Make CBS_get_any_asn1_element() more compliant with DER encoding. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	doug <>	2015-06-15 07:35:49 +0000
committer	doug <>	2015-06-15 07:35:49 +0000
commit	cc28fbde97d652fc8df85aef456db3f43ee7141f (patch)
tree	d870273c7da5901692fed25ce0bccf96a3a77d50 /src/lib/libssl/d1_pkt.c
parent	b5c7960f11d2b64faae5154f9709f34d00462124 (diff)
download	openbsd-cc28fbde97d652fc8df85aef456db3f43ee7141f.tar.gz openbsd-cc28fbde97d652fc8df85aef456db3f43ee7141f.tar.bz2 openbsd-cc28fbde97d652fc8df85aef456db3f43ee7141f.zip

Make CBS_get_any_asn1_element() more compliant with DER encoding.

CBS_get_any_asn1_element violates DER encoding by allowing indefinite form. All callers except bs_ber.c expect DER encoding. The callers must check to see if it was indefinite or not. Rather than exposing all callers to this behavior, cbs_get_any_asn1_element_internal() allows specifying whether you want to allow the normally forbidden indefinite form. This is used by CBS_get_any_asn1_element() for strict DER encoding and by a new static function in bs_ber.c for the relaxed version. While I was here, I added comments to differentiate between ASN.1 restrictions and CBS limitations. ok miod@

Diffstat (limited to 'src/lib/libssl/d1_pkt.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: