| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
These were long removed from the public OpenSSL API, so we can do the
same. Remove ASN1_template_{d2i,i2d}() - those are unused internally.
ok jsing
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Without the cache, we verify CRL signatures on bytes that have been
pulled through d2i_ -> i2d_, this can cause reordering, which in turn
invalidates the signature. for example if in the original CRL revocation
entries were sorted by date instead of ascending serial number order.
There are probably multiple things we can do here, but they will need
careful consideration and planning.
OK jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A long time ago a workflow was envisioned for X509, X509_CRL, and X509_REQ
structures in which only fields modified after deserialization would need to
be re-encoded upon serialization.
Unfortunately, over the years, authors would sometimes forget to add code in
setter functions to trigger invalidation of previously cached DER encodings.
The presence of stale versions of structures can lead to very hard-to-debug
issues and cause immense sorrow.
Fully removing the concept of caching DER encodings ensures stale versions
of structures can never rear their ugly heads again.
OK tb@ jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
|
| | |
|
| |
|
|
|
|
| |
Rename some variables and consistently goto error.
ok tb@
|
| |
|
|
|
|
|
|
| |
Rather than recycling an existing ASN1_STRING and changing its type, free
it and allocate a replacement. This simplifies the code and potentially
avoids bugs resulting from reuse.
ok tb@
|
| |
|
|
|
|
|
|
| |
Per X.690, some ASN.1 types must be primitive encoded, some must be
constructed and some may be either. Add this data to our types table
and check the encoding against this information when decoding.
ok tb@
|
| |
|
|
|
|
|
| |
This avoids asn1_c2i_primitive() from needing knowledge about the internals
of ASN1_INTEGER and ASN1_ENUMERATED.
ok tb@
|
| |
|
|
|
|
|
|
| |
While we're here enforce valid days for months and leap years.
Inspired by same in boringssl.
ok jsing@
|
| |
|
|
|
|
|
| |
Switch to using ints for boolean values and use 0 or 1 for constructed,
rather than using 0 the ASN.1 tag encoded value (1 << 5).
ok tb@
|
| | |
|
| |
|
|
|
|
|
| |
Factor out the ef->asn1_ex_d2i() callback handling - this allows us to pull
out all of the related variables into a self-contained function.
ok tb@
|
| |
|
|
|
|
|
|
|
| |
Also use array indexes for it->templates, rather than trying to be extra
clever in for loops (suggested by tb@ during a review).
No functional change.
ok tb@
|
| |
|
|
|
|
|
|
|
| |
It no longer makes sense to have "extended" versions of functions
internally.
No functional change.
ok tb@
|
| |
|
|
|
|
|
|
| |
Order functions by use, moving public API to the bottom and utility
functions to the top. This makes the code more logical/readable, plus we
can remove all except one of the static function prototypes.
No functional change.
|
| |
|
|
|
|
|
|
|
|
| |
Rewrite the asn1_template_*() functions with CBS, readable variable names
and free then alloc.
This was the last caller of asn1_check_eoc() and asn1_check_tag(), hence
remove them and rename the _cbs suffixed versions in their place.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
Split the object content handling off into asn1_d2i_ex_primitive_content(),
move the handling ov V_ASN1_ANY into asn1_d2i_ex_any() and move the MSTRING
handling into asn1_d2i_ex_mstring(). This way we parse the header once
(rather than twice for ANY and MSTRING), then process the content, while
also avoiding complex special cases in a single code path.
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
Change asn1_template_ex_d2i() so that we short circuit in the no explicit
tagging case.
Split out the SET OF/SEQUENCE OF handling from asn1_template_noexp_d2i()
into a asn1_template_stack_of_d2i() function and simplify the remaining
code.
ok tb@
|
| |
|
|
|
|
| |
Now that combine no longer exists, we can also free and reallocate.
ok tb@
|
| |
|
|
|
|
|
|
| |
In asn1_item_ex_d2i_choice(), only call the ASN1_OP_D2I_PRE callback after
allocation has occurred via ASN1_item_ex_new(). This matches the sequence
handling code and the documentation.
Discussed with tb@
|
| |
|
|
|
|
| |
Now that combine no longer exists, we can also free and reallocate.
ok tb@
|
| |
|
|
|
|
| |
Rework and clean up other asn1_enc_* related functions while here.
ok tb@
|
| |
|
|
|
|
|
|
| |
This workaround was used by ASN1_BROKEN_SEQUENCE, which existed for
NETSCAPE_ENCRYPTED_PKEY. Remove the workaround since the only consumer
has already been removed.
ok tb@
|
| |
|
|
|
|
|
|
| |
This requires a few wrappers to call into some non-CBS functions, however
we can now remove the asn1_d2i_ex_primitive() wrapper as there are no
longer any non-CBS callers.
ok tb@
|
| |
|
|
|
|
|
|
| |
This was an option used to combine ASN.1 into a single structure, which was
only ever used by DSAPublicKey and X509_ATTRIBUTE. Since they no longer use
it we can mop this up and simplify all of the related code.
ok tb@
|
| |
|
|
|
|
|
|
| |
Factor out the handling of CHOICE and SEQUENCE into their own functions.
This reduces complexity, reduces indentation and will allow for further
clean up.
ok beck@ tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The asn1_ex_c2i() function currently handles the V_ASN1_ANY case inline,
which means there multiple special cases, with pointer fudging and
restoring. Instead, split asn1_ex_c2i() into three functions - one that
only handles storage into a primitive type (asn1_ex_c2i_primitive()), one
that handles the V_ASN1_ANY case (asn1_ex_c2i_any()) and calls
asn1_ex_c2i_primitive() with the correct pointer and an asn1_ex_c2i()
that handles the custom functions case, before dispatching to
asn1_ex_c2i_any() or asn1_ex_c2i_primitive(), as appropriate.
This results in cleaner and simpler code.
With input from and ok tb@
|
| |
|
|
|
|
|
|
| |
Change asn1_get_length_cbs() and asn1_get_object_cbs() to handle and return
a length as a size_t rather than a uint32_t. This makes it simpler and less
error prone in the callers.
Suggested by and ok tb@
|
| |
|
|
|
|
| |
Use more readable variable and arguments names in the process.
ok tb@
|
| |
|
|
|
|
|
|
| |
The asn1_find_end() function handles definite length ASN.1, which means
that there is no point in the only caller having code to explicitly handle
definite length - it can just call the function.
ok tb@
|
| |
|
|
|
|
|
|
| |
The long vs size_t checks can be handled in the asn1_check_tag() wrapper
and this will help to avoid propagating long vs size_t issues into new
code.
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than calling asn1_get_object_cbs(), call asn1_get_identifier_cbs(),
then immediately proceed with the tag number and tag class check. Only if
that succeeds (or it is not required) do we call asn1_get_length_cbs().
This avoids incurring the overhead of decoding the length in the case where
the tag number and tag class do not match.
While here rename asn1_check_tlen() to asn1_check_tag() - while we decode
the length, what we are normally checking is the tag number and tag class.
Also rename the arguments for readability. For now the argument types
and encoding remain unchanged.
ok inoguchi@ tb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, every time an ASN.1 identifier and length is decoded it is
stored in a tag/length cache for potential reuse. However, the only time
this is actually of benefit is when decoding CHOICE or SEQUENCE with
OPTIONAL fields (or MSTRING and ANY due to less than ideal
implementation). For CHOICE and SEQUENCE with OPTIONAL fields the
current code attempts to decode the first option and if that fails, it
moves onto the next option and attempts to decode it, repeating until
it succeeds (or runs out of options).
There are a number of problems with the cache. Firstly, it adds complexity
to the ASN.1 decoder since it has to be passed up and down through the
various layers. Secondly, there is nothing that keeps the cached data in
synchronisation with the input stream. This makes it fragile and a
potential security risk. Thirdly, the type is in the public headers and
API, meaning that we cannot readily change the types or fields to improve
the code.
Testing also suggests that in typical decoding cases we actually get a
small performance increase by removing the cache. There are also several
other options that would improve decoding performance, which we can visit
once we have simpler and more robust code.
ok beck@ inoguchi@ tb@
|
| |
|
|
| |
ok inoguchi@ tb@
|
| |
|
|
|
|
| |
This allows us to make direct use of c2i_ASN1_OBJECT_cbs().
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
The constructed ASN.1 handling in asn1_d2i_ex_primitive() and asn1_ex_c2i()
currently has code to potentially avoid a malloc/memcpy - this is a less
common code path and it introduces a bunch of complexity for minimal gain.
In particular, we're manually adding a trailing NUL when ASN1_STRING_set()
would already do that for us, plus we currently manually free() the data on
an ASN1_STRING, rather than using freezero().
ok inoguchi@ tb@
|
| | |
|
| |
|
|
| |
Whitespace change only.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
There are currently three different tables in three different files that
contain information about ASN.1 universal class tag types. Range checking
is also implemented in three different places (with different
implementations).
Consolidate all of this into a single table, provide a lookup function that
deals with the range checks and wrappers to deal with specific types.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
| |
With this we get simpler code, overflow checking and more sensible
memory ownership. Also switch the free_cont case to freezero() since this
could contain secrets.
ok inoguchi@ tb@
|
| |
|
|
|
|
| |
While here stop assigning a size_t to an int without bounds checks.
ok inoguchi@ tb@
|
| |
|
|
| |
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
| |
asn1_collect() (and hence collect_data()) is never called without
a BUF_MEM - the only caller that passed NULL was removed in OpenSSL
commit e1cc0671ac5.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
Call the replacement asn1_tlc_invalidate() since it does not actually
clear the ASN1_TLC.
While here, name the ASN1_TLC variables consistently as ctx, remove a
pointless comment and simplify ASN1_item_d2i() slightly.
ok inoguchi@ tb@
|
| | |
|
