|
@@ -228,6 +228,7 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
|
|
|
msg = ossl_cmp_certrep_new(srv_ctx->ctx, bodytype, certReqId, si,
|
|
|
certOut, NULL /* enc */, chainOut, caPubs,
|
|
|
srv_ctx->sendUnprotectedErrors);
|
|
|
+ /* When supporting OSSL_CRMF_POPO_KEYENC, "enc" will need to be set */
|
|
|
if (msg == NULL)
|
|
|
ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_CREATING_CERTREP);
|
|
|
|
|
@@ -553,6 +554,7 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
|
|
|
rsp = process_pollReq(srv_ctx, req);
|
|
|
break;
|
|
|
default:
|
|
|
+ /* Other request message types are not supported */
|
|
|
ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_PKIBODY);
|
|
|
break;
|
|
|
}
|
|
@@ -564,6 +566,7 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
|
|
|
int flags = 0;
|
|
|
unsigned long err = ERR_peek_error_data(&data, &flags);
|
|
|
int fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_badRequest;
|
|
|
+ /* fail_info is not very specific */
|
|
|
OSSL_CMP_PKISI *si = NULL;
|
|
|
|
|
|
if (ctx->transactionID == NULL) {
|
|
@@ -607,6 +610,8 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
|
|
|
case OSSL_CMP_PKIBODY_PKICONF:
|
|
|
case OSSL_CMP_PKIBODY_GENP:
|
|
|
case OSSL_CMP_PKIBODY_ERROR:
|
|
|
+ /* Other terminating response message types are not supported */
|
|
|
+ /* Prepare for next transaction, ignoring any errors here: */
|
|
|
(void)OSSL_CMP_CTX_set1_transactionID(ctx, NULL);
|
|
|
(void)OSSL_CMP_CTX_set1_senderNonce(ctx, NULL);
|
|
|
ctx->status = OSSL_CMP_PKISTATUS_unspecified; /* transaction closed */
|