diff options
| author | Niels Provos <provos@cvs.openbsd.org> | 2001-02-16 21:17:32 +0000 |
|---|---|---|
| committer | Niels Provos <provos@cvs.openbsd.org> | 2001-02-16 21:17:32 +0000 |
| commit | 304e6ec96d1526b33e3fa2a15d4e99719e93514a (patch) | |
| tree | 3518b7f3679ab6f192b3c9bfbdd8fc00b7967dfb /sbin | |
| parent | 718e31d63350f50f55526f6d08d926c521699739 (diff) | |
use the hash algorithm found in original certificate for the signature
after it has been patched. from angelos@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/isakmpd/apps/certpatch/certpatch.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/sbin/isakmpd/apps/certpatch/certpatch.c b/sbin/isakmpd/apps/certpatch/certpatch.c index fb1a68c0c19..825697d19f7 100644 --- a/sbin/isakmpd/apps/certpatch/certpatch.c +++ b/sbin/isakmpd/apps/certpatch/certpatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: certpatch.c,v 1.14 2001/01/27 12:03:37 niklas Exp $ */ +/* $OpenBSD: certpatch.c,v 1.15 2001/02/16 21:17:31 provos Exp $ */ /* $EOM: certpatch.c,v 1.11 2000/12/21 14:50:09 ho Exp $ */ /* @@ -92,7 +92,7 @@ main (int argc, char **argv) EVP_PKEY *pkey_priv; X509 *cert; BIO *file; - EVP_MD *digest = EVP_md5 (); + const EVP_MD *digest; X509_EXTENSION *ex = NULL; ASN1_OCTET_STRING *data = NULL; struct in_addr saddr; @@ -175,6 +175,9 @@ main (int argc, char **argv) exit (1); } + /* Get the digest for the actual signing */ + digest = EVP_get_digestbyname (OBJ_nid2sn (OBJ_obj2nid (cert->sig_alg->algorithm))); + if (!X509_set_version (cert, 2)) { printf ("X509 failed to set version number\n"); @@ -263,8 +266,7 @@ main (int argc, char **argv) #endif free (new_id); } - - + /* XXX This is a hack, how to do better? */ data->type = 0x30; data->data[0] = 0x30; |