OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Dr.
Stephen Henson
Root: /v/openssl/cvs Email: steve openssl.org
Module: openssl Date:
28-Apr-2006 14:27:37
Branch: HEAD Handle:
2006042813273601
Modified files:
openssl/crypto/evp p_lib.c
openssl/crypto/x509 x509_cmp.c
Log:
Update EVP_PKEY_cmp() and X509_check_private() to return
sensible values and
handle unsupported key types.
Summary:
Revision Changes Path
1.39 +1 -1 openssl/crypto/evp/p_lib.c
1.30 +14 -22 openssl/crypto/x509/x509_cmp.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/crypto/evp/p_lib.c
============================================================
================
$ cvs diff -u -r1.38 -r1.39 p_lib.c
--- openssl/crypto/evp/p_lib.c 5 Apr 2006 13:04:02
-0000 1.38
+++ openssl/crypto/evp/p_lib.c 28 Apr 2006 12:27:36
-0000 1.39
-149,7 +149,7
return -1;
if (a->ameth && a->ameth->param_cmp)
return a->ameth->param_cmp(a, b);
- return -1;
+ return -2;
}
int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
.
patch -p0 <<' .'
Index: openssl/crypto/x509/x509_cmp.c
============================================================
================
$ cvs diff -u -r1.29 -r1.30 x509_cmp.c
--- openssl/crypto/x509/x509_cmp.c 1 Dec 2004 01:45:30
-0000 1.29
+++ openssl/crypto/x509/x509_cmp.c 28 Apr 2006 12:27:37
-0000 1.30
-386,14 +386,19
int X509_check_private_key(X509 *x, EVP_PKEY *k)
{
- EVP_PKEY *xk=NULL;
- int ok=0;
+ EVP_PKEY *xk;
+ int ret;
xk=X509_get_pubkey(x);
- switch (EVP_PKEY_cmp(xk, k))
+
+ if (xk)
+ ret = EVP_PKEY_cmp(xk, k);
+ else
+ ret = -2;
+
+ switch (ret)
{
case 1:
- ok=1;
break;
case 0:
X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MI
SMATCH);
-402,24 +407,11
X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISM
ATCH);
break;
case -2:
-#ifndef OPENSSL_NO_EC
- if (k->type == EVP_PKEY_EC)
- {
- X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
- break;
- }
-#endif
-#ifndef OPENSSL_NO_DH
- if (k->type == EVP_PKEY_DH)
- {
- /* No idea */
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_
DH_KEY);
- break;
- }
-#endif
X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYP
E);
}
-
- EVP_PKEY_free(xk);
- return(ok);
+ if (xk)
+ EVP_PKEY_free(xk);
+ if (ret > 0)
+ return 1;
+ return 0;
}
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|