diff options
| -rw-r--r-- | src/lib/libssl/bs_cbs.c | 26 | ||||
| -rw-r--r-- | src/lib/libssl/bytestring.h | 4 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/bs_cbs.c | 26 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/bytestring.h | 4 |
4 files changed, 26 insertions, 34 deletions
diff --git a/src/lib/libssl/bs_cbs.c b/src/lib/libssl/bs_cbs.c index ba38303c18..1b513c9a0e 100644 --- a/src/lib/libssl/bs_cbs.c +++ b/src/lib/libssl/bs_cbs.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bs_cbs.c,v 1.9 2015/06/15 07:35:49 doug Exp $ */ | 1 | /* $OpenBSD: bs_cbs.c,v 1.10 2015/06/16 06:11:39 doug Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014, Google Inc. | 3 | * Copyright (c) 2014, Google Inc. |
| 4 | * | 4 | * |
| @@ -262,21 +262,17 @@ cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned *out_tag, | |||
| 262 | /* Handle indefinite form length */ | 262 | /* Handle indefinite form length */ |
| 263 | if (num_bytes == 0) { | 263 | if (num_bytes == 0) { |
| 264 | /* DER encoding doesn't allow for indefinite form. */ | 264 | /* DER encoding doesn't allow for indefinite form. */ |
| 265 | if (strict) { | 265 | if (strict) |
| 266 | return 0; | 266 | return 0; |
| 267 | 267 | ||
| 268 | } else { | 268 | /* Primitive cannot use indefinite in BER or DER. */ |
| 269 | if ((tag & CBS_ASN1_CONSTRUCTED) != 0 && | 269 | if ((tag & CBS_ASN1_CONSTRUCTED) == 0) |
| 270 | num_bytes == 0) { | 270 | return 0; |
| 271 | /* indefinite length */ | 271 | |
| 272 | if (out_header_len != NULL) | 272 | /* Constructed, indefinite length allowed in BER. */ |
| 273 | *out_header_len = 2; | 273 | if (out_header_len != NULL) |
| 274 | return CBS_get_bytes(cbs, out, 2); | 274 | *out_header_len = 2; |
| 275 | } else { | 275 | return CBS_get_bytes(cbs, out, 2); |
| 276 | /* Primitive cannot use indefinite. */ | ||
| 277 | return 0; | ||
| 278 | } | ||
| 279 | } | ||
| 280 | } | 276 | } |
| 281 | 277 | ||
| 282 | /* CBS limitation. */ | 278 | /* CBS limitation. */ |
| @@ -286,7 +282,7 @@ cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned *out_tag, | |||
| 286 | if (!cbs_get_u(&header, &len32, num_bytes)) | 282 | if (!cbs_get_u(&header, &len32, num_bytes)) |
| 287 | return 0; | 283 | return 0; |
| 288 | 284 | ||
| 289 | /* DER has a minimum length octet requirements. */ | 285 | /* DER has a minimum length octet requirement. */ |
| 290 | if (len32 < 128) | 286 | if (len32 < 128) |
| 291 | /* Should have used short form instead */ | 287 | /* Should have used short form instead */ |
| 292 | return 0; | 288 | return 0; |
diff --git a/src/lib/libssl/bytestring.h b/src/lib/libssl/bytestring.h index d66ab65b91..ef824a0cea 100644 --- a/src/lib/libssl/bytestring.h +++ b/src/lib/libssl/bytestring.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bytestring.h,v 1.7 2015/06/15 07:35:49 doug Exp $ */ | 1 | /* $OpenBSD: bytestring.h,v 1.8 2015/06/16 06:11:39 doug Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014, Google Inc. | 3 | * Copyright (c) 2014, Google Inc. |
| 4 | * | 4 | * |
| @@ -451,7 +451,7 @@ int CBB_add_asn1_uint64(CBB *cbb, uint64_t value); | |||
| 451 | 451 | ||
| 452 | #ifdef LIBRESSL_INTERNAL | 452 | #ifdef LIBRESSL_INTERNAL |
| 453 | /* | 453 | /* |
| 454 | * CBS_get_any_asn1_element sets |*out| to contain the next ASN.1 element from | 454 | * cbs_get_any_asn1_element sets |*out| to contain the next ASN.1 element from |
| 455 | * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to | 455 | * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to |
| 456 | * the tag number and |*out_header_len| to the length of the ASN.1 header. If | 456 | * the tag number and |*out_header_len| to the length of the ASN.1 header. If |
| 457 | * strict mode is disabled and the element has indefinite length then |*out| | 457 | * strict mode is disabled and the element has indefinite length then |*out| |
diff --git a/src/lib/libssl/src/ssl/bs_cbs.c b/src/lib/libssl/src/ssl/bs_cbs.c index ba38303c18..1b513c9a0e 100644 --- a/src/lib/libssl/src/ssl/bs_cbs.c +++ b/src/lib/libssl/src/ssl/bs_cbs.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bs_cbs.c,v 1.9 2015/06/15 07:35:49 doug Exp $ */ | 1 | /* $OpenBSD: bs_cbs.c,v 1.10 2015/06/16 06:11:39 doug Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014, Google Inc. | 3 | * Copyright (c) 2014, Google Inc. |
| 4 | * | 4 | * |
| @@ -262,21 +262,17 @@ cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned *out_tag, | |||
| 262 | /* Handle indefinite form length */ | 262 | /* Handle indefinite form length */ |
| 263 | if (num_bytes == 0) { | 263 | if (num_bytes == 0) { |
| 264 | /* DER encoding doesn't allow for indefinite form. */ | 264 | /* DER encoding doesn't allow for indefinite form. */ |
| 265 | if (strict) { | 265 | if (strict) |
| 266 | return 0; | 266 | return 0; |
| 267 | 267 | ||
| 268 | } else { | 268 | /* Primitive cannot use indefinite in BER or DER. */ |
| 269 | if ((tag & CBS_ASN1_CONSTRUCTED) != 0 && | 269 | if ((tag & CBS_ASN1_CONSTRUCTED) == 0) |
| 270 | num_bytes == 0) { | 270 | return 0; |
| 271 | /* indefinite length */ | 271 | |
| 272 | if (out_header_len != NULL) | 272 | /* Constructed, indefinite length allowed in BER. */ |
| 273 | *out_header_len = 2; | 273 | if (out_header_len != NULL) |
| 274 | return CBS_get_bytes(cbs, out, 2); | 274 | *out_header_len = 2; |
| 275 | } else { | 275 | return CBS_get_bytes(cbs, out, 2); |
| 276 | /* Primitive cannot use indefinite. */ | ||
| 277 | return 0; | ||
| 278 | } | ||
| 279 | } | ||
| 280 | } | 276 | } |
| 281 | 277 | ||
| 282 | /* CBS limitation. */ | 278 | /* CBS limitation. */ |
| @@ -286,7 +282,7 @@ cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned *out_tag, | |||
| 286 | if (!cbs_get_u(&header, &len32, num_bytes)) | 282 | if (!cbs_get_u(&header, &len32, num_bytes)) |
| 287 | return 0; | 283 | return 0; |
| 288 | 284 | ||
| 289 | /* DER has a minimum length octet requirements. */ | 285 | /* DER has a minimum length octet requirement. */ |
| 290 | if (len32 < 128) | 286 | if (len32 < 128) |
| 291 | /* Should have used short form instead */ | 287 | /* Should have used short form instead */ |
| 292 | return 0; | 288 | return 0; |
diff --git a/src/lib/libssl/src/ssl/bytestring.h b/src/lib/libssl/src/ssl/bytestring.h index d66ab65b91..ef824a0cea 100644 --- a/src/lib/libssl/src/ssl/bytestring.h +++ b/src/lib/libssl/src/ssl/bytestring.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bytestring.h,v 1.7 2015/06/15 07:35:49 doug Exp $ */ | 1 | /* $OpenBSD: bytestring.h,v 1.8 2015/06/16 06:11:39 doug Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014, Google Inc. | 3 | * Copyright (c) 2014, Google Inc. |
| 4 | * | 4 | * |
| @@ -451,7 +451,7 @@ int CBB_add_asn1_uint64(CBB *cbb, uint64_t value); | |||
| 451 | 451 | ||
| 452 | #ifdef LIBRESSL_INTERNAL | 452 | #ifdef LIBRESSL_INTERNAL |
| 453 | /* | 453 | /* |
| 454 | * CBS_get_any_asn1_element sets |*out| to contain the next ASN.1 element from | 454 | * cbs_get_any_asn1_element sets |*out| to contain the next ASN.1 element from |
| 455 | * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to | 455 | * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to |
| 456 | * the tag number and |*out_header_len| to the length of the ASN.1 header. If | 456 | * the tag number and |*out_header_len| to the length of the ASN.1 header. If |
| 457 | * strict mode is disabled and the element has indefinite length then |*out| | 457 | * strict mode is disabled and the element has indefinite length then |*out| |