diff options
| author | tedu <> | 2014-04-18 01:59:00 +0000 |
|---|---|---|
| committer | tedu <> | 2014-04-18 01:59:00 +0000 |
| commit | 7e187c94c34271d4b5fc5cb79fc0e129d0a63fa1 (patch) | |
| tree | 88ee4831e2437f9075e786ffb662bb05fe0e3df6 /src/lib/libcrypto/x509/x509_req.c | |
| parent | 80823cb97c2306eeedfd3544fc82a8d9a02224b6 (diff) | |
| download | openbsd-7e187c94c34271d4b5fc5cb79fc0e129d0a63fa1.tar.gz openbsd-7e187c94c34271d4b5fc5cb79fc0e129d0a63fa1.tar.bz2 openbsd-7e187c94c34271d4b5fc5cb79fc0e129d0a63fa1.zip | |
blunt force knf
Diffstat (limited to 'src/lib/libcrypto/x509/x509_req.c')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_req.c | 49 |
1 files changed, 21 insertions, 28 deletions
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c index 1c5cee8030..12725ed7e9 100644 --- a/src/lib/libcrypto/x509/x509_req.c +++ b/src/lib/libcrypto/x509/x509_req.c | |||
| @@ -68,18 +68,17 @@ | |||
| 68 | #include <openssl/pem.h> | 68 | #include <openssl/pem.h> |
| 69 | 69 | ||
| 70 | X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) | 70 | X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) |
| 71 | { | 71 | { |
| 72 | X509_REQ *ret; | 72 | X509_REQ *ret; |
| 73 | X509_REQ_INFO *ri; | 73 | X509_REQ_INFO *ri; |
| 74 | int i; | 74 | int i; |
| 75 | EVP_PKEY *pktmp; | 75 | EVP_PKEY *pktmp; |
| 76 | 76 | ||
| 77 | ret=X509_REQ_new(); | 77 | ret=X509_REQ_new(); |
| 78 | if (ret == NULL) | 78 | if (ret == NULL) { |
| 79 | { | ||
| 80 | X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE); | 79 | X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE); |
| 81 | goto err; | 80 | goto err; |
| 82 | } | 81 | } |
| 83 | 82 | ||
| 84 | ri=ret->req_info; | 83 | ri=ret->req_info; |
| 85 | 84 | ||
| @@ -96,32 +95,30 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) | |||
| 96 | EVP_PKEY_free(pktmp); | 95 | EVP_PKEY_free(pktmp); |
| 97 | if (!i) goto err; | 96 | if (!i) goto err; |
| 98 | 97 | ||
| 99 | if (pkey != NULL) | 98 | if (pkey != NULL) { |
| 100 | { | ||
| 101 | if (!X509_REQ_sign(ret,pkey,md)) | 99 | if (!X509_REQ_sign(ret,pkey,md)) |
| 102 | goto err; | 100 | goto err; |
| 103 | } | 101 | } |
| 104 | return(ret); | 102 | return(ret); |
| 105 | err: | 103 | err: |
| 106 | X509_REQ_free(ret); | 104 | X509_REQ_free(ret); |
| 107 | return(NULL); | 105 | return(NULL); |
| 108 | } | 106 | } |
| 109 | 107 | ||
| 110 | EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) | 108 | EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) |
| 111 | { | 109 | { |
| 112 | if ((req == NULL) || (req->req_info == NULL)) | 110 | if ((req == NULL) || (req->req_info == NULL)) |
| 113 | return(NULL); | 111 | return(NULL); |
| 114 | return(X509_PUBKEY_get(req->req_info->pubkey)); | 112 | return(X509_PUBKEY_get(req->req_info->pubkey)); |
| 115 | } | 113 | } |
| 116 | 114 | ||
| 117 | int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) | 115 | int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) |
| 118 | { | 116 | { |
| 119 | EVP_PKEY *xk=NULL; | 117 | EVP_PKEY *xk=NULL; |
| 120 | int ok=0; | 118 | int ok=0; |
| 121 | 119 | ||
| 122 | xk=X509_REQ_get_pubkey(x); | 120 | xk=X509_REQ_get_pubkey(x); |
| 123 | switch (EVP_PKEY_cmp(xk, k)) | 121 | switch (EVP_PKEY_cmp(xk, k)) { |
| 124 | { | ||
| 125 | case 1: | 122 | case 1: |
| 126 | ok=1; | 123 | ok=1; |
| 127 | break; | 124 | break; |
| @@ -133,26 +130,24 @@ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) | |||
| 133 | break; | 130 | break; |
| 134 | case -2: | 131 | case -2: |
| 135 | #ifndef OPENSSL_NO_EC | 132 | #ifndef OPENSSL_NO_EC |
| 136 | if (k->type == EVP_PKEY_EC) | 133 | if (k->type == EVP_PKEY_EC) { |
| 137 | { | ||
| 138 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); | 134 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); |
| 139 | break; | 135 | break; |
| 140 | } | 136 | } |
| 141 | #endif | 137 | #endif |
| 142 | #ifndef OPENSSL_NO_DH | 138 | #ifndef OPENSSL_NO_DH |
| 143 | if (k->type == EVP_PKEY_DH) | 139 | if (k->type == EVP_PKEY_DH) { |
| 144 | { | ||
| 145 | /* No idea */ | 140 | /* No idea */ |
| 146 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); | 141 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); |
| 147 | break; | 142 | break; |
| 148 | } | 143 | } |
| 149 | #endif | 144 | #endif |
| 150 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); | 145 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); |
| 151 | } | 146 | } |
| 152 | 147 | ||
| 153 | EVP_PKEY_free(xk); | 148 | EVP_PKEY_free(xk); |
| 154 | return(ok); | 149 | return(ok); |
| 155 | } | 150 | } |
| 156 | 151 | ||
| 157 | /* It seems several organisations had the same idea of including a list of | 152 | /* It seems several organisations had the same idea of including a list of |
| 158 | * extensions in a certificate request. There are at least two OIDs that are | 153 | * extensions in a certificate request. There are at least two OIDs that are |
| @@ -184,7 +179,7 @@ void X509_REQ_set_extension_nids(int *nids) | |||
| 184 | } | 179 | } |
| 185 | 180 | ||
| 186 | STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) | 181 | STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) |
| 187 | { | 182 | { |
| 188 | X509_ATTRIBUTE *attr; | 183 | X509_ATTRIBUTE *attr; |
| 189 | ASN1_TYPE *ext = NULL; | 184 | ASN1_TYPE *ext = NULL; |
| 190 | int idx, *pnid; | 185 | int idx, *pnid; |
| @@ -192,8 +187,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) | |||
| 192 | 187 | ||
| 193 | if ((req == NULL) || (req->req_info == NULL) || !ext_nids) | 188 | if ((req == NULL) || (req->req_info == NULL) || !ext_nids) |
| 194 | return(NULL); | 189 | return(NULL); |
| 195 | for (pnid = ext_nids; *pnid != NID_undef; pnid++) | 190 | for (pnid = ext_nids; *pnid != NID_undef; pnid++) { |
| 196 | { | ||
| 197 | idx = X509_REQ_get_attr_by_NID(req, *pnid, -1); | 191 | idx = X509_REQ_get_attr_by_NID(req, *pnid, -1); |
| 198 | if (idx == -1) | 192 | if (idx == -1) |
| 199 | continue; | 193 | continue; |
| @@ -202,7 +196,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) | |||
| 202 | else if(sk_ASN1_TYPE_num(attr->value.set)) | 196 | else if(sk_ASN1_TYPE_num(attr->value.set)) |
| 203 | ext = sk_ASN1_TYPE_value(attr->value.set, 0); | 197 | ext = sk_ASN1_TYPE_value(attr->value.set, 0); |
| 204 | break; | 198 | break; |
| 205 | } | 199 | } |
| 206 | if(!ext || (ext->type != V_ASN1_SEQUENCE)) | 200 | if(!ext || (ext->type != V_ASN1_SEQUENCE)) |
| 207 | return NULL; | 201 | return NULL; |
| 208 | p = ext->value.sequence->data; | 202 | p = ext->value.sequence->data; |
| @@ -235,11 +229,10 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, | |||
| 235 | at = NULL; | 229 | at = NULL; |
| 236 | attr->single = 0; | 230 | attr->single = 0; |
| 237 | attr->object = OBJ_nid2obj(nid); | 231 | attr->object = OBJ_nid2obj(nid); |
| 238 | if (!req->req_info->attributes) | 232 | if (!req->req_info->attributes) { |
| 239 | { | ||
| 240 | if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null())) | 233 | if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null())) |
| 241 | goto err; | 234 | goto err; |
| 242 | } | 235 | } |
| 243 | if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; | 236 | if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; |
| 244 | return 1; | 237 | return 1; |
| 245 | err: | 238 | err: |