'cvs commit: openssl/crypto/ocsp ocsp_lib.c'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-cvs
Subject:    cvs commit: openssl/crypto/ocsp ocsp_lib.c
From:       steve () openssl ! org
Date:       2001-02-23 13:04:26
[Download RAW message or body]

steve       23-Feb-2001 14:04:25

  Modified:    .        CHANGES
               crypto/ocsp ocsp_lib.c
  Log:
  Make OCSP cert id code tolerate a missing issuer certificate
  or serial number.
  
  Revision  Changes    Path
  1.777     +6 -0      openssl/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /e/openssl/cvs/openssl/CHANGES,v
  retrieving revision 1.776
  retrieving revision 1.777
  diff -u -r1.776 -r1.777
  --- CHANGES	2001/02/23 13:02:56	1.776
  +++ CHANGES	2001/02/23 13:04:20	1.777
  @@ -3,6 +3,12 @@
   
    Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
   
  +  *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
  +     OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
  +     ID to be generated from the issuer certificate alone which can then be
  +     passed to OCSP_id_issuer_cmp().
  +     [Steve Henson]
  +
     *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
        ASN1 modules to export functions returning ASN1_ITEM pointers
        instead of the ASN1_ITEM structures themselves. This adds several
  
  
  1.13      +16 -5     openssl/crypto/ocsp/ocsp_lib.c
  
  Index: ocsp_lib.c
  ===================================================================
  RCS file: /e/openssl/cvs/openssl/crypto/ocsp/ocsp_lib.c,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- ocsp_lib.c	2001/02/19 16:03:22	1.12
  +++ ocsp_lib.c	2001/02/23 13:04:24	1.13
  @@ -80,8 +80,16 @@
   #ifndef OPENSSL_NO_SHA1
   	if(!dgst) dgst = EVP_sha1();
   #endif
  -	iname = X509_get_issuer_name(subject);
  -	serial = X509_get_serialNumber(subject);
  +	if (subject)
  +		{
  +		iname = X509_get_issuer_name(subject);
  +		serial = X509_get_serialNumber(subject);
  +		}
  +	else
  +		{
  +		iname = X509_get_subject_name(issuer);
  +		serial = NULL;
  +		}
   	ikey = X509_get0_pubkey_bitstr(issuer);
   	return OCSP_cert_id_new(dgst, iname, ikey, serial);
   }
  @@ -118,9 +126,12 @@
   	EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst);
   
   	if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err;
  -	
  -	if (cid->serialNumber != NULL) ASN1_INTEGER_free(cid->serialNumber);
  -	if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) goto err;
  +
  +	if (serialNumber)
  +		{
  +		ASN1_INTEGER_free(cid->serialNumber);
  +		if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) goto err;
  +		}
   	return cid;
   digerr:
   	OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_DIGEST_ERR);
  
  
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
CVS Repository Commit List                     openssl-cvs@openssl.org
Automated List Manager                           majordomo@openssl.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic