*/
int OSSL_CMP_CTX_set1_untrusted_certs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs)
{
+ STACK_OF(X509) *untrusted_certs;
if (ctx == NULL) {
CMPerr(0, CMP_R_NULL_ARGUMENT);
return 0;
}
- sk_X509_pop_free(ctx->untrusted_certs, X509_free);
- if ((ctx->untrusted_certs = sk_X509_new_null()) == NULL)
+ if ((untrusted_certs = sk_X509_new_null()) == NULL)
return 0;
- return ossl_cmp_sk_X509_add1_certs(ctx->untrusted_certs, certs, 0, 1, 0);
+ if (ossl_cmp_sk_X509_add1_certs(untrusted_certs, certs, 0, 1, 0) != 1)
+ goto err;
+ sk_X509_pop_free(ctx->untrusted_certs, X509_free);
+ ctx->untrusted_certs = untrusted_certs;
+ return 1;
+err:
+ sk_X509_pop_free(untrusted_certs, X509_free);
+ return 0;
}
/*
int OSSL_CMP_CTX_set1_secretValue(OSSL_CMP_CTX *ctx, const unsigned char *sec,
const int len)
{
+ ASN1_OCTET_STRING *secretValue = NULL;
if (ctx == NULL) {
CMPerr(0, CMP_R_NULL_ARGUMENT);
return 0;
}
- if (ctx->secretValue != NULL)
+ if (ossl_cmp_asn1_octet_string_set1_bytes(&secretValue, sec, len) != 1)
+ return 0;
+ if (ctx->secretValue != NULL) {
OPENSSL_cleanse(ctx->secretValue->data, ctx->secretValue->length);
- return ossl_cmp_asn1_octet_string_set1_bytes(&ctx->secretValue, sec, len);
+ ASN1_OCTET_STRING_free(ctx->secretValue);
+ }
+ ctx->secretValue = secretValue;
+ return 1;
}
/*
* sets the http connect/disconnect callback function to be used for HTTP(S)
* returns 1 on success, 0 on error
*/
-int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_cmp_http_cb_t cb)
+int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_HTTP_bio_cb_t cb)
{
if (ctx == NULL) {
CMPerr(0, CMP_R_NULL_ARGUMENT);
* Sets a Boolean or integer option of the context to the "val" arg.
* Returns 1 on success, 0 on error
*/
-int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) {
+int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val)
+{
int min_val;
if (ctx == NULL) {
* Reads a Boolean or integer option value from the context.
* Returns -1 on error (which is the default OSSL_CMP_OPT_REVOCATION_REASON)
*/
-int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt) {
+int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt)
+{
if (ctx == NULL) {
CMPerr(0, CMP_R_NULL_ARGUMENT);
return -1;