#include "asn1_locl.h"
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
- unsigned char *pass, ssize_t passlen)
+ unsigned char *pass, ossl_ssize_t passlen)
{
CMS_PasswordRecipientInfo *pwri;
if (ri->type != CMS_RECIPINFO_PASS)
CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
int iter, int wrap_nid, int pbe_nid,
- unsigned char *pass, ssize_t passlen,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
const EVP_CIPHER *kekciph)
{
CMS_RecipientInfo *ri = NULL;
X509_ALGOR *encalg = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
int ivlen;
+
env = cms_get0_enveloped(cms);
if (!env)
- goto err;
+ return NULL;
if (wrap_nid <= 0)
wrap_nid = NID_id_alg_PWRI_KEK;
}
tmp = OPENSSL_malloc(inlen);
/* setup IV by decrypting last two blocks */
- EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
- in + inlen - 2 * blocklen, blocklen * 2);
+ if (!EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
+ in + inlen - 2 * blocklen, blocklen * 2)
/* Do a decrypt of last decrypted block to set IV to correct value
* output it to start of buffer so we don't corrupt decrypted block
* this works because buffer is at least two block lengths long.
*/
- EVP_DecryptUpdate(ctx, tmp, &outl,
- tmp + inlen - blocklen, blocklen);
+ || !EVP_DecryptUpdate(ctx, tmp, &outl,
+ tmp + inlen - blocklen, blocklen)
/* Can now decrypt first n - 1 blocks */
- EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
+ || !EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen)
/* Reset IV to original value */
- EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+ || !EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL)
/* Decrypt again */
- EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
+ || !EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen))
+ goto err;
/* Check check bytes */
if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff)
{
if (olen > inlen + 4)
RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen);
/* Encrypt twice */
- EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
- EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+ if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen)
+ || !EVP_EncryptUpdate(ctx, out, &dummy, out, olen))
+ return 0;
}
*outlen = olen;