summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_cmp.c
diff options
context:
space:
mode:
authordjm <>2008-09-06 12:17:54 +0000
committerdjm <>2008-09-06 12:17:54 +0000
commit38ce604e3cc97706b876b0525ddff0121115456d (patch)
tree7ccc28afe1789ea3dbedf72365f955d5b8e105b5 /src/lib/libcrypto/x509/x509_cmp.c
parent12867252827c8efaa8ddd1fa3b3d6e321e2bcdef (diff)
downloadopenbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.gz
openbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.bz2
openbsd-38ce604e3cc97706b876b0525ddff0121115456d.zip
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/x509/x509_cmp.c')
-rw-r--r--src/lib/libcrypto/x509/x509_cmp.c59
1 files changed, 22 insertions, 37 deletions
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index 030d0966fc..0d6bc653b2 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -322,16 +322,10 @@ unsigned long X509_NAME_hash(X509_NAME *x)
322 { 322 {
323 unsigned long ret=0; 323 unsigned long ret=0;
324 unsigned char md[16]; 324 unsigned char md[16];
325 EVP_MD_CTX md_ctx;
326 325
327 /* Make sure X509_NAME structure contains valid cached encoding */ 326 /* Make sure X509_NAME structure contains valid cached encoding */
328 i2d_X509_NAME(x,NULL); 327 i2d_X509_NAME(x,NULL);
329 EVP_MD_CTX_init(&md_ctx); 328 EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
330 EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
331 EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL);
332 EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length);
333 EVP_DigestFinal_ex(&md_ctx,md,NULL);
334 EVP_MD_CTX_cleanup(&md_ctx);
335 329
336 ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| 330 ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
337 ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) 331 ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
@@ -396,45 +390,36 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
396 int ok=0; 390 int ok=0;
397 391
398 xk=X509_get_pubkey(x); 392 xk=X509_get_pubkey(x);
399 if (xk->type != k->type) 393 switch (EVP_PKEY_cmp(xk, k))
400 {
401 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
402 goto err;
403 }
404 switch (k->type)
405 { 394 {
406#ifndef OPENSSL_NO_RSA 395 case 1:
407 case EVP_PKEY_RSA: 396 ok=1;
408 if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0
409 || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0)
410 {
411 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
412 goto err;
413 }
414 break; 397 break;
415#endif 398 case 0:
416#ifndef OPENSSL_NO_DSA 399 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
417 case EVP_PKEY_DSA: 400 break;
418 if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) 401 case -1:
419 { 402 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
420 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
421 goto err;
422 }
423 break; 403 break;
404 case -2:
405#ifndef OPENSSL_NO_EC
406 if (k->type == EVP_PKEY_EC)
407 {
408 X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
409 break;
410 }
424#endif 411#endif
425#ifndef OPENSSL_NO_DH 412#ifndef OPENSSL_NO_DH
426 case EVP_PKEY_DH: 413 if (k->type == EVP_PKEY_DH)
427 /* No idea */ 414 {
428 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); 415 /* No idea */
429 goto err; 416 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
417 break;
418 }
430#endif 419#endif
431 default:
432 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); 420 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
433 goto err;
434 } 421 }
435 422
436 ok=1;
437err:
438 EVP_PKEY_free(xk); 423 EVP_PKEY_free(xk);
439 return(ok); 424 return(ok);
440 } 425 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 03:01:56 +0000