Skip to content

Commit 1eb1ed9

Browse files
WillChilds-KleinWillChilds-Klein
committed
Address PR feedback
1 parent 2110627 commit 1eb1ed9

File tree

3 files changed

+26
-32
lines changed

3 files changed

+26
-32
lines changed

crypto/pkcs7/pkcs7.c

Lines changed: 18 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -196,9 +196,7 @@ int pkcs7_add_signed_data(CBB *out,
196196
}
197197

198198
int PKCS7_set_type(PKCS7 *p7, int type) {
199-
ASN1_OBJECT *obj;
200-
201-
obj = OBJ_nid2obj(type);
199+
ASN1_OBJECT *obj = OBJ_nid2obj(type);
202200
if (obj == NULL) {
203201
OPENSSL_PUT_ERROR(PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
204202
return 0;
@@ -276,11 +274,8 @@ int PKCS7_set_type(PKCS7 *p7, int type) {
276274

277275
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
278276
{
279-
int i;
280277
PKCS7_ENC_CONTENT *ec;
281-
282-
i = OBJ_obj2nid(p7->type);
283-
switch (i) {
278+
switch (OBJ_obj2nid(p7->type)) {
284279
case NID_pkcs7_signedAndEnveloped:
285280
ec = p7->d.signed_and_enveloped->enc_data;
286281
break;
@@ -304,8 +299,7 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
304299

305300
int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
306301
{
307-
int i = OBJ_obj2nid(p7->type);
308-
switch (i) {
302+
switch (OBJ_obj2nid(p7->type)) {
309303
case NID_pkcs7_signed:
310304
PKCS7_free(p7->d.sign->contents);
311305
p7->d.sign->contents = p7_data;
@@ -344,11 +338,8 @@ int PKCS7_content_new(PKCS7 *p7, int type)
344338
}
345339

346340
int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) {
347-
int i;
348341
STACK_OF(PKCS7_RECIP_INFO) *sk;
349-
350-
i = OBJ_obj2nid(p7->type);
351-
switch (i) {
342+
switch (OBJ_obj2nid(p7->type)) {
352343
case NID_pkcs7_signedAndEnveloped:
353344
sk = p7->d.signed_and_enveloped->recipientinfo;
354345
break;
@@ -360,8 +351,9 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) {
360351
return 0;
361352
}
362353

363-
if (!sk_PKCS7_RECIP_INFO_push(sk, ri))
354+
if (!sk_PKCS7_RECIP_INFO_push(sk, ri)) {
364355
return 0;
356+
}
365357
return 1;
366358
}
367359

@@ -397,8 +389,6 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i) {
397389
}
398390
}
399391
if (!alg_found) {
400-
int nid;
401-
402392
if ((alg = X509_ALGOR_new()) == NULL
403393
|| (alg->parameter = ASN1_TYPE_new()) == NULL) {
404394
X509_ALGOR_free(alg);
@@ -409,7 +399,7 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i) {
409399
* If there is a constant copy of the ASN1 OBJECT in libcrypto, then
410400
* use that. Otherwise, use a dynamically duplicated copy
411401
*/
412-
nid = OBJ_obj2nid(obj);
402+
int nid = OBJ_obj2nid(obj);
413403
if (nid != NID_undef) {
414404
alg->algorithm = OBJ_nid2obj(nid);
415405
} else {
@@ -430,6 +420,7 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i) {
430420

431421
ASN1_TYPE *PKCS7_get_signed_attribute(const PKCS7_SIGNER_INFO *si, int nid) {
432422
if (si == NULL) {
423+
OPENSSL_PUT_ERROR(PKCS7, ERR_R_PASSED_NULL_PARAMETER);
433424
return NULL;
434425
}
435426
for (size_t i = 0; i < sk_X509_ATTRIBUTE_num(si->auth_attr); i++) {
@@ -444,6 +435,7 @@ ASN1_TYPE *PKCS7_get_signed_attribute(const PKCS7_SIGNER_INFO *si, int nid) {
444435

445436
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) {
446437
if (p7 == NULL || p7->d.ptr == NULL) {
438+
OPENSSL_PUT_ERROR(PKCS7, ERR_R_PASSED_NULL_PARAMETER);
447439
return NULL;
448440
} else if (PKCS7_type_is_signed(p7)) {
449441
return p7->d.sign->signer_info;
@@ -457,6 +449,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
457449
const EVP_MD *dgst) {
458450
/* We now need to add another PKCS7_SIGNER_INFO entry */
459451
if (!p7i || !dgst || !pkey || !dgst) {
452+
OPENSSL_PUT_ERROR(PKCS7, ERR_R_PASSED_NULL_PARAMETER);
460453
return 0;
461454
} else if (!ASN1_INTEGER_set(p7i->version, 1)) {
462455
return 0;
@@ -518,9 +511,9 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
518511

519512
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) {
520513
if (!p7i || !x509) {
514+
OPENSSL_PUT_ERROR(PKCS7, ERR_R_PASSED_NULL_PARAMETER);
521515
return 0;
522516
}
523-
EVP_PKEY *pkey = NULL;
524517
if (!ASN1_INTEGER_set(p7i->version, 0)) {
525518
return 0;
526519
} else if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
@@ -534,7 +527,7 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) {
534527
return 0;
535528
}
536529

537-
pkey = X509_get0_pubkey(x509);
530+
EVP_PKEY *pkey = X509_get0_pubkey(x509);
538531
if (pkey == NULL) {
539532
return 0;
540533
}
@@ -559,6 +552,9 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) {
559552
void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
560553
X509_ALGOR **pdig, X509_ALGOR **psig)
561554
{
555+
if (!si) {
556+
return;
557+
}
562558
if (pk) {
563559
*pk = si->pkey;
564560
}
@@ -572,6 +568,9 @@ void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
572568

573569
void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc)
574570
{
571+
if (!ri) {
572+
return;
573+
}
575574
if (penc) {
576575
*penc = ri->key_enc_algor;
577576
}

crypto/pkcs7/pkcs7_x509.c

Lines changed: 3 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -238,6 +238,7 @@ int PKCS7_bundle_CRLs(CBB *out, const STACK_OF(X509_CRL) *crls) {
238238

239239
PKCS7 *d2i_PKCS7_bio(BIO *bio, PKCS7 **out) {
240240
if (out == NULL) {
241+
OPENSSL_PUT_ERROR(PKCS7, ERR_R_PASSED_NULL_PARAMETER);
241242
return NULL;
242243
}
243244

@@ -431,11 +432,8 @@ PKCS7 *PKCS7_sign(X509 *sign_cert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
431432

432433
int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
433434
{
434-
int i;
435435
STACK_OF(X509) **sk;
436-
437-
i = OBJ_obj2nid(p7->type);
438-
switch (i) {
436+
switch (OBJ_obj2nid(p7->type)) {
439437
case NID_pkcs7_signed:
440438
sk = &(p7->d.sign->cert);
441439
break;
@@ -466,11 +464,8 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
466464

467465
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
468466
{
469-
int i;
470467
STACK_OF(X509_CRL) **sk;
471-
472-
i = OBJ_obj2nid(p7->type);
473-
switch (i) {
468+
switch (OBJ_obj2nid(p7->type)) {
474469
case NID_pkcs7_signed:
475470
sk = &(p7->d.sign->crl);
476471
break;

include/openssl/pkcs7.h

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -199,8 +199,8 @@ OPENSSL_EXPORT int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
199199

200200
// PKCS7_SIGNER_INFO_set attaches the other parameters to |p7i|, returning 1 on
201201
// success and 0 on error or if specified parameters are inapplicable to
202-
// signing. Only EC, DH, and RSA |pkey|s are supported. |pkey|'s reference
203-
// count is incremented, but neither |x509|'s nor |dgst|'s is.
202+
// signing. Only EC, DH, and RSA |pkey|s are supported. |pkey| is assigned to
203+
// |p7i| and its reference count is incremented.
204204
OPENSSL_EXPORT int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509,
205205
EVP_PKEY *pkey, const EVP_MD *dgst);
206206

@@ -230,9 +230,9 @@ OPENSSL_EXPORT int PKCS7_content_new(PKCS7 *p7, int nid);
230230
// returns 1 on success and 0 on failure.
231231
OPENSSL_EXPORT int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
232232

233-
// PKCS7_set_content sets |p7_data| as content on |p7| for applicaple types of
234-
// |p7|. It frees any existing content on |p7|, returning 1 on success and 0 on
235-
// failure.
233+
// PKCS7_set_content sets |p7_data| as content on |p7| for applicable types of
234+
// |p7|: signedData and digestData. It frees any existing content on |p7|,
235+
// returning 1 on success and 0 on failure.
236236
OPENSSL_EXPORT int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
237237

238238
// PKCS7_set_type instantiates |p7| as type |type|. It returns 1 on success and

0 commit comments

Comments
 (0)