mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

ocsp: remove references to EVP_sha1()

Browse Source 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14881)
This commit is contained in:
Pauli 2021-04-15 10:34:48 +10:00
parent 27344bb82a
commit e27fea4640
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/ocsp/ocsp_lib.c
View File

@ -25,6 +25,7 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject,
const X509_NAME *iname;
const ASN1_INTEGER *serial;
ASN1_BIT_STRING *ikey;
if (!dgst)
dgst = EVP_sha1();
if (subject) {

12
crypto/ocsp/ocsp_vfy.c
View File

@ -187,8 +187,9 @@ static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
{
int i;
int i, r;
unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash;
EVP_MD *md;
X509 *x;
/* Easy if lookup by name */
@ -203,12 +204,17 @@ static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
keyhash = id->value.byKey->data;
/* Calculate hash of each key and compare */
for (i = 0; i < sk_X509_num(certs); i++) {
x = sk_X509_value(certs, i);
if (!X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL))
if ((x = sk_X509_value(certs, i)) != NULL) {
if ((md = EVP_MD_fetch(x->libctx, SN_sha1, x->propq)) == NULL)
break;
r = X509_pubkey_digest(x, md, tmphash, NULL);
EVP_MD_free(md);
if (!r)
break;
if (memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH) == 0)
return x;
}
}
return NULL;
}