Check for errors in ASN1 sign and verify routines.

diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 1081950518c7b7fdea470c876523f58ace22124b..4dee45fbb83ab3a048ed85fad2f3a426be6fb7ac 100644 (file)
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -267,7 +267,12 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
                goto err;
                }
 
-       EVP_SignInit_ex(&ctx,type, NULL);
+       if (!EVP_SignInit_ex(&ctx,type, NULL))
+               {
+               outl=0;
+               ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB);
+               goto err;
+               }
        EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
        if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
                        (unsigned int *)&outl,pkey))

diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index fdce6e4380b6534a782717c87fd8c1564ef4fb48..da3efaaf8de524d0aea44ed505182109076a164f 100644 (file)
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -100,7 +100,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
        p=buf_in;
 
        i2d(data,&p);
-       EVP_VerifyInit_ex(&ctx,type, NULL);
+       if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+               {
+               ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+               ret=0;
+               goto err;
+               }
        EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
 
        OPENSSL_cleanse(buf_in,(unsigned int)inl);