Import OpenSSL 1.1.0h

2018-04-13 17:45:41 +00:00
parent f39d324ed3
commit 807cee26df
513 changed files with 11248 additions and 3603 deletions
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -292,6 +292,7 @@ static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
    case ASN1_OP_STREAM_PRE:
        if (CMS_stream(&sarg->boundary, cms) <= 0)
            return 0;
+        /* fall thru */
    case ASN1_OP_DETACHED_PRE:
        sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
        if (!sarg->ndef_bio)
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -713,8 +713,10 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
    if (md == NULL)
        return -1;
-    if (si->mctx == NULL)
-        si->mctx = EVP_MD_CTX_new();
+    if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) {
+        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
    mctx = si->mctx;
    if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
        goto err;
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -583,19 +583,17 @@ static int cms_kari_set1_pkey(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
    STACK_OF(CMS_RecipientEncryptedKey) *reks;
    CMS_RecipientEncryptedKey *rek;
    reks = CMS_RecipientInfo_kari_get0_reks(ri);
-    if (!cert)
-        return 0;
    for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
        int rv;
        rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
-        if (CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
+        if (cert != NULL && CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
            continue;
        CMS_RecipientInfo_kari_set0_pkey(ri, pk);
        rv = CMS_RecipientInfo_kari_decrypt(cms, ri, rek);
        CMS_RecipientInfo_kari_set0_pkey(ri, NULL);
        if (rv > 0)
            return 1;
-        return -1;
+        return cert == NULL ? 0 : -1;
    }
    return 0;
 }
@@ -659,8 +657,8 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
                return 1;
        }
    }
-    /* If no cert and not debugging always return success */
-    if (match_ri && !cert && !debug) {
+    /* If no cert, key transport and not debugging always return success */
+    if (cert == NULL && ri_type == CMS_RECIPINFO_TRANS && match_ri && !debug) {
        ERR_clear_error();
        return 1;
    }