summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Turn a number of #defines into proper functions with prototypes matchingtb2018-08-241-1/+31
| | | | | | those that OpenSSL has had for ages. ok jsing
* Fix a memory leak in i2d_RSA_NET on failure of ASN1_STRING_set.bcook2018-08-051-2/+2
| | | | | Found by Coverity. Feedback and ok tb@
* As calloc does the zeroing for us in EVP_PKEY_asn1_new() already, no needtb2018-05-241-42/+10
| | | | | | | | to do it a second time by hand, badly. While here, do some style cleanup. This incomplete list of function pointers appears in EVP_PKEY_asn1_copy() as well, fix it by adding sig_print to the members copied over. ok bcook
* The 'in' argument of ASN1_STRING_to_UTF8() is now adorned with const.tb2018-05-192-4/+4
| | | | | tested in a bulk build by sthen ok jsing
* Add a const qualifier to the 'X509_NAME *' argument oftb2018-05-182-6/+8
| | | | | | | X509_NAME_print{,_ex{,_fp}}(3). tested in a bulk build by sthen ok jsing
* Use recallocarray() instead of OPENSSL_realloc_clean().jsing2018-05-132-8/+4
| | | | | | | Also place all of the OPENSSL_* memory related prototypes under #ifndef LIBRESSL_INTERNAL. ok beck@ tb@
* Add a const qualifier to the argument of EVP_PKEY_get0_asn1(3).tb2018-05-131-2/+2
| | | | | tested in a bulk build by sthen ok beck (as part of a larger diff)
* Cleanup c2i_ASN1_BIT_STRING() code.jsing2018-05-121-20/+23
| | | | | | | | | | Avoid overloading a variable to store both a value and an error code - we can simply inline the error calls (as done everywhere else). Remove a bunch of unnecessary parentheses and tidy a few other things. With input from tb@. ok inoguchi@ tb@
* Add a missing bounds check in c2i_ASN1_BIT_STRING().jsing2018-05-121-1/+6
| | | | | | | | | This could potentially result in a left shift that exceeded the size of the storage type. Issue found by Simon Friedberger, Robert Merget and Juraj Somorovsky. ok inoguchi@ tb@
* Convert a handful of X509_*() functions to take const as in OpenSSL.tb2018-05-013-10/+10
| | | | | tested in a bulk by sthen ok jsing
* const for BIO_{new,set}() and most of the BIO_{f,s}_*() family oftb2018-05-012-5/+5
| | | | | | functions. ok beck, jsing
* Put function name on a separate line and zap stray whitespace.tb2018-04-251-3/+4
|
* remove whitespace before closing parenstb2018-04-251-5/+5
|
* Add const to functions in asn1/asn1.h as they did in OpenSSL.tb2018-04-2516-85/+89
| | | | | | | BIO_f_asn1() will be taken care of later. Tested in a bulk by sthen ok bcook jca jsing
* Make the NULL check a separate if statement for readability andtb2018-04-231-2/+4
| | | | | | grepability. Req. by jsing
* Make X509_CRL_METHOD_free() NULL-safe.tb2018-04-231-2/+2
| | | | ok bcook
* make ENGINE_finish() succeed on NULL and simplify callers as intb2018-04-141-5/+3
| | | | | | | | | | | OpenSSL commit 7c96dbcdab9 by Rich Salz. This cleans up the caller side quite a bit and reduces the number of lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net shows that almost nothing checks the return value of ENGINE_finish(). While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'. ok jsing, tested by & ok inoguchi
* Revert revision 1.12 commit. Although *pval looks like a C pointer,bluhm2018-04-061-2/+5
| | | | | | | | it may be something else. For primitive types it is possible that a boolean int has been casted to an ASN1_VALUE pointer. Then the 64 bit read access to *pval may crash due to alignent or 32 bit size. bug report Anton Borowka; OK tedu@ jsing@ miod@
* Avoid leaking str if EVP_Digest() fails.tb2018-04-061-3/+6
| | | | | | | Found and fixed by Bernd Edlinger as part of OpenSSL commit 83b4049ab75e9da1815e9c854a9297bca3d4af6b ok jsing, deraadt, bcook
* Limit ASN.1 constructed types recursive definition depthinoguchi2018-03-293-22/+45
| | | | | | | | Fixes for CVE-2018-0739. Copied from commit below, and modified for adaption to our code. https://github.com/openssl/openssl/commit/9310d45087ae546e27e61ddf8f6367f29848220d ok bcook@ beck@ jsing@
* Provide X509_PUBKEY_get0() by splitting X509_PUBKEY_get() and turning itjsing2018-03-171-6/+16
| | | | into a wrapper that calls X509_PUBKEY_get0() and up refs.
* Provide X509_REVOKED_dup().jsing2018-03-171-1/+7
|
* Provide X509_CRL_get0_extensions() and X509_CRL_get_signature_nid().jsing2018-02-221-1/+13
|
* Provide X509_REQ_get_signature_nid().jsing2018-02-221-1/+7
|
* Provide X509_NAME_get0_der().jsing2018-02-201-1/+14
| | | | From OpenSSL.
* Provide X509_REQ_get0_signature()jsing2018-02-201-1/+11
|
* Provide X509_CRL_get0_{last,next}Update() and X509_CRL_get0_signature().jsing2018-02-201-1/+23
|
* Provide X509_get0_extensions() and X509_get0_signature()jsing2018-02-171-1/+11
|
* Provide ASN1_STRING_get0_data().jsing2018-02-142-3/+10
|
* Provide X509_get_signature_nid().jsing2018-02-141-1/+7
|
* Rewrite ASN1_TYPE_{get,set}_octetstring() using templated ASN.1.jsing2017-11-281-81/+78
| | | | | | | This removes the last remaining use of the old M_ASN1_* macros (asn1_mac.h) from API that needs to continue to exist. ok beck@ inoguchi@
* Put the opening curly brace in the right place.jsing2017-08-281-2/+3
|
* Make the symbol for ASN1_time_tm_clamp_notafter visible so libtlsbeck2017-08-271-3/+1
| | | | | can get at it, so libtls can also deal with notafter's past the realm of 32 bit time in portable
* Add ability to clamp a notafter to values representable in a 32 bit time_tbeck2017-08-132-2/+20
| | | | | | This will only be used in portable. As noted, necessary to make us conformant to RFC 5280 4.1.2.5. ok jsing@ bcook@
* Add ASN1_TIME_set_tm to set an asn1 from a struct tm *beck2017-05-062-2/+13
| | | | ok jsing@
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-024-31/+14
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* Fix silly code that printfs NULL when there are no fractional secondsbeck2017-04-031-2/+2
| | | | | | on a GENREALIZEDTIME (which there should really never be for anything remotely standards compliant) ok jsing@
* Send the function codes from the error functions to the bit bucket,beck2017-01-2946-550/+324
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* Expand DECLARE_OBJ_BSEARCH_CMP_FN and IMPLEMENT_OBJ_BSEARCH_CMP_FN macros.jsing2017-01-212-8/+38
| | | | No change to generated assembly excluding line numbers.
* Place ASN_ITEM_{ptr,rptr,ref} and DECLARE_ASN1_ITEM under #ifndefjsing2016-12-301-2/+4
| | | | LIBRESSL_INTERNAL.
* Expand ASN1_ITEM_rptr and ASN1_ITEM_ptr macros - no change in generatedjsing2016-12-309-33/+33
| | | | assembly.
* Place the DECLARE_ASN1_* macros under #ifndef LIBRESSL_INTERNAL.jsing2016-12-271-4/+10
|
* Use correct version of previous macro expansion.jsing2016-12-271-5/+5
|
* Expand DECLARE_ASN1_FUNCTIONS_{fname,name} macros - no change tojsing2016-12-271-6/+22
| | | | preprocessor output, excluding line numbers and newlines.
* Remove all DECLARE_ASN1_SET_OF macro usage - since 2000 these have beenjsing2016-12-271-4/+1
| | | | | nothing but markers for utils/mkstack.pl... and we removed the code that generated more macros from these markers in 2014.
* Expand DECLARE_ASN1_ITEM macros - no change in preprocessor output.jsing2016-12-272-12/+12
|
* Expand DECLARE_ASN1_* macros. No change in preprocessor output, excludingjsing2016-12-271-20/+92
| | | | line numbering and new lines.
* Explicitly export a list of symbols from libcrypto.jsing2016-12-212-2/+10
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* don't dereference a if NULLbcook2016-11-061-2/+2
|
* simplify error handling in c2i_ASN1_OBJECTbcook2016-11-061-10/+12
| | | | ok beck@, miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-19 12:07:37 +0000