zero unused bits.
Changes between 0.9.1c and 0.9.2
+ *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
+ BIT STRING wrapper always have zero unused bits.
+ [Steve Henson]
+
*) Add CA.pl, perl version of CA.sh, add extended key usage OID.
[Steve Henson]
}
}
- if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
pktmp=X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
!EVP_PKEY_missing_parameters(pkey))
p=s;
i2d_PublicKey(pkey,&p);
if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
+ /* Set number of unused bits to zero */
+ pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+ pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
+
Free(s);
CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);