diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2004-11-11 13:47:06 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2004-11-11 13:47:06 +0000 |
| commit | 10c85057348cf34d0d55cba90904fb37f1a124f6 (patch) | |
| tree | af978162cc5274e09c9350e718ecd069d487437b /apps/ca.c | |
| parent | 10f92aac33de06d3bf0515b0e54bf282746113aa (diff) | |
Use the default_md config file value when signing CRLs.
PR:662
Diffstat (limited to 'apps/ca.c')
| -rw-r--r-- | apps/ca.c | 47 |
1 files changed, 18 insertions, 29 deletions
@@ -995,25 +995,27 @@ bad: } } + if ((md == NULL) && ((md=NCONF_get_string(conf, + section,ENV_DEFAULT_MD)) == NULL)) + { + lookup_fail(section,ENV_DEFAULT_MD); + goto err; + } + + if ((dgst=EVP_get_digestbyname(md)) == NULL) + { + BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); + goto err; + } + if (req) { - if ((md == NULL) && ((md=NCONF_get_string(conf, - section,ENV_DEFAULT_MD)) == NULL)) - { - lookup_fail(section,ENV_DEFAULT_MD); - goto err; - } if ((email_dn == 1) && ((tmp_email_dn=NCONF_get_string(conf, section,ENV_DEFAULT_EMAIL_DN)) != NULL )) { if(strcmp(tmp_email_dn,"no") == 0) email_dn=0; } - if ((dgst=EVP_get_digestbyname(md)) == NULL) - { - BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); - goto err; - } if (verbose) BIO_printf(bio_err,"message digest is %s\n", OBJ_nid2ln(dgst->type)); @@ -1396,28 +1398,15 @@ bad: /* we now have a CRL */ if (verbose) BIO_printf(bio_err,"signing CRL\n"); - if (md != NULL) - { - if ((dgst=EVP_get_digestbyname(md)) == NULL) - { - BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); - goto err; - } - } - else - { #ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) - dgst=EVP_dss1(); - else + if (pkey->type == EVP_PKEY_DSA) + dgst=EVP_dss1(); + else #endif #ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_EC) - dgst=EVP_ecdsa(); - else + if (pkey->type == EVP_PKEY_EC) + dgst=EVP_ecdsa(); #endif - dgst=EVP_md5(); - } /* Add any extensions asked for */ |