summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Tweak comment in asn1_item_free: KNF, missing comma, wont -> won't.tb5 days1-3/+4
|
* Merge the two functions from x_pkey.c into pem_info.ctb2025-07-121-124/+0
| | | | It looks like those can be unexported.
* Merge the two functions from x_info.c into pem_info.ctb2025-07-121-97/+0
| | | | | X509_INFO_new() isn't used directly outside of this file, so this is a bit tidier.
* Add missing check to X509_CRL_verify()tb2025-07-101-1/+7
| | | | | | | | | | | | | When fixing CVE-2014-8275 in commit 684400ce, Henson added a check that the AlgorithmIdentifier in the certificate's signature matches the one in the tbsCertificate. A corresponding check for CRLs was missed. BoringSSL added such a check in 2022, so this should be fine for us to do as well even though OpenSSL still doesn't have it. The only caller will set an error on the stack, so we don't do it here. There's no obvious check that X509_REQ_verify() could do. ok beck kenjiro
* X509_print: emit UIDs unless X509_FLAG_NO_IDS is settb2025-07-011-1/+28
| | | | | | | | | | | | | | | | | | | | | issuerUID and subjectUID are a curiosity introduced in X.509v2 before extensions were a thing. Their purpose is to help distinguishing certs with identical subject. They are rarely used and are MUST NOT use in the CA/BF baseline requirements. They do occasionally show up in test certificates and it is confusing that openssl x509 silently ignores them. Their encoding also makes them relatively hard to spot in the output of asn1 parsing tools. The output is identical to OpenSSL < 3 and BoringSSL, but due to some weird tweaks added leading up to OpenSSL 3 their output is no longer compatible with that. It is not entirely correct anyway. Since it is a (not further specified) bit string, you shouldn't be ignoring its unused bits... The X509_FLAG_NO_IDS flag has no effect for CSRs. discussed with beck ok job kenjiro (on an earlier version)
* X509_print and friends: switch from BIO_write() to BIO_printf()tb2025-06-251-17/+16
| | | | | | Manually counting letters in const strings is ... suboptimal. ok beck jsing
* Fix smatch warning in asn1_primitive_print()tb2025-06-071-2/+2
| | | | | | | | Remove unnecessary and inconsistent NULL check for 'it', which the only caller, asn1_item_print_ctx(), already dereferenced. found by jsg ok kenjiro
* correct indentation, no functional changejsg2025-06-021-3/+4
| | | | found with smatch, ok tb@
* Crank default salt length of PBE2 to 16 octetstb2025-05-242-4/+13
| | | | | | | | | | FIPS is currently revising their PBKDF2 recommendations and apparently they want to require 16 octets. https://github.com/pyca/cryptography/issues/12949 https://github.com/libressl/portable/issues/1168 ok kenjiro joshua jsing
* Switch the default PBMAC to hmacWithSHA256tb2025-05-241-2/+2
| | | | | | | | | | Using hmacWithSHA1 isn't outrageously bad, but newly generated encrypted password files ought to be using something better. Make it so. https://github.com/pyca/cryptography/issues/12949 https://github.com/libressl/portable/issues/1168 ok joshua
* asn_moid: move inclusion of err_local.h to the proper placetb2025-05-101-2/+2
|
* Use err_local.h rather than err.h in most placestb2025-05-1035-71/+70
| | | | ok jsing
* Plug a memory leak in x509_name_encode()tb2025-03-201-2/+4
| | | | | | | | | This is nearly identical to a leak fixed by miod 10 years ago in x509_name_canon() but was missed in r1.30. This entire file needs a metric ton of bleach, but my head currently spins too much for tackling this, so go with the cheap one-liner. From Niels Dossche
* Fix traditional SSLeay X509_NAME printingtb2025-03-191-29/+1
| | | | | | | | | | | | | | The gibberish that was there before the rewrite didn't actually skip names whose SN representation was different start with /O= or /OU= (with one or two capital letters between '/' and '='), it simply failed to separate them, resulting in nonsense such as CN=Microsec e-Szigno Root CA 2009/emailAddress=info@e-szigno.hu So ditch the code doing that, simplifying this now internal function quite a bit. ok jsing
* Unexport X509_NAME_print()tb2025-03-091-3/+2
| | | | | | | | | | Nothing uses this anymore. M2Crypto has been patched and a fix for opensc has been upstreamed. ok jsing This is the start of a major bump. Don't build the tree until I have synced sets in about 20 commits.
* asn1_multi: remove a pointless casttb2025-03-061-2/+2
| | | | | There's no need to cast away const from a const char * if you're going to pass it to a const char * argument of a function.
* Rename X509V3_get_section() to X509V3_get0_section()tb2025-03-061-2/+2
| | | | | | | | This makes it clear for those fluent in OpenSSL API gibberish that nothing needs to be freed here. This is because it returns something hanging off a hash entry owned by cnf. ok jsing
* Garbage collect X509V3_section_free()tb2025-03-061-5/+2
| | | | | | | | Historically, X509V3_section_free() could be customized by the conf db method to release memory allocated by X509V3_get_section(). This is no longer supported, so it is always a noop and can be removed. ok jsing
* Rename the crl_inf_cb() to crl_info_cb()tb2025-02-271-3/+3
|
* Hoist X509_REVOKED_cmp() above its only callertb2025-02-271-9/+7
| | | | | This way we don't need a prototype and things that belong together are together. Slight KNF tweak while there
* x_crl.c: remove two NULL checks before *_free()tb2025-02-241-5/+3
|
* Remove unused name member from x509_sttb2025-02-211-9/+1
| | | | | | | As far as I can tell this has never been used since the beginning of git history with SSLeay 0.8.1b, so we can simplify the x509_cb() a little. ok jsing miod
* Remove unused valid member of x509_sttb2025-02-201-2/+1
| | | | | | internal_verify() (now x509_vfy_internal_verify()) used to cache the validity of the signature of a cert in this field. This is no longer the case since x509_vfy.c 1.57 (2017).
* Move X509_NAME_print() next to its only internal callertb2025-02-082-93/+91
| | | | Fix includes while there
* X509_NAME_print(): remove no longer useful length checktb2025-01-271-4/+1
| | | | | This was needed to avoid truncation on BIO_write(). With the switch to BIO_printf() in the previous commit this is no longer needed.
* X509_NAME_print: NUL-terminate and switch to BIO_printf()tb2025-01-271-2/+5
| | | | | | This handles the empty string, which ruby-openssl checks. Pointed out by anton
* Rework X509_NAME_print()tb2025-01-261-33/+65
| | | | | | | | | | | | | | | | | | This is legacy API that we can unexport since nothing uses it directly. Unfortunately we need to keep the functions because there are plenty of things that use it indirectly by passing XN_FLAG_COMPAT to X509_print_ex(). The old implementation parsed the X509_NAME_oneline() output in order to remove the / preceding the (one or two-uppercase letters) name and to insert ", " afterward. This is just stupid in so many ways, not least because there's basically no limit to the garbage that you can stuff into an X.500 name. So rework this and only include the name entries whose short names are one or two letters long. This way, this becomes slightly saner and less fragile. ok jsing
* asn_mime: deteched -> detached + a knf nittb2025-01-171-2/+3
|
* Remove seven pairs of unnecessary parenthesestb2025-01-111-5/+5
| | | | ok millert operator(7)
* Avoid an oob access in asn1_item_free()tb2024-12-111-4/+3
| | | | | | | | | | As explained in a comment, this needs to loop backwards and the last tt-- ends up pointing at &it->templates[-1], which isn't ok. Use a simple way of looping, which is also ugly and involves some type confusion as pointed out by claudio. However, type confusion is common in libcrypto's asn1 code and won't be fixed anytime soon anyway. ok jsing
* Drop a pair of useless parenthesestb2024-12-111-2/+2
|
* Make X509_VAL opaquetb2024-08-311-1/+3
| | | | | | | Nothing needs to reach into this structure, which is part of certificates. So hide its innards. ok beck jsing
* Make some more x509 conf stuff internaltb2024-08-311-1/+2
| | | | | | | This internalizes a particularly scary layer of conf used for X.509 extensions. Again unused public API... ok beck jsing
* Unexport some conf layers unused outside of libcryptotb2024-08-312-2/+4
| | | | | | | | | | | | | imodules are called imodules because they contain Information about modules that have been Initialized. Which one of these two I it is is anyone's best guess. Why anything outside of libcrypto would ever possibly care will also remain a mystery. Remove the old way of adding a conf module, user data, stop allowing to set a method (it's opaque now, remember?) and drop a couple bits more from the public api interface. ok beck jsing
* Avoid polluting the error stack when printing certificatestb2024-08-281-3/+17
| | | | | | | | | | | | | | For a certificate serial number between LONG_MAX and ULONG_MAX, the call to ASN1_INTEGER_get() fails and leaves an error on the stack because the check bs->length <= sizeof(long) doesn't quite do what it's supposed to do (bs is probably for bitstring, although the more common reading would be adequate, too.) Fix this by checking for non-negativity and using ASN1_INTEGER_get_uint64() and add a lengthy comment to explain the nonsense per beck's request. discussed with jsing ok beck
* Hide global _it symbols in asn1t.hbeck2024-07-084-7/+9
| | | | ok tb@
* Hide global _it variables in asn1.hbeck2024-07-087-7/+30
| | | | ok tb@
* Hide global _it variables in x509.hbeck2024-07-0813-13/+34
| | | | ok tb@
* libcrypto: constify most error string tablestb2024-06-241-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | These constitute the bulk of the remaining global mutable state in libcrypto. This commit moves most of them into data.rel.ro, leaving out ERR_str_{functs,libraries,reasons} (which require a slightly different approach) and SYS_str_reasons which is populated on startup. The main observation is that if ERR_load_strings() is called with a 0 lib argument, the ERR_STRING_DATA argument is not actually modified. We could use this fact to cast away const on the caller side and be done with it. We can make this cleaner by adding a helper ERR_load_const_strings() which explicitly avoids the assignment to str->error overriding the error code already set in the table. In order for this to work, we need to sprinkle some const in err/err.c. CMS called ERR_load_strings() with non-0 lib argument, but this didn't actually modify the error data since it ored in the value already stored in the table. Annoyingly, we need to cast const away once, namely in the call to lh_insert() in int_err_set_item(). Fixing this would require changing the public API and is going to be tricky since it requires that the LHASH_DOALL_FN_* types adjust. ok jsing
* Fix i2d_ASN1_OBJECT()tb2024-05-291-3/+12
| | | | | | | | | When called with a pointer to NULL as an output buffer, one would expect an i2d API to allocate the buffer and return it. The implementation here is special and the allocation dance was forgotten, resulting in a SIGSEGV. Add said dance. ok jsing
* Make i2d_ASN1_OBJECT() return -1 on errortb2024-05-291-2/+2
| | | | | | | | | This is what the (not quite appropriately) referenced ASN1_item_i2d() page documents for errors, matches what the RETURN VALUE section has been documenting for ages, matches BoringSSL, it's the usal behavior for i2d_*. It's also what OpenSSL (of course incorrectly) documents. discussed with jsing
* Remove unnecessary parens from i2d_ASN1_OBJECT()tb2024-05-291-4/+6
|
* asn1_str2tag(): no need for tntmp to be statictb2024-05-171-2/+3
|
* The long primitive function table can be consttb2024-05-171-2/+2
|
* The bignum primitive function table (bignum_pf) can be consttb2024-05-171-2/+2
|
* Remove disgusting NULL checks in tm_to_{gentime,utctime}()tb2024-05-031-7/+1
| | | | | | | | The only caller that could potentially call these with NULL has been fixed. This way an ugly hack that was needed to plug a memory leak can go away and the functions again behave as intended without OpenSSL-style workarounds. ok beck
* Intercept a NULL s early in ASN1_TIME_set_string_internal()tb2024-05-031-1/+6
| | | | | | | | | | If s is NULL, the only thing the tm_to_*() functions do is a check that a GeneralizedTime has a four digit year (between 0000 and 9999) and a UTCTime has a year between 1950 and 2050. These checks are already done in ASN1_TIME_parse() itself: the century is 100 times a two-digit value (or 19 in the UTCTime case) plus another two-digit value. ok beck
* Simplify type handling in ASN1_TIME_set_string_internal()tb2024-05-031-5/+4
| | | | | | | | | ASN1_time_parse() takes a mode argument. If mode != 0, there is a check that mode is the same as the time type returned by asn1_time_parse_cbs() otherwise ASN1_time_parse() fails. Therefore the type == mode checks in ASN1_set_string_internal() are redundant and can be removed. ok beck
* Simplify tm handling in ASN1_time_parse()tb2024-05-031-3/+2
| | | | | | | The CBS version asn1_time_parse_cbs() handles a NULL tm gracefully, so there is no need to avoid it by passing a pointer to a tm on the stack. ok beck
* Align CRL and CSR version printing with certstb2024-05-032-14/+18
| | | | | | | | | | | | | Only print specified 0-based versions and print them with the 1-based human interpretation. Use a colon and error check the BIO_printf() calls. (There's a lot more to clean up in here, but that's for another day). Notably, X509_CRL_print_ex() is missing... I guess that's better than having one with signature and semantics differing from X509_print_ex() und X509_REQ_print_ex(). ok beck
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-20 03:17:28 +0000