From 25c2ada8961316a699e3396ffea036b9248cf682 Mon Sep 17 00:00:00 2001
From: Bob Beck <beck@openssl.org>
Date: Thu, 12 Mar 2026 11:17:16 -0600
Subject: [PATCH] Clean up asn1/ca.c

 Collapse a bunch of type calls down to a local variable

Fixes: 29974

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Mar 16 11:27:08 2026
(Merged from https://github.com/openssl/openssl/pull/30397)
---
 apps/ca.c | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index 6ed1cefc05d..208d22286d0 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1505,28 +1505,31 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
 
     name = X509_REQ_get_subject_name(req);
     for (i = 0; i < X509_NAME_entry_count(name); i++) {
+        int type;
         ne = X509_NAME_get_entry(name, i);
         str = X509_NAME_ENTRY_get_data(ne);
         obj = X509_NAME_ENTRY_get_object(ne);
         nid = OBJ_obj2nid(obj);
+        type = ASN1_STRING_type(str);
 
         /* If no EMAIL is wanted in the subject */
         if (nid == NID_pkcs9_emailAddress && !email_dn)
             continue;
 
         /* check some things */
-        if (nid == NID_pkcs9_emailAddress && ASN1_STRING_type(str) != V_ASN1_IA5STRING) {
+        if (nid == NID_pkcs9_emailAddress && type != V_ASN1_IA5STRING) {
             BIO_puts(bio_err,
                 "\nemailAddress type needs to be of type IA5STRING\n");
             goto end;
         }
-        if (ASN1_STRING_type(str) != V_ASN1_BMPSTRING && ASN1_STRING_type(str) != V_ASN1_UTF8STRING) {
-            j = ASN1_PRINTABLE_type(ASN1_STRING_get0_data(str), ASN1_STRING_length(str));
-            if ((j == V_ASN1_T61STRING && ASN1_STRING_type(str) != V_ASN1_T61STRING) || (j == V_ASN1_IA5STRING && ASN1_STRING_type(str) == V_ASN1_PRINTABLESTRING)) {
-                BIO_puts(bio_err,
-                    "\nThe string contains characters that are illegal for the ASN.1 type\n");
-                goto end;
-            }
+        j = ASN1_PRINTABLE_type(ASN1_STRING_get0_data(str),
+            ASN1_STRING_length(str));
+        if ((type == V_ASN1_T61STRING && j != V_ASN1_T61STRING)
+            || (type == V_ASN1_IA5STRING && type == V_ASN1_PRINTABLESTRING)) {
+            BIO_puts(bio_err,
+                "\nThe string contains characters that are illegal for the"
+                " ASN.1 type\n");
+            goto end;
         }
 
         if (default_op)
-- 
2.47.3