tool: handle error conditions from signing with openssl 1.1
relates #164
This commit is contained in:
@@ -749,7 +749,10 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for
|
|||||||
* to embed the sign_data function in the RSA/EC key structures */
|
* to embed the sign_data function in the RSA/EC key structures */
|
||||||
wrap_public_key(state, algorithm, public_key, key);
|
wrap_public_key(state, algorithm, public_key, key);
|
||||||
|
|
||||||
X509_REQ_sign(req, public_key, md);
|
if(X509_REQ_sign(req, public_key, md) == 0) {
|
||||||
|
fprintf(stderr, "Failed signing request.\n");
|
||||||
|
goto request_out;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(key_format == key_format_arg_PEM) {
|
if(key_format == key_format_arg_PEM) {
|
||||||
@@ -952,7 +955,10 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
|
|||||||
* to embed the sign_data function in the RSA/EC key structures */
|
* to embed the sign_data function in the RSA/EC key structures */
|
||||||
wrap_public_key(state, algorithm, public_key, key);
|
wrap_public_key(state, algorithm, public_key, key);
|
||||||
|
|
||||||
X509_sign(x509, public_key, md);
|
if(X509_sign(x509, public_key, md) == 0) {
|
||||||
|
fprintf(stderr, "Failed signing certificate.\n");
|
||||||
|
goto selfsign_out;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(key_format == key_format_arg_PEM) {
|
if(key_format == key_format_arg_PEM) {
|
||||||
|
|||||||
Reference in New Issue
Block a user