|
@@ -66,7 +66,7 @@ static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms)
|
|
|
if (cms->d.other == NULL) {
|
|
|
cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData);
|
|
|
if (cms->d.envelopedData == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB);
|
|
|
return NULL;
|
|
|
}
|
|
|
cms->d.envelopedData->version = 0;
|
|
@@ -85,7 +85,7 @@ cms_auth_enveloped_data_init(CMS_ContentInfo *cms)
|
|
|
if (cms->d.other == NULL) {
|
|
|
cms->d.authEnvelopedData = M_ASN1_new_of(CMS_AuthEnvelopedData);
|
|
|
if (cms->d.authEnvelopedData == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB);
|
|
|
return NULL;
|
|
|
}
|
|
|
/* Defined in RFC 5083 - Section 2.1. "AuthEnvelopedData Type" */
|
|
@@ -222,18 +222,18 @@ CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher,
|
|
|
|
|
|
cms = CMS_ContentInfo_new_ex(libctx, propq);
|
|
|
if (cms == NULL)
|
|
|
- goto merr;
|
|
|
+ goto err;
|
|
|
env = cms_enveloped_data_init(cms);
|
|
|
if (env == NULL)
|
|
|
- goto merr;
|
|
|
+ goto err;
|
|
|
|
|
|
if (!ossl_cms_EncryptedContent_init(env->encryptedContentInfo, cipher, NULL,
|
|
|
0, ossl_cms_get0_cmsctx(cms)))
|
|
|
- goto merr;
|
|
|
+ goto err;
|
|
|
return cms;
|
|
|
- merr:
|
|
|
+ err:
|
|
|
CMS_ContentInfo_free(cms);
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB);
|
|
|
return NULL;
|
|
|
}
|
|
|
|
|
@@ -299,7 +299,7 @@ CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx,
|
|
|
return cms;
|
|
|
merr:
|
|
|
CMS_ContentInfo_free(cms);
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB);
|
|
|
return NULL;
|
|
|
}
|
|
|
|
|
@@ -382,8 +382,10 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
|
|
|
|
|
|
/* Initialize recipient info */
|
|
|
ri = M_ASN1_new_of(CMS_RecipientInfo);
|
|
|
- if (ri == NULL)
|
|
|
- goto merr;
|
|
|
+ if (ri == NULL) {
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB);
|
|
|
+ goto err;
|
|
|
+ }
|
|
|
|
|
|
pk = X509_get0_pubkey(recip);
|
|
|
if (pk == NULL) {
|
|
@@ -410,13 +412,13 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
|
|
|
|
|
|
}
|
|
|
|
|
|
- if (!sk_CMS_RecipientInfo_push(ris, ri))
|
|
|
- goto merr;
|
|
|
+ if (!sk_CMS_RecipientInfo_push(ris, ri)) {
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB);
|
|
|
+ goto err;
|
|
|
+ }
|
|
|
|
|
|
return ri;
|
|
|
|
|
|
- merr:
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
err:
|
|
|
M_ASN1_free_of(ri, CMS_RecipientInfo);
|
|
|
return NULL;
|
|
@@ -527,11 +529,8 @@ static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms,
|
|
|
goto err;
|
|
|
|
|
|
ek = OPENSSL_malloc(eklen);
|
|
|
-
|
|
|
- if (ek == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ if (ek == NULL)
|
|
|
goto err;
|
|
|
- }
|
|
|
|
|
|
if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
|
|
|
goto err;
|
|
@@ -614,10 +613,8 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
|
|
|
goto err;
|
|
|
|
|
|
ek = OPENSSL_malloc(eklen);
|
|
|
- if (ek == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ if (ek == NULL)
|
|
|
goto err;
|
|
|
- }
|
|
|
|
|
|
if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen,
|
|
|
ktri->encryptedKey->data,
|
|
@@ -732,24 +729,32 @@ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
|
|
|
|
|
|
/* Initialize recipient info */
|
|
|
ri = M_ASN1_new_of(CMS_RecipientInfo);
|
|
|
- if (!ri)
|
|
|
- goto merr;
|
|
|
+ if (!ri) {
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB);
|
|
|
+ goto err;
|
|
|
+ }
|
|
|
|
|
|
ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo);
|
|
|
- if (!ri->d.kekri)
|
|
|
- goto merr;
|
|
|
+ if (!ri->d.kekri) {
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB);
|
|
|
+ goto err;
|
|
|
+ }
|
|
|
ri->type = CMS_RECIPINFO_KEK;
|
|
|
|
|
|
kekri = ri->d.kekri;
|
|
|
|
|
|
if (otherTypeId) {
|
|
|
kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute);
|
|
|
- if (kekri->kekid->other == NULL)
|
|
|
- goto merr;
|
|
|
+ if (kekri->kekid->other == NULL) {
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB);
|
|
|
+ goto err;
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
- if (!sk_CMS_RecipientInfo_push(ris, ri))
|
|
|
- goto merr;
|
|
|
+ if (!sk_CMS_RecipientInfo_push(ris, ri)) {
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB);
|
|
|
+ goto err;
|
|
|
+ }
|
|
|
|
|
|
/* After this point no calls can fail */
|
|
|
|
|
@@ -772,8 +777,6 @@ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
|
|
|
|
|
|
return ri;
|
|
|
|
|
|
- merr:
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
err:
|
|
|
M_ASN1_free_of(ri, CMS_RecipientInfo);
|
|
|
return NULL;
|
|
@@ -884,14 +887,12 @@ static int cms_RecipientInfo_kekri_encrypt(const CMS_ContentInfo *cms,
|
|
|
|
|
|
/* 8 byte prefix for AES wrap ciphers */
|
|
|
wkey = OPENSSL_malloc(ec->keylen + 8);
|
|
|
- if (wkey == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ if (wkey == NULL)
|
|
|
goto err;
|
|
|
- }
|
|
|
|
|
|
ctx = EVP_CIPHER_CTX_new();
|
|
|
if (ctx == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -967,14 +968,12 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
|
|
|
}
|
|
|
|
|
|
ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8);
|
|
|
- if (ukey == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ if (ukey == NULL)
|
|
|
goto err;
|
|
|
- }
|
|
|
|
|
|
ctx = EVP_CIPHER_CTX_new();
|
|
|
if (ctx == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -1272,7 +1271,7 @@ int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
|
|
|
env->unprotectedAttrs = sk_X509_ATTRIBUTE_new_null();
|
|
|
|
|
|
if (env->unprotectedAttrs == NULL) {
|
|
|
- ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
|
|
|
+ ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB);
|
|
|
return 0;
|
|
|
}
|
|
|
|