Use X509_REQ_get0_pubkey

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
FdaSilvaYY 2016-04-03 23:37:32 +02:00
parent 97458daade
commit c5137473bd
4 changed files with 13 additions and 28 deletions

View File

@ -1351,12 +1351,12 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
ok = 0;
goto end;
}
if ((pktmp = X509_REQ_get_pubkey(req)) == NULL) {
if ((pktmp = X509_REQ_get0_pubkey(req)) == NULL) {
BIO_printf(bio_err, "error unpacking public key\n");
goto end;
}
i = X509_REQ_verify(req, pktmp);
EVP_PKEY_free(pktmp);
pktmp = NULL;
if (i < 0) {
ok = 0;
BIO_printf(bio_err, "Signature verification problems....\n");
@ -1790,7 +1790,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
pktmp = X509_REQ_get_pubkey(req);
i = X509_set_pubkey(ret, pktmp);
EVP_PKEY_free(pktmp);
if (!i)
goto end;

View File

@ -375,6 +375,7 @@ int req_main(int argc, char **argv)
if (!nmflag_set)
nmflag = XN_FLAG_ONELINE;
/* TODO: simplify this as pkey is still always NULL here */
private = newreq && (pkey == NULL) ? 1 : 0;
if (!app_passwd(passargin, passargout, &passin, &passout)) {
@ -666,10 +667,9 @@ int req_main(int argc, char **argv)
if (!X509_set_subject_name
(x509ss, X509_REQ_get_subject_name(req)))
goto end;
tmppkey = X509_REQ_get_pubkey(req);
tmppkey = X509_REQ_get0_pubkey(req);
if (!tmppkey || !X509_set_pubkey(x509ss, tmppkey))
goto end;
EVP_PKEY_free(tmppkey);
/* Set up V3 context struct */
@ -739,20 +739,15 @@ int req_main(int argc, char **argv)
}
if (verify && !x509) {
int tmp = 0;
EVP_PKEY *pubkey = pkey;
if (pkey == NULL) {
pkey = X509_REQ_get_pubkey(req);
tmp = 1;
if (pkey == NULL)
if (pubkey == NULL) {
pubkey = X509_REQ_get0_pubkey(req);
if (pubkey == NULL)
goto end;
}
i = X509_REQ_verify(req, pkey);
if (tmp) {
EVP_PKEY_free(pkey);
pkey = NULL;
}
i = X509_REQ_verify(req, pubkey);
if (i < 0) {
goto end;

View File

@ -562,12 +562,11 @@ int x509_main(int argc, char **argv)
goto end;
}
if ((pkey = X509_REQ_get_pubkey(req)) == NULL) {
if ((pkey = X509_REQ_get0_pubkey(req)) == NULL) {
BIO_printf(bio_err, "error unpacking public key\n");
goto end;
}
i = X509_REQ_verify(req, pkey);
EVP_PKEY_free(pkey);
if (i < 0) {
BIO_printf(bio_err, "Signature verification error\n");
ERR_print_errors(bio_err);
@ -607,9 +606,8 @@ int x509_main(int argc, char **argv)
if (fkey)
X509_set_pubkey(x, fkey);
else {
pkey = X509_REQ_get_pubkey(req);
pkey = X509_REQ_get0_pubkey(req);
X509_set_pubkey(x, pkey);
EVP_PKEY_free(pkey);
}
} else
x = load_cert(infile, informat, "Certificate");

View File

@ -101,21 +101,14 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
NULL)
goto err;
pubkey = X509_REQ_get_pubkey(r);
if (pubkey == NULL)
pubkey = X509_REQ_get0_pubkey(r);
if (pubkey == NULL || !X509_set_pubkey(ret, pubkey))
goto err;
if (!X509_set_pubkey(ret, pubkey))
goto err_pkey;
EVP_PKEY_free(pubkey);
if (!X509_sign(ret, pkey, EVP_md5()))
goto err;
return ret;
err_pkey:
EVP_PKEY_free(pubkey);
err:
X509_free(ret);
return NULL;