Move DSA test in ca.c inside #ifdef and make pubkey BIT STRING always have

zero unused bits.
上级 ebc828ca
......@@ -5,6 +5,10 @@
Changes between 0.9.1c and 0.9.2
*) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
BIT STRING wrapper always have zero unused bits.
[Steve Henson]
*) Add CA.pl, perl version of CA.sh, add extended key usage OID.
[Steve Henson]
......
......@@ -1694,9 +1694,9 @@ again2:
}
}
if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
#ifndef NO_DSA
if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
pktmp=X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
!EVP_PKEY_missing_parameters(pkey))
......
......@@ -188,6 +188,10 @@ EVP_PKEY *pkey;
p=s;
i2d_PublicKey(pkey,&p);
if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
/* Set number of unused bits to zero */
pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
Free(s);
CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册
新手
引导
客服 返回
顶部