From e93c8748ab40d876285147e3112c7a520d68880e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 28 Mar 2015 15:10:54 +0000 Subject: [PATCH] Remove duplicate code. Update code to use ASN1_TYPE_pack_sequence and ASN1_TYPE_unpack_sequence instead of performing the same operation manually. Reviewed-by: Rich Salz --- crypto/asn1/p5_pbev2.c | 15 ++++----------- crypto/cms/cms_pwri.c | 10 +++------- crypto/evp/p5_crpt.c | 5 ++--- crypto/evp/p5_crpt2.c | 26 +++++--------------------- crypto/pkcs12/p12_crpt.c | 10 ++-------- crypto/pkcs12/p12_npas.c | 5 +---- crypto/rsa/rsa_ameth.c | 28 ++++++---------------------- 7 files changed, 23 insertions(+), 76 deletions(-) diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c index 60abbe2649..4b9045e3fb 100644 --- a/crypto/asn1/p5_pbev2.c +++ b/crypto/asn1/p5_pbev2.c @@ -165,17 +165,14 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, if (!(ret = X509_ALGOR_new())) goto merr; - if (!(ret->parameter = ASN1_TYPE_new())) - goto merr; ret->algorithm = OBJ_nid2obj(NID_pbes2); /* Encode PBE2PARAM into parameter */ - if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM), - &ret->parameter->value.sequence)) + if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBE2PARAM), pbe2, + &ret->parameter)) goto merr; - ret->parameter->type = V_ASN1_SEQUENCE; PBE2PARAM_free(pbe2); pbe2 = NULL; @@ -261,13 +258,9 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, /* Encode PBKDF2PARAM into parameter of pbe2 */ - if (!(keyfunc->parameter = ASN1_TYPE_new())) - goto merr; - - if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), - &keyfunc->parameter->value.sequence)) + if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBKDF2PARAM), kdf, + &keyfunc->parameter)) goto merr; - keyfunc->parameter->type = V_ASN1_SEQUENCE; PBKDF2PARAM_free(kdf); return keyfunc; diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index 83a65d2f59..4f1b31d8ae 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -320,8 +320,6 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, { CMS_EncryptedContentInfo *ec; CMS_PasswordRecipientInfo *pwri; - const unsigned char *p = NULL; - int plen; int r = 0; X509_ALGOR *algtmp, *kekalg = NULL; EVP_CIPHER_CTX kekctx; @@ -346,11 +344,9 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, return 0; } - if (algtmp->parameter->type == V_ASN1_SEQUENCE) { - p = algtmp->parameter->value.sequence->data; - plen = algtmp->parameter->value.sequence->length; - kekalg = d2i_X509_ALGOR(NULL, &p, plen); - } + kekalg = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(X509_ALGOR), + algtmp->parameter); + if (kekalg == NULL) { CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER); diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index d06ab90a3e..921006caeb 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -82,7 +82,6 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, PBEPARAM *pbe; int saltlen, iter; unsigned char *salt; - const unsigned char *pbuf; int mdsize; int rv = 0; EVP_MD_CTX_init(&ctx); @@ -94,8 +93,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, return 0; } - pbuf = param->value.sequence->data; - if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { + pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), param); + if (pbe == NULL) { EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); return 0; } diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 27e3fa5017..ca3fa9cdea 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -190,23 +190,14 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) { - const unsigned char *pbuf; - int plen; PBE2PARAM *pbe2 = NULL; const EVP_CIPHER *cipher; EVP_PBE_KEYGEN *kdf; int rv = 0; - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); - goto err; - } - - pbuf = param->value.sequence->data; - plen = param->value.sequence->length; - if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { + pbe2 = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBE2PARAM), param); + if (pbe2 == NULL) { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); goto err; } @@ -248,8 +239,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, const EVP_CIPHER *c, const EVP_MD *md, int en_de) { unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; - const unsigned char *pbuf; - int saltlen, iter, plen; + int saltlen, iter; int rv = 0; unsigned int keylen = 0; int prf_nid, hmac_md_nid; @@ -265,15 +255,9 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, /* Decode parameter */ - if (!param || (param->type != V_ASN1_SEQUENCE)) { - EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); - goto err; - } - - pbuf = param->value.sequence->data; - plen = param->value.sequence->length; + kdf = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBKDF2PARAM), param); - if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen))) { + if (kdf == NULL) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); goto err; } diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c index 3a166e6130..e50096befd 100644 --- a/crypto/pkcs12/p12_crpt.c +++ b/crypto/pkcs12/p12_crpt.c @@ -74,18 +74,12 @@ int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, PBEPARAM *pbe; int saltlen, iter, ret; unsigned char *salt; - const unsigned char *pbuf; unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; /* Extract useful info from parameter */ - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR); - return 0; - } - pbuf = param->value.sequence->data; - if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { + pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), param); + if (pbe == NULL) { PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR); return 0; } diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c index a89b61abab..f756033fc4 100644 --- a/crypto/pkcs12/p12_npas.c +++ b/crypto/pkcs12/p12_npas.c @@ -221,10 +221,7 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) { PBEPARAM *pbe; - const unsigned char *p; - - p = alg->parameter->value.sequence->data; - pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); + pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), alg->parameter); if (!pbe) return 0; *pnid = OBJ_obj2nid(alg->algorithm); diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 46b0fdc1c5..379bf4c26c 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -271,34 +271,23 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, /* Given an MGF1 Algorithm ID decode to an Algorithm Identifier */ static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg) { - const unsigned char *p; - int plen; if (alg == NULL) return NULL; if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) return NULL; - if (alg->parameter->type != V_ASN1_SEQUENCE) - return NULL; - - p = alg->parameter->value.sequence->data; - plen = alg->parameter->value.sequence->length; - return d2i_X509_ALGOR(NULL, &p, plen); + return ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(X509_ALGOR), + alg->parameter); } static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg, X509_ALGOR **pmaskHash) { - const unsigned char *p; - int plen; RSA_PSS_PARAMS *pss; *pmaskHash = NULL; - if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE) - return NULL; - p = alg->parameter->value.sequence->data; - plen = alg->parameter->value.sequence->length; - pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen); + pss = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(RSA_PSS_PARAMS), + alg->parameter); if (!pss) return NULL; @@ -768,17 +757,12 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg, X509_ALGOR **pmaskHash) { - const unsigned char *p; - int plen; RSA_OAEP_PARAMS *pss; *pmaskHash = NULL; - if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE) - return NULL; - p = alg->parameter->value.sequence->data; - plen = alg->parameter->value.sequence->length; - pss = d2i_RSA_OAEP_PARAMS(NULL, &p, plen); + pss = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(RSA_OAEP_PARAMS), + alg->parameter); if (!pss) return NULL; -- 2.40.0