From: Richard Levitte Date: Sat, 17 Mar 2018 11:30:47 +0000 (+0100) Subject: ts_RESP_sign: Don't try to use v2 signing when ESS digest isn't set X-Git-Tag: OpenSSL_1_1_1-pre3~46 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d597208c034722d09612c805e4894b0019bdd710;p=oweals%2Fopenssl.git ts_RESP_sign: Don't try to use v2 signing when ESS digest isn't set Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5653) --- diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c index 6569956285..ba9d53d00b 100644 --- a/crypto/ts/ts_rsp_sign.c +++ b/crypto/ts/ts_rsp_sign.c @@ -678,7 +678,8 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx) } certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL; - if (ctx->ess_cert_id_digest == EVP_sha1()) { + if (ctx->ess_cert_id_digest == NULL + || ctx->ess_cert_id_digest == EVP_sha1()) { if ((sc = ess_SIGNING_CERT_new_init(ctx->signer_cert, certs)) == NULL) goto err;