diff options
author | Richard Levitte <levitte@openssl.org> | 2021-03-10 12:58:53 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-04-18 10:10:24 +0200 |
commit | ad57a13bb86949a9e9adc7a2960e3f39e3e5b284 (patch) | |
tree | 67bfce29a5498715b5979c7b8f19baa3f313ddd8 /crypto/cms | |
parent | 42423ac9611e0cbb02c93b3c5661328f324f9d08 (diff) | |
download | openssl-new-ad57a13bb86949a9e9adc7a2960e3f39e3e5b284.tar.gz |
Modify OBJ_nid2sn(OBJ_obj2nid(...)) occurences to use OBJ_obj2txt()
The intention is to allow for OIDs for which libcrypto has no
information, but are still fetchable for OSSL_ALGORITHM
implementations that specify an OID amongst their names.
Fixes #14278
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14498)
Diffstat (limited to 'crypto/cms')
-rw-r--r-- | crypto/cms/cms_dh.c | 8 | ||||
-rw-r--r-- | crypto/cms/cms_ec.c | 12 | ||||
-rw-r--r-- | crypto/cms/cms_env.c | 5 | ||||
-rw-r--r-- | crypto/cms/cms_lib.c | 5 | ||||
-rw-r--r-- | crypto/cms/cms_pwri.c | 7 | ||||
-rw-r--r-- | crypto/cms/cms_sd.c | 17 |
6 files changed, 32 insertions, 22 deletions
diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c index 95ce8e8351..36714766d2 100644 --- a/crypto/cms/cms_dh.c +++ b/crypto/cms/cms_dh.c @@ -12,8 +12,9 @@ #include <openssl/dh.h> #include <openssl/err.h> #include <openssl/core_names.h> -#include "cms_local.h" +#include "internal/sizes.h" #include "crypto/evp.h" +#include "cms_local.h" static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx, X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) @@ -87,7 +88,7 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) int keylen, plen; EVP_CIPHER *kekcipher = NULL; EVP_CIPHER_CTX *kekctx; - const char *name; + char name[OSSL_MAX_NAME_SIZE]; if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) goto err; @@ -117,8 +118,7 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) if (kekctx == NULL) goto err; - name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm)); - if (name == NULL) + if (!OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0)) goto err; kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery); diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c index 096eafd815..4994260af8 100644 --- a/crypto/cms/cms_ec.c +++ b/crypto/cms/cms_ec.c @@ -11,8 +11,9 @@ #include <openssl/cms.h> #include <openssl/err.h> #include <openssl/decoder.h> -#include "cms_local.h" +#include "internal/sizes.h" #include "crypto/evp.h" +#include "cms_local.h" static EVP_PKEY *pkey_type2param(int ptype, const void *pval, OSSL_LIB_CTX *libctx, const char *propq) @@ -36,14 +37,13 @@ static EVP_PKEY *pkey_type2param(int ptype, const void *pval, OSSL_DECODER_CTX_free(ctx); } else if (ptype == V_ASN1_OBJECT) { const ASN1_OBJECT *poid = pval; - const char *groupname; + char groupname[OSSL_MAX_NAME_SIZE]; /* type == V_ASN1_OBJECT => the parameters are given by an asn1 OID */ pctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq); if (pctx == NULL || EVP_PKEY_paramgen_init(pctx) <= 0) goto err; - groupname = OBJ_nid2sn(OBJ_obj2nid(poid)); - if (groupname == NULL + if (!OBJ_obj2txt(groupname, sizeof(groupname), poid, 0) || !EVP_PKEY_CTX_set_group_name(pctx, groupname)) { ERR_raise(ERR_LIB_CMS, CMS_R_DECODE_ERROR); goto err; @@ -159,7 +159,7 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) int plen, keylen; EVP_CIPHER *kekcipher = NULL; EVP_CIPHER_CTX *kekctx; - const char *name; + char name[OSSL_MAX_NAME_SIZE]; if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) return 0; @@ -180,7 +180,7 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) kekctx = CMS_RecipientInfo_kari_get0_ctx(ri); if (kekctx == NULL) goto err; - name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm)); + OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0); kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery); if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE) goto err; diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 79efd67ba3..29bbd0c36d 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -14,6 +14,7 @@ #include <openssl/err.h> #include <openssl/cms.h> #include <openssl/evp.h> +#include "internal/sizes.h" #include "crypto/asn1.h" #include "crypto/evp.h" #include "crypto/x509.h" @@ -538,7 +539,9 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, if (cms->d.envelopedData->encryptedContentInfo->havenocert && !cms->d.envelopedData->encryptedContentInfo->debug) { X509_ALGOR *calg = ec->contentEncryptionAlgorithm; - const char *name = OBJ_nid2sn(OBJ_obj2nid(calg->algorithm)); + char name[OSSL_MAX_NAME_SIZE]; + + OBJ_obj2txt(name, sizeof(name), calg->algorithm, 0); (void)ERR_set_mark(); fetched_cipher = EVP_CIPHER_fetch(libctx, name, propq); diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index 33127cc88c..cfde2215bd 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -15,6 +15,7 @@ #include <openssl/asn1.h> #include <openssl/cms.h> #include <openssl/cms.h> +#include "internal/sizes.h" #include "crypto/x509.h" #include "cms_local.h" @@ -403,10 +404,10 @@ BIO *ossl_cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm, const ASN1_OBJECT *digestoid; const EVP_MD *digest = NULL; EVP_MD *fetched_digest = NULL; - const char *alg; + char alg[OSSL_MAX_NAME_SIZE]; X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm); - alg = OBJ_nid2sn(OBJ_obj2nid(digestoid)); + OBJ_obj2txt(alg, sizeof(alg), digestoid, 0); (void)ERR_set_mark(); fetched_digest = EVP_MD_fetch(ossl_cms_ctx_get0_libctx(ctx), alg, diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index cea1e404c0..a278280563 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -15,8 +15,9 @@ #include <openssl/cms.h> #include <openssl/rand.h> #include <openssl/aes.h> -#include "cms_local.h" +#include "internal/sizes.h" #include "crypto/asn1.h" +#include "cms_local.h" int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass, ossl_ssize_t passlen) @@ -286,7 +287,7 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, int r = 0; X509_ALGOR *algtmp, *kekalg = NULL; EVP_CIPHER_CTX *kekctx = NULL; - const char *name; + char name[OSSL_MAX_NAME_SIZE]; EVP_CIPHER *kekcipher; unsigned char *key = NULL; size_t keylen; @@ -315,7 +316,7 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, return 0; } - name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm)); + OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0); kekcipher = EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(cms_ctx), name, ossl_cms_ctx_get0_propq(cms_ctx)); diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 2b232aa700..898916d548 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -15,12 +15,13 @@ #include <openssl/err.h> #include <openssl/cms.h> #include <openssl/ess.h> -#include "cms_local.h" +#include "internal/sizes.h" #include "crypto/asn1.h" #include "crypto/evp.h" #include "crypto/cms.h" #include "crypto/ess.h" #include "crypto/x509.h" /* for ossl_x509_add_cert_new() */ +#include "cms_local.h" /* CMS SignedData Utilities */ @@ -328,9 +329,12 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, /* See if digest is present in digestAlgorithms */ for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) { const ASN1_OBJECT *aoid; + char name[OSSL_MAX_NAME_SIZE]; + alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i); X509_ALGOR_get0(&aoid, NULL, NULL, alg); - if (OBJ_obj2nid(aoid) == EVP_MD_type(md)) + OBJ_obj2txt(name, sizeof(name), aoid, 0); + if (EVP_MD_is_a(md, name)) break; } @@ -724,9 +728,10 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) int alen; size_t siglen; const CMS_CTX *ctx = si->cms_ctx; - const char *md_name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm)); + char md_name[OSSL_MAX_NAME_SIZE]; - if (md_name == NULL) + if (!OBJ_obj2txt(md_name, sizeof(md_name), + si->digestAlgorithm->algorithm, 0)) return 0; if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) { @@ -781,7 +786,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) EVP_MD_CTX *mctx = NULL; unsigned char *abuf = NULL; int alen, r = -1; - const char *name; + char name[OSSL_MAX_NAME_SIZE]; const EVP_MD *md; EVP_MD *fetched_md = NULL; const CMS_CTX *ctx = si->cms_ctx; @@ -796,7 +801,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) if (!ossl_cms_si_check_attributes(si)) return -1; - name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm)); + OBJ_obj2txt(name, sizeof(name), si->digestAlgorithm->algorithm, 0); (void)ERR_set_mark(); fetched_md = EVP_MD_fetch(libctx, name, propq); |