summaryrefslogtreecommitdiffstats
path: root/crypto/asn1
AgeCommit message (Collapse)Author
2017-01-08clarify commentDr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
2017-01-08PSS ASN.1 methodDr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
2016-11-12Cast to an unsigned type before negatingKurt Roeckx
llvm's ubsan reported: runtime error: negation of -9223372036854775808 cannot be represented in type 'int64_t' (aka 'long'); cast to an unsigned type to negate this value to itself Found using libfuzzer Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1908
2016-11-10Don't set choice selector on parse failure.Dr. Stephen Henson
Don't set choice selector on parse failure: this can pass unexpected values to the choice callback. Instead free up partial structure directly. CVE-2016-7053 Thanks to Tyler Nighswander of ForAllSecure for reporting this issue. Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-03Convert asn1 selftests (a_strnid and ameth_lib) into internal testRichard Levitte
Reviewed-by: Emilia Käsper <emilia@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1789)
2016-10-28Create BIO_write_ex() which handles size_t argumentsMatt Caswell
Also extend BIO_METHOD to be able to supply an implementation for the new BIO_write_ex function. Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-28Create BIO_read_ex() which handles size_t argumentsMatt Caswell
Also extend BIO_METHOD to be able to supply an implementation for the new BIO_read function. Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-19Fix config option 'no-deprecated'Richard Levitte
crypto/asn1/asn1_item_list.c needed including dh.h and rsa.h directly. The reason is that they are not included by x509.h when configured 'no-deprecated' Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1741)
2016-10-18Fix strict-warnings buildPatrick Steuer
crypto/asn1/a_strex.c: Type of width variable in asn1_valid_host function needs to be changed from char to signed char to avoid build error due to '-Werror=type-limits'. Signed-off-by: Patrick Steuer <psteuer@mail.de> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> CLA: trivial
2016-10-17Fix embedded string handling.Dr. Stephen Henson
Don't rely on embedded flag to free strings correctly: it wont be set if there is a malloc failure during initialisation. Thanks to Guido Vranken for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1725)
2016-09-29Print <ABSENT> if a STACK is NULL.Dr. Stephen Henson
If a STACK (corresponding to SEQUENCE OF or SET OF) is NULL then the field is absent as opposed to empty (present but has zero elements). Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-29Add ASN1_ITEM lookup and enumerate functions.Dr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-22Add -Wswitch-enumRich Salz
Change code so when switching on an enumeration, have case's for all enumeration values. Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-08-23Constify a bit X509_NAME_get_entryFdaSilvaYY
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23Constify some X509_NAME, ASN1 printing codeFdaSilvaYY
ASN1_buf_print, asn1_print_*, X509_NAME_oneline, X509_NAME_print Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23Constify some inputs buffersFdaSilvaYY
remove useless cast to call ASN1_STRING_set Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23Constify ASN1_PCTX_*FdaSilvaYY
... add a static keyword. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23Ensure the mime_hdr_free function can handle NULLsMatt Caswell
Sometimes it is called with a NULL pointer Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-21Add X509_getm_notBefore, X509_getm_notAfterDr. Stephen Henson
Add mutable versions of X509_get0_notBefore and X509_get0_notAfter. Rename X509_SIG_get0_mutable to X509_SIG_getm. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-08-20Fix off by 1 in ASN1_STRING_set()Kurt Roeckx
Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #3176
2016-08-18Constify i2a*Dr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18Convert X509_REVOKED* functions to use const gettersMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-17Constify X509_SIG.Dr. Stephen Henson
Constify X509_SIG_get0() and order arguments to mactch new standard. Add X509_SIG_get0_mutable() to support modification or initialisation of an X509_SIG structure. Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17Convert X509* functions to use const gettersDr. Stephen Henson
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17Constify private key decode.Dr. Stephen Henson
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17constify X509_ALGOR_get0()Dr. Stephen Henson
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17Constify ASN1_item_unpack().Dr. Stephen Henson
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-16Convert PKCS8* functions to use const gettersMatt Caswell
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-16Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data().Dr. Stephen Henson
Deprecate the function ASN1_STRING_data() and replace with a new function ASN1_STRING_get0_data() which returns a constant pointer. Update library to use new function. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16Check for errors in a2d_ASN1_OBJECT()Dr. Stephen Henson
Check for error return in BN_div_word(). Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-13Add X25519 methods to internal tablesDr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05spelling fixes, just comments and readme.klemens
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
2016-08-05Free buffer in a2i_ASN1_INTEGER() on error path.Dr. Stephen Henson
Thank to Shi Lei for reporting this bug. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-04Constify ASN1_INTEGER_get, ASN1_ENUMERATED_getFdaSilvaYY
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02Check for overlows and error return from ASN1_object_size()Dr. Stephen Henson
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02Check for overflows in ASN1_object_size().Dr. Stephen Henson
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-25Enforce and explicit some const castingFdaSilvaYY
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25Constify i2t_ASN1_OBJECT, i2d_ASN1_OBJECT, i2a_ASN1_OBJECT.FdaSilvaYY
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25Constify ASN1_buf_printFdaSilvaYY
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25Constify ASN1_TYPE_get, ASN1_STRING_type, ASN1_STRING_to_UTF8, ↵FdaSilvaYY
ASN1_TYPE_get_octetstring & co... Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-20Cast to an unsigned type before negatingKurt Roeckx
llvm's ubsan reported: runtime error: negation of -9223372036854775808 cannot be represented in type 'long'; cast to an unsigned type to negate this value to itself Found using afl Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1325
2016-07-20Check for errors allocating the error strings.Kurt Roeckx
Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #1330
2016-07-19Check and print out boolean type properly.Dr. Stephen Henson
If underlying type is boolean don't check field is NULL. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-18Fix print of ASN.1 BIGNUM type.Dr. Stephen Henson
The ASN.1 BIGNUM type needs to be handled in a custom way as it is not a generic ASN1_STRING type. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-16Return error when trying to print invalid ASN1 integerKurt Roeckx
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1322
2016-07-11Add nameConstraints commonName checking.Dr. Stephen Henson
New hostname checking function asn1_valid_host() Check commonName entries against nameConstraints: any CN components in EE certificate which look like hostnames are checked against nameConstraints. Note that RFC5280 et al only require checking subject alt name against DNS name constraints. Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-06Don't indicate errors during initial adb decode.Dr. Stephen Henson
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-07-05Add checks on sk_TYPE_push() returned valueFdaSilvaYY
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-29Whitespace cleanup in cryptoFdaSilvaYY
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1264)
2016-06-24Avoid signed overflowKurt Roeckx
Found by afl Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #3013
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 03:05:57 +0000