Fix the ECDSA timing attack mentioned in the paper at:

[openssl.git] / crypto / ocsp / ocsp_prn.c

diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c
index 409a9777ad650171ef406a981ef62d615a5e101a..87608ff399b1802956dbe2e782a5682ffeebcc05 100644 (file)
--- a/crypto/ocsp/ocsp_prn.c
+++ b/crypto/ocsp/ocsp_prn.c
@@ -182,7 +182,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
         {
        int i, ret = 0;
        long l;
-       unsigned char *p;
        OCSP_CERTID *cid = NULL;
        OCSP_BASICRESP *br = NULL;
        OCSP_RESPID *rid = NULL;
@@ -207,7 +206,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
                return 1;
                }
 
-       p = ASN1_STRING_data(rb->response);
        i = ASN1_STRING_length(rb->response);
        if (!(br = OCSP_response_get1_basic(o))) goto err;
        rd = br->tbsResponseData;
@@ -266,15 +264,16 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
                        if (!ASN1_GENERALIZEDTIME_print(bp,single->nextUpdate))
                                goto err;
                        }
-               if (!BIO_write(bp,"\n",1)) goto err;
+               if (BIO_write(bp,"\n",1) <= 0) goto err;
                if (!X509V3_extensions_print(bp,
                                        "Response Single Extensions",
                                        single->singleExtensions, flags, 8))
                                                        goto err;
-               if (!BIO_write(bp,"\n",1)) goto err;
+               if (BIO_write(bp,"\n",1) <= 0) goto err;
                }
        if (!X509V3_extensions_print(bp, "Response Extensions",
                                        rd->responseExtensions, flags, 4))
+                                                       goto err;
        if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0)
                                                        goto err;