diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-11-25 13:10:13 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-11-25 13:10:13 +0000 |
| commit | d0debf75b22693bcda65ab13c8406f0c9f30f324 (patch) | |
| tree | c110e63a88ba34cad96e7fc347d1d8054680d40f | |
| parent | cdd3260ea9090ae299b3ac32cc9d0c85ad9393ec (diff) | |
| download | gnutls-d0debf75b22693bcda65ab13c8406f0c9f30f324.tar.gz | |
*** empty log message ***
| -rw-r--r-- | lib/x509/crq.c | 9 | ||||
| -rw-r--r-- | lib/x509/sign.c | 2 | ||||
| -rw-r--r-- | lib/x509/x509_write.c | 47 |
3 files changed, 51 insertions, 7 deletions
diff --git a/lib/x509/crq.c b/lib/x509/crq.c index 6f949604db..07938ccab1 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -460,15 +460,16 @@ int gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq crq, const char* oid, int gnutls_x509_crq_set_version(gnutls_x509_crq crq, unsigned int version) { int result; -char null = version - 1; +char null = version; - if (null < 0) null = 0; - if (crq==NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } + null -= 1; + if (null < 0) null = 0; + result = asn1_write_value( crq->crq, "certificationRequestInfo.version", &null, 1); if (result != ASN1_SUCCESS) { gnutls_assert(); @@ -492,7 +493,7 @@ int gnutls_x509_crq_get_version(gnutls_x509_crq crq) opaque version[5]; int len, result; - if (cert==NULL) { + if (crq==NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } diff --git a/lib/x509/sign.c b/lib/x509/sign.c index d1708121db..3a45b0ecb1 100644 --- a/lib/x509/sign.c +++ b/lib/x509/sign.c @@ -171,7 +171,6 @@ int ret; switch( signer->pk_algorithm) { case GNUTLS_PK_RSA: - ret = _pkcs1_rsa_sign( hash, tbs, signer->params, signer->params_size, signature); if (ret < 0) { @@ -180,7 +179,6 @@ int ret; } return 0; break; - case GNUTLS_PK_DSA: ret = _gnutls_dsa_sign( signature, tbs, signer->params, signer->params_size); if (ret < 0) { diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index dff142b3a1..77e59d2b10 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -122,8 +122,14 @@ int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt crt, const char* oid, int gnutls_x509_crt_set_version(gnutls_x509_crt crt, unsigned int version) { int result; -char null = version - 1; +char null = version; + if (crt==NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + null -= 1; if (null < 0) null = 0; result = asn1_write_value( crt->cert, "tbsCertificate.version", &null, 1); @@ -150,6 +156,11 @@ int gnutls_x509_crt_set_key(gnutls_x509_crt crt, gnutls_x509_privkey key) { int result; + if (crt==NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + result = _gnutls_x509_encode_and_copy_PKI_params( crt->cert, "tbsCertificate.subjectPublicKeyInfo", key->pk_algorithm, key->params, key->params_size); @@ -178,6 +189,11 @@ int gnutls_x509_crt_set_crq(gnutls_x509_crt crt, gnutls_x509_crq crq) int result; int pk_algorithm; + if (crt==NULL || crq == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + pk_algorithm = gnutls_x509_crq_get_pk_algorithm( crq, NULL); if (pk_algorithm != GNUTLS_PK_RSA) { @@ -218,6 +234,11 @@ int gnutls_x509_crt_set_ca_status(gnutls_x509_crt crt, unsigned int ca) int result; gnutls_datum der_data; + if (crt==NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + /* generate the extension. */ result = _gnutls_x509_ext_gen_basicConstraints( ca, &der_data); @@ -259,6 +280,11 @@ gnutls_datum der_data; gnutls_datum dnsname; unsigned int critical; + if (crt==NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + /* Check if the extension already exists. */ result = _gnutls_x509_crt_get_extension(crt, "2.5.29.17", 0, &dnsname, &critical); @@ -313,6 +339,11 @@ int result; gnutls_datum signature; const char* pk; + if (crt==NULL || issuer == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + if (issuer_key->pk_algorithm != GNUTLS_PK_RSA) { gnutls_assert(); return GNUTLS_E_UNIMPLEMENTED_FEATURE; @@ -419,6 +450,11 @@ const char* pk; **/ int gnutls_x509_crt_set_activation_time(gnutls_x509_crt cert, time_t act_time) { + if (cert==NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + return _gnutls_x509_set_time( cert->cert, "tbsCertificate.validity.notBefore", act_time); } @@ -434,6 +470,10 @@ int gnutls_x509_crt_set_activation_time(gnutls_x509_crt cert, time_t act_time) **/ int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt cert, time_t exp_time) { + if (cert==NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } return _gnutls_x509_set_time( cert->cert, "tbsCertificate.validity.notAfter", exp_time); } @@ -456,6 +496,11 @@ int gnutls_x509_crt_set_serial(gnutls_x509_crt cert, const unsigned char* serial { int ret; + if (cert==NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + if ((ret = asn1_write_value(cert->cert, "tbsCertificate.serialNumber", serial, serial_size)) < 0) { gnutls_assert(); |