From 3c7a3ea9f8c32468a51aee88576ef2798fdb420b Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <dev@ddvo.net>
Date: Fri, 15 Dec 2023 21:53:43 +0100
Subject: [PATCH] fixup! CMP lib and app: add optional certProfile request
 message header and respective -profile option

---
 apps/cmp.c                      |  3 ++-
 apps/lib/cmp_mock_srv.c         | 10 ++++++++--
 doc/man1/openssl-cmp.pod.in     |  2 +-
 doc/man3/OSSL_CMP_ITAV_set0.pod |  7 ++++++-
 4 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/apps/cmp.c b/apps/cmp.c
index d33ba41ebe38b..e0b03c3cb594b 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -1859,7 +1859,8 @@ static int add_certProfile(OSSL_CMP_CTX *ctx, const char *name)
        ASN1_STRING_free(utf8string);
        goto err;
    }
-   (void)sk_ASN1_UTF8STRING_push(sk, utf8string); /* must succeed */
+   /* Due to sk_ASN1_UTF8STRING_new_reserve(NULL, 1), this surely succeeds: */
+   (void)sk_ASN1_UTF8STRING_push(sk, utf8string);
    if ((itav = OSSL_CMP_ITAV_new0_certProfile(sk)) == NULL)
        goto err;
    if (OSSL_CMP_CTX_push0_geninfo_ITAV(ctx, itav))
diff --git a/apps/lib/cmp_mock_srv.c b/apps/lib/cmp_mock_srv.c
index 85ccedecb96ac..d58937ea7823b 100644
--- a/apps/lib/cmp_mock_srv.c
+++ b/apps/lib/cmp_mock_srv.c
@@ -252,6 +252,7 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
             ASN1_OBJECT *obj = OSSL_CMP_ITAV_get0_type(itav);
             STACK_OF(ASN1_UTF8STRING) *strs;
             ASN1_UTF8STRING *str;
+            const char *data;
 
             if (OBJ_obj2nid(obj) == NID_id_it_certProfile) {
                 if (!OSSL_CMP_ITAV_get0_certProfile(itav, &strs))
@@ -261,8 +262,13 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
                     return NULL;
                 }
                 str = sk_ASN1_UTF8STRING_value(strs, 0);
-                if (strcmp((const char *)ASN1_STRING_get0_data(str), "profile1")
-                    != 0) {
+                if (str == NULL
+                    || (data =
+                        (const char *)ASN1_STRING_get0_data(str)) == NULL) {
+                    ERR_raise(ERR_LIB_CMP, ERR_R_PASSED_INVALID_ARGUMENT);
+                    return NULL;
+                }
+                if (strcmp(data, "profile1") != 0) {
                     ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_CERTPROFILE);
                     return NULL;
                 }
diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in
index d7e48d75095e3..21e4bd95b72db 100644
--- a/doc/man1/openssl-cmp.pod.in
+++ b/doc/man1/openssl-cmp.pod.in
@@ -1401,7 +1401,7 @@ The B<cmp> application was added in OpenSSL 3.0.
 
 The B<-engine> option was deprecated in OpenSSL 3.0.
 
-The B<-profile> option as was added in OpenSSL 3.3.
+The B<-profile> option was added in OpenSSL 3.3.
 
 =head1 COPYRIGHT
 
diff --git a/doc/man3/OSSL_CMP_ITAV_set0.pod b/doc/man3/OSSL_CMP_ITAV_set0.pod
index fe577d37bac05..13d7868a6debd 100644
--- a/doc/man3/OSSL_CMP_ITAV_set0.pod
+++ b/doc/man3/OSSL_CMP_ITAV_set0.pod
@@ -61,7 +61,12 @@ It is an error if the infoType of I<itav> is not B<certProfile>.
 
 =head1 NOTES
 
-CMP is defined in RFC 4210 (and CRMF in RFC 4211).
+CMP is defined in RFC 4210 and RFC 9480 (and CRMF in RFC 4211).
+
+OIDs to use as types in B<OSSL_CMP_ITAV> can be found at
+L<https://datatracker.ietf.org/doc/html/rfc9480#section-4.2.2>.
+The respective OpenSSL NIDs, such as B<NID_id_it_certProfile>,
+are defined in the F<< <openssl/obj_mac.h> >> header file.
 
 =head1 RETURN VALUES