diff options
Diffstat (limited to 'crypto/heimdal/lib/hx509/revoke.c')
| -rw-r--r-- | crypto/heimdal/lib/hx509/revoke.c | 238 |
1 files changed, 128 insertions, 110 deletions
diff --git a/crypto/heimdal/lib/hx509/revoke.c b/crypto/heimdal/lib/hx509/revoke.c index cfde4396a1d4..29322807487c 100644 --- a/crypto/heimdal/lib/hx509/revoke.c +++ b/crypto/heimdal/lib/hx509/revoke.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /** @@ -50,7 +50,6 @@ */ #include "hx_locl.h" -RCSID("$Id: revoke.c 22275 2007-12-11 11:02:11Z lha $"); struct revoke_crl { char *path; @@ -70,7 +69,7 @@ struct revoke_ocsp { struct hx509_revoke_ctx_data { - unsigned ref; + unsigned int ref; struct { struct revoke_crl *val; size_t len; @@ -113,11 +112,11 @@ _hx509_revoke_ref(hx509_revoke_ctx ctx) { if (ctx == NULL) return NULL; - if (ctx->ref <= 0) - _hx509_abort("revoke ctx refcount <= 0"); - ctx->ref++; if (ctx->ref == 0) - _hx509_abort("revoke ctx refcount == 0"); + _hx509_abort("revoke ctx refcount == 0 on ref"); + ctx->ref++; + if (ctx->ref == UINT_MAX) + _hx509_abort("revoke ctx refcount == UINT_MAX on ref"); return ctx; } @@ -146,8 +145,8 @@ hx509_revoke_free(hx509_revoke_ctx *ctx) if (ctx == NULL || *ctx == NULL) return; - if ((*ctx)->ref <= 0) - _hx509_abort("revoke ctx refcount <= 0 on free"); + if ((*ctx)->ref == 0) + _hx509_abort("revoke ctx refcount == 0 on free"); if (--(*ctx)->ref > 0) return; @@ -177,9 +176,9 @@ verify_ocsp(hx509_context context, hx509_cert signer = NULL; hx509_query q; int ret; - + _hx509_query_clear(&q); - + /* * Need to match on issuer too in case there are two CA that have * issued the same name to a certificate. One example of this is @@ -199,7 +198,7 @@ verify_ocsp(hx509_context context, q.keyhash_sha1 = &ocsp->ocsp.tbsResponseData.responderID.u.byKey; break; } - + ret = hx509_certs_find(context, certs, &q, &signer); if (ret && ocsp->certs) ret = hx509_certs_find(context, ocsp->certs, &q, &signer); @@ -218,36 +217,36 @@ verify_ocsp(hx509_context context, ret = _hx509_cert_is_parent_cmp(s, p, 0); if (ret != 0) { ret = HX509_PARENT_NOT_CA; - hx509_set_error_string(context, 0, ret, "Revoke OSCP signer is " + hx509_set_error_string(context, 0, ret, "Revoke OCSP signer is " "doesn't have CA as signer certificate"); goto out; } ret = _hx509_verify_signature_bitstring(context, - p, + parent, &s->signatureAlgorithm, &s->tbsCertificate._save, &s->signatureValue); if (ret) { hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "OSCP signer signature invalid"); + "OCSP signer signature invalid"); goto out; } - ret = hx509_cert_check_eku(context, signer, - oid_id_pkix_kp_OCSPSigning(), 0); + ret = hx509_cert_check_eku(context, signer, + &asn1_oid_id_pkix_kp_OCSPSigning, 0); if (ret) goto out; } ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), + signer, &ocsp->ocsp.signatureAlgorithm, &ocsp->ocsp.tbsResponseData._save, &ocsp->ocsp.signature); if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "OSCP signature invalid"); + hx509_set_error_string(context, HX509_ERROR_APPEND, ret, + "OCSP signature invalid"); goto out; } @@ -294,8 +293,8 @@ parse_ocsp_basic(const void *data, size_t length, OCSPBasicOCSPResponse *basic) return EINVAL; } - ret = der_heim_oid_cmp(&resp.responseBytes->responseType, - oid_id_pkix_ocsp_basic()); + ret = der_heim_oid_cmp(&resp.responseBytes->responseType, + &asn1_oid_id_pkix_ocsp_basic); if (ret != 0) { free_OCSPResponse(&resp); return HX509_REVOKE_WRONG_DATA; @@ -333,12 +332,16 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) void *data; int ret; - ret = _hx509_map_file(ocsp->path, &data, &length, &sb); + ret = rk_undumpdata(ocsp->path, &data, &length); if (ret) return ret; + ret = stat(ocsp->path, &sb); + if (ret) + return errno; + ret = parse_ocsp_basic(data, length, &basic); - _hx509_unmap_file(data, length); + rk_xfree(data); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to parse OCSP response"); @@ -346,9 +349,9 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) } if (basic.certs) { - int i; + size_t i; - ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0, + ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0, NULL, &certs); if (ret) { free_OCSPBasicOCSPResponse(&basic); @@ -357,11 +360,11 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) for (i = 0; i < basic.certs->len; i++) { hx509_cert c; - + ret = hx509_cert_init(context, &basic.certs->val[i], &c); if (ret) continue; - + ret = hx509_certs_add(context, certs, c); hx509_cert_free(c); if (ret) @@ -416,7 +419,7 @@ hx509_revoke_add_ocsp(hx509_context context, return 0; } - data = realloc(ctx->ocsps.val, + data = realloc(ctx->ocsps.val, (ctx->ocsps.len + 1) * sizeof(ctx->ocsps.val[0])); if (data == NULL) { hx509_clear_error_string(context); @@ -425,7 +428,7 @@ hx509_revoke_add_ocsp(hx509_context context, ctx->ocsps.val = data; - memset(&ctx->ocsps.val[ctx->ocsps.len], 0, + memset(&ctx->ocsps.val[ctx->ocsps.len], 0, sizeof(ctx->ocsps.val[0])); ctx->ocsps.val[ctx->ocsps.len].path = strdup(path); @@ -460,7 +463,7 @@ verify_crl(hx509_context context, hx509_query q; time_t t; int ret; - + t = _hx509_Time2time_t(&crl->tbsCertList.thisUpdate); if (t > time_now) { hx509_set_error_string(context, 0, HX509_CRL_USED_BEFORE_TIME, @@ -482,7 +485,7 @@ verify_crl(hx509_context context, } _hx509_query_clear(&q); - + /* * If it's the signer have CRLSIGN bit set, use that as the signer * cert for the certificate, otherwise, search for a certificate. @@ -493,7 +496,7 @@ verify_crl(hx509_context context, q.match = HX509_QUERY_MATCH_SUBJECT_NAME; q.match |= HX509_QUERY_KU_CRLSIGN; q.subject_name = &crl->tbsCertList.issuer; - + ret = hx509_certs_find(context, certs, &q, &signer); if (ret) { hx509_set_error_string(context, HX509_ERROR_APPEND, ret, @@ -503,7 +506,7 @@ verify_crl(hx509_context context, } ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), + signer, &crl->signatureAlgorithm, &crl->tbsCertList._save, &crl->signatureValue); @@ -513,7 +516,7 @@ verify_crl(hx509_context context, goto out; } - /* + /* * If signer is not CA cert, need to check revoke status of this * CRL signing cert too, this include all parent CRL signer cert * up to the root *sigh*, assume root at least hve CERTSIGN flag @@ -523,11 +526,11 @@ verify_crl(hx509_context context, hx509_cert crl_parent; _hx509_query_clear(&q); - + q.match = HX509_QUERY_MATCH_SUBJECT_NAME; q.match |= HX509_QUERY_KU_CRLSIGN; q.subject_name = &_hx509_get_cert(signer)->tbsCertificate.issuer; - + ret = hx509_certs_find(context, certs, &q, &crl_parent); if (ret) { hx509_set_error_string(context, HX509_ERROR_APPEND, ret, @@ -536,7 +539,7 @@ verify_crl(hx509_context context, } ret = hx509_revoke_verify(context, - ctx, + ctx, certs, time_now, signer, @@ -567,14 +570,18 @@ load_crl(const char *path, time_t *t, CRLCertificateList *crl) memset(crl, 0, sizeof(*crl)); - ret = _hx509_map_file(path, &data, &length, &sb); + ret = rk_undumpdata(path, &data, &length); if (ret) return ret; + ret = stat(path, &sb); + if (ret) + return errno; + *t = sb.st_mtime; ret = decode_CRLCertificateList(data, length, crl, &size); - _hx509_unmap_file(data, length); + rk_xfree(data); if (ret) return ret; @@ -613,7 +620,7 @@ hx509_revoke_add_crl(hx509_context context, return HX509_UNSUPPORTED_OPERATION; } - + path += 5; for (i = 0; i < ctx->crls.len; i++) { @@ -621,7 +628,7 @@ hx509_revoke_add_crl(hx509_context context, return 0; } - data = realloc(ctx->crls.val, + data = realloc(ctx->crls.val, (ctx->crls.len + 1) * sizeof(ctx->crls.val[0])); if (data == NULL) { hx509_clear_error_string(context); @@ -637,7 +644,7 @@ hx509_revoke_add_crl(hx509_context context, return ENOMEM; } - ret = load_crl(path, + ret = load_crl(path, &ctx->crls.val[ctx->crls.len].last_modfied, &ctx->crls.val[ctx->crls.len].crl); if (ret) { @@ -711,7 +718,7 @@ hx509_revoke_verify(hx509_context context, &c->tbsCertificate.serialNumber); if (ret != 0) continue; - + /* verify issuer hashes hash */ ret = _hx509_verify_signature(context, NULL, @@ -736,7 +743,7 @@ hx509_revoke_verify(hx509_context context, case choice_OCSPCertStatus_good: break; case choice_OCSPCertStatus_revoked: - hx509_set_error_string(context, 0, + hx509_set_error_string(context, 0, HX509_CERT_REVOKED, "Certificate revoked by issuer in OCSP"); return HX509_CERT_REVOKED; @@ -745,7 +752,7 @@ hx509_revoke_verify(hx509_context context, } /* don't allow the update to be in the future */ - if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > + if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > now + context->ocsp_time_diff) continue; @@ -753,8 +760,7 @@ hx509_revoke_verify(hx509_context context, if (ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate) { if (*ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate < now) continue; - } else - /* Should force a refetch, but can we ? */; + } /* else should force a refetch, but can we ? */ return 0; } @@ -763,11 +769,12 @@ hx509_revoke_verify(hx509_context context, for (i = 0; i < ctx->crls.len; i++) { struct revoke_crl *crl = &ctx->crls.val[i]; struct stat sb; + int diff; /* check if cert.issuer == crls.val[i].crl.issuer */ - ret = _hx509_name_cmp(&c->tbsCertificate.issuer, - &crl->crl.tbsCertList.issuer); - if (ret) + ret = _hx509_name_cmp(&c->tbsCertificate.issuer, + &crl->crl.tbsCertList.issuer, &diff); + if (ret || diff) continue; ret = stat(crl->path, &sb); @@ -798,7 +805,7 @@ hx509_revoke_verify(hx509_context context, if (crl->crl.tbsCertList.crlExtensions) { for (j = 0; j < crl->crl.tbsCertList.crlExtensions->len; j++) { if (crl->crl.tbsCertList.crlExtensions->val[j].critical) { - hx509_set_error_string(context, 0, + hx509_set_error_string(context, 0, HX509_CRL_UNKNOWN_EXTENSION, "Unknown CRL extension"); return HX509_CRL_UNKNOWN_EXTENSION; @@ -821,13 +828,13 @@ hx509_revoke_verify(hx509_context context, t = _hx509_Time2time_t(&crl->crl.tbsCertList.revokedCertificates->val[j].revocationDate); if (t > now) continue; - + if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions) for (k = 0; k < crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->len; k++) if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->val[k].critical) return HX509_CRL_UNKNOWN_EXTENSION; - - hx509_set_error_string(context, 0, + + hx509_set_error_string(context, 0, HX509_CERT_REVOKED, "Certificate revoked by issuer in CRL"); return HX509_CERT_REVOKED; @@ -839,7 +846,7 @@ hx509_revoke_verify(hx509_context context, if (context->flags & HX509_CTX_VERIFY_MISSING_OK) return 0; - hx509_set_error_string(context, HX509_ERROR_APPEND, + hx509_set_error_string(context, HX509_ERROR_APPEND, HX509_REVOKE_STATUS_MISSING, "No revoke status found for " "certificates"); @@ -865,13 +872,13 @@ add_to_req(hx509_context context, void *ptr, hx509_cert cert) hx509_query q; void *d; - d = realloc(ctx->req->requestList.val, + d = realloc(ctx->req->requestList.val, sizeof(ctx->req->requestList.val[0]) * (ctx->req->requestList.len + 1)); if (d == NULL) return ENOMEM; ctx->req->requestList.val = d; - + one = &ctx->req->requestList.val[ctx->req->requestList.len]; memset(one, 0, sizeof(*one)); @@ -911,7 +918,7 @@ add_to_req(hx509_context context, void *ptr, hx509_cert cert) goto out; os.data = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = + os.length = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; ret = _hx509_create_signature(context, @@ -981,13 +988,13 @@ hx509_ocsp_request(hx509_context context, ctx.digest = digest; ctx.parent = NULL; - ret = hx509_certs_iter(context, reqcerts, add_to_req, &ctx); + ret = hx509_certs_iter_f(context, reqcerts, add_to_req, &ctx); hx509_cert_free(ctx.parent); if (ret) goto out; - + if (nonce) { - req.tbsRequest.requestExtensions = + req.tbsRequest.requestExtensions = calloc(1, sizeof(*req.tbsRequest.requestExtensions)); if (req.tbsRequest.requestExtensions == NULL) { ret = ENOMEM; @@ -995,15 +1002,14 @@ hx509_ocsp_request(hx509_context context, } es = req.tbsRequest.requestExtensions; - + es->val = calloc(es->len, sizeof(es->val[0])); if (es->val == NULL) { ret = ENOMEM; goto out; } es->len = 1; - - ret = der_copy_oid(oid_id_pkix_ocsp_nonce(), &es->val[0].extnID); + ret = der_copy_oid(&asn1_oid_id_pkix_ocsp_nonce, &es->val[0].extnID); if (ret) { free_OCSPRequest(&req); return ret; @@ -1015,7 +1021,7 @@ hx509_ocsp_request(hx509_context context, goto out; } es->val[0].extnValue.length = 10; - + ret = RAND_bytes(es->val[0].extnValue.data, es->val[0].extnValue.length); if (ret != 1) { @@ -1048,8 +1054,13 @@ static char * printable_time(time_t t) { static char s[128]; - strlcpy(s, ctime(&t)+ 4, sizeof(s)); - s[20] = 0; + char *p; + if ((p = ctime(&t)) == NULL) + strlcpy(s, "?", sizeof(s)); + else { + strlcpy(s, p + 4, sizeof(s)); + s[20] = 0; + } return s; } @@ -1069,8 +1080,9 @@ int hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) { struct revoke_ocsp ocsp; - int ret, i; - + int ret; + size_t i; + if (out == NULL) out = stdout; @@ -1113,7 +1125,7 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) break; } - fprintf(out, "producedAt: %s\n", + fprintf(out, "producedAt: %s\n", printable_time(ocsp.ocsp.tbsResponseData.producedAt)); fprintf(out, "replies: %d\n", ocsp.ocsp.tbsResponseData.responses.len); @@ -1134,19 +1146,19 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) status = "element unknown"; } - fprintf(out, "\t%d. status: %s\n", i, status); + fprintf(out, "\t%zu. status: %s\n", i, status); - fprintf(out, "\tthisUpdate: %s\n", + fprintf(out, "\tthisUpdate: %s\n", printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); if (ocsp.ocsp.tbsResponseData.responses.val[i].nextUpdate) - fprintf(out, "\tproducedAt: %s\n", + fprintf(out, "\tproducedAt: %s\n", printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); } fprintf(out, "appended certs:\n"); if (ocsp.certs) - ret = hx509_certs_iter(context, ocsp.certs, hx509_ci_print_names, out); + ret = hx509_certs_iter_f(context, ocsp.certs, hx509_ci_print_names, out); free_ocsp(&ocsp); return ret; @@ -1181,7 +1193,8 @@ hx509_ocsp_verify(hx509_context context, { const Certificate *c = _hx509_get_cert(cert); OCSPBasicOCSPResponse basic; - int ret, i; + int ret; + size_t i; if (now == 0) now = time(NULL); @@ -1201,7 +1214,7 @@ hx509_ocsp_verify(hx509_context context, &c->tbsCertificate.serialNumber); if (ret != 0) continue; - + /* verify issuer hashes hash */ ret = _hx509_verify_signature(context, NULL, @@ -1220,7 +1233,7 @@ hx509_ocsp_verify(hx509_context context, } /* don't allow the update to be in the future */ - if (basic.tbsResponseData.responses.val[i].thisUpdate > + if (basic.tbsResponseData.responses.val[i].thisUpdate > now + context->ocsp_time_diff) continue; @@ -1241,7 +1254,7 @@ hx509_ocsp_verify(hx509_context context, { hx509_name name; char *subject; - + ret = hx509_cert_get_subject(cert, &name); if (ret) { hx509_clear_error_string(context); @@ -1314,7 +1327,7 @@ hx509_crl_alloc(hx509_context context, hx509_crl *crl) int hx509_crl_add_revoked_certs(hx509_context context, - hx509_crl crl, + hx509_crl crl, hx509_certs certs) { return hx509_certs_merge(context, crl->revoked, certs); @@ -1377,13 +1390,13 @@ add_revoked(hx509_context context, void *ctx, hx509_cert cert) } c->revokedCertificates->val = ptr; - ret = hx509_cert_get_serialnumber(cert, + ret = hx509_cert_get_serialnumber(cert, &c->revokedCertificates->val[num].userCertificate); if (ret) { hx509_clear_error_string(context); return ret; } - c->revokedCertificates->val[num].revocationDate.element = + c->revokedCertificates->val[num].revocationDate.element = choice_Time_generalTime; c->revokedCertificates->val[num].revocationDate.u.generalTime = time(NULL) - 3600 * 24; @@ -1392,7 +1405,7 @@ add_revoked(hx509_context context, void *ctx, hx509_cert cert) c->revokedCertificates->len++; return 0; -} +} /** * Sign a CRL and return an encode certificate. @@ -1470,7 +1483,7 @@ hx509_crl_sign(hx509_context context, c.tbsCertList.nextUpdate->u.generalTime = next; } - c.tbsCertList.revokedCertificates = + c.tbsCertList.revokedCertificates = calloc(1, sizeof(*c.tbsCertList.revokedCertificates)); if (c.tbsCertList.revokedCertificates == NULL) { hx509_set_error_string(context, 0, ENOMEM, "out of memory"); @@ -1479,7 +1492,7 @@ hx509_crl_sign(hx509_context context, } c.tbsCertList.crlExtensions = NULL; - ret = hx509_certs_iter(context, crl->revoked, add_revoked, &c.tbsCertList); + ret = hx509_certs_iter_f(context, crl->revoked, add_revoked, &c.tbsCertList); if (ret) goto out; @@ -1506,10 +1519,13 @@ hx509_crl_sign(hx509_context context, &c.signatureAlgorithm, &c.signatureValue); free(os->data); + if (ret) { + hx509_set_error_string(context, 0, ret, "Failed to sign CRL"); + goto out; + } ASN1_MALLOC_ENCODE(CRLCertificateList, os->data, os->length, &c, &size, ret); - free_CRLCertificateList(&c); if (ret) { hx509_set_error_string(context, 0, ret, "failed to encode CRL"); goto out; @@ -1517,6 +1533,8 @@ hx509_crl_sign(hx509_context context, if (size != os->length) _hx509_abort("internal ASN.1 encoder error"); + free_CRLCertificateList(&c); + return 0; out: |