Attachment #738017 for bug #1042656

View | Details | Raw Unified | Return to bug 1042656
Collapse All | Expand All

Lines 102-108 int KSI_isHashAlgorithmSupported(KSI_Has Link Here

(-)libksi-3.4.0.5/src/ksi/hash_openssl.c (-3 / +5 lines)
102		102
103	void KSI_DataHasher_free(KSI_DataHasher *hasher) {	103	void KSI_DataHasher_free(KSI_DataHasher *hasher) {
104	if (hasher != NULL) {	104	if (hasher != NULL) {
105	KSI_free(hasher->hashContext);	105	if (hasher->hashContext != NULL) {
		106	EVP_MD_CTX_destroy(hasher->hashContext);
		107	}
106	KSI_free(hasher);	108	KSI_free(hasher);
107	}	109	}
108	}	110	}
Lines 171-177 int KSI_DataHasher_reset(KSI_DataHasher Link Here
171		173
172	context = hasher->hashContext;	174	context = hasher->hashContext;
173	if (context == NULL) {	175	if (context == NULL) {
174	context = KSI_new(EVP_MD_CTX);	176	context = EVP_MD_CTX_create();
175	if (context == NULL) {	177	if (context == NULL) {
176	KSI_pushError(hasher->ctx, res = KSI_OUT_OF_MEMORY, NULL);	178	KSI_pushError(hasher->ctx, res = KSI_OUT_OF_MEMORY, NULL);
177	goto cleanup;	179	goto cleanup;
Lines 179-185 int KSI_DataHasher_reset(KSI_DataHasher Link Here
179		181
180	hasher->hashContext = context;	182	hasher->hashContext = context;
181	} else {	183	} else {
182	EVP_MD_CTX_cleanup(context);	184	EVP_MD_CTX_destroy(context);
183	}	185	}
184		186
185	if (!EVP_DigestInit(context, evp_md)) {	187	if (!EVP_DigestInit(context, evp_md)) {




int KSI_PKITruststore_verifyRawSignature(KSI_CTX *ctx, const unsigned char *data, size_t data_len, const char *algoOid, const unsigned char *signature, size_t signature_len, const KSI_PKICertificate *certificate) {
	int res;
	ASN1_OBJECT* algorithm = NULL;
    EVP_MD_CTX *md_ctx;
    X509 *x509 = NULL;
	const EVP_MD *evp_md;
	EVP_PKEY *pubKey = NULL;

	/* Needs to be initialized before jumping to cleanup. */
	md_ctx = EVP_MD_CTX_create();

	KSI_ERR_clearErrors(ctx);


		goto cleanup;
	}

    if (!EVP_VerifyInit(md_ctx, evp_md)) {
    	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);
    	goto cleanup;
    }

    if (!EVP_VerifyUpdate(md_ctx, (unsigned char *)data, data_len)) {
    	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);
    	goto cleanup;
    }

    res = EVP_VerifyFinal(md_ctx, (unsigned char *)signature, (unsigned)signature_len, pubKey);
    if (res < 0) {
		KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);
		goto cleanup;


cleanup:

	EVP_MD_CTX_destroy(md_ctx);
	if (algorithm != NULL) ASN1_OBJECT_free(algorithm);
	if (pubKey != NULL) EVP_PKEY_free(pubKey);


Return to bug 1042656

Lines 907-919 cleanup: Link Here

(-)libksi-3.4.0.5/src/ksi/pkitruststore_openssl.c (-6 / +6 lines)
907	int KSI_PKITruststore_verifyRawSignature(KSI_CTX ctx, const unsigned char data, size_t data_len, const char algoOid, const unsigned char signature, size_t signature_len, const KSI_PKICertificate *certificate) {	907	int KSI_PKITruststore_verifyRawSignature(KSI_CTX ctx, const unsigned char data, size_t data_len, const char algoOid, const unsigned char signature, size_t signature_len, const KSI_PKICertificate *certificate) {
908	int res;	908	int res;
909	ASN1_OBJECT* algorithm = NULL;	909	ASN1_OBJECT* algorithm = NULL;
910	EVP_MD_CTX md_ctx;	910	EVP_MD_CTX *md_ctx;
911	X509 *x509 = NULL;	911	X509 *x509 = NULL;
912	const EVP_MD *evp_md;	912	const EVP_MD *evp_md;
913	EVP_PKEY *pubKey = NULL;	913	EVP_PKEY *pubKey = NULL;
914		914
915	/* Needs to be initialized before jumping to cleanup. */	915	/* Needs to be initialized before jumping to cleanup. */
916	EVP_MD_CTX_init(&md_ctx);	916	md_ctx = EVP_MD_CTX_create();
917		917
918	KSI_ERR_clearErrors(ctx);	918	KSI_ERR_clearErrors(ctx);
919		919
Lines 956-972 int KSI_PKITruststore_verifyRawSignature Link Here
956	goto cleanup;	956	goto cleanup;
957	}	957	}
958		958
959	if (!EVP_VerifyInit(&md_ctx, evp_md)) {	959	if (!EVP_VerifyInit(md_ctx, evp_md)) {
960	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);	960	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);
961	goto cleanup;	961	goto cleanup;
962	}	962	}
963		963
964	if (!EVP_VerifyUpdate(&md_ctx, (unsigned char *)data, data_len)) {	964	if (!EVP_VerifyUpdate(md_ctx, (unsigned char *)data, data_len)) {
965	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);	965	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);
966	goto cleanup;	966	goto cleanup;
967	}	967	}
968		968
969	res = EVP_VerifyFinal(&md_ctx, (unsigned char *)signature, (unsigned)signature_len, pubKey);	969	res = EVP_VerifyFinal(md_ctx, (unsigned char *)signature, (unsigned)signature_len, pubKey);
970	if (res < 0) {	970	if (res < 0) {
971	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);	971	KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);
972	goto cleanup;	972	goto cleanup;
Lines 982-988 int KSI_PKITruststore_verifyRawSignature Link Here
982		982
983	cleanup:	983	cleanup:
984		984
985	EVP_MD_CTX_cleanup(&md_ctx);	985	EVP_MD_CTX_destroy(md_ctx);
986	if (algorithm != NULL) ASN1_OBJECT_free(algorithm);	986	if (algorithm != NULL) ASN1_OBJECT_free(algorithm);
987	if (pubKey != NULL) EVP_PKEY_free(pubKey);	987	if (pubKey != NULL) EVP_PKEY_free(pubKey);
988		988