark();
}
- if (ca && x) {
- if (!*ca)
+ if (ca != NULL && x != NULL) {
+ if (*ca == NULL)
*ca = sk_X509_new_null();
- if (!*ca)
+ if (*ca == NULL)
goto err;
if (!sk_X509_push(*ca, x))
goto err;
x = NULL;
}
X509_free(x);
+ x = NULL;
}
- if (ocerts)
- sk_X509_pop_free(ocerts, X509_free);
+ sk_X509_pop_free(ocerts, X509_free);
return 1;
err:
- if (pkey && *pkey)
+ if (pkey != NULL)
EVP_PKEY_free(*pkey);
- if (cert)
+ if (cert != NULL)
X509_free(*cert);
X509_free(x);
- if (ocerts)
- sk_X509_pop_free(ocerts, X509_free);
+ sk_X509_pop_free(ocerts, X509_free);
+
return 0;
}
projects / openbsd / commitdiff