summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Consolidate code/templates for ASN.1 types.jsing2021-12-257-168/+168
| | | | | | | Where an ASN.1 type has its own file, move the ASN.1 item template and template related functions into the file. Discussed with tb@
* Move ASN1_<type>_* functions to the top, encoding/decoding to the bottom.jsing2021-12-254-329/+329
| | | | No functional change.
* Rewrite ASN.1 identifier/length parsing in CBS.jsing2021-12-253-90/+218
| | | | | | | | | Provide internal asn1_get_identifier_cbs() and asn1_get_length_cbs() functions that are called from asn1_get_object_cbs(). Convert the existing ASN1_get_object() function so that it calls asn1_get_object_cbs(), before mapping the result into the API that it implements. ok tb@
* Reorder some functions.jsing2021-12-241-46/+46
| | | | No functional change.
* Route templated implementations of {d2i,i2d}_ASN1_BOOLEAN() throughtb2021-12-231-3/+5
| | | | | | | | ASN1_item_ex_{d2i,i2d}() instead of ASN1_item_{d2i,i2d}(). Fixes test failure on sparc64, and hopefully all other architectures. reported by tobhe with/ok jsing
* Rename asn1_lib.c to asn1_old_lib.cjsing2021-12-151-1/+1
| | | | | | | This will allow us to add a new asn1_lib.c while replacing the code that is in currently in asn1_old_lib.c. Discussed with tb@
* Consolidate various ASN.1 code.jsing2021-12-158-645/+460
| | | | | | | | | Rather than having multiple files per type (with minimal code per file), use one file per type (a_<type>.c). No functional change. Discussed with tb@
* unifdef -U CRYPTO_MDEBUG -m tasn_new.cjsing2021-12-151-33/+1
|
* Consolidate ASN.1 universal tag type data.jsing2021-12-145-80/+281
| | | | | | | | | | | | There are currently three different tables in three different files that contain information about ASN.1 universal class tag types. Range checking is also implemented in three different places (with different implementations). Consolidate all of this into a single table, provide a lookup function that deals with the range checks and wrappers to deal with specific types. ok inoguchi@ tb@
* Remove the last internal use of d2i_ASN1_BOOLEAN.tb2021-12-131-7/+3
| | | | | | From Stephen Henson, OpenSSL 564df0dd ok jsing
* Clean up d2i_ASN1_BOOLEAN() and i2d_ASN1_BOOLEAN().jsing2021-12-132-116/+21
| | | | | | Convert these to templated ASN.1, given we already have ASN1_BOOLEAN_it. ok inoguchi@ tb@
* this file doesn't use anything from <stdio.h>;schwarze2021-12-131-2/+1
| | | | | in particular, NULL is also in <stdlib.h> according to the C99 standard; "free commit" tb@
* Convert asn1_d2i_ex_primitive()/asn1_collect() from BUF_MEM to CBB.jsing2021-12-131-31/+37
| | | | | | | | With this we get simpler code, overflow checking and more sensible memory ownership. Also switch the free_cont case to freezero() since this could contain secrets. ok inoguchi@ tb@
* Catch integer overflow rather than silently truncating whileschwarze2021-12-131-1/+10
| | | | | | parsing MASK: strings in ASN1_STRING_set_default_mask_asc(3). Issue noticed by tb@, patch by me, two additional #include lines from tb@. OK tb@.
* Include evp_locl.h where it will be needed once most structs fromtb2021-12-129-9/+20
| | | | | | evp.h will be moved to evp_locl.h in an upcoming bump. ok inoguchi
* Rewrite X509_ALGOR_set_md() without reaching into EVP_MD.tb2021-12-121-5/+3
| | | | ok inoguchi schwarze
* Merge two bugfixes in ASN1_STRING_TABLE_add(3) and ASN1_STRING_TABLE_get(3)schwarze2021-12-111-34/+58
| | | | | | | | | | | | | | | | | | | | | | from the OpenSSL 1.1.1 branch, which is still under a free license, mostly this commit: commit d35c0ff30b31be9fd5dcf3d552a16feb8de464bc Author: Dr. Stephen Henson <steve@openssl.org> Date: Fri Oct 19 15:06:31 2012 +0000 fix ASN1_STRING_TABLE_add so it can override existing string table values This fixes a segfault in ASN1_STRING_TABLE_add(3), which tried to change a static const entry when called with an nid already in the default table, and it switches the precedence of the two tables in ASN1_STRING_TABLE_get(3). In addition, it changes behaviour in the following minor ways: * Ignore negative minsize and maxsize arguments, not just -1. * Ignore a zero mask and zero flags. It's unclear whether these additional changes make the API absolutely better, but we want compatibility with OpenSSL in these functions. Tweaks & OK tb@.
* Merge the deletion of <ctype.h>, which isn't used here,schwarze2021-12-111-17/+21
| | | | | | | and some style improvements from the OpenSSL 1.1.1 branch, which is still under a free license. No functional change. OK and additional tweaks tb@.
* Inline collect_data() in asn1_collect().jsing2021-12-091-21/+12
| | | | | | While here stop assigning a size_t to an int without bounds checks. ok inoguchi@ tb@
* Pull the recursion depth check up to the top of asn1_collect()jsing2021-12-091-5/+6
| | | | ok inoguchi@ tb@
* Remove handling of a NULL BUF_MEM from asn1_collect()jsing2021-12-091-14/+9
| | | | | | | | asn1_collect() (and hence collect_data()) is never called without a BUF_MEM - the only caller that passed NULL was removed in OpenSSL commit e1cc0671ac5. ok inoguchi@ tb@
* Add #include "bn_lcl.h" to the files that will soon need it.tb2021-12-041-1/+3
| | | | ok inoguchi jsing
* Consolidate {d2i,i2d}_{pr,pu}.cjsing2021-12-044-181/+40
| | | | | | | | | | | | Currently there are two files for private key ASN.1 (d2i_pr.c, i2d_pr.c) and two files for public key ASN.1 (d2i_pu.c, i2d_pu.c). All of the other ASN.1 code has d2i and i2d in the same per-object file. Consolidate d2i_pr.c/i2d_pr.c into a_pkey.c and consolidate d2i_pu.c/i2d_pu.c into a_pubkey.c before making any further changes to this code. ok tb@
* Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function.jsing2021-12-031-32/+26
| | | | | | | | | | Call the replacement asn1_tlc_invalidate() since it does not actually clear the ASN1_TLC. While here, name the ASN1_TLC variables consistently as ctx, remove a pointless comment and simplify ASN1_item_d2i() slightly. ok inoguchi@ tb@
* Group and sort includes.jsing2021-12-031-3/+3
|
* Call asn1_item_ex_d2i() directly from ASN1_item_d2i()jsing2021-12-031-2/+5
| | | | | | | ASN1_item_ex_d2i() is just a wrapper around the internal asn1_item_ex_d2i() function, so call asn1_item_ex_d2i() directly. ok inoguchi@ tb@
* Convert ASN1_PCTX_new() to calloc().jsing2021-12-031-10/+6
| | | | | | | Rather than using malloc() and then initialising all struct members to zero values, use calloc(). ok schwarze@ tb@
* Use calloc() for X509_CRL_METHOD_new() instead of malloc().jsing2021-12-031-3/+4
| | | | | | | This ensures that if any members are added to this struct, they will be initialised. ok schwarze@ tb@
* Rewrite ASN1_STRING_cmp().jsing2021-12-031-11/+8
| | | | | | This removes nested ifs and uses more sensible variable names. ok schwarze@ tb@
* Convert ASN1_STRING_type_new() to calloc().jsing2021-12-031-10/+7
| | | | | | | Rather than using malloc() and then initialising all struct members, use calloc() and only initialise the single non-zero value member. ok schwarze@ tb@
* Convert ASN1_OBJECT_new() to calloc().jsing2021-12-031-11/+6
| | | | | | | Rather than using malloc() and then initialising all struct members, use calloc() and only initialise the single non-zero value member. ok schwarze@ tb@
* Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated ASN1jsing2021-12-031-125/+429
| | | | | | | These functions previously used the old ASN1_{d2i,i2d}_{bio,fp}() interfaces. ok inoguchi@ tb@
* Fix EVP_PKEY_{asn1,meth}_copy once and for alltb2021-12-031-29/+16
| | | | | | | | | It is very easy to forget to copy over newly added methods. Everyone working in this corner has run into this. Instead, preserve what needs preserving and use a struct copy, so all methods get copied from src to dest. tweak/ok jsing
* last whitespace diff for now.tb2021-11-301-57/+62
|
* Fix incomplete initialization bug: BIO_new(BIO_f_asn1()) neglectedschwarze2021-11-271-23/+10
| | | | | | | | | | | | | | | | initializing five of the fields in BIO_ASN1_BUF_CTX (prefix, prefix_free, suffix, suffix_free, ex_arg), inviting a segfault in a subsequent call from the application program to BIO_write(3) because subroutines of that function assume that the function pointers are either NULL or valid. Fix this by using the less error-prone calloc(3) idiom. While here, inline asn1_bio_init() at the only call site in asn1_bio_new() to simplify the code and make it easier to read. Bug found and initial patch by me, this version (with inlining) by and OK tb@.
* re-align these copies of the a2i_*(3) code with f_string.c rev. 1.19schwarze2021-11-232-28/+12
| | | | | | to fix the same double-counting of the backslash and to make the parsing stricter in the same way; OK tb@
* Make the public API function a2i_ASN1_STRING(3) actually work.schwarze2021-11-191-14/+6
| | | | | | | | | | | | | | | | | | | | | | | | | It contained two bugs: 1. If an input line ended in a backslash requesting line continuation, there was duplicate code for removing that backslash, erroneously removing another byte from the input and often causing the function to return failure instead of correctly parsing valid input. 2. According to a comment in the source code, the former big "for" loop was intended to "clear all the crap off the end of the line", but actually, if there were multiple characters on the line that were not hexadecimal digits, only the last of those and everything following it was deleted, while all the earlier ones remained. Besides, code further down clearly intends to error out when there are invalid characters, which makes no sense if earlier code already deletes such characters. Hence the comment did not only contradict the code above it - but contradicted the code below it, too. Resolve these contradiction in favour of stricter parsing: No longer skip invalid characters but always error out when any are found. OK & "Unbelievable" tb@
* Prevent future internal use of ASN1_CTX and ASN1_const_CTX by wrappingtb2021-11-181-1/+3
| | | | | | them inside #ifndef LIBRESSL_INTERNAL. suggested by jsing
* Remove the last pointless use of ASN1_const_CTX. Both ASN1_CTX andtb2021-11-181-14/+14
| | | | | | | ASN1_const_CTX are now unused and will be garbage collected in the next libcrypto bump. ok jsing
* Fix a nasty quirk in ASN1_STRING_copy(3).schwarze2021-11-131-2/+2
| | | | | | | | | In case of failure, it reported the failure but corrupted the type of the destination string. Instead, let's make sure that in case of failure, existing objects remain in their original state. OK tb@
* Fix indent.jsing2021-11-061-8/+7
|
* Fix ASN1_TIME_diff() with NULL timestb2021-11-031-3/+18
| | | | | | | | | | | The ASN1_TIME_diff() API accepts NULL ASN1_TIMEs and interprets them as "now". This is used in sysutils/monit, as found by semarie with a crash after update. Implement this behavior by porting a version of ASN1_TIME_to_tm() to LibreSSL and using it in ASN1_TIME_diff(). Tested by semarie ok beck jsing semarie
* Move the now internal X.509-related structs into x509_lcl.h.tb2021-11-0117-21/+48
| | | | | | | | Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
* Unifdef LIBRESSL_NEW_API. Now that the library is bumped, this istb2021-11-011-3/+1
| | | | | | no longer needed. ok jsing
* Remove the unused X509_CERT_PAIR struct and the assicated API.tb2021-10-311-54/+1
| | | | ok beck jsing
* unwrap a linetb2021-10-281-3/+2
|
* Fix to correctly parse the 'to' time into the to_tmbeck2021-10-271-2/+2
|
* Add ASN1_TIME_diff from OpenSSL.beck2021-10-272-2/+21
| | | | | | The symbol is not yet exposed and will show up with tb@'s forthcoming bump ok tb@ jsing@
* Prepare to provide X509_re_X509*_tbs()tb2021-10-231-1/+8
| | | | ok beck jsing
* Prepare to provide X509_SIG_get{0,m}.tb2021-10-231-1/+20
| | | | ok beck jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-11 08:32:34 +0000