Commit c35f549e authored Jan 02, 1999 by Dr. Stephen Henson

Move DSA test in ca.c inside #ifdef and make pubkey BIT STRING always have

zero unused bits.

parent ebc828ca

CHANGES

+4 −0

Original line number	Diff line number	Diff line
		@@ -5,6 +5,10 @@

		Changes between 0.9.1c and 0.9.2

		*) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
		BIT STRING wrapper always have zero unused bits.
		[Steve Henson]

		*) Add CA.pl, perl version of CA.sh, add extended key usage OID.
		[Steve Henson]

apps/ca.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1694,9 +1694,9 @@ again2:
		}
		}

		if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();

		#ifndef NO_DSA
		if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
		pktmp=X509_get_pubkey(ret);
		if (EVP_PKEY_missing_parameters(pktmp) &&
		!EVP_PKEY_missing_parameters(pkey))

crypto/asn1/x_pubkey.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -188,6 +188,10 @@ EVP_PKEY *pkey;
		p=s;
		i2d_PublicKey(pkey,&p);
		if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
		/* Set number of unused bits to zero */
		pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT\|0x07);
		pk->public_key->flags\|=ASN1_STRING_FLAG_BITS_LEFT;

		Free(s);

		CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);