| OLD | NEW |
|---|
| 1 /* ocsp_vfy.c */ | 1 /* ocsp_vfy.c */ |
| 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 * project 2000. | 3 * project 2000. |
| 4 */ | 4 */ |
| 5 /* ==================================================================== | 5 /* ==================================================================== |
| 6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. |
| 7 * | 7 * |
| 8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
| 9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
| 10 * are met: | 10 * are met: |
| (...skipping 290 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 301 X509_NAME *iname; | 301 X509_NAME *iname; |
| 302 int mdlen; | 302 int mdlen; |
| 303 unsigned char md[EVP_MAX_MD_SIZE]; | 303 unsigned char md[EVP_MAX_MD_SIZE]; |
| 304 if (!(dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))
) | 304 if (!(dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))
) |
| 305 { | 305 { |
| 306 OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID, OCSP_R_UNKNOWN_MESSA
GE_DIGEST); | 306 OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID, OCSP_R_UNKNOWN_MESSA
GE_DIGEST); |
| 307 return -1; | 307 return -1; |
| 308 } | 308 } |
| 309 | 309 |
| 310 mdlen = EVP_MD_size(dgst); | 310 mdlen = EVP_MD_size(dgst); |
| 311 if (mdlen < 0) |
| 312 return -1; |
| 311 if ((cid->issuerNameHash->length != mdlen) || | 313 if ((cid->issuerNameHash->length != mdlen) || |
| 312 (cid->issuerKeyHash->length != mdlen)) | 314 (cid->issuerKeyHash->length != mdlen)) |
| 313 return 0; | 315 return 0; |
| 314 iname = X509_get_subject_name(cert); | 316 iname = X509_get_subject_name(cert); |
| 315 if (!X509_NAME_digest(iname, dgst, md, NULL)) | 317 if (!X509_NAME_digest(iname, dgst, md, NULL)) |
| 316 return -1; | 318 return -1; |
| 317 if (memcmp(md, cid->issuerNameHash->data, mdlen)) | 319 if (memcmp(md, cid->issuerNameHash->data, mdlen)) |
| 318 return 0; | 320 return 0; |
| 319 » » X509_pubkey_digest(cert, EVP_sha1(), md, NULL); | 321 » » X509_pubkey_digest(cert, dgst, md, NULL); |
| 320 if (memcmp(md, cid->issuerKeyHash->data, mdlen)) | 322 if (memcmp(md, cid->issuerKeyHash->data, mdlen)) |
| 321 return 0; | 323 return 0; |
| 322 | 324 |
| 323 return 1; | 325 return 1; |
| 324 | 326 |
| 325 } | 327 } |
| 326 else | 328 else |
| 327 { | 329 { |
| 328 /* We have to match the whole lot */ | 330 /* We have to match the whole lot */ |
| 329 int i, ret; | 331 int i, ret; |
| (...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 435 } | 437 } |
| 436 | 438 |
| 437 signer = X509_find_by_subject(certs, nm); | 439 signer = X509_find_by_subject(certs, nm); |
| 438 if (signer) | 440 if (signer) |
| 439 { | 441 { |
| 440 *psigner = signer; | 442 *psigner = signer; |
| 441 return 2; | 443 return 2; |
| 442 } | 444 } |
| 443 return 0; | 445 return 0; |
| 444 } | 446 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/