[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-cvs
Subject: cvs commit: openssl/crypto/ocsp ocsp_lib.c
From: steve () openssl ! org
Date: 2001-02-23 13:04:26
[Download RAW message or body]
steve 23-Feb-2001 14:04:25
Modified: . CHANGES
crypto/ocsp ocsp_lib.c
Log:
Make OCSP cert id code tolerate a missing issuer certificate
or serial number.
Revision Changes Path
1.777 +6 -0 openssl/CHANGES
Index: CHANGES
===================================================================
RCS file: /e/openssl/cvs/openssl/CHANGES,v
retrieving revision 1.776
retrieving revision 1.777
diff -u -r1.776 -r1.777
--- CHANGES 2001/02/23 13:02:56 1.776
+++ CHANGES 2001/02/23 13:04:20 1.777
@@ -3,6 +3,12 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
+ *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
+ OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
+ ID to be generated from the issuer certificate alone which can then be
+ passed to OCSP_id_issuer_cmp().
+ [Steve Henson]
+
*) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
ASN1 modules to export functions returning ASN1_ITEM pointers
instead of the ASN1_ITEM structures themselves. This adds several
1.13 +16 -5 openssl/crypto/ocsp/ocsp_lib.c
Index: ocsp_lib.c
===================================================================
RCS file: /e/openssl/cvs/openssl/crypto/ocsp/ocsp_lib.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- ocsp_lib.c 2001/02/19 16:03:22 1.12
+++ ocsp_lib.c 2001/02/23 13:04:24 1.13
@@ -80,8 +80,16 @@
#ifndef OPENSSL_NO_SHA1
if(!dgst) dgst = EVP_sha1();
#endif
- iname = X509_get_issuer_name(subject);
- serial = X509_get_serialNumber(subject);
+ if (subject)
+ {
+ iname = X509_get_issuer_name(subject);
+ serial = X509_get_serialNumber(subject);
+ }
+ else
+ {
+ iname = X509_get_subject_name(issuer);
+ serial = NULL;
+ }
ikey = X509_get0_pubkey_bitstr(issuer);
return OCSP_cert_id_new(dgst, iname, ikey, serial);
}
@@ -118,9 +126,12 @@
EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst);
if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err;
-
- if (cid->serialNumber != NULL) ASN1_INTEGER_free(cid->serialNumber);
- if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) goto err;
+
+ if (serialNumber)
+ {
+ ASN1_INTEGER_free(cid->serialNumber);
+ if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) goto err;
+ }
return cid;
digerr:
OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_DIGEST_ERR);
______________________________________________________________________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List openssl-cvs@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic