diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2001-02-02 00:45:54 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2001-02-02 00:45:54 +0000 |
commit | 88ce56f8c19afca84548ce85bbc9b5dda3c724f9 (patch) | |
tree | 3246395c2be795f28d84443d3a193efe6d3a96fb /crypto/ocsp | |
parent | 664d83bb23e7e6d30b63f6127b454f7c6dc33da9 (diff) |
Various function for commmon operations.
Diffstat (limited to 'crypto/ocsp')
-rw-r--r-- | crypto/ocsp/ocsp_lib.c | 12 | ||||
-rw-r--r-- | crypto/ocsp/ocsp_vfy.c | 15 |
2 files changed, 5 insertions, 22 deletions
diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c index bdd4cfccff..825d023e05 100644 --- a/crypto/ocsp/ocsp_lib.c +++ b/crypto/ocsp/ocsp_lib.c @@ -82,7 +82,7 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) #endif iname = X509_get_issuer_name(subject); serial = X509_get_serialNumber(subject); - ikey = issuer->cert_info->key->public_key; + ikey = X509_get0_pubkey_bitstr(issuer); return OCSP_cert_id_new(dgst, iname, ikey, serial); } @@ -97,7 +97,6 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, X509_ALGOR *alg; OCSP_CERTID *cid = NULL; unsigned char md[EVP_MAX_MD_SIZE]; - EVP_MD_CTX ctx; if (!(cid = OCSP_CERTID_new())) goto err; @@ -116,9 +115,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err; /* Calculate the issuerKey hash, excluding tag and length */ - EVP_DigestInit(&ctx,dgst); - EVP_DigestUpdate(&ctx,issuerKey->data, issuerKey->length); - EVP_DigestFinal(&ctx,md,&i); + EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst); if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err; @@ -186,7 +183,6 @@ OCSP_BASICRESP *OCSP_basic_response_new(int type, X509* cert) { time_t t; OCSP_RESPID *rid; - ASN1_BIT_STRING *bs; OCSP_BASICRESP *rsp = NULL; unsigned char md[SHA_DIGEST_LENGTH]; @@ -205,9 +201,7 @@ OCSP_BASICRESP *OCSP_basic_response_new(int type, X509* cert) /* SHA-1 hash of responder's public key * (excluding the tag and length fields) */ - bs = cert->cert_info->key->public_key; - SHA1(ASN1_STRING_data((ASN1_STRING*)bs), - ASN1_STRING_length((ASN1_STRING*)bs), md); + X509_pubkey_digest(cert, EVP_sha1(), md, NULL); if (!(rid->value.byKey = ASN1_OCTET_STRING_new())) goto err; if (!(ASN1_OCTET_STRING_set(rid->value.byKey, diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index 7470f1c048..4ac7e821ec 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -177,8 +177,6 @@ static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id) { int i; unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash; - ASN1_BIT_STRING *key; - EVP_MD_CTX ctx; X509 *x; /* Easy if lookup by name */ @@ -194,10 +192,7 @@ static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id) for (i = 0; i < sk_X509_num(certs); i++) { x = sk_X509_value(certs, i); - key = x->cert_info->key->public_key; - EVP_DigestInit(&ctx,EVP_sha1()); - EVP_DigestUpdate(&ctx,key->data, key->length); - EVP_DigestFinal(&ctx,tmphash,NULL); + X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL); if(!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH)) return x; } @@ -294,9 +289,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, if(cid) { const EVP_MD *dgst; - EVP_MD_CTX ctx; X509_NAME *iname; - ASN1_BIT_STRING *ikey; int mdlen; unsigned char md[EVP_MAX_MD_SIZE]; if (!(dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))) @@ -314,11 +307,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, return -1; if (memcmp(md, cid->issuerNameHash->data, mdlen)) return 0; - ikey = cert->cert_info->key->public_key; - - EVP_DigestInit(&ctx,dgst); - EVP_DigestUpdate(&ctx,ikey->data, ikey->length); - EVP_DigestFinal(&ctx,md,NULL); + X509_pubkey_digest(cert, EVP_sha1(), md, NULL); if (memcmp(md, cid->issuerKeyHash->data, mdlen)) return 0; |