kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Consistently participate in err for PKCS12_* functions.

Browse Source 
err is a horrible API, but functions should consistently participate or not
participate in it. We were missing a few codepaths.

Change-Id: I762074d5030b8e9d3e5bba9f8fa91fbdccbee25a
Reviewed-on: https://boringssl-review.googlesource.com/5571
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-08-05 11:49:19 -04:00 committed by Adam Langley
parent 43bd18f3b2
commit b143eca16e
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/pkcs8/pkcs8.c
View File

@ -652,6 +652,7 @@ static int PKCS12_handle_content_infos(CBS *content_infos,
* conversion cannot see through those wrappings. So each time we step
* through one we need to convert to DER again. */
if (!CBS_asn1_ber_to_der(content_infos, &der_bytes, &der_len)) {
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
return 0;
}
@ -858,6 +859,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs,
/* The input may be in BER format. */
if (!CBS_asn1_ber_to_der(ber_in, &der_bytes, &der_len)) {
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
return 0;
}
if (der_bytes != NULL) {
@ -1105,6 +1107,7 @@ int PKCS12_parse(const PKCS12 *p12, const char *password, EVP_PKEY **out_pkey,
if (!ca_certs) {
ca_certs = sk_X509_new_null();
if (ca_certs == NULL) {
OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE);
return 0;
}
ca_certs_alloced = 1;