1/* crypto/pkcs7/pk7_doit.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59#include <stdio.h> 60#include "cryptlib.h" 61#include <openssl/rand.h> 62#include <openssl/objects.h> 63#include <openssl/x509.h> 64#include <openssl/x509v3.h> 65#include <openssl/err.h> 66 67static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, 68 void *value); 69static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid); 70 71static int PKCS7_type_is_other(PKCS7* p7) 72 { 73 int isOther=1; 74 75 int nid=OBJ_obj2nid(p7->type); 76 77 switch( nid ) 78 { 79 case NID_pkcs7_data: 80 case NID_pkcs7_signed: 81 case NID_pkcs7_enveloped: 82 case NID_pkcs7_signedAndEnveloped: 83 case NID_pkcs7_digest: 84 case NID_pkcs7_encrypted: 85 isOther=0; 86 break; 87 default: 88 isOther=1; 89 } 90 91 return isOther; 92 93 } 94 95static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7) 96 { 97 if ( PKCS7_type_is_data(p7)) 98 return p7->d.data; 99 if ( PKCS7_type_is_other(p7) && p7->d.other 100 && (p7->d.other->type == V_ASN1_OCTET_STRING)) 101 return p7->d.other->value.octet_string; 102 return NULL; 103 } 104 105static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) 106 { 107 BIO *btmp; 108 const EVP_MD *md; 109 if ((btmp=BIO_new(BIO_f_md())) == NULL) 110 { 111 PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,ERR_R_BIO_LIB); 112 goto err; 113 } 114 115 md=EVP_get_digestbyobj(alg->algorithm); 116 if (md == NULL) 117 { 118 PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,PKCS7_R_UNKNOWN_DIGEST_TYPE); 119 goto err; 120 } 121 122 BIO_set_md(btmp,md); 123 if (*pbio == NULL) 124 *pbio=btmp; 125 else if (!BIO_push(*pbio,btmp)) 126 { 127 PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,ERR_R_BIO_LIB); 128 goto err; 129 } 130 btmp=NULL; 131 132 return 1; 133 134 err: 135 if (btmp) 136 BIO_free(btmp); 137 return 0; 138 139 } 140 141static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, 142 unsigned char *key, int keylen) 143 { 144 EVP_PKEY_CTX *pctx = NULL; 145 EVP_PKEY *pkey = NULL; 146 unsigned char *ek = NULL; 147 int ret = 0; 148 size_t eklen; 149 150 pkey = X509_get_pubkey(ri->cert); 151 152 if (!pkey) 153 return 0; 154 155 pctx = EVP_PKEY_CTX_new(pkey, NULL); 156 if (!pctx) 157 return 0; 158 159 if (EVP_PKEY_encrypt_init(pctx) <= 0) 160 goto err; 161 162 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT, 163 EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) 164 { 165 PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR); 166 goto err; 167 } 168 169 if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0) 170 goto err; 171 172 ek = OPENSSL_malloc(eklen); 173 174 if (ek == NULL) 175 { 176 PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE); 177 goto err; 178 } 179 180 if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0) 181 goto err; 182 183 ASN1_STRING_set0(ri->enc_key, ek, eklen); 184 ek = NULL; 185 186 ret = 1; 187 188 err: 189 if (pkey) 190 EVP_PKEY_free(pkey); 191 if (pctx) 192 EVP_PKEY_CTX_free(pctx); 193 if (ek) 194 OPENSSL_free(ek); 195 return ret; 196 197 } 198 199 200static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, 201 PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey) 202 { 203 EVP_PKEY_CTX *pctx = NULL; 204 unsigned char *ek = NULL; 205 size_t eklen; 206 207 int ret = -1; 208 209 pctx = EVP_PKEY_CTX_new(pkey, NULL); 210 if (!pctx) 211 return -1; 212 213 if (EVP_PKEY_decrypt_init(pctx) <= 0) 214 goto err; 215 216 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT, 217 EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) 218 { 219 PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR); 220 goto err; 221 } 222 223 if (EVP_PKEY_decrypt(pctx, NULL, &eklen, 224 ri->enc_key->data, ri->enc_key->length) <= 0) 225 goto err; 226 227 ek = OPENSSL_malloc(eklen); 228 229 if (ek == NULL) 230 { 231 PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE); 232 goto err; 233 } 234 235 if (EVP_PKEY_decrypt(pctx, ek, &eklen, 236 ri->enc_key->data, ri->enc_key->length) <= 0) 237 { 238 ret = 0; 239 PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB); 240 goto err; 241 } 242 243 ret = 1; 244 245 if (*pek) 246 { 247 OPENSSL_cleanse(*pek, *peklen); 248 OPENSSL_free(*pek); 249 } 250 251 *pek = ek; 252 *peklen = eklen; 253 254 err: 255 if (pctx) 256 EVP_PKEY_CTX_free(pctx); 257 if (!ret && ek) 258 OPENSSL_free(ek); 259 260 return ret; 261 } 262 263BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) 264 { 265 int i; 266 BIO *out=NULL,*btmp=NULL; 267 X509_ALGOR *xa = NULL; 268 const EVP_CIPHER *evp_cipher=NULL; 269 STACK_OF(X509_ALGOR) *md_sk=NULL; 270 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; 271 X509_ALGOR *xalg=NULL; 272 PKCS7_RECIP_INFO *ri=NULL; 273 ASN1_OCTET_STRING *os=NULL; 274 275 i=OBJ_obj2nid(p7->type); 276 p7->state=PKCS7_S_HEADER; 277 278 switch (i) 279 { 280 case NID_pkcs7_signed: 281 md_sk=p7->d.sign->md_algs; 282 os = PKCS7_get_octet_string(p7->d.sign->contents); 283 break; 284 case NID_pkcs7_signedAndEnveloped: 285 rsk=p7->d.signed_and_enveloped->recipientinfo; 286 md_sk=p7->d.signed_and_enveloped->md_algs; 287 xalg=p7->d.signed_and_enveloped->enc_data->algorithm; 288 evp_cipher=p7->d.signed_and_enveloped->enc_data->cipher; 289 if (evp_cipher == NULL) 290 { 291 PKCS7err(PKCS7_F_PKCS7_DATAINIT, 292 PKCS7_R_CIPHER_NOT_INITIALIZED); 293 goto err; 294 } 295 break; 296 case NID_pkcs7_enveloped: 297 rsk=p7->d.enveloped->recipientinfo; 298 xalg=p7->d.enveloped->enc_data->algorithm; 299 evp_cipher=p7->d.enveloped->enc_data->cipher; 300 if (evp_cipher == NULL) 301 { 302 PKCS7err(PKCS7_F_PKCS7_DATAINIT, 303 PKCS7_R_CIPHER_NOT_INITIALIZED); 304 goto err; 305 } 306 break; 307 case NID_pkcs7_digest: 308 xa = p7->d.digest->md; 309 os = PKCS7_get_octet_string(p7->d.digest->contents); 310 break; 311 case NID_pkcs7_data: 312 break; 313 default: 314 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); 315 goto err; 316 } 317 318 for (i=0; i<sk_X509_ALGOR_num(md_sk); i++) 319 if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i))) 320 goto err; 321 322 if (xa && !PKCS7_bio_add_digest(&out, xa)) 323 goto err; 324 325 if (evp_cipher != NULL) 326 { 327 unsigned char key[EVP_MAX_KEY_LENGTH]; 328 unsigned char iv[EVP_MAX_IV_LENGTH]; 329 int keylen,ivlen; 330 EVP_CIPHER_CTX *ctx; 331 332 if ((btmp=BIO_new(BIO_f_cipher())) == NULL) 333 { 334 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB); 335 goto err; 336 } 337 BIO_get_cipher_ctx(btmp, &ctx); 338 keylen=EVP_CIPHER_key_length(evp_cipher); 339 ivlen=EVP_CIPHER_iv_length(evp_cipher); 340 xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); 341 if (ivlen > 0) 342 if (RAND_pseudo_bytes(iv,ivlen) <= 0) 343 goto err; 344 if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1)<=0) 345 goto err; 346 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) 347 goto err; 348 if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0) 349 goto err; 350 351 if (ivlen > 0) { 352 if (xalg->parameter == NULL) { 353 xalg->parameter = ASN1_TYPE_new(); 354 if (xalg->parameter == NULL) 355 goto err; 356 } 357 if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) 358 goto err; 359 } 360 361 /* Lets do the pub key stuff :-) */ 362 for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) 363 { 364 ri=sk_PKCS7_RECIP_INFO_value(rsk,i); 365 if (pkcs7_encode_rinfo(ri, key, keylen) <= 0) 366 goto err; 367 } 368 OPENSSL_cleanse(key, keylen); 369 370 if (out == NULL) 371 out=btmp; 372 else 373 BIO_push(out,btmp); 374 btmp=NULL; 375 } 376 377 if (bio == NULL) 378 { 379 if (PKCS7_is_detached(p7)) 380 bio=BIO_new(BIO_s_null()); 381 else if (os && os->length > 0) 382 bio = BIO_new_mem_buf(os->data, os->length); 383 if(bio == NULL) 384 { 385 bio=BIO_new(BIO_s_mem()); 386 if (bio == NULL) 387 goto err; 388 BIO_set_mem_eof_return(bio,0); 389 } 390 } 391 if (out) 392 BIO_push(out,bio); 393 else 394 out = bio; 395 bio=NULL; 396 if (0) 397 { 398err: 399 if (out != NULL) 400 BIO_free_all(out); 401 if (btmp != NULL) 402 BIO_free_all(btmp); 403 out=NULL; 404 } 405 return(out); 406 } 407 408static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) 409 { 410 int ret; 411 ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, 412 pcert->cert_info->issuer); 413 if (ret) 414 return ret; 415 return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, 416 ri->issuer_and_serial->serial); 417 } 418 419/* int */ 420BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) 421 { 422 int i,j; 423 BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL; 424 X509_ALGOR *xa; 425 ASN1_OCTET_STRING *data_body=NULL; 426 const EVP_MD *evp_md; 427 const EVP_CIPHER *evp_cipher=NULL; 428 EVP_CIPHER_CTX *evp_ctx=NULL; 429 X509_ALGOR *enc_alg=NULL; 430 STACK_OF(X509_ALGOR) *md_sk=NULL; 431 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; 432 PKCS7_RECIP_INFO *ri=NULL; 433 unsigned char *ek = NULL, *tkey = NULL; 434 int eklen = 0, tkeylen = 0; 435 436 i=OBJ_obj2nid(p7->type); 437 p7->state=PKCS7_S_HEADER; 438 439 switch (i) 440 { 441 case NID_pkcs7_signed: 442 data_body=PKCS7_get_octet_string(p7->d.sign->contents); 443 if (!PKCS7_is_detached(p7) && data_body == NULL) 444 { 445 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_INVALID_SIGNED_DATA_TYPE); 446 goto err; 447 } 448 md_sk=p7->d.sign->md_algs; 449 break; 450 case NID_pkcs7_signedAndEnveloped: 451 rsk=p7->d.signed_and_enveloped->recipientinfo; 452 md_sk=p7->d.signed_and_enveloped->md_algs; 453 data_body=p7->d.signed_and_enveloped->enc_data->enc_data; 454 enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm; 455 evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm); 456 if (evp_cipher == NULL) 457 { 458 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); 459 goto err; 460 } 461 break; 462 case NID_pkcs7_enveloped: 463 rsk=p7->d.enveloped->recipientinfo; 464 enc_alg=p7->d.enveloped->enc_data->algorithm; 465 data_body=p7->d.enveloped->enc_data->enc_data; 466 evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm); 467 if (evp_cipher == NULL) 468 { 469 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); 470 goto err; 471 } 472 break; 473 default: 474 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); 475 goto err; 476 } 477 478 /* We will be checking the signature */ 479 if (md_sk != NULL) 480 { 481 for (i=0; i<sk_X509_ALGOR_num(md_sk); i++) 482 { 483 xa=sk_X509_ALGOR_value(md_sk,i); 484 if ((btmp=BIO_new(BIO_f_md())) == NULL) 485 { 486 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB); 487 goto err; 488 } 489 490 j=OBJ_obj2nid(xa->algorithm); 491 evp_md=EVP_get_digestbynid(j); 492 if (evp_md == NULL) 493 { 494 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE); 495 goto err; 496 } 497 498 BIO_set_md(btmp,evp_md); 499 if (out == NULL) 500 out=btmp; 501 else 502 BIO_push(out,btmp); 503 btmp=NULL; 504 } 505 } 506 507 if (evp_cipher != NULL) 508 { 509#if 0 510 unsigned char key[EVP_MAX_KEY_LENGTH]; 511 unsigned char iv[EVP_MAX_IV_LENGTH]; 512 unsigned char *p; 513 int keylen,ivlen; 514 int max; 515 X509_OBJECT ret; 516#endif 517 518 if ((etmp=BIO_new(BIO_f_cipher())) == NULL) 519 { 520 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB); 521 goto err; 522 } 523 524 /* It was encrypted, we need to decrypt the secret key 525 * with the private key */ 526 527 /* Find the recipientInfo which matches the passed certificate 528 * (if any) 529 */ 530 531 if (pcert) 532 { 533 for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) 534 { 535 ri=sk_PKCS7_RECIP_INFO_value(rsk,i); 536 if (!pkcs7_cmp_ri(ri, pcert)) 537 break; 538 ri=NULL; 539 } 540 if (ri == NULL) 541 { 542 PKCS7err(PKCS7_F_PKCS7_DATADECODE, 543 PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE); 544 goto err; 545 } 546 } 547 548 /* If we haven't got a certificate try each ri in turn */ 549 if (pcert == NULL) 550 { 551 /* Always attempt to decrypt all rinfo even 552 * after sucess as a defence against MMA timing 553 * attacks. 554 */ 555 for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) 556 { 557 ri=sk_PKCS7_RECIP_INFO_value(rsk,i); 558 559 if (pkcs7_decrypt_rinfo(&ek, &eklen, 560 ri, pkey) < 0) 561 goto err; 562 ERR_clear_error(); 563 } 564 } 565 else 566 { 567 /* Only exit on fatal errors, not decrypt failure */ 568 if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0) 569 goto err; 570 ERR_clear_error(); 571 } 572 573 evp_ctx=NULL; 574 BIO_get_cipher_ctx(etmp,&evp_ctx); 575 if (EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0) <= 0) 576 goto err; 577 if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) 578 goto err; 579 /* Generate random key as MMA defence */ 580 tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx); 581 tkey = OPENSSL_malloc(tkeylen); 582 if (!tkey) 583 goto err; 584 if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0) 585 goto err; 586 if (ek == NULL) 587 { 588 ek = tkey; 589 eklen = tkeylen; 590 tkey = NULL; 591 } 592 593 if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) { 594 /* Some S/MIME clients don't use the same key 595 * and effective key length. The key length is 596 * determined by the size of the decrypted RSA key. 597 */ 598 if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) 599 { 600 /* Use random key as MMA defence */ 601 OPENSSL_cleanse(ek, eklen); 602 OPENSSL_free(ek); 603 ek = tkey; 604 eklen = tkeylen; 605 tkey = NULL; 606 } 607 } 608 /* Clear errors so we don't leak information useful in MMA */ 609 ERR_clear_error(); 610 if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,ek,NULL,0) <= 0) 611 goto err; 612 613 if (ek) 614 { 615 OPENSSL_cleanse(ek,eklen); 616 OPENSSL_free(ek); 617 ek = NULL; 618 } 619 if (tkey) 620 { 621 OPENSSL_cleanse(tkey,tkeylen); 622 OPENSSL_free(tkey); 623 tkey = NULL; 624 } 625 626 if (out == NULL) 627 out=etmp; 628 else 629 BIO_push(out,etmp); 630 etmp=NULL; 631 } 632 633#if 1 634 if (PKCS7_is_detached(p7) || (in_bio != NULL)) 635 { 636 bio=in_bio; 637 } 638 else 639 { 640#if 0 641 bio=BIO_new(BIO_s_mem()); 642 /* We need to set this so that when we have read all 643 * the data, the encrypt BIO, if present, will read 644 * EOF and encode the last few bytes */ 645 BIO_set_mem_eof_return(bio,0); 646 647 if (data_body->length > 0) 648 BIO_write(bio,(char *)data_body->data,data_body->length); 649#else 650 if (data_body->length > 0) 651 bio = BIO_new_mem_buf(data_body->data,data_body->length); 652 else { 653 bio=BIO_new(BIO_s_mem()); 654 BIO_set_mem_eof_return(bio,0); 655 } 656 if (bio == NULL) 657 goto err; 658#endif 659 } 660 BIO_push(out,bio); 661 bio=NULL; 662#endif 663 if (0) 664 { 665err: 666 if (ek) 667 { 668 OPENSSL_cleanse(ek,eklen); 669 OPENSSL_free(ek); 670 } 671 if (tkey) 672 { 673 OPENSSL_cleanse(tkey,tkeylen); 674 OPENSSL_free(tkey); 675 } 676 if (out != NULL) BIO_free_all(out); 677 if (btmp != NULL) BIO_free_all(btmp); 678 if (etmp != NULL) BIO_free_all(etmp); 679 if (bio != NULL) BIO_free_all(bio); 680 out=NULL; 681 } 682 return(out); 683 } 684 685static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid) 686 { 687 for (;;) 688 { 689 bio=BIO_find_type(bio,BIO_TYPE_MD); 690 if (bio == NULL) 691 { 692 PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); 693 return NULL; 694 } 695 BIO_get_md_ctx(bio,pmd); 696 if (*pmd == NULL) 697 { 698 PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,ERR_R_INTERNAL_ERROR); 699 return NULL; 700 } 701 if (EVP_MD_CTX_type(*pmd) == nid) 702 return bio; 703 bio=BIO_next(bio); 704 } 705 return NULL; 706 } 707 708static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx) 709 { 710 unsigned char md_data[EVP_MAX_MD_SIZE]; 711 unsigned int md_len; 712 713 /* Add signing time if not already present */ 714 if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) 715 { 716 if (!PKCS7_add0_attrib_signing_time(si, NULL)) 717 { 718 PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, 719 ERR_R_MALLOC_FAILURE); 720 return 0; 721 } 722 } 723 724 /* Add digest */ 725 EVP_DigestFinal_ex(mctx, md_data,&md_len); 726 if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) 727 { 728 PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE); 729 return 0; 730 } 731 732 /* Now sign the attributes */ 733 if (!PKCS7_SIGNER_INFO_sign(si)) 734 return 0; 735 736 return 1; 737 } 738 739 740int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) 741 { 742 int ret=0; 743 int i,j; 744 BIO *btmp; 745 PKCS7_SIGNER_INFO *si; 746 EVP_MD_CTX *mdc,ctx_tmp; 747 STACK_OF(X509_ATTRIBUTE) *sk; 748 STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; 749 ASN1_OCTET_STRING *os=NULL; 750 751 EVP_MD_CTX_init(&ctx_tmp); 752 i=OBJ_obj2nid(p7->type); 753 p7->state=PKCS7_S_HEADER; 754 755 switch (i) 756 { 757 case NID_pkcs7_data: 758 os = p7->d.data; 759 break; 760 case NID_pkcs7_signedAndEnveloped: 761 /* XXXXXXXXXXXXXXXX */ 762 si_sk=p7->d.signed_and_enveloped->signer_info; 763 os = p7->d.signed_and_enveloped->enc_data->enc_data; 764 if (!os) 765 { 766 os=M_ASN1_OCTET_STRING_new(); 767 if (!os) 768 { 769 PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); 770 goto err; 771 } 772 p7->d.signed_and_enveloped->enc_data->enc_data=os; 773 } 774 break; 775 case NID_pkcs7_enveloped: 776 /* XXXXXXXXXXXXXXXX */ 777 os = p7->d.enveloped->enc_data->enc_data; 778 if (!os) 779 { 780 os=M_ASN1_OCTET_STRING_new(); 781 if (!os) 782 { 783 PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); 784 goto err; 785 } 786 p7->d.enveloped->enc_data->enc_data=os; 787 } 788 break; 789 case NID_pkcs7_signed: 790 si_sk=p7->d.sign->signer_info; 791 os=PKCS7_get_octet_string(p7->d.sign->contents); 792 /* If detached data then the content is excluded */ 793 if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { 794 M_ASN1_OCTET_STRING_free(os); 795 p7->d.sign->contents->d.data = NULL; 796 } 797 break; 798 799 case NID_pkcs7_digest: 800 os=PKCS7_get_octet_string(p7->d.digest->contents); 801 /* If detached data then the content is excluded */ 802 if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) 803 { 804 M_ASN1_OCTET_STRING_free(os); 805 p7->d.digest->contents->d.data = NULL; 806 } 807 break; 808 809 default: 810 PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); 811 goto err; 812 } 813 814 if (si_sk != NULL) 815 { 816 for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++) 817 { 818 si=sk_PKCS7_SIGNER_INFO_value(si_sk,i); 819 if (si->pkey == NULL) 820 continue; 821 822 j = OBJ_obj2nid(si->digest_alg->algorithm); 823 824 btmp=bio; 825 826 btmp = PKCS7_find_digest(&mdc, btmp, j); 827 828 if (btmp == NULL) 829 goto err; 830 831 /* We now have the EVP_MD_CTX, lets do the 832 * signing. */ 833 EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); 834 835 sk=si->auth_attr; 836 837 /* If there are attributes, we add the digest 838 * attribute and only sign the attributes */ 839 if (sk_X509_ATTRIBUTE_num(sk) > 0) 840 { 841 if (!do_pkcs7_signed_attrib(si, &ctx_tmp)) 842 goto err; 843 } 844 else 845 { 846 unsigned char *abuf = NULL; 847 unsigned int abuflen; 848 abuflen = EVP_PKEY_size(si->pkey); 849 abuf = OPENSSL_malloc(abuflen); 850 if (!abuf) 851 goto err; 852 853 if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, 854 si->pkey)) 855 { 856 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, 857 ERR_R_EVP_LIB); 858 goto err; 859 } 860 ASN1_STRING_set0(si->enc_digest, abuf, abuflen); 861 } 862 } 863 } 864 else if (i == NID_pkcs7_digest) 865 { 866 unsigned char md_data[EVP_MAX_MD_SIZE]; 867 unsigned int md_len; 868 if (!PKCS7_find_digest(&mdc, bio, 869 OBJ_obj2nid(p7->d.digest->md->algorithm))) 870 goto err; 871 EVP_DigestFinal_ex(mdc,md_data,&md_len); 872 M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); 873 } 874 875 if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) 876 { 877 char *cont; 878 long contlen; 879 btmp=BIO_find_type(bio,BIO_TYPE_MEM); 880 if (btmp == NULL) 881 { 882 PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); 883 goto err; 884 } 885 contlen = BIO_get_mem_data(btmp, &cont); 886 /* Mark the BIO read only then we can use its copy of the data 887 * instead of making an extra copy. 888 */ 889 BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); 890 BIO_set_mem_eof_return(btmp, 0); 891 ASN1_STRING_set0(os, (unsigned char *)cont, contlen); 892 } 893 ret=1; 894err: 895 EVP_MD_CTX_cleanup(&ctx_tmp); 896 return(ret); 897 } 898 899int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) 900 { 901 EVP_MD_CTX mctx; 902 EVP_PKEY_CTX *pctx; 903 unsigned char *abuf = NULL; 904 int alen; 905 size_t siglen; 906 const EVP_MD *md = NULL; 907 908 md = EVP_get_digestbyobj(si->digest_alg->algorithm); 909 if (md == NULL) 910 return 0; 911 912 EVP_MD_CTX_init(&mctx); 913 if (EVP_DigestSignInit(&mctx, &pctx, md,NULL, si->pkey) <= 0) 914 goto err; 915 916 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, 917 EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) 918 { 919 PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR); 920 goto err; 921 } 922 923 alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr,&abuf, 924 ASN1_ITEM_rptr(PKCS7_ATTR_SIGN)); 925 if(!abuf) 926 goto err; 927 if (EVP_DigestSignUpdate(&mctx,abuf,alen) <= 0) 928 goto err; 929 OPENSSL_free(abuf); 930 abuf = NULL; 931 if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) 932 goto err; 933 abuf = OPENSSL_malloc(siglen); 934 if(!abuf) 935 goto err; 936 if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0) 937 goto err; 938 939 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, 940 EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) 941 { 942 PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR); 943 goto err; 944 } 945 946 EVP_MD_CTX_cleanup(&mctx); 947 948 ASN1_STRING_set0(si->enc_digest, abuf, siglen); 949 950 return 1; 951 952 err: 953 if (abuf) 954 OPENSSL_free(abuf); 955 EVP_MD_CTX_cleanup(&mctx); 956 return 0; 957 958 } 959 960int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, 961 PKCS7 *p7, PKCS7_SIGNER_INFO *si) 962 { 963 PKCS7_ISSUER_AND_SERIAL *ias; 964 int ret=0,i; 965 STACK_OF(X509) *cert; 966 X509 *x509; 967 968 if (PKCS7_type_is_signed(p7)) 969 { 970 cert=p7->d.sign->cert; 971 } 972 else if (PKCS7_type_is_signedAndEnveloped(p7)) 973 { 974 cert=p7->d.signed_and_enveloped->cert; 975 } 976 else 977 { 978 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_WRONG_PKCS7_TYPE); 979 goto err; 980 } 981 /* XXXXXXXXXXXXXXXXXXXXXXX */ 982 ias=si->issuer_and_serial; 983 984 x509=X509_find_by_issuer_and_serial(cert,ias->issuer,ias->serial); 985 986 /* were we able to find the cert in passed to us */ 987 if (x509 == NULL) 988 { 989 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE); 990 goto err; 991 } 992 993 /* Lets verify */ 994 if(!X509_STORE_CTX_init(ctx,cert_store,x509,cert)) 995 { 996 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB); 997 goto err; 998 } 999 X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN); 1000 i=X509_verify_cert(ctx); 1001 if (i <= 0) 1002 { 1003 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB); 1004 X509_STORE_CTX_cleanup(ctx); 1005 goto err; 1006 } 1007 X509_STORE_CTX_cleanup(ctx); 1008 1009 return PKCS7_signatureVerify(bio, p7, si, x509); 1010 err: 1011 return ret; 1012 } 1013 1014int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, 1015 X509 *x509) 1016 { 1017 ASN1_OCTET_STRING *os; 1018 EVP_MD_CTX mdc_tmp,*mdc; 1019 int ret=0,i; 1020 int md_type; 1021 STACK_OF(X509_ATTRIBUTE) *sk; 1022 BIO *btmp; 1023 EVP_PKEY *pkey; 1024 1025 EVP_MD_CTX_init(&mdc_tmp); 1026 1027 if (!PKCS7_type_is_signed(p7) && 1028 !PKCS7_type_is_signedAndEnveloped(p7)) { 1029 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, 1030 PKCS7_R_WRONG_PKCS7_TYPE); 1031 goto err; 1032 } 1033 1034 md_type=OBJ_obj2nid(si->digest_alg->algorithm); 1035 1036 btmp=bio; 1037 for (;;) 1038 { 1039 if ((btmp == NULL) || 1040 ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL)) 1041 { 1042 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, 1043 PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); 1044 goto err; 1045 } 1046 BIO_get_md_ctx(btmp,&mdc); 1047 if (mdc == NULL) 1048 { 1049 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, 1050 ERR_R_INTERNAL_ERROR); 1051 goto err; 1052 } 1053 if (EVP_MD_CTX_type(mdc) == md_type) 1054 break; 1055 /* Workaround for some broken clients that put the signature 1056 * OID instead of the digest OID in digest_alg->algorithm 1057 */ 1058 if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type) 1059 break; 1060 btmp=BIO_next(btmp); 1061 } 1062 1063 /* mdc is the digest ctx that we want, unless there are attributes, 1064 * in which case the digest is the signed attributes */ 1065 EVP_MD_CTX_copy_ex(&mdc_tmp,mdc); 1066 1067 sk=si->auth_attr; 1068 if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) 1069 { 1070 unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL; 1071 unsigned int md_len; 1072 int alen; 1073 ASN1_OCTET_STRING *message_digest; 1074 1075 EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len); 1076 message_digest=PKCS7_digest_from_attributes(sk); 1077 if (!message_digest) 1078 { 1079 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, 1080 PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); 1081 goto err; 1082 } 1083 if ((message_digest->length != (int)md_len) || 1084 (memcmp(message_digest->data,md_dat,md_len))) 1085 { 1086#if 0 1087{ 1088int ii; 1089for (ii=0; ii<message_digest->length; ii++) 1090 printf("%02X",message_digest->data[ii]); printf(" sent\n"); 1091for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n"); 1092} 1093#endif 1094 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, 1095 PKCS7_R_DIGEST_FAILURE); 1096 ret= -1; 1097 goto err; 1098 } 1099 1100 EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL); 1101 1102 alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf, 1103 ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY)); 1104 if (alen <= 0) 1105 { 1106 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,ERR_R_ASN1_LIB); 1107 ret = -1; 1108 goto err; 1109 } 1110 EVP_VerifyUpdate(&mdc_tmp, abuf, alen); 1111 1112 OPENSSL_free(abuf); 1113 } 1114 1115 os=si->enc_digest; 1116 pkey = X509_get_pubkey(x509); 1117 if (!pkey) 1118 { 1119 ret = -1; 1120 goto err; 1121 } 1122 1123 i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey); 1124 EVP_PKEY_free(pkey); 1125 if (i <= 0) 1126 { 1127 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, 1128 PKCS7_R_SIGNATURE_FAILURE); 1129 ret= -1; 1130 goto err; 1131 } 1132 else 1133 ret=1; 1134err: 1135 EVP_MD_CTX_cleanup(&mdc_tmp); 1136 return(ret); 1137 } 1138 1139PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) 1140 { 1141 STACK_OF(PKCS7_RECIP_INFO) *rsk; 1142 PKCS7_RECIP_INFO *ri; 1143 int i; 1144 1145 i=OBJ_obj2nid(p7->type); 1146 if (i != NID_pkcs7_signedAndEnveloped) 1147 return NULL; 1148 if (p7->d.signed_and_enveloped == NULL) 1149 return NULL; 1150 rsk=p7->d.signed_and_enveloped->recipientinfo; 1151 if (rsk == NULL) 1152 return NULL; 1153 ri=sk_PKCS7_RECIP_INFO_value(rsk,0); 1154 if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL); 1155 ri=sk_PKCS7_RECIP_INFO_value(rsk,idx); 1156 return(ri->issuer_and_serial); 1157 } 1158 1159ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid) 1160 { 1161 return(get_attribute(si->auth_attr,nid)); 1162 } 1163 1164ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid) 1165 { 1166 return(get_attribute(si->unauth_attr,nid)); 1167 } 1168 1169static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid) 1170 { 1171 int i; 1172 X509_ATTRIBUTE *xa; 1173 ASN1_OBJECT *o; 1174 1175 o=OBJ_nid2obj(nid); 1176 if (!o || !sk) return(NULL); 1177 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) 1178 { 1179 xa=sk_X509_ATTRIBUTE_value(sk,i); 1180 if (OBJ_cmp(xa->object,o) == 0) 1181 { 1182 if (!xa->single && sk_ASN1_TYPE_num(xa->value.set)) 1183 return(sk_ASN1_TYPE_value(xa->value.set,0)); 1184 else 1185 return(NULL); 1186 } 1187 } 1188 return(NULL); 1189 } 1190 1191ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk) 1192{ 1193 ASN1_TYPE *astype; 1194 if(!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) return NULL; 1195 return astype->value.octet_string; 1196} 1197 1198int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, 1199 STACK_OF(X509_ATTRIBUTE) *sk) 1200 { 1201 int i; 1202 1203 if (p7si->auth_attr != NULL) 1204 sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free); 1205 p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk); 1206 if (p7si->auth_attr == NULL) 1207 return 0; 1208 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) 1209 { 1210 if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i, 1211 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i)))) 1212 == NULL) 1213 return(0); 1214 } 1215 return(1); 1216 } 1217 1218int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk) 1219 { 1220 int i; 1221 1222 if (p7si->unauth_attr != NULL) 1223 sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, 1224 X509_ATTRIBUTE_free); 1225 p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk); 1226 if (p7si->unauth_attr == NULL) 1227 return 0; 1228 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) 1229 { 1230 if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i, 1231 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i)))) 1232 == NULL) 1233 return(0); 1234 } 1235 return(1); 1236 } 1237 1238int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, 1239 void *value) 1240 { 1241 return(add_attribute(&(p7si->auth_attr),nid,atrtype,value)); 1242 } 1243 1244int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, 1245 void *value) 1246 { 1247 return(add_attribute(&(p7si->unauth_attr),nid,atrtype,value)); 1248 } 1249 1250static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, 1251 void *value) 1252 { 1253 X509_ATTRIBUTE *attr=NULL; 1254 1255 if (*sk == NULL) 1256 { 1257 *sk = sk_X509_ATTRIBUTE_new_null(); 1258 if (*sk == NULL) 1259 return 0; 1260new_attrib: 1261 if (!(attr=X509_ATTRIBUTE_create(nid,atrtype,value))) 1262 return 0; 1263 if (!sk_X509_ATTRIBUTE_push(*sk,attr)) 1264 { 1265 X509_ATTRIBUTE_free(attr); 1266 return 0; 1267 } 1268 } 1269 else 1270 { 1271 int i; 1272 1273 for (i=0; i<sk_X509_ATTRIBUTE_num(*sk); i++) 1274 { 1275 attr=sk_X509_ATTRIBUTE_value(*sk,i); 1276 if (OBJ_obj2nid(attr->object) == nid) 1277 { 1278 X509_ATTRIBUTE_free(attr); 1279 attr=X509_ATTRIBUTE_create(nid,atrtype,value); 1280 if (attr == NULL) 1281 return 0; 1282 if (!sk_X509_ATTRIBUTE_set(*sk,i,attr)) 1283 { 1284 X509_ATTRIBUTE_free(attr); 1285 return 0; 1286 } 1287 goto end; 1288 } 1289 } 1290 goto new_attrib; 1291 } 1292end: 1293 return(1); 1294 } 1295 1296