projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
RT4320/GH705: Fix PEM parsing bug.
[openssl.git]
/
crypto
/
ts
/
ts_rsp_sign.c
diff --git
a/crypto/ts/ts_rsp_sign.c
b/crypto/ts/ts_rsp_sign.c
index c7738b8a51a594696cdbbde11fdcc47ff8ea645a..0ad6f100d6db569d4d6039480191d7ee7fdb8e19 100644
(file)
--- a/
crypto/ts/ts_rsp_sign.c
+++ b/
crypto/ts/ts_rsp_sign.c
@@
-1,4
+1,3
@@
-/* crypto/ts/ts_resp_sign.c */
/*
* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
* 2002.
/*
* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
* 2002.
@@
-169,6
+168,8
@@
TS_RESP_CTX *TS_RESP_CTX_new()
return NULL;
}
return NULL;
}
+ ctx->signer_md = EVP_sha256();
+
ctx->serial_cb = def_serial_cb;
ctx->time_cb = def_time_cb;
ctx->extension_cb = def_extension_cb;
ctx->serial_cb = def_serial_cb;
ctx->time_cb = def_time_cb;
ctx->extension_cb = def_extension_cb;
@@
-210,11
+211,17
@@
int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
{
EVP_PKEY_free(ctx->signer_key);
ctx->signer_key = key;
{
EVP_PKEY_free(ctx->signer_key);
ctx->signer_key = key;
-
CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY
);
+
EVP_PKEY_up_ref(ctx->signer_key
);
return 1;
}
return 1;
}
+int TS_RESP_CTX_set_signer_digest(TS_RESP_CTX *ctx, const EVP_MD *md)
+{
+ ctx->signer_md = md;
+ return 1;
+}
+
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
{
ASN1_OBJECT_free(ctx->default_policy);
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
{
ASN1_OBJECT_free(ctx->default_policy);
@@
-700,7
+707,7
@@
static int ts_RESP_sign(TS_RESP_CTX *ctx)
}
if ((si = PKCS7_add_signature(p7, ctx->signer_cert,
}
if ((si = PKCS7_add_signature(p7, ctx->signer_cert,
- ctx->signer_key,
EVP_sha1()
)) == NULL) {
+ ctx->signer_key,
ctx->signer_md
)) == NULL) {
TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
goto err;
}
TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
goto err;
}
@@
-786,6
+793,7
@@
static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, int issuer_needed)
GENERAL_NAME *name = NULL;
unsigned char cert_sha1[SHA_DIGEST_LENGTH];
GENERAL_NAME *name = NULL;
unsigned char cert_sha1[SHA_DIGEST_LENGTH];
+ /* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(cert, -1, 0);
if ((cid = ESS_CERT_ID_new()) == NULL)
goto err;
X509_check_purpose(cert, -1, 0);
if ((cid = ESS_CERT_ID_new()) == NULL)
goto err;