Security-58286.20.16.tar.gz

[apple/security.git] / OSX / libsecurity_cms / lib / CMSEncoder.cpp

diff --git a/OSX/libsecurity_cms/lib/CMSEncoder.cpp b/OSX/libsecurity_cms/lib/CMSEncoder.cpp
index 4055192abc609712ae6a00163dc093c62cd4a88c..c3f431477a0cfc85a9b96c95f38a2a005c5a95af 100644 (file)
--- a/OSX/libsecurity_cms/lib/CMSEncoder.cpp
+++ b/OSX/libsecurity_cms/lib/CMSEncoder.cpp
@@ -245,12 +245,12 @@ static int encodeOid(
                for(digit=0; digit<numsToProcess; digit++) {
                        free(digits[digit]);
                }
-               free(digits);
-               free(numDigits);
        }
        result = 0;
 
 cleanExit:
+    if (digits) free(digits);
+    if (numDigits) free(numDigits);
        if (oidStr) CFRelease(oidStr);
        if (argvRef) CFRelease(argvRef);
 
@@ -336,6 +336,7 @@ static void cmsEncoderFinalize(
        CFRELEASE(cmsEncoder->otherCerts);
        if(cmsEncoder->cmsMsg != NULL) {
                SecCmsMessageDestroy(cmsEncoder->cmsMsg);
+               cmsEncoder->cmsMsg = NULL;
        }
        if(cmsEncoder->arena != NULL) {
                SecArenaPoolFree(cmsEncoder->arena, false);
@@ -444,7 +445,6 @@ static OSStatus cmsSetupForSignedData(
                numSigners = CFArrayGetCount(cmsEncoder->signers);
        }
        CFIndex dex;
-       SecKeychainRef ourKc = NULL;
        SecCertificateRef ourCert = NULL;
        SecCmsCertChainMode chainMode = SecCmsCMCertChain;
 
@@ -471,11 +471,6 @@ static OSStatus cmsSetupForSignedData(
                        CSSM_PERROR("SecIdentityCopyCertificate", ortn);
                        break;
                }
-               ortn = SecKeychainItemCopyKeychain((SecKeychainItemRef)ourCert, &ourKc);
-               if(ortn) {
-                       CSSM_PERROR("SecKeychainItemCopyKeychain", ortn);
-                       break;
-               }
                signerInfo = SecCmsSignerInfoCreate(cmsEncoder->cmsMsg, ourId, cmsEncoder->digestalgtag);
                if (signerInfo == NULL) {
                        ortn = errSecInternalComponent;
@@ -502,7 +497,7 @@ static OSStatus cmsSetupForSignedData(
                        }
                }
                if(cmsEncoder->signedAttributes & kCMSAttrSmimeEncryptionKeyPrefs) {
-                       ortn = SecCmsSignerInfoAddSMIMEEncKeyPrefs(signerInfo, ourCert, ourKc);
+                       ortn = SecCmsSignerInfoAddSMIMEEncKeyPrefs(signerInfo, ourCert, NULL);
                        if(ortn) {
                                ortn = cmsRtnToOSStatus(ortn);
                                CSSM_PERROR("SecCmsSignerInfoAddSMIMEEncKeyPrefs", ortn);
@@ -510,7 +505,7 @@ static OSStatus cmsSetupForSignedData(
                        }
                }
                if(cmsEncoder->signedAttributes & kCMSAttrSmimeMSEncryptionKeyPrefs) {
-                       ortn = SecCmsSignerInfoAddMSSMIMEEncKeyPrefs(signerInfo, ourCert, ourKc);
+                       ortn = SecCmsSignerInfoAddMSSMIMEEncKeyPrefs(signerInfo, ourCert, NULL);
                        if(ortn) {
                                ortn = cmsRtnToOSStatus(ortn);
                                CSSM_PERROR("SecCmsSignerInfoAddMSSMIMEEncKeyPrefs", ortn);
@@ -545,13 +540,10 @@ static OSStatus cmsSetupForSignedData(
                        break;
                }
 
-               CFRELEASE(ourKc);
                CFRELEASE(ourCert);
-               ourKc = NULL;
                ourCert = NULL;
        }
        if(ortn) {
-               CFRELEASE(ourKc);
                CFRELEASE(ourCert);
        }
        return ortn;