summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Restore function prototype for ASN1_dup, fixing usage on I32LP64 platforms.jeremy2018-11-301-1/+7
| | | | | | This prototype was removed inadvertantly in r1.50. OK jsing@
* Fix whitespace around assignment operators.tb2018-11-171-7/+7
|
* Avoid leaking memory that was already allocated in ASN1_item_new().tb2018-11-091-5/+1
| | | | From Ben L <bobsayshilol () live ! co ! uk>
* Fix a buffer overrun in asn1_parse2().tb2018-11-091-4/+7
| | | | | From Ben L bobsayshilol () live ! co ! uk Similar fixes in BoringSSL and OpensSSL.
* Add const to the data argument of ASN1_set{,_int}_octetstring().tb2018-11-092-6/+6
| | | | | | From Ben L bobsayshilol () live ! co ! uk ok jsing
* Remove some function prototypes that should have been removed in thejsing2018-11-081-10/+2
| | | | | | previous clean up. Spotted by bcook@
* whitespacetb2018-11-021-2/+2
|
* Remove a bunch of ancient and highly crufty ASN.1 related code fromjsing2018-10-246-1352/+19
| | | | | | libcrypto (the "new" stuff replaced this back around 2000 or so...). ok tb@
* Avoid calling memcpy with a length <= 0. Reported due to a GCC 7.3.0tb2018-10-201-5/+6
| | | | | | | compiler warning by Pavel Kraynyukhov. A similar fix was made in OpenSSL commit 369e93398b68b8a328e6c1d766222b. ok inoguchi
* Simplify initialization of asn1_cb; use correct spelling of NULL.tb2018-09-171-4/+2
|
* Add consts to EVP_PKEY_asn1_set_private()tb2018-08-242-4/+4
| | | | | | | | | Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing
* After removing support for broken PKCS#8 formats (it was high time),tb2018-08-241-3/+3
| | | | | | | | we can add const to PKCS8_pkey_get0(). In order for this to work, we need to sprinkle a few consts here and there. tested in a bulk by sthen ok jsing
* Remove EVP_PKEY2PKCS8_broken() and PKCS8_set_broken()tb2018-08-241-45/+30
| | | | | | | | | | | Provide PKCS8_pkey_add1_attr_by_NID() and PKCS8_pkey_get0_attrs(). Remove the whole broken code and simplify pkcs8_priv_key_info_st accordingly. Based on OpenSSL commit 54dbf42398e23349b59f258a3dd60387bbc5ba13 plus some const that was added later. tested in a bulk build by sthen ok jsing
* Turn a number of #defines into proper functions with prototypes matchingtb2018-08-241-1/+31
| | | | | | those that OpenSSL has had for ages. ok jsing
* Fix a memory leak in i2d_RSA_NET on failure of ASN1_STRING_set.bcook2018-08-051-2/+2
| | | | | Found by Coverity. Feedback and ok tb@
* As calloc does the zeroing for us in EVP_PKEY_asn1_new() already, no needtb2018-05-241-42/+10
| | | | | | | | to do it a second time by hand, badly. While here, do some style cleanup. This incomplete list of function pointers appears in EVP_PKEY_asn1_copy() as well, fix it by adding sig_print to the members copied over. ok bcook
* The 'in' argument of ASN1_STRING_to_UTF8() is now adorned with const.tb2018-05-192-4/+4
| | | | | tested in a bulk build by sthen ok jsing
* Add a const qualifier to the 'X509_NAME *' argument oftb2018-05-182-6/+8
| | | | | | | X509_NAME_print{,_ex{,_fp}}(3). tested in a bulk build by sthen ok jsing
* Use recallocarray() instead of OPENSSL_realloc_clean().jsing2018-05-132-8/+4
| | | | | | | Also place all of the OPENSSL_* memory related prototypes under #ifndef LIBRESSL_INTERNAL. ok beck@ tb@
* Add a const qualifier to the argument of EVP_PKEY_get0_asn1(3).tb2018-05-131-2/+2
| | | | | tested in a bulk build by sthen ok beck (as part of a larger diff)
* Cleanup c2i_ASN1_BIT_STRING() code.jsing2018-05-121-20/+23
| | | | | | | | | | Avoid overloading a variable to store both a value and an error code - we can simply inline the error calls (as done everywhere else). Remove a bunch of unnecessary parentheses and tidy a few other things. With input from tb@. ok inoguchi@ tb@
* Add a missing bounds check in c2i_ASN1_BIT_STRING().jsing2018-05-121-1/+6
| | | | | | | | | This could potentially result in a left shift that exceeded the size of the storage type. Issue found by Simon Friedberger, Robert Merget and Juraj Somorovsky. ok inoguchi@ tb@
* Convert a handful of X509_*() functions to take const as in OpenSSL.tb2018-05-013-10/+10
| | | | | tested in a bulk by sthen ok jsing
* const for BIO_{new,set}() and most of the BIO_{f,s}_*() family oftb2018-05-012-5/+5
| | | | | | functions. ok beck, jsing
* Put function name on a separate line and zap stray whitespace.tb2018-04-251-3/+4
|
* remove whitespace before closing parenstb2018-04-251-5/+5
|
* Add const to functions in asn1/asn1.h as they did in OpenSSL.tb2018-04-2516-85/+89
| | | | | | | BIO_f_asn1() will be taken care of later. Tested in a bulk by sthen ok bcook jca jsing
* Make the NULL check a separate if statement for readability andtb2018-04-231-2/+4
| | | | | | grepability. Req. by jsing
* Make X509_CRL_METHOD_free() NULL-safe.tb2018-04-231-2/+2
| | | | ok bcook
* make ENGINE_finish() succeed on NULL and simplify callers as intb2018-04-141-5/+3
| | | | | | | | | | | OpenSSL commit 7c96dbcdab9 by Rich Salz. This cleans up the caller side quite a bit and reduces the number of lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net shows that almost nothing checks the return value of ENGINE_finish(). While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'. ok jsing, tested by & ok inoguchi
* Revert revision 1.12 commit. Although *pval looks like a C pointer,bluhm2018-04-061-2/+5
| | | | | | | | it may be something else. For primitive types it is possible that a boolean int has been casted to an ASN1_VALUE pointer. Then the 64 bit read access to *pval may crash due to alignent or 32 bit size. bug report Anton Borowka; OK tedu@ jsing@ miod@
* Avoid leaking str if EVP_Digest() fails.tb2018-04-061-3/+6
| | | | | | | Found and fixed by Bernd Edlinger as part of OpenSSL commit 83b4049ab75e9da1815e9c854a9297bca3d4af6b ok jsing, deraadt, bcook
* Limit ASN.1 constructed types recursive definition depthinoguchi2018-03-293-22/+45
| | | | | | | | Fixes for CVE-2018-0739. Copied from commit below, and modified for adaption to our code. https://github.com/openssl/openssl/commit/9310d45087ae546e27e61ddf8f6367f29848220d ok bcook@ beck@ jsing@
* Provide X509_PUBKEY_get0() by splitting X509_PUBKEY_get() and turning itjsing2018-03-171-6/+16
| | | | into a wrapper that calls X509_PUBKEY_get0() and up refs.
* Provide X509_REVOKED_dup().jsing2018-03-171-1/+7
|
* Provide X509_CRL_get0_extensions() and X509_CRL_get_signature_nid().jsing2018-02-221-1/+13
|
* Provide X509_REQ_get_signature_nid().jsing2018-02-221-1/+7
|
* Provide X509_NAME_get0_der().jsing2018-02-201-1/+14
| | | | From OpenSSL.
* Provide X509_REQ_get0_signature()jsing2018-02-201-1/+11
|
* Provide X509_CRL_get0_{last,next}Update() and X509_CRL_get0_signature().jsing2018-02-201-1/+23
|
* Provide X509_get0_extensions() and X509_get0_signature()jsing2018-02-171-1/+11
|
* Provide ASN1_STRING_get0_data().jsing2018-02-142-3/+10
|
* Provide X509_get_signature_nid().jsing2018-02-141-1/+7
|
* Rewrite ASN1_TYPE_{get,set}_octetstring() using templated ASN.1.jsing2017-11-281-81/+78
| | | | | | | This removes the last remaining use of the old M_ASN1_* macros (asn1_mac.h) from API that needs to continue to exist. ok beck@ inoguchi@
* Put the opening curly brace in the right place.jsing2017-08-281-2/+3
|
* Make the symbol for ASN1_time_tm_clamp_notafter visible so libtlsbeck2017-08-271-3/+1
| | | | | can get at it, so libtls can also deal with notafter's past the realm of 32 bit time in portable
* Add ability to clamp a notafter to values representable in a 32 bit time_tbeck2017-08-132-2/+20
| | | | | | This will only be used in portable. As noted, necessary to make us conformant to RFC 5280 4.1.2.5. ok jsing@ bcook@
* Add ASN1_TIME_set_tm to set an asn1 from a struct tm *beck2017-05-062-2/+13
| | | | ok jsing@
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-024-31/+14
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* Fix silly code that printfs NULL when there are no fractional secondsbeck2017-04-031-2/+2
| | | | | | on a GENREALIZEDTIME (which there should really never be for anything remotely standards compliant) ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-23 08:58:14 +0000