mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Prevent SMIME crash in the opaque signature test. bugscape 54061. r=nelsonb

This commit is contained in:
jpierre%netscape.com 2003-12-02 05:46:27 +00:00
Родитель 7eef555978
Коммит e5c708bb65
1 изменённых файлов: 153 добавлений и 10 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

163
security/nss/lib/smime/cmssigdata.c
Просмотреть файл

@ -34,7 +34,7 @@
/*
* CMS signedData methods.
*
* $Id: cmssigdata.c,v 1.20 2003/11/26 23:50:02 wchang0222%aol.com Exp $
* $Id: cmssigdata.c,v 1.21 2003/12/02 05:46:27 jpierre%netscape.com Exp $
*/
#include "cmslocal.h"
@ -54,6 +54,12 @@ NSS_CMSSignedData_Create(NSSCMSMessage *cmsg)
NSSCMSSignedData *sigd;
PLArenaPool *poolp;
PORT_Assert(cmsg);
if (!cmsg) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
poolp = cmsg->poolp;
mark = PORT_ArenaMark(poolp);
@ -132,6 +138,12 @@ NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd)
int n, i;
PLArenaPool *poolp;
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
poolp = sigd->cmsg->poolp;
/* we assume that we have precomputed digests if there is a list of algorithms, and */
@ -198,6 +210,11 @@ loser:
SECStatus
NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
/* set up the digests */
if (sigd->digestAlgorithms != NULL) {
sigd->contentInfo.digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
@ -232,6 +249,12 @@ NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd)
CERTCertificateList *certlist;
extern const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
poolp = sigd->cmsg->poolp;
cinfo = &(sigd->contentInfo);
@ -359,6 +382,11 @@ loser:
SECStatus
NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
/* set up the digests */
if (sigd->digestAlgorithms != NULL && sigd->digests == NULL) {
/* if digests are already there, do nothing */
@ -376,6 +404,11 @@ NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd)
SECStatus
NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
/* did we have digest calculation going on? */
if (sigd->contentInfo.digcx) {
if (NSS_CMSDigestContext_FinishMultiple(sigd->contentInfo.digcx, sigd->cmsg->poolp, &(sigd->digests)) != SECSuccess)
@ -392,9 +425,15 @@ NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd)
SECStatus
NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd)
{
NSSCMSSignerInfo **signerinfos;
NSSCMSSignerInfo **signerinfos = NULL;
int i;
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
/* set cmsg for all the signerinfos */
signerinfos = sigd->signerInfos;
@ -413,18 +452,33 @@ NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd)
NSSCMSSignerInfo **
NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
return sigd->signerInfos;
}
int
NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return 0;
}
return NSS_CMSArray_Count((void **)sigd->signerInfos);
}
NSSCMSSignerInfo *
NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
return sigd->signerInfos[i];
}
@ -434,6 +488,11 @@ NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i)
SECAlgorithmID **
NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
return sigd->digestAlgorithms;
}
@ -443,6 +502,11 @@ NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd)
NSSCMSContentInfo *
NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
return &(sigd->contentInfo);
}
@ -452,6 +516,11 @@ NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd)
SECItem **
NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
return sigd->rawCerts;
}
@ -468,6 +537,12 @@ NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
int i;
PRTime now;
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
certcount = NSS_CMSArray_Count((void **)sigd->rawCerts);
/* get the certs in the temp DB */
@ -586,6 +661,12 @@ NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i,
SECItem *contentType, *digest;
SECStatus rv;
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
cinfo = &(sigd->contentInfo);
signerinfo = sigd->signerInfos[i];
@ -660,6 +741,11 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
PRBool
NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return PR_FALSE;
}
return (sigd->digests != NULL);
}
@ -668,10 +754,12 @@ NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certl
{
SECStatus rv;
PORT_Assert(certlist != NULL);
if (certlist == NULL)
return SECFailure;
PORT_Assert(sigd);
PORT_Assert(certlist);
if (!sigd || !certlist) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
/* XXX memory?? a certlist has an arena of its own and is not refcounted!?!? */
rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certLists), (void *)certlist);
@ -691,6 +779,13 @@ NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert)
usage = certUsageEmailSigner;
PORT_Assert(cert);
PORT_Assert(sigd);
if (!sigd || !cert) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
/* do not include root */
certlist = CERT_CertChainFromCert(cert, usage, PR_FALSE);
if (certlist == NULL)
@ -707,10 +802,12 @@ NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert)
CERTCertificate *c;
SECStatus rv;
PORT_Assert(cert != NULL);
if (cert == NULL)
return SECFailure;
PORT_Assert(cert);
PORT_Assert(sigd);
if (!sigd || !cert) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
c = CERT_DupCertificate(cert);
rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certs), (void *)c);
@ -720,6 +817,11 @@ NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert)
PRBool
NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd)
{
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return PR_FALSE;
}
if (sigd->rawCerts != NULL && sigd->rawCerts[0] != NULL)
return PR_TRUE;
else if (sigd->crls != NULL && sigd->crls[0] != NULL)
@ -737,6 +839,13 @@ NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
SECOidTag digestalgtag;
PLArenaPool *poolp;
PORT_Assert(signerinfo);
PORT_Assert(sigd);
if (!sigd || !signerinfo) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
poolp = sigd->cmsg->poolp;
mark = PORT_ArenaMark(poolp);
@ -782,6 +891,14 @@ NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
{
int cnt, i, idx;
PORT_Assert(digestalgs);
PORT_Assert(digests);
PORT_Assert(sigd);
if (!sigd || !digestalgs || !digests) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
if (sigd->digestAlgorithms == NULL) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
@ -831,6 +948,12 @@ NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
void *mark;
int n, cnt;
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
poolp = sigd->cmsg->poolp;
mark = PORT_ArenaMark(poolp);
@ -884,6 +1007,13 @@ NSS_CMSSignedData_AddDigest(PRArenaPool *poolp,
SECAlgorithmID *digestalg;
void *mark;
PORT_Assert(poolp);
PORT_Assert(sigd);
if (!sigd || !poolp) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
mark = PORT_ArenaMark(poolp);
digestalg = PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
@ -914,6 +1044,12 @@ NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag)
{
int n;
PORT_Assert(sigd);
if (!sigd) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
if (sigd->digestAlgorithms == NULL)
return NULL;
@ -946,6 +1082,13 @@ NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PR
PLArenaPool *poolp;
SECStatus rv;
PORT_Assert(cmsg);
PORT_Assert(cert);
if (!cmsg || !cert) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return NULL;
}
poolp = cmsg->poolp;
mark = PORT_ArenaMark(poolp);