diff options
author | Theo Buehler <tb@cvs.openbsd.org> | 2024-08-28 06:26:07 +0000 |
---|---|---|
committer | Theo Buehler <tb@cvs.openbsd.org> | 2024-08-28 06:26:07 +0000 |
commit | 712d7d070e9da6eb7fe7e29bc078947db1b378fc (patch) | |
tree | f16123e47f78631df483216c29395f7f7746e6d6 /lib/libcrypto | |
parent | 4e3584d5e818f044723ab511348f9758840f1c7b (diff) |
Clean up and simplify OCSP_cert_id_new()
Use proper NULL checks, set hashAlgorithm with X509_ALGOR_set0_by_nid(),
and avoid a silly digerr label.
ok jsing
Diffstat (limited to 'lib/libcrypto')
-rw-r--r-- | lib/libcrypto/ocsp/ocsp_lib.c | 37 |
1 files changed, 16 insertions, 21 deletions
diff --git a/lib/libcrypto/ocsp/ocsp_lib.c b/lib/libcrypto/ocsp/ocsp_lib.c index d3eada2ba69..216af18fcd3 100644 --- a/lib/libcrypto/ocsp/ocsp_lib.c +++ b/lib/libcrypto/ocsp/ocsp_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp_lib.c,v 1.26 2023/07/08 10:44:00 beck Exp $ */ +/* $OpenBSD: ocsp_lib.c,v 1.27 2024/08/28 06:26:06 tb Exp $ */ /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL * project. */ @@ -75,6 +75,7 @@ #include <openssl/x509v3.h> #include "ocsp_local.h" +#include "x509_local.h" /* Convert a certificate and its issuer to an OCSP_CERTID */ @@ -109,50 +110,44 @@ OCSP_cert_id_new(const EVP_MD *dgst, const X509_NAME *issuerName, { int nid; unsigned int i; - X509_ALGOR *alg; OCSP_CERTID *cid = NULL; unsigned char md[EVP_MAX_MD_SIZE]; - if (!(cid = OCSP_CERTID_new())) + if ((cid = OCSP_CERTID_new()) == NULL) goto err; - alg = cid->hashAlgorithm; - if (alg->algorithm != NULL) - ASN1_OBJECT_free(alg->algorithm); if ((nid = EVP_MD_type(dgst)) == NID_undef) { OCSPerror(OCSP_R_UNKNOWN_NID); goto err; } - if (!(alg->algorithm = OBJ_nid2obj(nid))) + if (!X509_ALGOR_set0_by_nid(cid->hashAlgorithm, nid, V_ASN1_NULL, NULL)) goto err; - if ((alg->parameter = ASN1_TYPE_new()) == NULL) - goto err; - alg->parameter->type = V_ASN1_NULL; - if (!X509_NAME_digest(issuerName, dgst, md, &i)) - goto digerr; - if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) + if (!X509_NAME_digest(issuerName, dgst, md, &i)) { + OCSPerror(OCSP_R_DIGEST_ERR); + goto err; + } + if (!ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i)) goto err; /* Calculate the issuerKey hash, excluding tag and length */ if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL)) goto err; - if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) + if (!ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i)) goto err; - if (serialNumber) { + if (serialNumber != NULL) { ASN1_INTEGER_free(cid->serialNumber); - if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) + if ((cid->serialNumber = ASN1_INTEGER_dup(serialNumber)) == NULL) goto err; } + return cid; -digerr: - OCSPerror(OCSP_R_DIGEST_ERR); -err: - if (cid) - OCSP_CERTID_free(cid); + err: + OCSP_CERTID_free(cid); + return NULL; } LCRYPTO_ALIAS(OCSP_cert_id_new); |