CMS ESS: Move four internal aux function to where they belong in crypto/cms

Also constify and slightly refactor them. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14601)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2021-03-16 16:41:52 +0100
committer: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2021-04-28 14:10:47 +0200
commit: 4189dc3782c5989dbaa7d247e41a96a25b27c940 (patch)
tree: 1da5209296b9f40a026fbdefc4ab906b52a552dd /crypto/cms
parent: 176a9a682a22d556037b0a959911e6020c8d2ecd (diff)
2 files changed, 104 insertions, 66 deletions
diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c
index fd9903eee8..d029b75b69 100644
--- a/crypto/cms/cms_ess.c
+++ b/crypto/cms/cms_ess.c
@@ -16,7 +16,6 @@
 #include <openssl/cms.h>
 #include <openssl/ess.h>
 #include "crypto/ess.h"
-#include "crypto/cms.h"
 #include "crypto/x509.h"
 #include "cms_local.h"
 
@@ -46,6 +45,60 @@ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
     return 1;
 }
 
+/*
+ * Returns 0 if attribute is not found, 1 if found,
+ * or -1 on attribute parsing failure.
+ */
+static int ossl_cms_signerinfo_get_signing_cert(const CMS_SignerInfo *si,
+                                                ESS_SIGNING_CERT **psc)
+{
+    ASN1_STRING *str;
+    ESS_SIGNING_CERT *sc;
+    ASN1_OBJECT *obj = OBJ_nid2obj(NID_id_smime_aa_signingCertificate);
+
+    if (psc != NULL)
+        *psc = NULL;
+    str = CMS_signed_get0_data_by_OBJ(si, obj, -3, V_ASN1_SEQUENCE);
+    if (str == NULL)
+        return 0;
+
+    sc = ASN1_item_unpack(str, ASN1_ITEM_rptr(ESS_SIGNING_CERT));
+    if (sc == NULL)
+        return -1;
+    if (psc != NULL)
+        *psc = sc;
+    else
+        ESS_SIGNING_CERT_free(sc);
+    return 1;
+}
+
+/*
+ * Returns 0 if attribute is not found, 1 if found,
+ * or -1 on attribute parsing failure.
+ */
+static int ossl_cms_signerinfo_get_signing_cert_v2(const CMS_SignerInfo *si,
+                                                   ESS_SIGNING_CERT_V2 **psc)
+{
+    ASN1_STRING *str;
+    ESS_SIGNING_CERT_V2 *sc;
+    ASN1_OBJECT *obj = OBJ_nid2obj(NID_id_smime_aa_signingCertificateV2);
+
+    if (psc != NULL)
+        *psc = NULL;
+    str = CMS_signed_get0_data_by_OBJ(si, obj, -3, V_ASN1_SEQUENCE);
+    if (str == NULL)
+        return 0;
+
+    sc = ASN1_item_unpack(str, ASN1_ITEM_rptr(ESS_SIGNING_CERT_V2));
+    if (sc == NULL)
+        return -1;
+    if (psc != NULL)
+        *psc = sc;
+    else
+        ESS_SIGNING_CERT_V2_free(sc);
+    return 1;
+}
+
 int ossl_cms_check_signing_certs(const CMS_SignerInfo *si,
                                  const STACK_OF(X509) *chain)
 {
@@ -361,67 +414,3 @@ ASN1_OCTET_STRING *ossl_cms_encode_Receipt(CMS_SignerInfo *si)
     CMS_ReceiptRequest_free(rr);
     return os;
 }
-
-/*
- * Add signer certificate's V2 digest |sc| to a SignerInfo structure |si|
- */
-
-int ossl_cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc)
-{
-    ASN1_STRING *seq = NULL;
-    unsigned char *p, *pp = NULL;
-    int len;
-
-    /* Add SigningCertificateV2 signed attribute to the signer info. */
-    len = i2d_ESS_SIGNING_CERT_V2(sc, NULL);
-    if (len <= 0 || (pp = OPENSSL_malloc(len)) == NULL)
-        goto err;
-    p = pp;
-    i2d_ESS_SIGNING_CERT_V2(sc, &p);
-    if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len))
-        goto err;
-    OPENSSL_free(pp);
-    pp = NULL;
-    if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_signingCertificateV2,
-                                     V_ASN1_SEQUENCE, seq, -1))
-        goto err;
-    ASN1_STRING_free(seq);
-    return 1;
- err:
-    ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
-    ASN1_STRING_free(seq);
-    OPENSSL_free(pp);
-    return 0;
-}
-
-/*
- * Add signer certificate's digest |sc| to a SignerInfo structure |si|
- */
-
-int ossl_cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
-{
-    ASN1_STRING *seq = NULL;
-    unsigned char *p, *pp = NULL;
-    int len;
-
-    /* Add SigningCertificate signed attribute to the signer info. */
-    len = i2d_ESS_SIGNING_CERT(sc, NULL);
-    if (len <= 0 || (pp = OPENSSL_malloc(len)) == NULL)
-        goto err;
-    p = pp;
-    i2d_ESS_SIGNING_CERT(sc, &p);
-    if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len))
-        goto err;
-    OPENSSL_free(pp);
-    pp = NULL;
-    if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_signingCertificate,
-                                     V_ASN1_SEQUENCE, seq, -1))
-        goto err;
-    ASN1_STRING_free(seq);
-    return 1;
- err:
-    ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
-    ASN1_STRING_free(seq);
-    OPENSSL_free(pp);
-    return 0;
-}
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 43dbec6004..d208822c4b 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -18,7 +18,6 @@
 #include "internal/sizes.h"
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
-#include "crypto/cms.h"
 #include "crypto/ess.h"
 #include "crypto/x509.h" /* for ossl_x509_add_cert_new() */
 #include "cms_local.h"
@@ -253,6 +252,56 @@ static int cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd)
     return 1;
 }
 
+/* Add SigningCertificate signed attribute to the signer info. */
+static int ossl_cms_add1_signing_cert(CMS_SignerInfo *si,
+                                      const ESS_SIGNING_CERT *sc)
+{
+    ASN1_STRING *seq = NULL;
+    unsigned char *p, *pp = NULL;
+    int ret, len = i2d_ESS_SIGNING_CERT(sc, NULL);
+
+    if (len <= 0 || (pp = OPENSSL_malloc(len)) == NULL)
+        return 0;
+
+    p = pp;
+    i2d_ESS_SIGNING_CERT(sc, &p);
+    if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) {
+        ASN1_STRING_free(seq);
+        OPENSSL_free(pp);
+        return 0;
+    }
+    OPENSSL_free(pp);
+    ret = CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_signingCertificate,
+                                      V_ASN1_SEQUENCE, seq, -1);
+    ASN1_STRING_free(seq);
+    return ret;
+}
+
+/* Add SigningCertificateV2 signed attribute to the signer info. */
+static int ossl_cms_add1_signing_cert_v2(CMS_SignerInfo *si,
+                                         const ESS_SIGNING_CERT_V2 *sc)
+{
+    ASN1_STRING *seq = NULL;
+    unsigned char *p, *pp = NULL;
+    int ret, len = i2d_ESS_SIGNING_CERT_V2(sc, NULL);
+
+    if (len <= 0 || (pp = OPENSSL_malloc(len)) == NULL)
+        return 0;
+
+    p = pp;
+    i2d_ESS_SIGNING_CERT_V2(sc, &p);
+    if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) {
+        ASN1_STRING_free(seq);
+        OPENSSL_free(pp);
+        return 0;
+    }
+    OPENSSL_free(pp);
+    ret = CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_signingCertificateV2,
+                                      V_ASN1_SEQUENCE, seq, -1);
+    ASN1_STRING_free(seq);
+    return ret;
+}
+
 CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
                                 X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
                                 unsigned int flags)
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2021-03-16 16:41:52 +0100
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2021-04-28 14:10:47 +0200
commit	4189dc3782c5989dbaa7d247e41a96a25b27c940 (patch)
tree	1da5209296b9f40a026fbdefc4ab906b52a552dd /crypto/cms
parent	176a9a682a22d556037b0a959911e6020c8d2ecd (diff)