Browse Source

Check that the obtained public key is valid

In the X509 app check that the obtained public key is valid before we
attempt to use it.

Issue reported by Yuan Jochen Kang.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
master
Matt Caswell 6 years ago
parent
commit
c223c4a9ce
1 changed files with 4 additions and 0 deletions
  1. +4
    -0
      apps/x509.c

+ 4
- 0
apps/x509.c View File

@ -943,6 +943,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
EVP_PKEY *upkey;
upkey = X509_get0_pubkey(xca);
if (upkey == NULL) {
BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
goto end;
}
EVP_PKEY_copy_parameters(upkey, pkey);
xsc = X509_STORE_CTX_new();


Loading…
Cancel
Save