summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorschwarze <>2021-11-26 13:05:03 +0000
committerschwarze <>2021-11-26 13:05:03 +0000
commit3d037e20c2808ea3d7e462325f59a3134ffd19f3 (patch)
tree58639dc8041b9317fa3165ef125e2e5f8f84e116 /src
parente792591e2f09291fab59cd017f7bc16565fc3853 (diff)
downloadopenbsd-3d037e20c2808ea3d7e462325f59a3134ffd19f3.tar.gz
openbsd-3d037e20c2808ea3d7e462325f59a3134ffd19f3.tar.bz2
openbsd-3d037e20c2808ea3d7e462325f59a3134ffd19f3.zip
Simplify the code in X509_get_pubkey_parameters(3)
by using X509_get0_pubkey(3) instead of X509_get_pubkey(3); no functional change. OK tb@ This is similar to the relevant part of the follwoing commit from the OpenSSL 1.1.1 branch, which is still under a free licence, but without the bug that commit introduced into this function in OpenSSL: commit c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7 Author: Dr. Stephen Henson <steve@openssl.org> Date: Mon Dec 14 13:13:32 2015 +0000
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c12
1 files changed, 4 insertions, 8 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index db2125b48d..93dac74c7b 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.c,v 1.98 2021/11/24 05:38:12 beck Exp $ */ 1/* $OpenBSD: x509_vfy.c,v 1.99 2021/11/26 13:05:03 schwarze Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2079,17 +2079,15 @@ X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
2079 return 1; 2079 return 1;
2080 2080
2081 for (i = 0; i < sk_X509_num(chain); i++) { 2081 for (i = 0; i < sk_X509_num(chain); i++) {
2082 ktmp = X509_get_pubkey(sk_X509_value(chain, i)); 2082 ktmp = X509_get0_pubkey(sk_X509_value(chain, i));
2083 if (ktmp == NULL) { 2083 if (ktmp == NULL) {
2084 X509error(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); 2084 X509error(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
2085 return 0; 2085 return 0;
2086 } 2086 }
2087 if (!EVP_PKEY_missing_parameters(ktmp)) 2087 if (!EVP_PKEY_missing_parameters(ktmp))
2088 break; 2088 break;
2089 else { 2089 else
2090 EVP_PKEY_free(ktmp);
2091 ktmp = NULL; 2090 ktmp = NULL;
2092 }
2093 } 2091 }
2094 if (ktmp == NULL) { 2092 if (ktmp == NULL) {
2095 X509error(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); 2093 X509error(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
@@ -2098,14 +2096,12 @@ X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
2098 2096
2099 /* first, populate the other certs */ 2097 /* first, populate the other certs */
2100 for (j = i - 1; j >= 0; j--) { 2098 for (j = i - 1; j >= 0; j--) {
2101 ktmp2 = X509_get_pubkey(sk_X509_value(chain, j)); 2099 ktmp2 = X509_get0_pubkey(sk_X509_value(chain, j));
2102 EVP_PKEY_copy_parameters(ktmp2, ktmp); 2100 EVP_PKEY_copy_parameters(ktmp2, ktmp);
2103 EVP_PKEY_free(ktmp2);
2104 } 2101 }
2105 2102
2106 if (pkey != NULL) 2103 if (pkey != NULL)
2107 EVP_PKEY_copy_parameters(pkey, ktmp); 2104 EVP_PKEY_copy_parameters(pkey, ktmp);
2108 EVP_PKEY_free(ktmp);
2109 return 1; 2105 return 1;
2110} 2106}
2111 2107
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 16:01:12 +0000