The branch OpenSSL_1_0_1-stable has been updated
via eea595ff6b554b3876bab51b2560df5fb0006696 (commit)
from bdbfb8477eac725639469a50e55698e371d86d2f (commit)
- Log -----------------------------------------------------------------
commit eea595ff6b554b3876bab51b2560df5fb0006696
Author: Matt Caswell <m...@openssl.org>
Date: Mon Apr 25 16:50:59 2016 +0100
Check that the obtained public key is valid
In the X509 app check that the obtained public key is valid before we
attempt to use it.
Issue reported by Yuan Jochen Kang.
Reviewed-by: Viktor Dukhovni <vik...@openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/x509.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/apps/x509.c b/apps/x509.c
index e5fe610..0199c55 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -1053,6 +1053,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile,
const EVP_MD *digest,
EVP_PKEY *upkey;
upkey = X509_get_pubkey(xca);
+ if (upkey == NULL) {
+ BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
+ goto end;
+ }
EVP_PKEY_copy_parameters(upkey, pkey);
EVP_PKEY_free(upkey);
@@ -1161,6 +1165,8 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int
clrext,
EVP_PKEY *pktmp;
pktmp = X509_get_pubkey(x);
+ if (pktmp == NULL)
+ goto err;
EVP_PKEY_copy_parameters(pktmp, pkey);
EVP_PKEY_save_parameters(pktmp, 1);
EVP_PKEY_free(pktmp);
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
