X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fx509v3%2Fv3_skey.c;h=0a984fbaa8728a144ff4c86a8ea5925c5aeb5e38;hp=932cd8b26ce758240aaafff091e300e2da5a5b3e;hb=a69c0a1be5c619a74c02fcef05be6142d4700f62;hpb=c5db363e1b75f8452e4c888402a8ecb291b13838 diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c index 932cd8b26c..0a984fbaa8 100644 --- a/crypto/x509v3/v3_skey.c +++ b/crypto/x509v3/v3_skey.c @@ -1,5 +1,5 @@ /* v3_skey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== @@ -59,53 +59,36 @@ #include #include "cryptlib.h" -#include "x509v3.h" +#include -#ifndef NOPROTO -static ASN1_OCTET_STRING *octet_string_new(void); static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -#else -static ASN1_OCTET_STRING *s2i_skey_id(); -static ASN1_OCTET_STRING *octet_string_new(); -#endif - -X509V3_EXT_METHOD v3_skey_id = { -NID_subject_key_identifier, 0, -(X509V3_EXT_NEW)octet_string_new, ASN1_STRING_free, -(X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING, -i2d_ASN1_OCTET_STRING, +const X509V3_EXT_METHOD v3_skey_id = { +NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING), +0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, (X509V3_EXT_S2I)s2i_skey_id, -NULL, NULL, NULL, NULL, NULL}; +0,0,0,0, +NULL}; - -static ASN1_OCTET_STRING *octet_string_new(void) -{ - return ASN1_OCTET_STRING_new(); -} - -char *i2s_ASN1_OCTET_STRING(method, oct) -X509V3_EXT_METHOD *method; -ASN1_OCTET_STRING *oct; +char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, + ASN1_OCTET_STRING *oct) { return hex_to_string(oct->data, oct->length); } -ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(method, ctx, str) -X509V3_EXT_METHOD *method; -X509V3_CTX *ctx; -char *str; +ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, char *str) { ASN1_OCTET_STRING *oct; long length; - if(!(oct = ASN1_OCTET_STRING_new())) { + if(!(oct = M_ASN1_OCTET_STRING_new())) { X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); return NULL; } if(!(oct->data = string_to_hex(str, &length))) { - ASN1_OCTET_STRING_free(oct); + M_ASN1_OCTET_STRING_free(oct); return NULL; } @@ -115,28 +98,25 @@ char *str; } -static ASN1_OCTET_STRING *s2i_skey_id(method, ctx, str) -X509V3_EXT_METHOD *method; -X509V3_CTX *ctx; -char *str; +static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, char *str) { ASN1_OCTET_STRING *oct; ASN1_BIT_STRING *pk; unsigned char pkey_dig[EVP_MAX_MD_SIZE]; - EVP_MD_CTX md; unsigned int diglen; if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); - if(!(oct = ASN1_OCTET_STRING_new())) { - X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); + if(!(oct = M_ASN1_OCTET_STRING_new())) { + X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); return NULL; } if(ctx && (ctx->flags == CTX_TEST)) return oct; if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { - X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); + X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -145,22 +125,21 @@ char *str; else pk = ctx->subject_cert->cert_info->key->public_key; if(!pk) { - X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); + X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); goto err; } - EVP_DigestInit(&md, EVP_sha1()); - EVP_DigestUpdate(&md, pk->data, pk->length); - EVP_DigestFinal(&md, pkey_dig, &diglen); + if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL)) + goto err; - if(!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { - X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); + if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { + X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); goto err; } return oct; err: - ASN1_OCTET_STRING_free(oct); + M_ASN1_OCTET_STRING_free(oct); return NULL; }