diff options
Diffstat (limited to 'src/lib/libcrypto/x509/x509_cmp.c')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_cmp.c | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c index 4bc9da07e0..7c2aaee2e9 100644 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ b/src/lib/libcrypto/x509/x509_cmp.c | |||
| @@ -87,15 +87,20 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) | |||
| 87 | EVP_MD_CTX_init(&ctx); | 87 | EVP_MD_CTX_init(&ctx); |
| 88 | f=X509_NAME_oneline(a->cert_info->issuer,NULL,0); | 88 | f=X509_NAME_oneline(a->cert_info->issuer,NULL,0); |
| 89 | ret=strlen(f); | 89 | ret=strlen(f); |
| 90 | EVP_DigestInit_ex(&ctx, EVP_md5(), NULL); | 90 | if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) |
| 91 | EVP_DigestUpdate(&ctx,(unsigned char *)f,ret); | 91 | goto err; |
| 92 | if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,ret)) | ||
| 93 | goto err; | ||
| 92 | OPENSSL_free(f); | 94 | OPENSSL_free(f); |
| 93 | EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, | 95 | if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, |
| 94 | (unsigned long)a->cert_info->serialNumber->length); | 96 | (unsigned long)a->cert_info->serialNumber->length)) |
| 95 | EVP_DigestFinal_ex(&ctx,&(md[0]),NULL); | 97 | goto err; |
| 98 | if (!EVP_DigestFinal_ex(&ctx,&(md[0]),NULL)) | ||
| 99 | goto err; | ||
| 96 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 100 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| |
| 97 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 101 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) |
| 98 | )&0xffffffffL; | 102 | )&0xffffffffL; |
| 103 | err: | ||
| 99 | EVP_MD_CTX_cleanup(&ctx); | 104 | EVP_MD_CTX_cleanup(&ctx); |
| 100 | return(ret); | 105 | return(ret); |
| 101 | } | 106 | } |
| @@ -219,7 +224,9 @@ unsigned long X509_NAME_hash(X509_NAME *x) | |||
| 219 | 224 | ||
| 220 | /* Make sure X509_NAME structure contains valid cached encoding */ | 225 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 221 | i2d_X509_NAME(x,NULL); | 226 | i2d_X509_NAME(x,NULL); |
| 222 | EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), NULL); | 227 | if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), |
| 228 | NULL)) | ||
| 229 | return 0; | ||
| 223 | 230 | ||
| 224 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 231 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| |
| 225 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 232 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) |
| @@ -234,12 +241,18 @@ unsigned long X509_NAME_hash(X509_NAME *x) | |||
| 234 | 241 | ||
| 235 | unsigned long X509_NAME_hash_old(X509_NAME *x) | 242 | unsigned long X509_NAME_hash_old(X509_NAME *x) |
| 236 | { | 243 | { |
| 244 | EVP_MD_CTX md_ctx; | ||
| 237 | unsigned long ret=0; | 245 | unsigned long ret=0; |
| 238 | unsigned char md[16]; | 246 | unsigned char md[16]; |
| 239 | 247 | ||
| 240 | /* Make sure X509_NAME structure contains valid cached encoding */ | 248 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 241 | i2d_X509_NAME(x,NULL); | 249 | i2d_X509_NAME(x,NULL); |
| 242 | EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); | 250 | EVP_MD_CTX_init(&md_ctx); |
| 251 | EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 252 | EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL); | ||
| 253 | EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length); | ||
| 254 | EVP_DigestFinal_ex(&md_ctx,md,NULL); | ||
| 255 | EVP_MD_CTX_cleanup(&md_ctx); | ||
| 243 | 256 | ||
| 244 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 257 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| |
| 245 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 258 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) |