diff options
author | Olga Batyshkina <obatysh@gmx.com> | 2023-08-07 14:51:53 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-08-10 12:12:18 +0200 |
commit | 9f0f833480861ef230d215aa24f1aeb2a2160e81 (patch) | |
tree | 3dd0833ebfa772c4852c5cc77126f31422542d48 /crypto | |
parent | c9f278393ed459a51cc7984ae231536515e1001c (diff) |
Do not raise CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA error in CMS_ContentInfo_free
This happens if this function is called for signed content.
Added ossl_cms_env_enc_content_free() for cleaning enveloped content.
Fixed indentation in ossl_cms_env_enc_content_free
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21676)
(cherry picked from commit 13342efbb9e16ec8f97b1ac5ab4aa2b3b3490596)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/cms/cms_env.c | 21 | ||||
-rw-r--r-- | crypto/cms/cms_lib.c | 5 | ||||
-rw-r--r-- | crypto/cms/cms_local.h | 1 |
3 files changed, 21 insertions, 6 deletions
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index bd1f3e7345..99cf1dcb39 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -26,7 +26,7 @@ static void cms_env_set_version(CMS_EnvelopedData *env); #define CMS_ENVELOPED_STANDARD 1 #define CMS_ENVELOPED_AUTH 2 -static int cms_get_enveloped_type(const CMS_ContentInfo *cms) +static int cms_get_enveloped_type_simple(const CMS_ContentInfo *cms) { int nid = OBJ_obj2nid(cms->contentType); @@ -38,11 +38,28 @@ static int cms_get_enveloped_type(const CMS_ContentInfo *cms) return CMS_ENVELOPED_AUTH; default: - ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA); return 0; } } +static int cms_get_enveloped_type(const CMS_ContentInfo *cms) +{ + int ret = cms_get_enveloped_type_simple(cms); + + if (ret == 0) + ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA); + return ret; +} + +void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf) +{ + if (cms_get_enveloped_type_simple(cinf) != 0) { + CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cinf); + if (ec != NULL) + OPENSSL_clear_free(ec->key, ec->keylen); + } +} + CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms) { if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) { diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index 1d2c5bc422..8b135e95aa 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -76,10 +76,7 @@ CMS_ContentInfo *CMS_ContentInfo_new(void) void CMS_ContentInfo_free(CMS_ContentInfo *cms) { if (cms != NULL) { - CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cms); - - if (ec != NULL) - OPENSSL_clear_free(ec->key, ec->keylen); + ossl_cms_env_enc_content_free(cms); OPENSSL_free(cms->ctx.propq); ASN1_item_free((ASN1_VALUE *)cms, ASN1_ITEM_rptr(CMS_ContentInfo)); } diff --git a/crypto/cms/cms_local.h b/crypto/cms/cms_local.h index 15b4a29ce0..f1e9be9087 100644 --- a/crypto/cms/cms_local.h +++ b/crypto/cms/cms_local.h @@ -444,6 +444,7 @@ BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms); int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain); BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms); int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio); +void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf); CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms); CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms); CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms); |