openbsd/src/lib/libcrypto/asn1, branch libressl-v3.2.2

openbsd/src/lib/libcrypto/asn1, branch libressl-v3.2.2 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.2.2 2020-09-03T17:29:05+00:00 Clean up asn1/x_info.c 2020-09-03T17:29:05+00:00 tb 2020-09-03T17:29:05+00:00 urn:sha1:992067d5cd15deed65484ab2fc52daa60bb44f7a Instead of using malloc(3) and manually setting part of the structure to zero, part to something else and leaving the rest uninitialized, we can benefit from the fact that there's this thing called calloc(3). Moreover, all variants of free(3) in libcrypto are NULL safe. ok beck inoguchi Remove unnecessary zeroing after recallocarray(3) 2020-09-03T17:19:27+00:00 tb 2020-09-03T17:19:27+00:00 urn:sha1:8324cf873726c94960d258de10aa9deb95117e9c Zap a memset that was redundant since OpenSSL 0.97b was merged by markus in 2003. Nowadays it's otto's recallocarray(3) that does the zeroing. ok beck inoguchi otto PS: ASN1_BIT_STRING_set_bit(3) was committed on Dec 21 1998 by Ralf S. Engelschnall and used this bizarre allocation idiom: if (a->data == NULL) c=(unsigned char *)Malloc(w+1); else c=(unsigned char *)Realloc(a->data,w+1); People complained about Malloc, Realloc and Free being used elsewhere, so on Jun 1 2000, Richarde Levitte swept the OpenSSL tree and it became this. if (a->data == NULL) c=(unsigned char *)OPENSSL_malloc(w+1); else c=(unsigned char *)OPENSSL_realloc(a->data,w+1); Then it was found that existing data should be cleaned, and on Nov 13 2002 Ben Laurie changed the last line to c=(unsigned char *)OPENSSL_realloc_clean(a->data, a->length, w+1); When X509_ATTRIBUTE_create() receives an invalid NID (e.g., -1), return 2020-06-04T21:21:03+00:00 schwarze 2020-06-04T21:21:03+00:00 urn:sha1:be3505dc014b9b7022575b6fe4f9c78c2080281c failure rather than silently constructing a broken X509_ATTRIBUTE object that might cause NULL pointer accesses later on. This matters because X509_ATTRIBUTE_create() is used by documented API functions like PKCS7_add_attribute(3) and the NID comes straight from the user. This fixes a bug found while working on documentation. OK tb@ and "thanks" bluhm@ When printing the serialNumber, fall back to the colon separated hex 2020-04-10T07:05:24+00:00 tb 2020-04-10T07:05:24+00:00 urn:sha1:4689dc5a48a9c21efc191442a6cc826034785951 bytes in case ASN1_INTEGER_get() failed. This happens more often since asn1/a_int.c -r1.34. Matches OpenSSL behavior. Issue in openssl x509 -text output reported by sthen ok jsing sthen Fix ASN1 print functions 2020-03-24T10:46:38+00:00 inoguchi 2020-03-24T10:46:38+00:00 urn:sha1:eacf3461605a07f186ea238b0a1a1a26cf1aa9ea Check and print out boolean type properly. Based on OpenSSL commit ad72d9fdf7709ddb97a58d7d45d755e6e0504b96. Reduced unneeded parentheses from if condition. Check return value from i2s_ASN1_INTEGER. Based on OpenSSL commit 5e3553c2de9a365479324b8ba8b998f0cce3e527. Added if condition expression and return 0 if NULL is returned. ok tb@ Avoid leak in error path of asn1_parse2 2020-01-09T11:27:21+00:00 inoguchi 2020-01-09T11:27:21+00:00 urn:sha1:8b9f481b47fe0f92f73f2dfab84982ebc9010790 ok tb@ Sort standard_methods by pkey_id. 2019-11-02T16:06:25+00:00 inoguchi 2019-11-02T16:06:25+00:00 urn:sha1:ff09486d906c9da98b73480e4369dffd30b13a4d ok jsing@ Wire up ASN.1 methods for RSA-PSS. 2019-11-01T15:08:36+00:00 jsing 2019-11-01T15:08:36+00:00 urn:sha1:98c2dc0c0d57c87ed8521348977e85f15b5e0027 ok tb@ Provide ASN1_TYPE_{,un}pack_sequence(). 2019-10-24T16:36:10+00:00 jsing 2019-10-24T16:36:10+00:00 urn:sha1:60d6d093dd86325c7bf85fa13fdad5e0e2c65b98 These are internal only for now. Based on OpenSSL 1.1.1d. ok inoguchi@ Add static_ASN1_* macro 2019-08-20T13:10:09+00:00 inoguchi 2019-08-20T13:10:09+00:00 urn:sha1:f000b328c69a5b2a7836e2ee4437a5a052ce3a1a - Add static_ASN1_* macro. Patch was provided by steils AT gentoo.org