Loading crypto/cms/cms_lib.c +8 −6 Original line number Diff line number Diff line Loading @@ -585,10 +585,11 @@ int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) { X509_check_purpose(cert, -1, -1); if (!cert->skid) const ASN1_OCTET_STRING *cert_keyid = X509_get0_subject_key_id(cert); if (cert_keyid == NULL) return -1; return ASN1_OCTET_STRING_cmp(keyid, cert->skid); return ASN1_OCTET_STRING_cmp(keyid, cert_keyid); } int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) Loading @@ -613,12 +614,13 @@ int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) { ASN1_OCTET_STRING *keyid = NULL; X509_check_purpose(cert, -1, -1); if (!cert->skid) { const ASN1_OCTET_STRING *cert_keyid; cert_keyid = X509_get0_subject_key_id(cert); if (cert_keyid == NULL) { CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID); return 0; } keyid = ASN1_STRING_dup(cert->skid); keyid = ASN1_STRING_dup(cert_keyid); if (!keyid) { CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE); return 0; Loading crypto/x509v3/v3_purp.c +7 −0 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ #include "internal/numbers.h" #include <openssl/x509v3.h> #include <openssl/x509_vfy.h> #include "internal/x509_int.h" static void x509v3_cache_extensions(X509 *x); Loading Loading @@ -868,3 +869,9 @@ uint32_t X509_get_extended_key_usage(X509 *x) return x->ex_xkusage; return UINT32_MAX; } const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x) { X509_check_purpose(x, -1, -1); return x->skid; } include/openssl/x509v3.h +1 −0 Original line number Diff line number Diff line Loading @@ -700,6 +700,7 @@ int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); uint32_t X509_get_extension_flags(X509 *x); uint32_t X509_get_key_usage(X509 *x); uint32_t X509_get_extended_key_usage(X509 *x); const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x); int X509_PURPOSE_get_count(void); X509_PURPOSE *X509_PURPOSE_get0(int idx); Loading Loading
crypto/cms/cms_lib.c +8 −6 Original line number Diff line number Diff line Loading @@ -585,10 +585,11 @@ int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) { X509_check_purpose(cert, -1, -1); if (!cert->skid) const ASN1_OCTET_STRING *cert_keyid = X509_get0_subject_key_id(cert); if (cert_keyid == NULL) return -1; return ASN1_OCTET_STRING_cmp(keyid, cert->skid); return ASN1_OCTET_STRING_cmp(keyid, cert_keyid); } int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) Loading @@ -613,12 +614,13 @@ int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) { ASN1_OCTET_STRING *keyid = NULL; X509_check_purpose(cert, -1, -1); if (!cert->skid) { const ASN1_OCTET_STRING *cert_keyid; cert_keyid = X509_get0_subject_key_id(cert); if (cert_keyid == NULL) { CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID); return 0; } keyid = ASN1_STRING_dup(cert->skid); keyid = ASN1_STRING_dup(cert_keyid); if (!keyid) { CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE); return 0; Loading
crypto/x509v3/v3_purp.c +7 −0 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ #include "internal/numbers.h" #include <openssl/x509v3.h> #include <openssl/x509_vfy.h> #include "internal/x509_int.h" static void x509v3_cache_extensions(X509 *x); Loading Loading @@ -868,3 +869,9 @@ uint32_t X509_get_extended_key_usage(X509 *x) return x->ex_xkusage; return UINT32_MAX; } const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x) { X509_check_purpose(x, -1, -1); return x->skid; }
include/openssl/x509v3.h +1 −0 Original line number Diff line number Diff line Loading @@ -700,6 +700,7 @@ int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); uint32_t X509_get_extension_flags(X509 *x); uint32_t X509_get_key_usage(X509 *x); uint32_t X509_get_extended_key_usage(X509 *x); const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x); int X509_PURPOSE_get_count(void); X509_PURPOSE *X509_PURPOSE_get0(int idx); Loading
Rich Salz <rsalz@openssl.org>Rich Salz <rsalz@openssl.org>