summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1
diff options
context:
space:
mode:
authordjm <>2005-04-29 05:39:33 +0000
committerdjm <>2005-04-29 05:39:33 +0000
commit68edd00d9258df93b1366c71ac124e0cadf7bc08 (patch)
tree3ce4ae2a9747bbc11aed1f95f9bbea92c41f8683 /src/lib/libcrypto/asn1
parentf396ed0f5ce0af56bfde2e75e15cf1f52924c779 (diff)
downloadopenbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.gz
openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.bz2
openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.zip
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/asn1')
-rw-r--r--src/lib/libcrypto/asn1/a_bitstr.c8
-rw-r--r--src/lib/libcrypto/asn1/a_digest.c7
-rw-r--r--src/lib/libcrypto/asn1/a_enum.c2
-rw-r--r--src/lib/libcrypto/asn1/a_gentm.c12
-rw-r--r--src/lib/libcrypto/asn1/a_int.c21
-rw-r--r--src/lib/libcrypto/asn1/a_print.c2
-rw-r--r--src/lib/libcrypto/asn1/a_set.c23
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c9
-rw-r--r--src/lib/libcrypto/asn1/a_type.c5
-rw-r--r--src/lib/libcrypto/asn1/a_utctm.c11
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c8
-rw-r--r--src/lib/libcrypto/asn1/asn1.h8
-rw-r--r--src/lib/libcrypto/asn1/asn1_err.c8
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c1
-rw-r--r--src/lib/libcrypto/asn1/evp_asn1.c6
-rw-r--r--src/lib/libcrypto/asn1/p5_pbe.c26
-rw-r--r--src/lib/libcrypto/asn1/p5_pbev2.c6
-rw-r--r--src/lib/libcrypto/asn1/t_bitst.c5
-rw-r--r--src/lib/libcrypto/asn1/x_crl.c40
-rw-r--r--src/lib/libcrypto/asn1/x_name.c19
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c50
21 files changed, 191 insertions, 86 deletions
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c
index f4ea96cd54..b81bf4fc81 100644
--- a/src/lib/libcrypto/asn1/a_bitstr.c
+++ b/src/lib/libcrypto/asn1/a_bitstr.c
@@ -194,8 +194,12 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
194 c=(unsigned char *)OPENSSL_realloc_clean(a->data, 194 c=(unsigned char *)OPENSSL_realloc_clean(a->data,
195 a->length, 195 a->length,
196 w+1); 196 w+1);
197 if (c == NULL) return(0); 197 if (c == NULL)
198 if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); 198 {
199 ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT,ERR_R_MALLOC_FAILURE);
200 return 0;
201 }
202 if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
199 a->data=c; 203 a->data=c;
200 a->length=w+1; 204 a->length=w+1;
201 } 205 }
diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c
index 4931e222a0..7182e9fa5d 100644
--- a/src/lib/libcrypto/asn1/a_digest.c
+++ b/src/lib/libcrypto/asn1/a_digest.c
@@ -65,6 +65,7 @@
65# include <sys/types.h> 65# include <sys/types.h>
66#endif 66#endif
67 67
68#include <openssl/err.h>
68#include <openssl/evp.h> 69#include <openssl/evp.h>
69#include <openssl/buffer.h> 70#include <openssl/buffer.h>
70#include <openssl/x509.h> 71#include <openssl/x509.h>
@@ -78,7 +79,11 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
78 unsigned char *str,*p; 79 unsigned char *str,*p;
79 80
80 i=i2d(data,NULL); 81 i=i2d(data,NULL);
81 if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0); 82 if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL)
83 {
84 ASN1err(ASN1_F_ASN1_DIGEST,ERR_R_MALLOC_FAILURE);
85 return(0);
86 }
82 p=str; 87 p=str;
83 i2d(data,&p); 88 i2d(data,&p);
84 89
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c
index ad8f0ffd1a..03ede68d1c 100644
--- a/src/lib/libcrypto/asn1/a_enum.c
+++ b/src/lib/libcrypto/asn1/a_enum.c
@@ -156,7 +156,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
156 unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); 156 unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
157 if (!new_data) 157 if (!new_data)
158 { 158 {
159 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); 159 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
160 goto err; 160 goto err;
161 } 161 }
162 ret->data=new_data; 162 ret->data=new_data;
diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c
index 8581007868..0dfd576211 100644
--- a/src/lib/libcrypto/asn1/a_gentm.c
+++ b/src/lib/libcrypto/asn1/a_gentm.c
@@ -192,8 +192,9 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str)
192 { 192 {
193 if (s != NULL) 193 if (s != NULL)
194 { 194 {
195 ASN1_STRING_set((ASN1_STRING *)s, 195 if (!ASN1_STRING_set((ASN1_STRING *)s,
196 (unsigned char *)str,t.length); 196 (unsigned char *)str,t.length))
197 return 0;
197 s->type=V_ASN1_GENERALIZEDTIME; 198 s->type=V_ASN1_GENERALIZEDTIME;
198 } 199 }
199 return(1); 200 return(1);
@@ -223,7 +224,12 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
223 if ((p == NULL) || ((size_t)s->length < len)) 224 if ((p == NULL) || ((size_t)s->length < len))
224 { 225 {
225 p=OPENSSL_malloc(len); 226 p=OPENSSL_malloc(len);
226 if (p == NULL) return(NULL); 227 if (p == NULL)
228 {
229 ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_SET,
230 ERR_R_MALLOC_FAILURE);
231 return(NULL);
232 }
227 if (s->data != NULL) 233 if (s->data != NULL)
228 OPENSSL_free(s->data); 234 OPENSSL_free(s->data);
229 s->data=(unsigned char *)p; 235 s->data=(unsigned char *)p;
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index edb243c021..21cc64bb23 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -64,7 +64,26 @@ ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
64{ return M_ASN1_INTEGER_dup(x);} 64{ return M_ASN1_INTEGER_dup(x);}
65 65
66int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y) 66int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
67{ return M_ASN1_INTEGER_cmp(x,y);} 67 {
68 int neg, ret;
69 /* Compare signs */
70 neg = x->type & V_ASN1_NEG;
71 if (neg != (y->type & V_ASN1_NEG))
72 {
73 if (neg)
74 return -1;
75 else
76 return 1;
77 }
78
79 ret = ASN1_STRING_cmp(x, y);
80
81 if (neg)
82 return -ret;
83 else
84 return ret;
85 }
86
68 87
69/* 88/*
70 * This converts an ASN1 INTEGER into its content encoding. 89 * This converts an ASN1 INTEGER into its content encoding.
diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c
index 8035513f04..d18e772320 100644
--- a/src/lib/libcrypto/asn1/a_print.c
+++ b/src/lib/libcrypto/asn1/a_print.c
@@ -60,7 +60,7 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62 62
63int ASN1_PRINTABLE_type(unsigned char *s, int len) 63int ASN1_PRINTABLE_type(const unsigned char *s, int len)
64 { 64 {
65 int c; 65 int c;
66 int ia5=0; 66 int ia5=0;
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c
index 0f839822ff..e24061c545 100644
--- a/src/lib/libcrypto/asn1/a_set.c
+++ b/src/lib/libcrypto/asn1/a_set.c
@@ -118,8 +118,13 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
118 } 118 }
119 119
120 pStart = p; /* Catch the beg of Setblobs*/ 120 pStart = p; /* Catch the beg of Setblobs*/
121 if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array 121 /* In this array we will store the SET blobs */
122we will store the SET blobs */ 122 rgSetBlob = (MYBLOB *)OPENSSL_malloc(sk_num(a) * sizeof(MYBLOB));
123 if (rgSetBlob == NULL)
124 {
125 ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
126 return(0);
127 }
123 128
124 for (i=0; i<sk_num(a); i++) 129 for (i=0; i<sk_num(a); i++)
125 { 130 {
@@ -135,7 +140,11 @@ SetBlob
135 /* Now we have to sort the blobs. I am using a simple algo. 140 /* Now we have to sort the blobs. I am using a simple algo.
136 *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/ 141 *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
137 qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp); 142 qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
138 if (!(pTempMem = OPENSSL_malloc(totSize))) return 0; 143 if (!(pTempMem = OPENSSL_malloc(totSize)))
144 {
145 ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
146 return(0);
147 }
139 148
140/* Copy to temp mem */ 149/* Copy to temp mem */
141 p = pTempMem; 150 p = pTempMem;
@@ -160,7 +169,13 @@ STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
160 STACK *ret=NULL; 169 STACK *ret=NULL;
161 170
162 if ((a == NULL) || ((*a) == NULL)) 171 if ((a == NULL) || ((*a) == NULL))
163 { if ((ret=sk_new_null()) == NULL) goto err; } 172 {
173 if ((ret=sk_new_null()) == NULL)
174 {
175 ASN1err(ASN1_F_D2I_ASN1_SET,ERR_R_MALLOC_FAILURE);
176 goto err;
177 }
178 }
164 else 179 else
165 ret=(*a); 180 ret=(*a);
166 181
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index bde666a6ff..a07122ba47 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -553,7 +553,12 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
553 if((type < 0) || (type > 30)) return -1; 553 if((type < 0) || (type > 30)) return -1;
554 mbflag = tag2nbyte[type]; 554 mbflag = tag2nbyte[type];
555 if(mbflag == -1) return -1; 555 if(mbflag == -1) return -1;
556 mbflag |= MBSTRING_FLAG; 556 if (mbflag == 0)
557 mbflag = MBSTRING_UTF8;
558 else if (mbflag == 4)
559 mbflag = MBSTRING_UNIV;
560 else
561 mbflag |= MBSTRING_FLAG;
557 stmp.data = NULL; 562 stmp.data = NULL;
558 ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); 563 ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
559 if(ret < 0) return ret; 564 if(ret < 0) return ret;
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
index fe3fcd40b0..2292d49b93 100644
--- a/src/lib/libcrypto/asn1/a_type.c
+++ b/src/lib/libcrypto/asn1/a_type.c
@@ -71,7 +71,10 @@ int ASN1_TYPE_get(ASN1_TYPE *a)
71void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) 71void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
72 { 72 {
73 if (a->value.ptr != NULL) 73 if (a->value.ptr != NULL)
74 ASN1_primitive_free((ASN1_VALUE **)&a, NULL); 74 {
75 ASN1_TYPE **tmp_a = &a;
76 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
77 }
75 a->type=type; 78 a->type=type;
76 a->value.ptr=value; 79 a->value.ptr=value;
77 } 80 }
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c
index 999852dae5..7b25fed331 100644
--- a/src/lib/libcrypto/asn1/a_utctm.c
+++ b/src/lib/libcrypto/asn1/a_utctm.c
@@ -173,8 +173,9 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str)
173 { 173 {
174 if (s != NULL) 174 if (s != NULL)
175 { 175 {
176 ASN1_STRING_set((ASN1_STRING *)s, 176 if (!ASN1_STRING_set((ASN1_STRING *)s,
177 (unsigned char *)str,t.length); 177 (unsigned char *)str,t.length))
178 return 0;
178 s->type = V_ASN1_UTCTIME; 179 s->type = V_ASN1_UTCTIME;
179 } 180 }
180 return(1); 181 return(1);
@@ -203,7 +204,11 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
203 if ((p == NULL) || ((size_t)s->length < len)) 204 if ((p == NULL) || ((size_t)s->length < len))
204 { 205 {
205 p=OPENSSL_malloc(len); 206 p=OPENSSL_malloc(len);
206 if (p == NULL) return(NULL); 207 if (p == NULL)
208 {
209 ASN1err(ASN1_F_ASN1_UTCTIME_SET,ERR_R_MALLOC_FAILURE);
210 return(NULL);
211 }
207 if (s->data != NULL) 212 if (s->data != NULL)
208 OPENSSL_free(s->data); 213 OPENSSL_free(s->data);
209 s->data=(unsigned char *)p; 214 s->data=(unsigned char *)p;
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
index da2a0a6d69..18ef0acf00 100644
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ b/src/lib/libcrypto/asn1/a_verify.c
@@ -142,6 +142,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
142 goto err; 142 goto err;
143 } 143 }
144 144
145 if (!EVP_VerifyInit_ex(&ctx,type, NULL))
146 {
147 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
148 ret=0;
149 goto err;
150 }
151
145 inl = ASN1_item_i2d(asn, &buf_in, it); 152 inl = ASN1_item_i2d(asn, &buf_in, it);
146 153
147 if (buf_in == NULL) 154 if (buf_in == NULL)
@@ -150,7 +157,6 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
150 goto err; 157 goto err;
151 } 158 }
152 159
153 EVP_VerifyInit_ex(&ctx,type, NULL);
154 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); 160 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
155 161
156 OPENSSL_cleanse(buf_in,(unsigned int)inl); 162 OPENSSL_cleanse(buf_in,(unsigned int)inl);
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
index 3414509f1b..ceaeb4cbe3 100644
--- a/src/lib/libcrypto/asn1/asn1.h
+++ b/src/lib/libcrypto/asn1/asn1.h
@@ -829,7 +829,7 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
829 829
830/* General */ 830/* General */
831/* given a string, return the correct type, max is the maximum length */ 831/* given a string, return the correct type, max is the maximum length */
832int ASN1_PRINTABLE_type(unsigned char *s, int max); 832int ASN1_PRINTABLE_type(const unsigned char *s, int max);
833 833
834int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); 834int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
835ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, 835ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
@@ -950,16 +950,19 @@ void ERR_load_ASN1_strings(void);
950#define ASN1_F_A2I_ASN1_ENUMERATED 101 950#define ASN1_F_A2I_ASN1_ENUMERATED 101
951#define ASN1_F_A2I_ASN1_INTEGER 102 951#define ASN1_F_A2I_ASN1_INTEGER 102
952#define ASN1_F_A2I_ASN1_STRING 103 952#define ASN1_F_A2I_ASN1_STRING 103
953#define ASN1_F_ASN1_BIT_STRING_SET_BIT 176
953#define ASN1_F_ASN1_CHECK_TLEN 104 954#define ASN1_F_ASN1_CHECK_TLEN 104
954#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 955#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
955#define ASN1_F_ASN1_COLLECT 106 956#define ASN1_F_ASN1_COLLECT 106
956#define ASN1_F_ASN1_D2I_BIO 107 957#define ASN1_F_ASN1_D2I_BIO 107
957#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 958#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
958#define ASN1_F_ASN1_D2I_FP 109 959#define ASN1_F_ASN1_D2I_FP 109
960#define ASN1_F_ASN1_DIGEST 177
959#define ASN1_F_ASN1_DO_ADB 110 961#define ASN1_F_ASN1_DO_ADB 110
960#define ASN1_F_ASN1_DUP 111 962#define ASN1_F_ASN1_DUP 111
961#define ASN1_F_ASN1_ENUMERATED_SET 112 963#define ASN1_F_ASN1_ENUMERATED_SET 112
962#define ASN1_F_ASN1_ENUMERATED_TO_BN 113 964#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
965#define ASN1_F_ASN1_GENERALIZEDTIME_SET 178
963#define ASN1_F_ASN1_GET_OBJECT 114 966#define ASN1_F_ASN1_GET_OBJECT 114
964#define ASN1_F_ASN1_HEADER_NEW 115 967#define ASN1_F_ASN1_HEADER_NEW 115
965#define ASN1_F_ASN1_I2D_BIO 116 968#define ASN1_F_ASN1_I2D_BIO 116
@@ -975,6 +978,7 @@ void ERR_load_ASN1_strings(void);
975#define ASN1_F_ASN1_SEQ_PACK 126 978#define ASN1_F_ASN1_SEQ_PACK 126
976#define ASN1_F_ASN1_SEQ_UNPACK 127 979#define ASN1_F_ASN1_SEQ_UNPACK 127
977#define ASN1_F_ASN1_SIGN 128 980#define ASN1_F_ASN1_SIGN 128
981#define ASN1_F_ASN1_STRING_SET 179
978#define ASN1_F_ASN1_STRING_TABLE_ADD 129 982#define ASN1_F_ASN1_STRING_TABLE_ADD 129
979#define ASN1_F_ASN1_STRING_TYPE_NEW 130 983#define ASN1_F_ASN1_STRING_TYPE_NEW 130
980#define ASN1_F_ASN1_TEMPLATE_D2I 131 984#define ASN1_F_ASN1_TEMPLATE_D2I 131
@@ -984,6 +988,7 @@ void ERR_load_ASN1_strings(void);
984#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 988#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
985#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 989#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
986#define ASN1_F_ASN1_UNPACK_STRING 136 990#define ASN1_F_ASN1_UNPACK_STRING 136
991#define ASN1_F_ASN1_UTCTIME_SET 180
987#define ASN1_F_ASN1_VERIFY 137 992#define ASN1_F_ASN1_VERIFY 137
988#define ASN1_F_BN_TO_ASN1_ENUMERATED 138 993#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
989#define ASN1_F_BN_TO_ASN1_INTEGER 139 994#define ASN1_F_BN_TO_ASN1_INTEGER 139
@@ -1007,6 +1012,7 @@ void ERR_load_ASN1_strings(void);
1007#define ASN1_F_D2I_X509_CINF 157 1012#define ASN1_F_D2I_X509_CINF 157
1008#define ASN1_F_D2I_X509_NAME 158 1013#define ASN1_F_D2I_X509_NAME 158
1009#define ASN1_F_D2I_X509_PKEY 159 1014#define ASN1_F_D2I_X509_PKEY 159
1015#define ASN1_F_I2D_ASN1_SET 181
1010#define ASN1_F_I2D_ASN1_TIME 160 1016#define ASN1_F_I2D_ASN1_TIME 160
1011#define ASN1_F_I2D_DSA_PUBKEY 161 1017#define ASN1_F_I2D_DSA_PUBKEY 161
1012#define ASN1_F_I2D_NETSCAPE_RSA 162 1018#define ASN1_F_I2D_NETSCAPE_RSA 162
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
index 094ec06fda..3b57c8fbae 100644
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ b/src/lib/libcrypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
1/* crypto/asn1/asn1_err.c */ 1/* crypto/asn1/asn1_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -70,16 +70,19 @@ static ERR_STRING_DATA ASN1_str_functs[]=
70{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"}, 70{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"},
71{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"}, 71{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
72{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"}, 72{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
73{ERR_PACK(0,ASN1_F_ASN1_BIT_STRING_SET_BIT,0), "ASN1_BIT_STRING_set_bit"},
73{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"}, 74{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"},
74{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"}, 75{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"},
75{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0), "ASN1_COLLECT"}, 76{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0), "ASN1_COLLECT"},
76{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"}, 77{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
77{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"}, 78{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"},
78{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"}, 79{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
80{ERR_PACK(0,ASN1_F_ASN1_DIGEST,0), "ASN1_digest"},
79{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"}, 81{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"},
80{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"}, 82{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
81{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"}, 83{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"},
82{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"}, 84{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"},
85{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_SET,0), "ASN1_GENERALIZEDTIME_set"},
83{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"}, 86{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
84{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"}, 87{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
85{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"}, 88{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"},
@@ -95,6 +98,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
95{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"}, 98{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"},
96{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"}, 99{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
97{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"}, 100{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"},
101{ERR_PACK(0,ASN1_F_ASN1_STRING_SET,0), "ASN1_STRING_set"},
98{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"}, 102{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"},
99{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"}, 103{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
100{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, 104{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"},
@@ -104,6 +108,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
104{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, 108{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
105{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, 109{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
106{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, 110{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
111{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_SET,0), "ASN1_UTCTIME_set"},
107{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"}, 112{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"},
108{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"}, 113{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"},
109{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, 114{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
@@ -127,6 +132,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
127{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, 132{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"},
128{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, 133{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"},
129{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, 134{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
135{ERR_PACK(0,ASN1_F_I2D_ASN1_SET,0), "i2d_ASN1_SET"},
130{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"}, 136{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"},
131{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"}, 137{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
132{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"}, 138{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index a74f1368d3..97b9b35f4b 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -349,6 +349,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
349 349
350 if (str->data == NULL) 350 if (str->data == NULL)
351 { 351 {
352 ASN1err(ASN1_F_ASN1_STRING_SET,ERR_R_MALLOC_FAILURE);
352 str->data=c; 353 str->data=c;
353 return(0); 354 return(0);
354 } 355 }
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
index 3506005a71..f92ce6cb5d 100644
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ b/src/lib/libcrypto/asn1/evp_asn1.c
@@ -115,7 +115,11 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
115 115
116 if ((osp=ASN1_STRING_new()) == NULL) return(0); 116 if ((osp=ASN1_STRING_new()) == NULL) return(0);
117 /* Grow the 'string' */ 117 /* Grow the 'string' */
118 ASN1_STRING_set(osp,NULL,size); 118 if (!ASN1_STRING_set(osp,NULL,size))
119 {
120 ASN1_STRING_free(osp);
121 return(0);
122 }
119 123
120 M_ASN1_STRING_length_set(osp, size); 124 M_ASN1_STRING_length_set(osp, size);
121 p=M_ASN1_STRING_data(osp); 125 p=M_ASN1_STRING_data(osp);
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
index 891150638e..ec788267e0 100644
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ b/src/lib/libcrypto/asn1/p5_pbe.c
@@ -76,47 +76,55 @@ IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
76X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, 76X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
77 int saltlen) 77 int saltlen)
78{ 78{
79 PBEPARAM *pbe; 79 PBEPARAM *pbe=NULL;
80 ASN1_OBJECT *al; 80 ASN1_OBJECT *al;
81 X509_ALGOR *algor; 81 X509_ALGOR *algor;
82 ASN1_TYPE *astype; 82 ASN1_TYPE *astype=NULL;
83 83
84 if (!(pbe = PBEPARAM_new ())) { 84 if (!(pbe = PBEPARAM_new ())) {
85 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 85 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
86 return NULL; 86 goto err;
87 } 87 }
88 if(iter <= 0) iter = PKCS5_DEFAULT_ITER; 88 if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
89 ASN1_INTEGER_set (pbe->iter, iter); 89 if (!ASN1_INTEGER_set(pbe->iter, iter)) {
90 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
91 goto err;
92 }
90 if (!saltlen) saltlen = PKCS5_SALT_LEN; 93 if (!saltlen) saltlen = PKCS5_SALT_LEN;
91 if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { 94 if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
92 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 95 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
93 return NULL; 96 goto err;
94 } 97 }
95 pbe->salt->length = saltlen; 98 pbe->salt->length = saltlen;
96 if (salt) memcpy (pbe->salt->data, salt, saltlen); 99 if (salt) memcpy (pbe->salt->data, salt, saltlen);
97 else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0) 100 else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
98 return NULL; 101 goto err;
99 102
100 if (!(astype = ASN1_TYPE_new())) { 103 if (!(astype = ASN1_TYPE_new())) {
101 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 104 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
102 return NULL; 105 goto err;
103 } 106 }
104 107
105 astype->type = V_ASN1_SEQUENCE; 108 astype->type = V_ASN1_SEQUENCE;
106 if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) { 109 if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
107 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 110 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
108 return NULL; 111 goto err;
109 } 112 }
110 PBEPARAM_free (pbe); 113 PBEPARAM_free (pbe);
114 pbe = NULL;
111 115
112 al = OBJ_nid2obj(alg); /* never need to free al */ 116 al = OBJ_nid2obj(alg); /* never need to free al */
113 if (!(algor = X509_ALGOR_new())) { 117 if (!(algor = X509_ALGOR_new())) {
114 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 118 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
115 return NULL; 119 goto err;
116 } 120 }
117 ASN1_OBJECT_free(algor->algorithm); 121 ASN1_OBJECT_free(algor->algorithm);
118 algor->algorithm = al; 122 algor->algorithm = al;
119 algor->parameter = astype; 123 algor->parameter = astype;
120 124
121 return (algor); 125 return (algor);
126err:
127 if (pbe != NULL) PBEPARAM_free(pbe);
128 if (astype != NULL) ASN1_TYPE_free(astype);
129 return NULL;
122} 130}
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
index 91e1c8987d..e0dc0ec4ee 100644
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ b/src/lib/libcrypto/asn1/p5_pbev2.c
@@ -1,6 +1,6 @@
1/* p5_pbev2.c */ 1/* p5_pbev2.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL 2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999. 3 * project 1999-2004.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
@@ -113,7 +113,8 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
113 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; 113 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
114 114
115 /* Create random IV */ 115 /* Create random IV */
116 if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) 116 if (EVP_CIPHER_iv_length(cipher) &&
117 RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
117 goto err; 118 goto err;
118 119
119 EVP_CIPHER_CTX_init(&ctx); 120 EVP_CIPHER_CTX_init(&ctx);
@@ -123,6 +124,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
123 if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { 124 if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
124 ASN1err(ASN1_F_PKCS5_PBE2_SET, 125 ASN1err(ASN1_F_PKCS5_PBE2_SET,
125 ASN1_R_ERROR_SETTING_CIPHER_PARAMS); 126 ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
127 EVP_CIPHER_CTX_cleanup(&ctx);
126 goto err; 128 goto err;
127 } 129 }
128 EVP_CIPHER_CTX_cleanup(&ctx); 130 EVP_CIPHER_CTX_cleanup(&ctx);
diff --git a/src/lib/libcrypto/asn1/t_bitst.c b/src/lib/libcrypto/asn1/t_bitst.c
index 8ee789f082..397332d9b8 100644
--- a/src/lib/libcrypto/asn1/t_bitst.c
+++ b/src/lib/libcrypto/asn1/t_bitst.c
@@ -84,7 +84,10 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
84 int bitnum; 84 int bitnum;
85 bitnum = ASN1_BIT_STRING_num_asc(name, tbl); 85 bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
86 if(bitnum < 0) return 0; 86 if(bitnum < 0) return 0;
87 if(bs) ASN1_BIT_STRING_set_bit(bs, bitnum, value); 87 if(bs) {
88 if(!ASN1_BIT_STRING_set_bit(bs, bitnum, value))
89 return 0;
90 }
88 return 1; 91 return 1;
89} 92}
90 93
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
index 11fce96825..b99f8fc522 100644
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ b/src/lib/libcrypto/asn1/x_crl.c
@@ -63,8 +63,6 @@
63 63
64static int X509_REVOKED_cmp(const X509_REVOKED * const *a, 64static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
65 const X509_REVOKED * const *b); 65 const X509_REVOKED * const *b);
66static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
67 const X509_REVOKED * const *b);
68 66
69ASN1_SEQUENCE(X509_REVOKED) = { 67ASN1_SEQUENCE(X509_REVOKED) = {
70 ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER), 68 ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
@@ -72,43 +70,28 @@ ASN1_SEQUENCE(X509_REVOKED) = {
72 ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION) 70 ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
73} ASN1_SEQUENCE_END(X509_REVOKED) 71} ASN1_SEQUENCE_END(X509_REVOKED)
74 72
75/* The X509_CRL_INFO structure needs a bit of customisation. This is actually 73/* The X509_CRL_INFO structure needs a bit of customisation.
76 * mirroring the old behaviour: its purpose is to allow the use of 74 * Since we cache the original encoding the signature wont be affected by
77 * sk_X509_REVOKED_find to lookup revoked certificates. Unfortunately 75 * reordering of the revoked field.
78 * this will zap the original order and the signature so we keep a copy
79 * of the original positions and reorder appropriately before encoding.
80 *
81 * Might want to see if there's a better way of doing this later...
82 */ 76 */
83static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 77static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
84{ 78{
85 X509_CRL_INFO *a = (X509_CRL_INFO *)*pval; 79 X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
86 int i;
87 int (*old_cmp)(const X509_REVOKED * const *,
88 const X509_REVOKED * const *);
89 80
90 if(!a || !a->revoked) return 1; 81 if(!a || !a->revoked) return 1;
91 switch(operation) { 82 switch(operation) {
92 83 /* Just set cmp function here. We don't sort because that
93 /* Save original order */ 84 * would affect the output of X509_CRL_print().
85 */
94 case ASN1_OP_D2I_POST: 86 case ASN1_OP_D2I_POST:
95 for (i=0; i<sk_X509_REVOKED_num(a->revoked); i++)
96 sk_X509_REVOKED_value(a->revoked,i)->sequence=i;
97 sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); 87 sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
98 break; 88 break;
99
100 /* Restore original order */
101 case ASN1_OP_I2D_PRE:
102 old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
103 sk_X509_REVOKED_sort(a->revoked);
104 sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
105 break;
106 } 89 }
107 return 1; 90 return 1;
108} 91}
109 92
110 93
111ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = { 94ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = {
112 ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER), 95 ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
113 ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR), 96 ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
114 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME), 97 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
@@ -116,7 +99,7 @@ ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = {
116 ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME), 99 ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
117 ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED), 100 ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
118 ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0) 101 ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
119} ASN1_SEQUENCE_END_cb(X509_CRL_INFO, X509_CRL_INFO) 102} ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO)
120 103
121ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = { 104ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
122 ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO), 105 ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
@@ -137,12 +120,6 @@ static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
137 (ASN1_STRING *)(*b)->serialNumber)); 120 (ASN1_STRING *)(*b)->serialNumber));
138 } 121 }
139 122
140static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
141 const X509_REVOKED * const *b)
142 {
143 return((*a)->sequence-(*b)->sequence);
144 }
145
146int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) 123int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
147{ 124{
148 X509_CRL_INFO *inf; 125 X509_CRL_INFO *inf;
@@ -153,6 +130,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
153 ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE); 130 ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
154 return 0; 131 return 0;
155 } 132 }
133 inf->enc.modified = 1;
156 return 1; 134 return 1;
157} 135}
158 136
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index caece0f158..31f3377b64 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -160,21 +160,22 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, cons
160 int tag, int aclass, char opt, ASN1_TLC *ctx) 160 int tag, int aclass, char opt, ASN1_TLC *ctx)
161{ 161{
162 unsigned char *p = *in, *q; 162 unsigned char *p = *in, *q;
163 STACK *intname = NULL; 163 STACK *intname = NULL, **intname_pp = &intname;
164 int i, j, ret; 164 int i, j, ret;
165 X509_NAME *nm = NULL; 165 X509_NAME *nm = NULL, **nm_pp = &nm;
166 STACK_OF(X509_NAME_ENTRY) *entries; 166 STACK_OF(X509_NAME_ENTRY) *entries;
167 X509_NAME_ENTRY *entry; 167 X509_NAME_ENTRY *entry;
168 q = p; 168 q = p;
169 169
170 /* Get internal representation of Name */ 170 /* Get internal representation of Name */
171 ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL), 171 ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp,
172 tag, aclass, opt, ctx); 172 &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
173 tag, aclass, opt, ctx);
173 174
174 if(ret <= 0) return ret; 175 if(ret <= 0) return ret;
175 176
176 if(*val) x509_name_ex_free(val, NULL); 177 if(*val) x509_name_ex_free(val, NULL);
177 if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err; 178 if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err;
178 /* We've decoded it: now cache encoding */ 179 /* We've decoded it: now cache encoding */
179 if(!BUF_MEM_grow(nm->bytes, p - q)) goto err; 180 if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
180 memcpy(nm->bytes->data, q, p - q); 181 memcpy(nm->bytes->data, q, p - q);
@@ -218,7 +219,7 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
218 219
219static int x509_name_encode(X509_NAME *a) 220static int x509_name_encode(X509_NAME *a)
220{ 221{
221 STACK *intname = NULL; 222 STACK *intname = NULL, **intname_pp = &intname;
222 int len; 223 int len;
223 unsigned char *p; 224 unsigned char *p;
224 STACK_OF(X509_NAME_ENTRY) *entries = NULL; 225 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
@@ -236,10 +237,12 @@ static int x509_name_encode(X509_NAME *a)
236 } 237 }
237 if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr; 238 if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
238 } 239 }
239 len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); 240 len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL,
241 ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
240 if (!BUF_MEM_grow(a->bytes,len)) goto memerr; 242 if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
241 p=(unsigned char *)a->bytes->data; 243 p=(unsigned char *)a->bytes->data;
242 ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); 244 ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp,
245 &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
243 sk_pop_free(intname, sk_internal_free); 246 sk_pop_free(intname, sk_internal_free);
244 a->modified = 0; 247 a->modified = 0;
245 return len; 248 return len;
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
index d958540120..7d6d71af88 100644
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ b/src/lib/libcrypto/asn1/x_pubkey.c
@@ -80,8 +80,7 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
80 80
81int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) 81int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
82 { 82 {
83 int ok=0; 83 X509_PUBKEY *pk=NULL;
84 X509_PUBKEY *pk;
85 X509_ALGOR *a; 84 X509_ALGOR *a;
86 ASN1_OBJECT *o; 85 ASN1_OBJECT *o;
87 unsigned char *s,*p = NULL; 86 unsigned char *s,*p = NULL;
@@ -104,7 +103,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
104 (a->parameter->type != V_ASN1_NULL)) 103 (a->parameter->type != V_ASN1_NULL))
105 { 104 {
106 ASN1_TYPE_free(a->parameter); 105 ASN1_TYPE_free(a->parameter);
107 a->parameter=ASN1_TYPE_new(); 106 if (!(a->parameter=ASN1_TYPE_new()))
107 {
108 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
109 goto err;
110 }
108 a->parameter->type=V_ASN1_NULL; 111 a->parameter->type=V_ASN1_NULL;
109 } 112 }
110 } 113 }
@@ -118,14 +121,34 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
118 dsa=pkey->pkey.dsa; 121 dsa=pkey->pkey.dsa;
119 dsa->write_params=0; 122 dsa->write_params=0;
120 ASN1_TYPE_free(a->parameter); 123 ASN1_TYPE_free(a->parameter);
121 i=i2d_DSAparams(dsa,NULL); 124 if ((i=i2d_DSAparams(dsa,NULL)) <= 0)
122 if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err; 125 goto err;
126 if (!(p=(unsigned char *)OPENSSL_malloc(i)))
127 {
128 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
129 goto err;
130 }
123 pp=p; 131 pp=p;
124 i2d_DSAparams(dsa,&pp); 132 i2d_DSAparams(dsa,&pp);
125 a->parameter=ASN1_TYPE_new(); 133 if (!(a->parameter=ASN1_TYPE_new()))
134 {
135 OPENSSL_free(p);
136 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
137 goto err;
138 }
126 a->parameter->type=V_ASN1_SEQUENCE; 139 a->parameter->type=V_ASN1_SEQUENCE;
127 a->parameter->value.sequence=ASN1_STRING_new(); 140 if (!(a->parameter->value.sequence=ASN1_STRING_new()))
128 ASN1_STRING_set(a->parameter->value.sequence,p,i); 141 {
142 OPENSSL_free(p);
143 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
144 goto err;
145 }
146 if (!ASN1_STRING_set(a->parameter->value.sequence,p,i))
147 {
148 OPENSSL_free(p);
149 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
150 goto err;
151 }
129 OPENSSL_free(p); 152 OPENSSL_free(p);
130 } 153 }
131 else 154 else
@@ -143,7 +166,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
143 } 166 }
144 p=s; 167 p=s;
145 i2d_PublicKey(pkey,&p); 168 i2d_PublicKey(pkey,&p);
146 if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; 169 if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i))
170 {
171 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
172 goto err;
173 }
147 /* Set number of unused bits to zero */ 174 /* Set number of unused bits to zero */
148 pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); 175 pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
149 pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; 176 pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
@@ -159,12 +186,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
159 X509_PUBKEY_free(*x); 186 X509_PUBKEY_free(*x);
160 187
161 *x=pk; 188 *x=pk;
162 pk=NULL;
163 189
164 ok=1; 190 return 1;
165err: 191err:
166 if (pk != NULL) X509_PUBKEY_free(pk); 192 if (pk != NULL) X509_PUBKEY_free(pk);
167 return(ok); 193 return 0;
168 } 194 }
169 195
170EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) 196EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 12:19:41 +0000