From 80986c9ced1de522eac595df9f15318c50884a8a Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 10 Oct 2003 23:24:10 +0000
Subject: [PATCH] Retrieve correct content to sign when the type is "other".

---
 CHANGES                 |  3 ++-
 crypto/pkcs7/pk7_doit.c | 47 ++++++++++++++++++-----------------------
 2 files changed, 23 insertions(+), 27 deletions(-)

diff --git a/CHANGES b/CHANGES
index 9655a97429..0d8d08cd80 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,8 @@
 
  Changes between 0.9.7c and 0.9.7d  [xx XXX XXXX]
 
-  *)
+  *) Use the correct content when signing type "other".
+     [Steve Henson]
 
  Changes between 0.9.7b and 0.9.7c  [30 Sep 2003]
 
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 190ca0e9bf..91ae3cab86 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -91,12 +91,14 @@ static int PKCS7_type_is_other(PKCS7* p7)
 
 	}
 
-static int PKCS7_type_is_octet_string(PKCS7* p7)
+static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
 	{
-	if ( 0==PKCS7_type_is_other(p7) )
-		return 0;
-
-	return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0;
+	if ( PKCS7_type_is_data(p7))
+		return p7->d.data;
+	if ( PKCS7_type_is_other(p7) && p7->d.other
+		&& (p7->d.other->type == V_ASN1_OCTET_STRING))
+		return p7->d.other->value.octet_string;
+	return NULL;
 	}
 
 BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
@@ -250,29 +252,22 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		btmp=NULL;
 		}
 
-	if (bio == NULL) {
+	if (bio == NULL)
+		{
 		if (PKCS7_is_detached(p7))
 			bio=BIO_new(BIO_s_null());
-		else {
-			if (PKCS7_type_is_signed(p7) ) { 
-				if ( PKCS7_type_is_data(p7->d.sign->contents)) {
-					ASN1_OCTET_STRING *os;
-					os=p7->d.sign->contents->d.data;
-					if (os->length > 0)
-						bio = BIO_new_mem_buf(os->data, os->length);
-				}
-				else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
-					ASN1_OCTET_STRING *os;
-					os=p7->d.sign->contents->d.other->value.octet_string;
-					if (os->length > 0)
-						bio = BIO_new_mem_buf(os->data, os->length);
-				}
-			}
-			if(bio == NULL) {
+		else
+			{
+			ASN1_OCTET_STRING *os;
+			os = PKCS7_get_octet_string(p7->d.sign->contents);
+			if (os && os->length > 0)
+				bio = BIO_new_mem_buf(os->data, os->length);
+			if(bio == NULL)
+				{
 				bio=BIO_new(BIO_s_mem());
 				BIO_set_mem_eof_return(bio,0);
+				}
 			}
-		}
 	}
 	BIO_push(out,bio);
 	bio=NULL;
@@ -311,7 +306,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 	switch (i)
 		{
 	case NID_pkcs7_signed:
-		data_body=p7->d.sign->contents->d.data;
+		data_body=PKCS7_get_octet_string(p7->d.sign->contents);
 		md_sk=p7->d.sign->md_algs;
 		break;
 	case NID_pkcs7_signedAndEnveloped:
@@ -531,9 +526,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 		break;
 	case NID_pkcs7_signed:
 		si_sk=p7->d.sign->signer_info;
-		os=p7->d.sign->contents->d.data;
+		os=PKCS7_get_octet_string(p7->d.sign->contents);
 		/* If detached data then the content is excluded */
-		if(p7->detached) {
+		if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
 			M_ASN1_OCTET_STRING_free(os);
 			p7->d.sign->contents->d.data = NULL;
 		}
-- 
2.25.1