diff options
author | Gibeom Gwon <gb.gwon@stackframe.dev> | 2022-08-27 22:04:38 +0900 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-09-10 15:42:28 +0200 |
commit | 39d356e084f6a4e48decf0644961255e6777b071 (patch) | |
tree | 3c4c530711233663ab2857c01c43482b9a8aa73e /crypto/x509 | |
parent | fd24de9f93049b05a54c48da5316f42882489230 (diff) | |
download | openssl-new-39d356e084f6a4e48decf0644961255e6777b071.tar.gz |
X509 x509_req.c: Set 'modified' flag when X509_req_info_st member data updated
We need to reencode X509_req_info_st if member data updated.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19090)
Diffstat (limited to 'crypto/x509')
-rw-r--r-- | crypto/x509/x509_req.c | 40 | ||||
-rw-r--r-- | crypto/x509/x_all.c | 2 |
2 files changed, 26 insertions, 16 deletions
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index af12714472..4e87be35a1 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -197,44 +197,52 @@ X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc) X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc) { - return X509at_delete_attr(req->req_info.attributes, loc); + X509_ATTRIBUTE *attr = X509at_delete_attr(req->req_info.attributes, loc); + + if (attr != NULL) + req->req_info.enc.modified = 1; + return attr; } int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr) { - if (X509at_add1_attr(&req->req_info.attributes, attr)) - return 1; - return 0; + if (!X509at_add1_attr(&req->req_info.attributes, attr)) + return 0; + req->req_info.enc.modified = 1; + return 1; } int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj, - type, bytes, len)) - return 1; - return 0; + if (!X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj, + type, bytes, len)) + return 0; + req->req_info.enc.modified = 1; + return 1; } int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_NID(&req->req_info.attributes, nid, - type, bytes, len)) - return 1; - return 0; + if (!X509at_add1_attr_by_NID(&req->req_info.attributes, nid, + type, bytes, len)) + return 0; + req->req_info.enc.modified = 1; + return 1; } int X509_REQ_add1_attr_by_txt(X509_REQ *req, const char *attrname, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_txt(&req->req_info.attributes, attrname, - type, bytes, len)) - return 1; - return 0; + if (!X509at_add1_attr_by_txt(&req->req_info.attributes, attrname, + type, bytes, len)) + return 0; + req->req_info.enc.modified = 1; + return 1; } long X509_REQ_get_version(const X509_REQ *req) diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 87d5ce97e8..dd3d9321da 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -95,6 +95,7 @@ X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout) int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) { + x->req_info.enc.modified = 1; return ASN1_item_sign_ex(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL, x->signature, &x->req_info, NULL, pkey, md, x->libctx, x->propq); @@ -102,6 +103,7 @@ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx) { + x->req_info.enc.modified = 1; return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL, x->signature, &x->req_info, ctx); |