| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently there are two files for private key ASN.1 (d2i_pr.c, i2d_pr.c)
and two files for public key ASN.1 (d2i_pu.c, i2d_pu.c). All of the other
ASN.1 code has d2i and i2d in the same per-object file.
Consolidate d2i_pr.c/i2d_pr.c into a_pkey.c and consolidate
d2i_pu.c/i2d_pu.c into a_pubkey.c before making any further changes to
this code.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
Call the replacement asn1_tlc_invalidate() since it does not actually
clear the ASN1_TLC.
While here, name the ASN1_TLC variables consistently as ctx, remove a
pointless comment and simplify ASN1_item_d2i() slightly.
ok inoguchi@ tb@
|
| | |
|
| |
|
|
|
|
|
| |
ASN1_item_ex_d2i() is just a wrapper around the internal asn1_item_ex_d2i()
function, so call asn1_item_ex_d2i() directly.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
| |
Rather than using malloc() and then initialising all struct members to zero
values, use calloc().
ok schwarze@ tb@
|
| |
|
|
|
|
|
| |
This ensures that if any members are added to this struct, they will be
initialised.
ok schwarze@ tb@
|
| |
|
|
|
|
| |
This removes nested ifs and uses more sensible variable names.
ok schwarze@ tb@
|
| |
|
|
|
|
|
| |
Rather than using malloc() and then initialising all struct members, use
calloc() and only initialise the single non-zero value member.
ok schwarze@ tb@
|
| |
|
|
|
|
|
| |
Rather than using malloc() and then initialising all struct members, use
calloc() and only initialise the single non-zero value member.
ok schwarze@ tb@
|
| |
|
|
|
|
|
| |
These functions previously used the old ASN1_{d2i,i2d}_{bio,fp}()
interfaces.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
| |
It is very easy to forget to copy over newly added methods. Everyone
working in this corner has run into this. Instead, preserve what needs
preserving and use a struct copy, so all methods get copied from src
to dest.
tweak/ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
initializing five of the fields in BIO_ASN1_BUF_CTX (prefix,
prefix_free, suffix, suffix_free, ex_arg), inviting a segfault in
a subsequent call from the application program to BIO_write(3)
because subroutines of that function assume that the function
pointers are either NULL or valid.
Fix this by using the less error-prone calloc(3) idiom.
While here, inline asn1_bio_init() at the only call site
in asn1_bio_new() to simplify the code and make it easier to read.
Bug found and initial patch by me,
this version (with inlining) by and OK tb@.
|
| |
|
|
|
|
| |
to fix the same double-counting of the backslash
and to make the parsing stricter in the same way;
OK tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It contained two bugs:
1. If an input line ended in a backslash requesting line continuation,
there was duplicate code for removing that backslash, erroneously
removing another byte from the input and often causing the function
to return failure instead of correctly parsing valid input.
2. According to a comment in the source code, the former big "for"
loop was intended to "clear all the crap off the end of the line",
but actually, if there were multiple characters on the line that
were not hexadecimal digits, only the last of those and everything
following it was deleted, while all the earlier ones remained.
Besides, code further down clearly intends to error out when there
are invalid characters, which makes no sense if earlier code already
deletes such characters. Hence the comment did not only contradict
the code above it - but contradicted the code below it, too.
Resolve these contradiction in favour of stricter parsing:
No longer skip invalid characters but always error out
when any are found.
OK & "Unbelievable" tb@
|
| |
|
|
|
|
| |
them inside #ifndef LIBRESSL_INTERNAL.
suggested by jsing
|
| |
|
|
|
|
|
| |
ASN1_const_CTX are now unused and will be garbage collected in the
next libcrypto bump.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
In case of failure, it reported the failure
but corrupted the type of the destination string.
Instead, let's make sure that in case of failure,
existing objects remain in their original state.
OK tb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The ASN1_TIME_diff() API accepts NULL ASN1_TIMEs and interprets them
as "now". This is used in sysutils/monit, as found by semarie with a
crash after update. Implement this behavior by porting a version of
ASN1_TIME_to_tm() to LibreSSL and using it in ASN1_TIME_diff().
Tested by semarie
ok beck jsing semarie
|
| |
|
|
|
|
|
|
| |
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.
ok jsing
|
| |
|
|
|
|
| |
no longer needed.
ok jsing
|
| |
|
|
| |
ok beck jsing
|
| | |
|
| | |
|
| |
|
|
|
|
| |
The symbol is not yet exposed and will show up with tb@'s forthcoming bump
ok tb@ jsing@
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
Identifiers
These extensions are defined in RFC 3779 and used in the RPKI (RFC 6482, RFC 8360).
Imported from OpenSSL 1.1.1j (aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf)
This changeset is a no-op, as there are 10+ issues and at least 2 security issues.
Work will continue in-tree.
OK tb@, discussed with beck@
|
| | |
|
| |
|
|
|
|
|
|
| |
not necessarily NUL terminated). Same as schwarze's fix in t_x509a.c r1.9.
From David Benjamin and Matt Caswell (part of the fixes in OpenSSL 1.1.1l)
ok inoguchi
|
| |
|
|
|
|
|
| |
This avoids potential malloc(-1) and malloc(0), spotted by schwarze
while documenting X509_ocspid_print().
ok schwarze
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
which by implication also affects X509_print(3).
The ASN1_STRING_get0_data(3) manual explitely cautions the reader
that the data is not necessarily NUL-terminated, and the function
X509_alias_set1(3) does not sanitize the data passed into it in
any way either, so we must assume the alias->data field is merely
a byte array and not necessarily a string in the sense of the C
language.
I found this bug while writing manual pages for these functions.
OK tb@
As an aside, note that the function still produces incomplete and
misleading results when the data contains a NUL byte in the middle
and that error handling is consistently absent throughout, even
though the function provides an "int" return value obviously intended
to be 1 for success and 0 for failure, and even though this function
is called by another function that also wants to return 1 for success
and 0 for failure and even does so in many of its code paths, though
not in others. But let's stay focussed. Many things would be nice
to have in the wide wild world, but a buffer overflow must not be
allowed to remain in our backyard.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the user set nmflags == X509_FLAG_COMPAT and X509_NAME_print_ex(3)
failed, the error return value of 0 was misinterpreted as an indicator
of success, causing X509_print_ex(3) to ignore the error, continue
printing, and potentially return successfully even though not all
the content of the certificate was printed.
The X509_NAME_print_ex(3) manual page explains that this function
indicates failure by returning 0 if nmflags == X509_FLAG_COMPAT
and by returning -1 if nmflags != X509_FLAG_COMPAT.
That's definitely atrocious API design (witnessed by the
complexity of the code needed for correct error checking),
but changing the API contract and becoming incompatible
with OpenSSL would make matters even worse.
Note that just checking for <= 0 in all cases would not be correct
either because X509_NAME_print_ex(3) returns 0 to indicate that it
successfully printed zero bytes in some cases, for example when all
three of the following conditions hold:
1. nmflags != X509_FLAG_COMPAT
2. indent == 0 (which X509_print_ex(3) does use in some cases)
3. the name object is NULL or empty
I found the bug by code inspection and proposed an incomplete patch,
then jsing@ proposed this improved version of the patch.
OK jsing@.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
even though it did not actually set the name.
Instead, indicate failure in this case.
This commit sneaks in a small, unrelated change in behaviour.
If the first argument of X509_NAME_set(3) was NULL, the function
used to return failure. Now it crashes the program by accessing
the NULL pointer, for compatibility with the same change in OpenSSL.
This merges the following two commits from the OpenSSL-1.1.1 branch,
which is still available under a free license:
1. 180794c5 Rich Salz Sep 3 11:33:34 2017 -0400
2. c1c1783d Richard Levitte May 17 09:53:14 2018 +0200
OK tb@
|
| |
|
|
|
|
|
|
|
|
| |
When using the object reuse facility of c2i_ASN1_OBJECT, the dynamically
allocated strings a may contain are set to NULL, so we must free them
beforehand. Also clear the flag, because that's what OpenSSL chose to do.
From Richard Levitte OpenSSL 1.1.1 65b88a75921533ada8b465bc8d5c0817ad927947
ok inoguchi
|
| |
|
|
| |
pointed out by jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
When parsing an UTCTime into a struct tm that wasn't cleared by the caller,
the years would be added to the already present value, which could give an
incorrect result. This is an issue in ASN1_UTCTIME_cmp_time_t(), which is
practically unused. Fix this by always zeroing the passed struct tm.
Issue reported by Olivier Taïbi, thanks!
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Comparing two GENERAL_NAME structures containing an EDIPARTYNAME can lead
to a crash. This enables a denial of service attack for an attacker who can
control both sides of the comparison.
Issue reported to OpenSSL on Nov 9 by David Benjamin.
OpenSSL shared the information with us on Dec 1st.
Fix from Matt Caswell (OpenSSL) with a few small tweaks.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Instead of using malloc(3) and manually setting part of the structure to
zero, part to something else and leaving the rest uninitialized, we can
benefit from the fact that there's this thing called calloc(3).
Moreover, all variants of free(3) in libcrypto are NULL safe.
ok beck inoguchi
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Zap a memset that was redundant since OpenSSL 0.97b was merged by
markus in 2003. Nowadays it's otto's recallocarray(3) that does the
zeroing.
ok beck inoguchi otto
PS: ASN1_BIT_STRING_set_bit(3) was committed on Dec 21 1998 by Ralf S.
Engelschnall and used this bizarre allocation idiom:
if (a->data == NULL)
c=(unsigned char *)Malloc(w+1);
else
c=(unsigned char *)Realloc(a->data,w+1);
People complained about Malloc, Realloc and Free being used elsewhere, so
on Jun 1 2000, Richarde Levitte swept the OpenSSL tree and it became this.
if (a->data == NULL)
c=(unsigned char *)OPENSSL_malloc(w+1);
else
c=(unsigned char *)OPENSSL_realloc(a->data,w+1);
Then it was found that existing data should be cleaned, and on Nov 13 2002
Ben Laurie changed the last line to
c=(unsigned char *)OPENSSL_realloc_clean(a->data,
a->length,
w+1);
|
| |
|
|
|
|
|
|
|
|
|
| |
failure rather than silently constructing a broken X509_ATTRIBUTE object
that might cause NULL pointer accesses later on. This matters because
X509_ATTRIBUTE_create() is used by documented API functions like
PKCS7_add_attribute(3) and the NID comes straight from the user.
This fixes a bug found while working on documentation.
OK tb@ and "thanks" bluhm@
|
| |
|
|
|
|
|
|
|
| |
bytes in case ASN1_INTEGER_get() failed. This happens more often since
asn1/a_int.c -r1.34. Matches OpenSSL behavior.
Issue in openssl x509 -text output reported by sthen
ok jsing sthen
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Check and print out boolean type properly.
Based on OpenSSL commit ad72d9fdf7709ddb97a58d7d45d755e6e0504b96.
Reduced unneeded parentheses from if condition.
Check return value from i2s_ASN1_INTEGER.
Based on OpenSSL commit 5e3553c2de9a365479324b8ba8b998f0cce3e527.
Added if condition expression and return 0 if NULL is returned.
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
|
| |
These are internal only for now.
Based on OpenSSL 1.1.1d.
ok inoguchi@
|
| |
|
|
| |
- Add static_ASN1_* macro. Patch was provided by steils AT gentoo.org
|
| |
|
|
|
|
| |
fixes oss-fuzz #14558
ok beck jsing
|
