Fix error in case CMP msg POPO is not provided in OSSL_CRMF_MSGS_verify_popo()

author Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Tue, 25 Feb 2020 07:58:39 +0000 (08:58 +0100)

committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Tue, 10 Mar 2020 15:09:44 +0000 (16:09 +0100)
author Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Tue, 25 Feb 2020 07:58:39 +0000 (08:58 +0100)
committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Tue, 10 Mar 2020 15:09:44 +0000 (16:09 +0100)
diff --git a/crypto/crmf/crmf_err.c b/crypto/crmf/crmf_err.c

index 80f71543ca6ef47dc375aaf3fd1af61a3129d4f2..159d5b2c91e2e404609bc2382aa189e80f2b5e65 100644 (file)
--- a/crypto/crmf/crmf_err.c
+++ b/crypto/crmf/crmf_err.c
@@ -32,6 +32,7 @@ static const ERR_STRING_DATA CRMF_str_reasons[] = {
      {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_NULL_ARGUMENT), "null argument"},
      {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY),
      "popo inconsistent public key"},
+    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_MISSING), "popo missing"},
      {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_MISSING_PUBLIC_KEY),
      "popo missing public key"},
      {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_MISSING_SUBJECT),
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c

index acbc9af5cb208e33e80baf4cd9ad15f26b6ab5a8..dd69372f3e850fc0a09eb5197b2249f3f5a00aa9 100644 (file)
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -485,11 +485,13 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
      X509_PUBKEY *pubkey = NULL;
      OSSL_CRMF_POPOSIGNINGKEY *sig = NULL;
  
-    if (reqs == NULL
-            || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL
-            || req->popo == NULL) {
-        CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO,
-                CRMF_R_NULL_ARGUMENT);
+    if (reqs == NULL || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL) {
+        CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, CRMF_R_NULL_ARGUMENT);
+        return 0;
+    }
+
+    if (req->popo == NULL) {
+        CRMFerr(0, CRMF_R_POPO_MISSING);
          return 0;
      }
  
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt

index c35d235e188fa453d8411d398101477b095cfbec..c921207698228f3c9456adce5fcd6b9f226a344a 100644 (file)
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2263,6 +2263,7 @@ CRMF_R_ITERATIONCOUNT_BELOW_100:108:iterationcount below 100
  CRMF_R_MALFORMED_IV:101:malformed iv
  CRMF_R_NULL_ARGUMENT:109:null argument
  CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY:117:popo inconsistent public key
+CRMF_R_POPO_MISSING:121:popo missing
  CRMF_R_POPO_MISSING_PUBLIC_KEY:118:popo missing public key
  CRMF_R_POPO_MISSING_SUBJECT:119:popo missing subject
  CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED:120:popo raverified not accepted
diff --git a/include/openssl/crmferr.h b/include/openssl/crmferr.h

index f7b5b906e2bb461511af8a1001d8662bf22a56e4..22936c620e73c687913c065cb42350281eecdcb0 100644 (file)
--- a/include/openssl/crmferr.h
+++ b/include/openssl/crmferr.h
@@ -63,6 +63,7 @@ int ERR_load_CRMF_strings(void);
  #  define CRMF_R_MALFORMED_IV                              101
  #  define CRMF_R_NULL_ARGUMENT                             109
  #  define CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY              117
+#  define CRMF_R_POPO_MISSING                              121
  #  define CRMF_R_POPO_MISSING_PUBLIC_KEY                   118
  #  define CRMF_R_POPO_MISSING_SUBJECT                      119
  #  define CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED              120
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Tue, 25 Feb 2020 07:58:39 +0000 (08:58 +0100)
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Tue, 10 Mar 2020 15:09:44 +0000 (16:09 +0100)
crypto/crmf/crmf_err.c		patch \| blob \| history
crypto/crmf/crmf_lib.c		patch \| blob \| history
crypto/err/openssl.txt		patch \| blob \| history
include/openssl/crmferr.h		patch \| blob \| history