*/
penc = NULL;
penclen = i2d_X509_ALGOR(wrap_alg, &penc);
- if (penc == NULL || penclen == 0)
+ if (penclen <= 0)
goto err;
wrap_str = ASN1_STRING_new();
if (wrap_str == NULL)
*/
#include <assert.h>
+#include <limits.h>
#include <openssl/cms.h>
#include <openssl/err.h>
#include <openssl/decoder.h>
ASN1_STRING *wrap_str;
ASN1_OCTET_STRING *ukm;
unsigned char *penc = NULL;
- size_t penclen;
+ int penclen;
int rv = 0;
int ecdh_nid, kdf_type, kdf_nid, wrap_nid;
const EVP_MD *kdf_md;
/* Is everything uninitialised? */
if (aoid == OBJ_nid2obj(NID_undef)) {
/* Set the key */
+ size_t enckeylen;
- penclen = EVP_PKEY_get1_encoded_public_key(pkey, &penc);
- ASN1_STRING_set0(pubkey, penc, penclen);
+ enckeylen = EVP_PKEY_get1_encoded_public_key(pkey, &penc);
+ if (enckeylen > INT_MAX || enckeylen == 0)
+ goto err;
+ ASN1_STRING_set0(pubkey, penc, (int)enckeylen);
ossl_asn1_string_set_bits_left(pubkey, 0);
penc = NULL;
* of another AlgorithmIdentifier.
*/
penclen = i2d_X509_ALGOR(wrap_alg, &penc);
- if (penc == NULL || penclen == 0)
+ if (penclen <= 0)
goto err;
wrap_str = ASN1_STRING_new();
if (wrap_str == NULL)
return 0;
}
} else {
+ int ret;
+
if (!setup_tbuf(prsactx))
return 0;
- rslen = RSA_public_decrypt(siglen, sig, prsactx->tbuf, prsactx->rsa,
- prsactx->pad_mode);
- if (rslen <= 0) {
+ ret = RSA_public_decrypt(siglen, sig, prsactx->tbuf, prsactx->rsa,
+ prsactx->pad_mode);
+ if (ret <= 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB);
return 0;
}
+ rslen = (size_t)ret;
}
if ((rslen != tbslen) || memcmp(tbs, prsactx->tbuf, rslen))