diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-06-27 16:16:12 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-09-11 07:42:22 +0200 |
| commit | 1e41dadfa7b9f792ed0f4714a3d3d36f070cf30e (patch) | |
| tree | 3dae7b7b2ad8bf6e4db27dd8eb52230d7bdae1c1 /crypto/err | |
| parent | b0a4cbead384e2ac8dbb697795ace242e1b07c18 (diff) | |
Extend X509 cert checks and error reporting in v3_{purp,crld}.c and x509_{set,vfy}.c
add various checks for malformedness to static check_chain_extensions() in x509_vfc.c
improve error reporting of X509v3_cache_extensions() in v3_purp.c
add error reporting to x509_init_sig_info() in x509_set.c
improve static setup_dp() and related functions in v3_purp.c and v3_crld.c
add test case for non-conforming cert from https://tools.ietf.org/html/rfc8410#section-10.2
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12478)
Diffstat (limited to 'crypto/err')
| -rw-r--r-- | crypto/err/openssl.txt | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index df8a7af26c..d0ba9c47be 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -3487,6 +3487,7 @@ X509V3_R_BN_TO_ASN1_INTEGER_ERROR:101:bn to asn1 integer error X509V3_R_DIRNAME_ERROR:149:dirname error X509V3_R_DISTPOINT_ALREADY_SET:160:distpoint already set X509V3_R_DUPLICATE_ZONE_ID:133:duplicate zone id +X509V3_R_EMPTY_KEY_USAGE:169:empty key usage X509V3_R_ERROR_CONVERTING_ZONE:131:error converting zone X509V3_R_ERROR_CREATING_EXTENSION:144:error creating extension X509V3_R_ERROR_IN_EXTENSION:128:error in extension @@ -3501,6 +3502,7 @@ X509V3_R_INCORRECT_POLICY_SYNTAX_TAG:152:incorrect policy syntax tag X509V3_R_INVALID_ASNUMBER:162:invalid asnumber X509V3_R_INVALID_ASRANGE:163:invalid asrange X509V3_R_INVALID_BOOLEAN_STRING:104:invalid boolean string +X509V3_R_INVALID_CERTIFICATE:158:invalid certificate X509V3_R_INVALID_EMPTY_NAME:108:invalid empty name X509V3_R_INVALID_EXTENSION_STRING:105:invalid extension string X509V3_R_INVALID_INHERITANCE:165:invalid inheritance @@ -3522,6 +3524,7 @@ X509V3_R_INVALID_SYNTAX:143:invalid syntax X509V3_R_ISSUER_DECODE_ERROR:126:issuer decode error X509V3_R_MISSING_VALUE:124:missing value X509V3_R_NEED_ORGANIZATION_AND_NUMBERS:142:need organization and numbers +X509V3_R_NEGATIVE_PATHLEN:168:negative pathlen X509V3_R_NO_CONFIG_DATABASE:136:no config database X509V3_R_NO_ISSUER_CERTIFICATE:121:no issuer certificate X509V3_R_NO_ISSUER_DETAILS:127:no issuer details @@ -3557,9 +3560,12 @@ X509_R_CERTIFICATE_VERIFICATION_FAILED:139:certificate verification failed X509_R_CERT_ALREADY_IN_HASH_TABLE:101:cert already in hash table X509_R_CRL_ALREADY_DELTA:127:crl already delta X509_R_CRL_VERIFY_FAILURE:131:crl verify failure +X509_R_ERROR_GETTING_MD_BY_NID:141:error getting md by nid +X509_R_ERROR_USING_SIGINF_SET:142:error using siginf set X509_R_IDP_MISMATCH:128:idp mismatch X509_R_INVALID_ATTRIBUTES:138:invalid attributes X509_R_INVALID_DIRECTORY:113:invalid directory +X509_R_INVALID_DISTPOINT:143:invalid distpoint X509_R_INVALID_FIELD_NAME:119:invalid field name X509_R_INVALID_TRUST:123:invalid trust X509_R_ISSUER_MISMATCH:129:issuer mismatch @@ -3583,6 +3589,7 @@ X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY:108:unable to get certs public key X509_R_UNKNOWN_KEY_TYPE:117:unknown key type X509_R_UNKNOWN_NID:109:unknown nid X509_R_UNKNOWN_PURPOSE_ID:121:unknown purpose id +X509_R_UNKNOWN_SIGID_ALGS:144:unknown sigid algs X509_R_UNKNOWN_TRUST_ID:120:unknown trust id X509_R_UNSUPPORTED_ALGORITHM:111:unsupported algorithm X509_R_WRONG_LOOKUP_TYPE:112:wrong lookup type |