112 lines
3.8 KiB
Diff
112 lines
3.8 KiB
Diff
From 002cf9a68e20700388326c92b0c9ec8630b5c5d2 Mon Sep 17 00:00:00 2001
|
|
From: Gibeom Gwon <gb.gwon@stackframe.dev>
|
|
Date: Sat, 27 Aug 2022 22:04:38 +0900
|
|
Subject: [PATCH] X509 x509_req.c: Set 'modified' flag when X509_req_info_st
|
|
member data updated
|
|
|
|
We need to reencode X509_req_info_st if member data updated.
|
|
|
|
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
|
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
|
|
(Merged from https://github.com/openssl/openssl/pull/18879)
|
|
---
|
|
crypto/x509/x509_req.c | 40 ++++++++++++++++++++++++----------------
|
|
crypto/x509/x_all.c | 2 ++
|
|
2 files changed, 26 insertions(+), 16 deletions(-)
|
|
|
|
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
|
|
index a69f9a723d..1be47174ac 100644
|
|
--- a/crypto/x509/x509_req.c
|
|
+++ b/crypto/x509/x509_req.c
|
|
@@ -229,44 +229,52 @@ X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
|
|
|
|
X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
|
|
{
|
|
- return X509at_delete_attr(req->req_info.attributes, loc);
|
|
+ X509_ATTRIBUTE *attr = X509at_delete_attr(req->req_info.attributes, loc);
|
|
+
|
|
+ if (attr != NULL)
|
|
+ req->req_info.enc.modified = 1;
|
|
+ return attr;
|
|
}
|
|
|
|
int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
|
|
{
|
|
- if (X509at_add1_attr(&req->req_info.attributes, attr))
|
|
- return 1;
|
|
- return 0;
|
|
+ if (!X509at_add1_attr(&req->req_info.attributes, attr))
|
|
+ return 0;
|
|
+ req->req_info.enc.modified = 1;
|
|
+ return 1;
|
|
}
|
|
|
|
int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
|
|
const ASN1_OBJECT *obj, int type,
|
|
const unsigned char *bytes, int len)
|
|
{
|
|
- if (X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
|
|
- type, bytes, len))
|
|
- return 1;
|
|
- return 0;
|
|
+ if (!X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
|
|
+ type, bytes, len))
|
|
+ return 0;
|
|
+ req->req_info.enc.modified = 1;
|
|
+ return 1;
|
|
}
|
|
|
|
int X509_REQ_add1_attr_by_NID(X509_REQ *req,
|
|
int nid, int type,
|
|
const unsigned char *bytes, int len)
|
|
{
|
|
- if (X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
|
|
- type, bytes, len))
|
|
- return 1;
|
|
- return 0;
|
|
+ if (!X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
|
|
+ type, bytes, len))
|
|
+ return 0;
|
|
+ req->req_info.enc.modified = 1;
|
|
+ return 1;
|
|
}
|
|
|
|
int X509_REQ_add1_attr_by_txt(X509_REQ *req,
|
|
const char *attrname, int type,
|
|
const unsigned char *bytes, int len)
|
|
{
|
|
- if (X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
|
|
- type, bytes, len))
|
|
- return 1;
|
|
- return 0;
|
|
+ if (!X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
|
|
+ type, bytes, len))
|
|
+ return 0;
|
|
+ req->req_info.enc.modified = 1;
|
|
+ return 1;
|
|
}
|
|
|
|
long X509_REQ_get_version(const X509_REQ *req)
|
|
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
|
|
index a4e9cdaee8..ae061f234c 100644
|
|
--- a/crypto/x509/x_all.c
|
|
+++ b/crypto/x509/x_all.c
|
|
@@ -65,12 +65,14 @@ int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert)
|
|
|
|
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
|
|
{
|
|
+ x->req_info.enc.modified = 1;
|
|
return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
|
|
x->signature, &x->req_info, pkey, md));
|
|
}
|
|
|
|
int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
|
|
{
|
|
+ x->req_info.enc.modified = 1;
|
|
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
|
|
&x->sig_alg, NULL, x->signature, &x->req_info,
|
|
ctx);
|
|
--
|
|
2.17.1
|
|
|