{
ASN1_INTEGER *serial = ASN1_INTEGER_new();
- if (!serial)
+ if (serial == NULL)
goto err;
if (!ASN1_INTEGER_set(serial, 1))
goto err;
return NULL;
}
+ ctx->signer_md = EVP_sha256();
+
ctx->serial_cb = def_serial_cb;
ctx->time_cb = def_time_cb;
ctx->extension_cb = def_extension_cb;
{
EVP_PKEY_free(ctx->signer_key);
ctx->signer_key = key;
- CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_up_ref(ctx->signer_key);
return 1;
}
+int TS_RESP_CTX_set_signer_digest(TS_RESP_CTX *ctx, const EVP_MD *md)
+{
+ ctx->signer_md = md;
+ return 1;
+}
+
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
{
ASN1_OBJECT_free(ctx->default_policy);
}
if ((si = PKCS7_add_signature(p7, ctx->signer_cert,
- ctx->signer_key, EVP_sha1())) == NULL) {
+ ctx->signer_key, ctx->signer_md)) == NULL) {
TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
goto err;
}