1 files changed, 2 insertions, 47 deletions
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
index 3872e1fb64..59fc6ca548 100644
--- a/src/lib/libcrypto/x509/x509_req.c
+++ b/src/lib/libcrypto/x509/x509_req.c
@@ -113,46 +113,6 @@ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
        return(X509_PUBKEY_get(req->req_info->pubkey));
        }
-int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
-        {
-        EVP_PKEY *xk=NULL;
-        int ok=0;
-        xk=X509_REQ_get_pubkey(x);
-        switch (EVP_PKEY_cmp(xk, k))
-                {
-        case 1:
-                ok=1;
-                break;
-        case 0:
-                X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
-                break;
-        case -1:
-                X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
-                break;
-        case -2:
-#ifndef OPENSSL_NO_EC
-                if (k->type == EVP_PKEY_EC)
-                        {
-                        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
-                        break;
-                        }
-#endif
-#ifndef OPENSSL_NO_DH
-                if (k->type == EVP_PKEY_DH)
-                        {
-                        /* No idea */
-                        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
-                        break;
-                        }
-#endif
-                X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
-                }
-        EVP_PKEY_free(xk);
-        return(ok);
-        }
 /* It seems several organisations had the same idea of including a list of
 * extensions in a certificate request. There are at least two OIDs that are
 * used and there may be more: so the list is configurable.
@@ -187,7 +147,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
        X509_ATTRIBUTE *attr;
        ASN1_TYPE *ext = NULL;
        int idx, *pnid;
-        const unsigned char *p;
+        unsigned char *p;
        if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
                return(NULL);
@@ -209,7 +169,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
                        ext->value.sequence->length,
                        d2i_X509_EXTENSION, X509_EXTENSION_free,
                        V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
+        }
 /* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
 * in case we want to create a non standard one.
@@ -242,11 +202,6 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
        at = NULL;
        attr->single = 0;
        attr->object = OBJ_nid2obj(nid);
-        if (!req->req_info->attributes)
-                {
-                if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null()))
-                        goto err;
-                }
        if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
        return 1;
        err:

diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c index 3872e1fb64..59fc6ca548 100644 --- a/src/lib/libcrypto/x509/x509_req.c +++ b/src/lib/libcrypto/x509/x509_req.c
@@ -113,46 +113,6 @@ EVP_PKEY X509_REQ_get_pubkey(X509_REQ req)
113	return(X509_PUBKEY_get(req->req_info->pubkey));	113	return(X509_PUBKEY_get(req->req_info->pubkey));
114	}	114	}
115		115
116	int X509_REQ_check_private_key(X509_REQ x, EVP_PKEY k)
117	{
118	EVP_PKEY *xk=NULL;
119	int ok=0;
120
121	xk=X509_REQ_get_pubkey(x);
122	switch (EVP_PKEY_cmp(xk, k))
123	{
124	case 1:
125	ok=1;
126	break;
127	case 0:
128	X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
129	break;
130	case -1:
131	X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
132	break;
133	case -2:
134	#ifndef OPENSSL_NO_EC
135	if (k->type == EVP_PKEY_EC)
136	{
137	X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
138	break;
139	}
140	#endif
141	#ifndef OPENSSL_NO_DH
142	if (k->type == EVP_PKEY_DH)
143	{
144	/* No idea */
145	X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
146	break;
147	}
148	#endif
149	X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
150	}
151
152	EVP_PKEY_free(xk);
153	return(ok);
154	}
155
156	/* It seems several organisations had the same idea of including a list of	116	/* It seems several organisations had the same idea of including a list of
157	* extensions in a certificate request. There are at least two OIDs that are	117	* extensions in a certificate request. There are at least two OIDs that are
158	* used and there may be more: so the list is configurable.	118	* used and there may be more: so the list is configurable.
@@ -187,7 +147,7 @@ STACK_OF(X509_EXTENSION) X509_REQ_get_extensions(X509_REQ req)
187	X509_ATTRIBUTE *attr;	147	X509_ATTRIBUTE *attr;
188	ASN1_TYPE *ext = NULL;	148	ASN1_TYPE *ext = NULL;
189	int idx, *pnid;	149	int idx, *pnid;
190	const unsigned char *p;	150	unsigned char *p;
191		151
192	if ((req == NULL) \|\| (req->req_info == NULL) \|\| !ext_nids)	152	if ((req == NULL) \|\| (req->req_info == NULL) \|\| !ext_nids)
193	return(NULL);	153	return(NULL);
@@ -209,7 +169,7 @@ STACK_OF(X509_EXTENSION) X509_REQ_get_extensions(X509_REQ req)
209	ext->value.sequence->length,	169	ext->value.sequence->length,
210	d2i_X509_EXTENSION, X509_EXTENSION_free,	170	d2i_X509_EXTENSION, X509_EXTENSION_free,
211	V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);	171	V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
212	}	172	}
213		173
214	/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs	174	/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
215	* in case we want to create a non standard one.	175	* in case we want to create a non standard one.
@@ -242,11 +202,6 @@ int X509_REQ_add_extensions_nid(X509_REQ req, STACK_OF(X509_EXTENSION) exts,
242	at = NULL;	202	at = NULL;
243	attr->single = 0;	203	attr->single = 0;
244	attr->object = OBJ_nid2obj(nid);	204	attr->object = OBJ_nid2obj(nid);
245	if (!req->req_info->attributes)
246	{
247	if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null()))
248	goto err;
249	}
250	if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;	205	if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
251	return 1;	206	return 1;
252	err:	207	err: