openbsd/src/lib/libcrypto/asn1, branch OPENBSD_7

openbsd/src/lib/libcrypto/asn1, branch OPENBSD_7_2 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_2 2022-10-20T09:47:01+00:00 Unbreak ASN.1 indefinite length encoding. 2022-10-20T09:47:01+00:00 tb 2022-10-20T09:47:01+00:00 urn:sha1:83249055024eb55369c80ad88645d5d52b8eeae6 In r1.25 of tasn_enc.c a check was added to ensure that asn1_ex_i2c() returned the same value on both calls, however in the ndef case the len variable gets changed between calls. Keep a copy of the original value to test against. Issue reported by niklas, who encountered a test failure in rust-openssl. ok miod@ tb@; from jsing This is errata/7.2/002_asn1.patch.sig Remove c2i_* and i2c_* from public visibility 2022-09-11T17:22:52+00:00 tb 2022-09-11T17:22:52+00:00 urn:sha1:99e5fa5e76aa13416d576f1ffb36ea8b34583104 This removes c2i_ASN1_OBJECT(), {c2i,i2c}_ASN1_BIT_STRING() and {c2i,i2c}_ASN1_INTEGER(). These are not part of the OpenSSL 1.1 API and should never have been exposed in the first place. ok jsing Rewrap some lines, no functional change. 2022-09-03T19:15:23+00:00 jsing 2022-09-03T19:15:23+00:00 urn:sha1:342f427b1a6d58fc14c600c8637aa4c596c5cbc6 Tidy up asn1_c2i_primitive() slightly. 2022-09-03T19:14:25+00:00 jsing 2022-09-03T19:14:25+00:00 urn:sha1:8cad336dab4df4333789129c2f4bb10474fcca45 Rename some variables and consistently goto error. ok tb@ Avoid recycling ASN1_STRINGs when decoding ASN.1. 2022-09-03T19:11:45+00:00 jsing 2022-09-03T19:11:45+00:00 urn:sha1:a635ecd2ba59779557af0f37be073d44b86f2437 Rather than recycling an existing ASN1_STRING and changing its type, free it and allocate a replacement. This simplifies the code and potentially avoids bugs resulting from reuse. ok tb@ Remove duplicate prototype that just snuck in. 2022-09-03T18:59:09+00:00 jsing 2022-09-03T18:59:09+00:00 urn:sha1:5e6b98a5d9de6bb26247e74f5ff1b808b632f8a0 Ensure ASN.1 types are appropriately encoded. 2022-09-03T18:52:18+00:00 jsing 2022-09-03T18:52:18+00:00 urn:sha1:b283f6131f8170e90b456bc531cde0fdfc878eec Per X.690, some ASN.1 types must be primitive encoded, some must be constructed and some may be either. Add this data to our types table and check the encoding against this information when decoding. ok tb@ Provide c2i_ASN1_ENUMERATED_cbs() and call it from asn1_c2i_primitive(). 2022-09-03T18:45:51+00:00 jsing 2022-09-03T18:45:51+00:00 urn:sha1:fb18e75fc234776f661aad4dd12a912ff1f62763 This avoids asn1_c2i_primitive() from needing knowledge about the internals of ASN1_INTEGER and ASN1_ENUMERATED. ok tb@ Stop using CBIGNUM_it internal to libcrypto. 2022-09-03T16:01:23+00:00 jsing 2022-09-03T16:01:23+00:00 urn:sha1:2b62b98b944c0df9fbd9e41e33ea96b45b98e84b CBIGNUM_it is supposed to be the "clear bignum" or "secure" bignum - that is one which zeros its memory after use and ensures that the constant time flags are set... in LibreSSL we always do both of these things for BIGNUMs, so just use BIGNUM_it instead. ok tb@ Plug memory leak in X509_REQ_print_ex() 2022-08-30T08:45:06+00:00 tb 2022-08-30T08:45:06+00:00 urn:sha1:bc8ac59b78f59476b8997f492a28783b7724db15 CID 356353 ok jsing