diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-02-25 08:58:39 +0100 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-03-10 16:09:44 +0100 |
commit | 7269071e5eb54683353a1d2f8831a4ed03485b86 (patch) | |
tree | 20a8e05d64cba1c417cca8cc16e16e126e09c6bf /crypto/crmf | |
parent | 62dcd2aa17b27b7892ad62540f9034c9192f6530 (diff) |
Fix error in case CMP msg POPO is not provided in OSSL_CRMF_MSGS_verify_popo()
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11142)
Diffstat (limited to 'crypto/crmf')
-rw-r--r-- | crypto/crmf/crmf_err.c | 1 | ||||
-rw-r--r-- | crypto/crmf/crmf_lib.c | 12 |
2 files changed, 8 insertions, 5 deletions
diff --git a/crypto/crmf/crmf_err.c b/crypto/crmf/crmf_err.c index 80f71543ca..159d5b2c91 100644 --- a/crypto/crmf/crmf_err.c +++ b/crypto/crmf/crmf_err.c @@ -32,6 +32,7 @@ static const ERR_STRING_DATA CRMF_str_reasons[] = { {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_NULL_ARGUMENT), "null argument"}, {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY), "popo inconsistent public key"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_MISSING), "popo missing"}, {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_MISSING_PUBLIC_KEY), "popo missing public key"}, {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_MISSING_SUBJECT), diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c index acbc9af5cb..dd69372f3e 100644 --- a/crypto/crmf/crmf_lib.c +++ b/crypto/crmf/crmf_lib.c @@ -485,11 +485,13 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, X509_PUBKEY *pubkey = NULL; OSSL_CRMF_POPOSIGNINGKEY *sig = NULL; - if (reqs == NULL - || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL - || req->popo == NULL) { - CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, - CRMF_R_NULL_ARGUMENT); + if (reqs == NULL || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, CRMF_R_NULL_ARGUMENT); + return 0; + } + + if (req->popo == NULL) { + CRMFerr(0, CRMF_R_POPO_MISSING); return 0; } |