summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ocsp/ocsp_vfy.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/ocsp/ocsp_vfy.c')
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_vfy.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c
index 415d67e61c..276718304d 100644
--- a/src/lib/libcrypto/ocsp/ocsp_vfy.c
+++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c
@@ -91,9 +91,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
91 { 91 {
92 EVP_PKEY *skey; 92 EVP_PKEY *skey;
93 skey = X509_get_pubkey(signer); 93 skey = X509_get_pubkey(signer);
94 ret = OCSP_BASICRESP_verify(bs, skey, 0); 94 if (skey)
95 EVP_PKEY_free(skey); 95 {
96 if(ret <= 0) 96 ret = OCSP_BASICRESP_verify(bs, skey, 0);
97 EVP_PKEY_free(skey);
98 }
99 if(!skey || ret <= 0)
97 { 100 {
98 OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE); 101 OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
99 goto end; 102 goto end;
@@ -108,6 +111,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
108 init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs); 111 init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);
109 if(!init_res) 112 if(!init_res)
110 { 113 {
114 ret = -1;
111 OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,ERR_R_X509_LIB); 115 OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,ERR_R_X509_LIB);
112 goto end; 116 goto end;
113 } 117 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-21 23:08:02 +0000