Loading apps/ca.c +6 −17 Original line number Diff line number Diff line Loading @@ -1052,13 +1052,14 @@ end_of_options: if (verbose) BIO_printf(bio_err, "writing new certificates\n"); for (i = 0; i < sk_X509_num(cert_sk); i++) { ASN1_INTEGER *serialNumber = X509_get_serialNumber(x); int k; char *n; x = sk_X509_value(cert_sk, i); j = x->cert_info->serialNumber->length; p = (const char *)x->cert_info->serialNumber->data; j = ASN1_STRING_length(serialNumber); p = (const char *)ASN1_STRING_data(serialNumber); if (strlen(outdir) >= (size_t)(j ? BSIZE - j * 2 - 6 : BSIZE - 8)) { BIO_printf(bio_err, "certificate file name too long\n"); Loading Loading @@ -1450,7 +1451,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, ASN1_STRING *str, *str2; ASN1_OBJECT *obj; X509 *ret = NULL; X509_CINF *ci; X509_NAME_ENTRY *ne; X509_NAME_ENTRY *tne, *push; EVP_PKEY *pktmp; Loading Loading @@ -1546,7 +1546,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (selfsign) CAname = X509_NAME_dup(name); else CAname = X509_NAME_dup(x509->cert_info->subject); CAname = X509_NAME_dup(X509_get_subject_name(x509)); if (CAname == NULL) goto end; str = str2 = NULL; Loading Loading @@ -1755,7 +1755,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if ((ret = X509_new()) == NULL) goto end; ci = ret->cert_info; #ifdef X509_V3 /* Make it an X509 v3 certificate. */ Loading @@ -1763,7 +1762,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, goto end; #endif if (BN_to_ASN1_INTEGER(serial, ci->serialNumber) == NULL) if (BN_to_ASN1_INTEGER(serial, X509_get_serialNumber(ret)) == NULL) goto end; if (selfsign) { if (!X509_set_issuer_name(ret, subject)) Loading Loading @@ -1799,17 +1798,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, /* Lets add the extensions, if there are any */ if (ext_sect) { X509V3_CTX ctx; if (ci->version == NULL) if ((ci->version = ASN1_INTEGER_new()) == NULL) goto end; ASN1_INTEGER_set(ci->version, 2); /* version 3 certificate */ /* * Free the current entries if any, there should not be any I believe */ sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); ci->extensions = NULL; X509_set_version(ret, 2); /* Initialize the context structure */ if (selfsign) Loading apps/x509.c +7 −2 Original line number Diff line number Diff line Loading @@ -894,8 +894,13 @@ int x509_main(int argc, char **argv) goto end; } if (badsig) x->signature->data[x->signature->length - 1] ^= 0x1; if (badsig) { ASN1_BIT_STRING *signature; unsigned char *s; X509_get0_signature(&signature, NULL, x); s = ASN1_STRING_data(signature); s[ASN1_STRING_length(signature) - 1] ^= 0x1; } if (outformat == FORMAT_ASN1) i = i2d_X509_bio(out, x); Loading crypto/ocsp/ocsp_vfy.c +2 −2 Original line number Diff line number Diff line Loading @@ -355,8 +355,8 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, static int ocsp_check_delegated(X509 *x, int flags) { X509_check_purpose(x, -1, 0); if ((x->ex_flags & EXFLAG_XKUSAGE) && (x->ex_xkusage & XKU_OCSP_SIGN)) if ((X509_get_extension_flags(x) & EXFLAG_XKUSAGE) && (X509_get_extended_key_usage(x) & XKU_OCSP_SIGN)) return 1; OCSPerr(OCSP_F_OCSP_CHECK_DELEGATED, OCSP_R_MISSING_OCSPSIGNING_USAGE); return 0; Loading crypto/pkcs7/pk7_doit.c +3 −3 Original line number Diff line number Diff line Loading @@ -393,10 +393,10 @@ static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) { int ret; ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, pcert->cert_info->issuer); X509_get_issuer_name(pcert)); if (ret) return ret; return ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, return ASN1_INTEGER_cmp(X509_get_serialNumber(pcert), ri->issuer_and_serial->serial); } Loading crypto/ts/ts_rsp_sign.c +3 −3 Original line number Diff line number Diff line Loading @@ -657,7 +657,7 @@ static TS_TST_INFO *ts_RESP_create_tst_info(TS_RESP_CTX *ctx, goto end; tsa_name->type = GEN_DIRNAME; tsa_name->d.dirn = X509_NAME_dup(ctx->signer_cert->cert_info->subject); X509_NAME_dup(X509_get_subject_name(ctx->signer_cert)); if (!tsa_name->d.dirn) goto end; if (!TS_TST_INFO_set_tsa(tst_info, tsa_name)) Loading Loading @@ -869,7 +869,7 @@ static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, int issuer_needed) if ((name = GENERAL_NAME_new()) == NULL) goto err; name->type = GEN_DIRNAME; if ((name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)) == NULL) if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) goto err; if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) goto err; Loading @@ -877,7 +877,7 @@ static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, int issuer_needed) /* Setting the serial number. */ ASN1_INTEGER_free(cid->issuer_serial->serial); if (!(cid->issuer_serial->serial = ASN1_INTEGER_dup(cert->cert_info->serialNumber))) ASN1_INTEGER_dup(X509_get_serialNumber(cert)))) goto err; } Loading Loading
apps/ca.c +6 −17 Original line number Diff line number Diff line Loading @@ -1052,13 +1052,14 @@ end_of_options: if (verbose) BIO_printf(bio_err, "writing new certificates\n"); for (i = 0; i < sk_X509_num(cert_sk); i++) { ASN1_INTEGER *serialNumber = X509_get_serialNumber(x); int k; char *n; x = sk_X509_value(cert_sk, i); j = x->cert_info->serialNumber->length; p = (const char *)x->cert_info->serialNumber->data; j = ASN1_STRING_length(serialNumber); p = (const char *)ASN1_STRING_data(serialNumber); if (strlen(outdir) >= (size_t)(j ? BSIZE - j * 2 - 6 : BSIZE - 8)) { BIO_printf(bio_err, "certificate file name too long\n"); Loading Loading @@ -1450,7 +1451,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, ASN1_STRING *str, *str2; ASN1_OBJECT *obj; X509 *ret = NULL; X509_CINF *ci; X509_NAME_ENTRY *ne; X509_NAME_ENTRY *tne, *push; EVP_PKEY *pktmp; Loading Loading @@ -1546,7 +1546,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (selfsign) CAname = X509_NAME_dup(name); else CAname = X509_NAME_dup(x509->cert_info->subject); CAname = X509_NAME_dup(X509_get_subject_name(x509)); if (CAname == NULL) goto end; str = str2 = NULL; Loading Loading @@ -1755,7 +1755,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if ((ret = X509_new()) == NULL) goto end; ci = ret->cert_info; #ifdef X509_V3 /* Make it an X509 v3 certificate. */ Loading @@ -1763,7 +1762,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, goto end; #endif if (BN_to_ASN1_INTEGER(serial, ci->serialNumber) == NULL) if (BN_to_ASN1_INTEGER(serial, X509_get_serialNumber(ret)) == NULL) goto end; if (selfsign) { if (!X509_set_issuer_name(ret, subject)) Loading Loading @@ -1799,17 +1798,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, /* Lets add the extensions, if there are any */ if (ext_sect) { X509V3_CTX ctx; if (ci->version == NULL) if ((ci->version = ASN1_INTEGER_new()) == NULL) goto end; ASN1_INTEGER_set(ci->version, 2); /* version 3 certificate */ /* * Free the current entries if any, there should not be any I believe */ sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); ci->extensions = NULL; X509_set_version(ret, 2); /* Initialize the context structure */ if (selfsign) Loading
apps/x509.c +7 −2 Original line number Diff line number Diff line Loading @@ -894,8 +894,13 @@ int x509_main(int argc, char **argv) goto end; } if (badsig) x->signature->data[x->signature->length - 1] ^= 0x1; if (badsig) { ASN1_BIT_STRING *signature; unsigned char *s; X509_get0_signature(&signature, NULL, x); s = ASN1_STRING_data(signature); s[ASN1_STRING_length(signature) - 1] ^= 0x1; } if (outformat == FORMAT_ASN1) i = i2d_X509_bio(out, x); Loading
crypto/ocsp/ocsp_vfy.c +2 −2 Original line number Diff line number Diff line Loading @@ -355,8 +355,8 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, static int ocsp_check_delegated(X509 *x, int flags) { X509_check_purpose(x, -1, 0); if ((x->ex_flags & EXFLAG_XKUSAGE) && (x->ex_xkusage & XKU_OCSP_SIGN)) if ((X509_get_extension_flags(x) & EXFLAG_XKUSAGE) && (X509_get_extended_key_usage(x) & XKU_OCSP_SIGN)) return 1; OCSPerr(OCSP_F_OCSP_CHECK_DELEGATED, OCSP_R_MISSING_OCSPSIGNING_USAGE); return 0; Loading
crypto/pkcs7/pk7_doit.c +3 −3 Original line number Diff line number Diff line Loading @@ -393,10 +393,10 @@ static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) { int ret; ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, pcert->cert_info->issuer); X509_get_issuer_name(pcert)); if (ret) return ret; return ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, return ASN1_INTEGER_cmp(X509_get_serialNumber(pcert), ri->issuer_and_serial->serial); } Loading
crypto/ts/ts_rsp_sign.c +3 −3 Original line number Diff line number Diff line Loading @@ -657,7 +657,7 @@ static TS_TST_INFO *ts_RESP_create_tst_info(TS_RESP_CTX *ctx, goto end; tsa_name->type = GEN_DIRNAME; tsa_name->d.dirn = X509_NAME_dup(ctx->signer_cert->cert_info->subject); X509_NAME_dup(X509_get_subject_name(ctx->signer_cert)); if (!tsa_name->d.dirn) goto end; if (!TS_TST_INFO_set_tsa(tst_info, tsa_name)) Loading Loading @@ -869,7 +869,7 @@ static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, int issuer_needed) if ((name = GENERAL_NAME_new()) == NULL) goto err; name->type = GEN_DIRNAME; if ((name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)) == NULL) if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) goto err; if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) goto err; Loading @@ -877,7 +877,7 @@ static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, int issuer_needed) /* Setting the serial number. */ ASN1_INTEGER_free(cid->issuer_serial->serial); if (!(cid->issuer_serial->serial = ASN1_INTEGER_dup(cert->cert_info->serialNumber))) ASN1_INTEGER_dup(X509_get_serialNumber(cert)))) goto err; } Loading
Tim Hudson <tjh@openssl.org>Tim Hudson <tjh@openssl.org>