@@ -2002,6 +2002,12 @@ static int verify_member(FILE_FORMAT_CTX *ctx, CatalogAuthAttr *attribute)
20022002 printf ("Failed to extract current message digest\n\n" );
20032003 return 1 ; /* FAILED */
20042004 }
2005+
2006+ if (!ctx -> format -> digest_calc ) {
2007+ printf ("Unsupported command\n" );
2008+ return 1 ; /* Failed */
2009+ }
2010+
20052011 md = EVP_get_digestbynid (mdtype );
20062012 cmdbuf = ctx -> format -> digest_calc (ctx , md );
20072013 if (!cmdbuf ) {
@@ -2219,9 +2225,13 @@ static int verify_signed_file(FILE_FORMAT_CTX *ctx, GLOBAL_OPTIONS *options)
22192225 PKCS7 * p7 ;
22202226 STACK_OF (PKCS7 ) * signatures ;
22212227 int detached = options -> catalog ? 1 : 0 ;
2228+ if (!ctx -> format -> check_file ) {
2229+ printf ("Unsupported command\n" );
2230+ return 1 ; /* Failed */
2231+ }
22222232
22232233 if (!ctx -> format -> check_file (ctx , detached ))
2224- return 1 ; /* FAILED */
2234+ return 1 ; /* Failed */
22252235
22262236 if (detached ) {
22272237 GLOBAL_OPTIONS * cat_options ;
@@ -2238,10 +2248,21 @@ static int verify_signed_file(FILE_FORMAT_CTX *ctx, GLOBAL_OPTIONS *options)
22382248 printf ("CAT file initialization error\n" );
22392249 return 1 ; /* Failed */
22402250 }
2251+
2252+ if (!cat_ctx -> format -> pkcs7_extract ) {
2253+ printf ("Unsupported command\n" );
2254+ return 1 ; /* Failed */
2255+ }
2256+
22412257 p7 = cat_ctx -> format -> pkcs7_extract (cat_ctx );
22422258 cat_ctx -> format -> ctx_cleanup (cat_ctx , NULL , NULL );
22432259 OPENSSL_free (cat_options );
22442260 } else {
2261+ if (!ctx -> format -> pkcs7_extract ) {
2262+ printf ("Unsupported command\n" );
2263+ return 1 ; /* Failed */
2264+ }
2265+
22452266 p7 = ctx -> format -> pkcs7_extract (ctx );
22462267 }
22472268 if (!p7 ) {
@@ -2262,9 +2283,14 @@ static int verify_signed_file(FILE_FORMAT_CTX *ctx, GLOBAL_OPTIONS *options)
22622283 } else {
22632284 printf ("Catalog verification: failed\n\n" );
22642285 }
2265- } else if (ctx -> format -> verify_digests (ctx , sig )) {
2266- printf ("Signature Index: %d %s\n" , i , i == 0 ? " (Primary Signature)" : "" );
2267- ret &= verify_signature (ctx , sig );
2286+ } else if (ctx -> format -> verify_digests ) {
2287+ if (ctx -> format -> verify_digests (ctx , sig )) {
2288+ printf ("Signature Index: %d %s\n" , i , i == 0 ? " (Primary Signature)" : "" );
2289+ ret &= verify_signature (ctx , sig );
2290+ }
2291+ } else {
2292+ printf ("Unsupported command\n" );
2293+ return 1 ; /* Failed */
22682294 }
22692295 }
22702296 printf ("Number of verified signatures: %d\n" , i );
@@ -3744,15 +3770,21 @@ int main(int argc, char **argv)
37443770 if (options .cmd == CMD_VERIFY ) {
37453771 ret = verify_signed_file (ctx , & options );
37463772 goto skip_signing ;
3747- } else if (options .cmd == CMD_EXTRACT && ctx -> format -> pkcs7_extract ) {
3773+ } else if (options .cmd == CMD_EXTRACT ) {
3774+ if (!ctx -> format -> pkcs7_extract ) {
3775+ DO_EXIT_0 ("Unsupported command\n" );
3776+ }
37483777 p7 = ctx -> format -> pkcs7_extract (ctx );
37493778 if (!p7 ) {
37503779 DO_EXIT_0 ("Unable to extract existing signature\n" );
37513780 }
37523781 ret = save_extracted_pkcs7 (ctx , outdata , p7 );
37533782 PKCS7_free (p7 );
37543783 goto skip_signing ;
3755- } else if (options .cmd == CMD_REMOVE && ctx -> format -> remove_pkcs7 ) {
3784+ } else if (options .cmd == CMD_REMOVE ) {
3785+ if (!ctx -> format -> remove_pkcs7 ) {
3786+ DO_EXIT_0 ("Unsupported command\n" );
3787+ }
37563788 ret = ctx -> format -> remove_pkcs7 (ctx , hash , outdata );
37573789 if (ctx -> format -> update_data_size ) {
37583790 ctx -> format -> update_data_size (ctx , outdata , NULL );
0 commit comments