Skip to content

Commit

Permalink
X509 x509_req.c: Set 'modified' flag when X509_req_info_st member dat…
Browse files Browse the repository at this point in the history 
…a updated

We need to reencode X509_req_info_st if member data updated.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from #18879)
  • Loading branch information
@gibeom-gwon @DDvO
gibeom-gwon authored and DDvO committed Sep 24, 2022
1 parent 6e6aad3 commit 002cf9a
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 16 deletions.
40 changes: 24 additions & 16 deletions crypto/x509/x509_req.c
View file
Expand Up @@ -229,44 +229,52 @@ X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)

X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
{
return X509at_delete_attr(req->req_info.attributes, loc);
X509_ATTRIBUTE *attr = X509at_delete_attr(req->req_info.attributes, loc);

if (attr != NULL)
req->req_info.enc.modified = 1;
return attr;
}

int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
{
if (X509at_add1_attr(&req->req_info.attributes, attr))
return 1;
return 0;
if (!X509at_add1_attr(&req->req_info.attributes, attr))
return 0;
req->req_info.enc.modified = 1;
return 1;
}

int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
const ASN1_OBJECT *obj, int type,
const unsigned char *bytes, int len)
{
if (X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
type, bytes, len))
return 1;
return 0;
if (!X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
type, bytes, len))
return 0;
req->req_info.enc.modified = 1;
return 1;
}

int X509_REQ_add1_attr_by_NID(X509_REQ *req,
int nid, int type,
const unsigned char *bytes, int len)
{
if (X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
type, bytes, len))
return 1;
return 0;
if (!X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
type, bytes, len))
return 0;
req->req_info.enc.modified = 1;
return 1;
}

int X509_REQ_add1_attr_by_txt(X509_REQ *req,
const char *attrname, int type,
const unsigned char *bytes, int len)
{
if (X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
type, bytes, len))
return 1;
return 0;
if (!X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
type, bytes, len))
return 0;
req->req_info.enc.modified = 1;
return 1;
}

long X509_REQ_get_version(const X509_REQ *req)
Expand Down
2 changes: 2 additions & 0 deletions crypto/x509/x_all.c
View file
Expand Up @@ -65,12 +65,14 @@ int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert)

int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
{
x->req_info.enc.modified = 1;
return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
x->signature, &x->req_info, pkey, md));
}

int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
{
x->req_info.enc.modified = 1;
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
&x->sig_alg, NULL, x->signature, &x->req_info,
ctx);
Expand Down

0 comments on commit 002cf9a

Please sign in to comment.