diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-12-14 13:13:32 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-12-14 23:06:14 +0000 |
commit | c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7 (patch) | |
tree | 5d4bfc88099fab5f8178b3cdfee4e8f4db2ad68d /apps | |
parent | 2872dbe1c46eceb20c38bc55a5fe2a4c4c52fe9d (diff) |
New function X509_get0_pubkey
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'apps')
-rw-r--r-- | apps/ca.c | 6 | ||||
-rw-r--r-- | apps/crl.c | 3 | ||||
-rw-r--r-- | apps/s_cb.c | 3 | ||||
-rw-r--r-- | apps/s_client.c | 3 | ||||
-rw-r--r-- | apps/x509.c | 9 |
5 files changed, 8 insertions, 16 deletions
@@ -1402,12 +1402,11 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, BIO_printf(bio_err, "Check that the request matches the signature\n"); - if ((pktmp = X509_get_pubkey(req)) == NULL) { + if ((pktmp = X509_get0_pubkey(req)) == NULL) { BIO_printf(bio_err, "error unpacking public key\n"); goto end; } i = X509_verify(req, pktmp); - EVP_PKEY_free(pktmp); if (i < 0) { ok = 0; BIO_printf(bio_err, "Signature verification problems....\n"); @@ -1890,11 +1889,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, } } - pktmp = X509_get_pubkey(ret); + pktmp = X509_get0_pubkey(ret); if (EVP_PKEY_missing_parameters(pktmp) && !EVP_PKEY_missing_parameters(pkey)) EVP_PKEY_copy_parameters(pktmp, pkey); - EVP_PKEY_free(pktmp); if (!do_X509_sign(ret, pkey, dgst, sigopts)) goto end; diff --git a/apps/crl.c b/apps/crl.c index b2a5d7f54d..3f64cdd57a 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -253,14 +253,13 @@ int crl_main(int argc, char **argv) BIO_printf(bio_err, "Error getting CRL issuer certificate\n"); goto end; } - pkey = X509_get_pubkey(xobj.data.x509); + pkey = X509_get0_pubkey(xobj.data.x509); X509_OBJECT_free_contents(&xobj); if (!pkey) { BIO_printf(bio_err, "Error getting CRL issuer public key\n"); goto end; } i = X509_CRL_verify(x, pkey); - EVP_PKEY_free(pkey); if (i < 0) goto end; if (i == 0) diff --git a/apps/s_cb.c b/apps/s_cb.c index 734d57fda4..7a4bf297cc 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -1402,13 +1402,12 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx, int sig_nid = X509_get_signature_nid(other); BIO_puts(sdb->out, OBJ_nid2sn(sig_nid)); } else { - EVP_PKEY *pkey = X509_get_pubkey(other); + EVP_PKEY *pkey = X509_get0_pubkey(other); const char *algname = ""; EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &algname, EVP_PKEY_get0_asn1(pkey)); BIO_printf(sdb->out, "%s, bits=%d", algname, EVP_PKEY_bits(pkey)); - EVP_PKEY_free(pkey); } break; } diff --git a/apps/s_client.c b/apps/s_client.c index f93ae35f56..5aa1adc51e 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2206,10 +2206,9 @@ static void print_stuff(BIO *bio, SSL *s, int full) SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); if (peer != NULL) { EVP_PKEY *pktmp; - pktmp = X509_get_pubkey(peer); + pktmp = X509_get0_pubkey(peer); BIO_printf(bio, "Server public key is %d bit\n", EVP_PKEY_bits(pktmp)); - EVP_PKEY_free(pktmp); } BIO_printf(bio, "Secure Renegotiation IS%s supported\n", SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); diff --git a/apps/x509.c b/apps/x509.c index 7155b33246..1677ba5fda 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -723,7 +723,7 @@ int x509_main(int argc, char **argv) } else if (modulus == i) { EVP_PKEY *pkey; - pkey = X509_get_pubkey(x); + pkey = X509_get0_pubkey(x); if (pkey == NULL) { BIO_printf(bio_err, "Modulus=unavailable\n"); ERR_print_errors(bio_err); @@ -742,18 +742,16 @@ int x509_main(int argc, char **argv) #endif BIO_printf(out, "Wrong Algorithm type"); BIO_printf(out, "\n"); - EVP_PKEY_free(pkey); } else if (pubkey == i) { EVP_PKEY *pkey; - pkey = X509_get_pubkey(x); + pkey = X509_get0_pubkey(x); if (pkey == NULL) { BIO_printf(bio_err, "Error getting public key\n"); ERR_print_errors(bio_err); goto end; } PEM_write_bio_PUBKEY(out, pkey); - EVP_PKEY_free(pkey); } else if (C == i) { unsigned char *d; char *m; @@ -991,9 +989,8 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, X509_STORE_CTX xsc; EVP_PKEY *upkey; - upkey = X509_get_pubkey(xca); + upkey = X509_get0_pubkey(xca); EVP_PKEY_copy_parameters(upkey, pkey); - EVP_PKEY_free(upkey); if (!X509_STORE_CTX_init(&xsc, ctx, x, NULL)) { BIO_printf(bio_err, "Error initialising X509 store\n"); |