diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-04-17 13:34:11 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-04-18 19:54:17 +0200 |
| commit | 753283cd23c268a6109443cf6f5b73857442b2df (patch) | |
| tree | b101f6dbdfb422759363ecf54b8a7d3c9fcc44bc /crypto | |
| parent | e599d0aecd3e9419d1558628cb42db9cf0fa5fd0 (diff) | |
Add CMP error reason 'missing reference cert'
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11386)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/cmp/cmp_client.c | 4 | ||||
| -rw-r--r-- | crypto/cmp/cmp_err.c | 2 | ||||
| -rw-r--r-- | crypto/cmp/cmp_msg.c | 2 | ||||
| -rw-r--r-- | crypto/err/openssl.txt | 1 |
4 files changed, 8 insertions, 1 deletions
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index 07535e55bd..b2238fb55d 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -754,6 +754,10 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) CMPerr(0, CMP_R_INVALID_ARGS); return 0; } + if (ctx->oldCert == NULL) { + CMPerr(0, CMP_R_MISSING_REFERENCE_CERT); + return 0; + } ctx->status = -1; /* OSSL_CMP_rr_new() also checks if all necessary options are set */ diff --git a/crypto/cmp/cmp_err.c b/crypto/cmp/cmp_err.c index 0f06fb3b42..0c3547c013 100644 --- a/crypto/cmp/cmp_err.c +++ b/crypto/cmp/cmp_err.c @@ -90,6 +90,8 @@ static const ERR_STRING_DATA CMP_str_reasons[] = { {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_PRIVATE_KEY), "missing private key"}, {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_PROTECTION), "missing protection"}, + {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_REFERENCE_CERT), + "missing reference cert"}, {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_SENDER_IDENTIFICATION), "missing sender identification"}, {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_TRUST_STORE), diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c index 73a9d7a267..fbf6c8fd4f 100644 --- a/crypto/cmp/cmp_msg.c +++ b/crypto/cmp/cmp_msg.c @@ -226,7 +226,7 @@ static OSSL_CRMF_MSG *crm_new(OSSL_CMP_CTX *ctx, int bodytype, int rid) #endif } if (bodytype == OSSL_CMP_PKIBODY_KUR && refcert == NULL) { - CMPerr(0, CMP_R_INVALID_ARGS); + CMPerr(0, CMP_R_MISSING_REFERENCE_CERT); return NULL; } if ((crm = OSSL_CRMF_MSG_new()) == NULL) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 793473684c..122542f6b6 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2122,6 +2122,7 @@ CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION:130:\ CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE:142:missing key usage digitalsignature CMP_R_MISSING_PRIVATE_KEY:131:missing private key CMP_R_MISSING_PROTECTION:143:missing protection +CMP_R_MISSING_REFERENCE_CERT:168:missing reference cert CMP_R_MISSING_SENDER_IDENTIFICATION:111:missing sender identification CMP_R_MISSING_TRUST_STORE:144:missing trust store CMP_R_MULTIPLE_REQUESTS_NOT_SUPPORTED:161:multiple requests not supported |