projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
1024 is the export key bits limit according to current regulations, not 512.
[openssl.git] / crypto / x509 / x509type.c
diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c
index 42c23bcfca0bc0d989ad09524325c6f94e5b79ec..2cd994c5b0f57e36770730c480eed6ee377897e3 100644 (file)
--- a/crypto/x509/x509type.c
+++ b/crypto/x509/x509type.c
@@ -58,13 +58,11 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "evp.h"
-#include "objects.h"
-#include "x509.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
 
-int X509_certificate_type(x,pkey)
-X509 *x;
-EVP_PKEY *pkey;
+int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
        {
        EVP_PKEY *pk;
        int ret=0,i;
@@ -88,6 +86,9 @@ EVP_PKEY *pkey;
        case EVP_PKEY_DSA:
                ret=EVP_PK_DSA|EVP_PKT_SIGN;
                break;
+       case EVP_PKEY_EC:
+               ret=EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH;
+               break;
        case EVP_PKEY_DH:
                ret=EVP_PK_DH|EVP_PKT_EXCH;
                break;
@@ -101,15 +102,20 @@ EVP_PKEY *pkey;
        case EVP_PKEY_RSA:
                ret|=EVP_PKS_RSA;
                break;
-       case EVP_PKS_DSA:
+       case EVP_PKEY_DSA:
                ret|=EVP_PKS_DSA;
                break;
+       case EVP_PKEY_EC:
+               ret|=EVP_PKS_EC;
+               break;
        default:
                break;
                }
 
-       if (EVP_PKEY_size(pkey) <= 512)
+       if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
+                                          for, not bytes */
                ret|=EVP_PKT_EXP;
+       if(pkey==NULL) EVP_PKEY_free(pk);
        return(ret);
        }
 
Unnamed repository; edit this file 'description' to name the repository.