X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fts%2Fts_rsp_verify.c;h=e6e213ab12602f622429cc5d1f5f1a211c6ed408;hb=b6453a68bbb34c901a2eaf24012d0a3afcbf52ff;hp=1133b5d2238ab5d213d2f78ab31525bf1f07e555;hpb=18cd23df8a8f2edd800182e1ab62111e4b7f1dbe;p=oweals%2Fopenssl.git

diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
index 1133b5d223..e6e213ab12 100644
--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -1,4 +1,3 @@
-/* crypto/ts/ts_resp_verify.c */
 /*
  * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
  * 2002.
@@ -87,12 +86,17 @@ static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
 static int ts_find_name(STACK_OF(GENERAL_NAME) *gen_names,
                         GENERAL_NAME *name);
 
+/*
+ * This must be large enough to hold all values in ts_status_text (with
+ * comma separator) or all text fields in ts_failure_info (also with comma).
+ */
+#define TS_STATUS_BUF_SIZE      256
+
 /*
  * Local mapping between response codes and descriptions.
- * Don't forget to change TS_STATUS_BUF_SIZE when modifying
- * the elements of this array.
  */
-static const char *ts_status_text[] = { "granted",
+static const char *ts_status_text[] = {
+    "granted",
     "grantedWithMods",
     "rejection",
     "waiting",
@@ -102,12 +106,6 @@ static const char *ts_status_text[] = { "granted",
 
 #define TS_STATUS_TEXT_SIZE     OSSL_NELEM(ts_status_text)
 
-/*
- * This must be greater or equal to the sum of the strings in TS_status_text
- * plus the number of its elements.
- */
-#define TS_STATUS_BUF_SIZE      256
-
 static struct {
     int code;
     const char *text;
@@ -122,8 +120,6 @@ static struct {
     {TS_INFO_SYSTEM_FAILURE, "systemFailure"}
 };
 
-#define TS_FAILURE_INFO_SIZE    OSSL_NELEM(ts_failure_info)
-
 
 /*-
  * This function carries out the following tasks:
@@ -220,7 +216,8 @@ static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
     int ret = 1;
 
     *chain = NULL;
-    X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted);
+    if (!X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted))
+        return 0;
     X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
     i = X509_verify_cert(&cert_ctx);
     if (i <= 0) {
@@ -289,10 +286,13 @@ static ESS_SIGNING_CERT *ess_get_signing_cert(PKCS7_SIGNER_INFO *si)
 static int ts_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
 {
     int i;
+    unsigned char cert_sha1[SHA_DIGEST_LENGTH];
 
     if (!cert_ids || !cert)
         return -1;
 
+    X509_digest(cert, EVP_sha1(), cert_sha1, NULL);
+
     /* Recompute SHA1 hash of certificate if necessary (side effect). */
     X509_check_purpose(cert, -1, 0);
 
@@ -300,9 +300,8 @@ static int ts_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
     for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
         ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
 
-        if (cid->hash->length == sizeof(cert->sha1_hash)
-            && memcmp(cid->hash->data, cert->sha1_hash,
-                       sizeof(cert->sha1_hash)) == 0) {
+        if (cid->hash->length == SHA_DIGEST_LENGTH
+            && memcmp(cid->hash->data, cert_sha1, SHA_DIGEST_LENGTH) == 0) {
             ESS_ISSUER_SERIAL *is = cid->issuer_serial;
             if (!is || !ts_issuer_serial_cmp(is, cert))
                 return i;
@@ -443,7 +442,7 @@ static int ts_check_status_info(TS_RESP *response)
         return 1;
 
     /* There was an error, get the description in status_text. */
-    if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE)
+    if (0 <= status && status < (long) OSSL_NELEM(ts_status_text))
         status_text = ts_status_text[status];
     else
         status_text = "unknown code";
@@ -460,7 +459,7 @@ static int ts_check_status_info(TS_RESP *response)
             if (ASN1_BIT_STRING_get_bit(info->failure_info,
                                         ts_failure_info[i].code)) {
                 if (!first)
-                    strcpy(failure_text, ",");
+                    strcat(failure_text, ",");
                 else
                     first = 0;
                 strcat(failure_text, ts_failure_info[i].text);
@@ -530,7 +529,7 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
     TS_MSG_IMPRINT *msg_imprint = tst_info->msg_imprint;
     X509_ALGOR *md_alg_resp = msg_imprint->hash_algo;
     const EVP_MD *md;
-    EVP_MD_CTX md_ctx;
+    EVP_MD_CTX *md_ctx = NULL;
     unsigned char buffer[4096];
     int length;
 
@@ -552,17 +551,24 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
         goto err;
     }
 
-    if (!EVP_DigestInit(&md_ctx, md))
+    md_ctx = EVP_MD_CTX_new();
+    if (md_ctx == NULL) {
+        TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (!EVP_DigestInit(md_ctx, md))
         goto err;
     while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
-        if (!EVP_DigestUpdate(&md_ctx, buffer, length))
+        if (!EVP_DigestUpdate(md_ctx, buffer, length))
             goto err;
     }
-    if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
+    if (!EVP_DigestFinal(md_ctx, *imprint, NULL))
         goto err;
+    EVP_MD_CTX_free(md_ctx);
 
     return 1;
  err:
+    EVP_MD_CTX_free(md_ctx);
     X509_ALGOR_free(*md_alg);
     OPENSSL_free(*imprint);
     *imprint_len = 0;