[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Wed Jun 30 03:54:21 UTC 2021
The branch master has been updated
via 10af976962b2383bb3044120a764037361b8bff7 (commit)
from a73a5d0a14842f51d1a6bad15f3e997b0468b99d (commit)
- Log -----------------------------------------------------------------
commit 10af976962b2383bb3044120a764037361b8bff7
Author: Pauli <pauli at openssl.org>
Date: Tue Jun 29 11:43:00 2021 +1000
x509: improve error reporting
Distinguish between not being able to extract a public key versus not knowing
the key's type.
Alternative to #15921
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15944)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x509_cmp.c | 19 ++++++++-----------
1 file changed, 8 insertions(+), 11 deletions(-)
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 1c1a5e6a27..8b4e46a589 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -391,15 +391,12 @@ int X509_check_private_key(const X509 *x, const EVP_PKEY *k)
int ret;
xk = X509_get0_pubkey(x);
+ if (xk == NULL) {
+ ERR_raise(ERR_LIB_X509, X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
+ return 0;
+ }
- if (xk)
- ret = EVP_PKEY_eq(xk, k);
- else
- ret = -2;
-
- switch (ret) {
- case 1:
- break;
+ switch (ret = EVP_PKEY_eq(xk, k)) {
case 0:
ERR_raise(ERR_LIB_X509, X509_R_KEY_VALUES_MISMATCH);
break;
@@ -408,10 +405,10 @@ int X509_check_private_key(const X509 *x, const EVP_PKEY *k)
break;
case -2:
ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_KEY_TYPE);
+ break;
}
- if (ret > 0)
- return 1;
- return 0;
+
+ return ret > 0;
}
/*
More information about the openssl-commits
mailing list