tool: handle error conditions from signing with openssl 1.1

relates #164
This commit is contained in:
Klas Lindfors
2018-09-10 08:52:39 +02:00
parent d0ba708260
commit 696894bc68
+8 -2
View File
@@ -749,7 +749,10 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for
* to embed the sign_data function in the RSA/EC key structures */
wrap_public_key(state, algorithm, public_key, key);
X509_REQ_sign(req, public_key, md);
if(X509_REQ_sign(req, public_key, md) == 0) {
fprintf(stderr, "Failed signing request.\n");
goto request_out;
}
#endif
if(key_format == key_format_arg_PEM) {
@@ -952,7 +955,10 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
* to embed the sign_data function in the RSA/EC key structures */
wrap_public_key(state, algorithm, public_key, key);
X509_sign(x509, public_key, md);
if(X509_sign(x509, public_key, md) == 0) {
fprintf(stderr, "Failed signing certificate.\n");
goto selfsign_out;
}
#endif
if(key_format == key_format_arg_PEM) {