| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
OK tb@
|
| |
|
|
|
|
|
| |
While there, explicitly check for 0 - as X509_get_version() is a wrapper
around the less than beloved ASN1_INTEGER_get().
OK tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check whether the X.509 version is in the range of valid version
values, and also checks whether the version is consistent with fields
new to those versions (such as X.509 v3 extensions).
X.690 section 11.5 states: "The encoding of a set value or a sequence
value shall not include an encoding for any component value which is
equal to its default value." However, enforcing version 1 (value 0) to
be absent reportedly caused some issues as recent as July 2020, so
accept version 1 even if it is explicitly encoded.
OK tb@ beck@
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a bit of a strange one. When this function was moved and renamed,
somehow checks for NULL pointers and 0 length were lost. Whether that was
due to great review missing it or great review suggesting it, is unclear.
Now the function can actually legitimately be called with a length of 0
(as ASN.1 OCTET STRINGS can have length 0) and "" is the appropriate
representation for that, so the fix is to allocate a 0 octet. That much
was correct. What was completely missed is that a long can be negative
which will then still lead to an out-of-bounds access. So fix that as
well.
Finally, don't malloc 3 * len + 1 without overflow checking. Rather
use calloc's internal checks. The + 1 isn't really needed anyway.
All this is still really gross and can be done much more cleanly and
safely with CBB/CBS. This will done later once we have better regress
coverage.
ok jsing
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The CRL extension handler is completely misplaced in x509_enum.c.
Move it to x509_bitst.c until we find a better home for it. This
way it is next to the other two extension methods that have the
extra usr_data contortion.
|
| |
|
|
|
| |
These functions probably belong into asn1/ but they definitely don't
belong into separate files.
|
| | |
|
| |
|
|
|
|
| |
This is a public alias for the also public BIT_STRING_BITNAME. The
ENUMERATED_NAMES type is used exactly twice, namely on two lines in this
file. This is silly.
|
| |
|
|
|
|
|
|
|
|
|
| |
While it may have been reasonable to use VisibleString back when this
code was written, it's an anachronism nowadays. In particular, configuring
BoringSSL reports that they have seen malformed certificates with exactly
the issue caused by this unfortuante default.
Reported by Alex Gaynor in OpenSSL issue 20772
ok jsing
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
Requested by jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Some headers were included conditionally on OPENSSL_NO_DEPRECATED in hopes
that eventually the mess of everything includes everything will magically
resolve itself. Of course everyone would end up building openssl with
OPENSSL_NO_DEPRECATED over time... Right.
Surprisingly, the ecosystem has come to rely on these implicit inclusions,
so about two dozen ports would fail to build because of this. Patching this
would be easy but really not worth the effort.
ok jsing
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
|
|
|
| |
sk_OPENSSL_STRING_pop_free() is much more explicit and isn't that much
more complicated. x509_util.c can also use it directly...
No binary change
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
In addition, ext_cmp() was already prototyped earlier...
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
There is no point in having this in a separate internal header.
discussed with jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
X509_STORE_get1_{certs,crls}(3) was added to the OpenSSL 1.1 API with the
usual care. At some point later it was noticed that they didn't deal with
an X509_STORE at all, but rather with an X509_STORE_CTX, so were misnamed.
The fact that X509_STORE_CTX and X509_STORE have their roles reversed when
compared to other FOO vs FOO_CTX in this API may or may not be related.
Anyway, the X509_STORE versions will be demoted to compat defines and the
X509_STORE_CTX will be added to match OpenSSL 1.1 API more closely. This
was pointed out by schwarze a long time ago and missed in a few bumps.
Hopefully we'll manage to do it this time around.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
| |
This removes ProxyCertInfo from extension caching, issuer checking
and it also drops the special path validation for proxy certs from
the legacy verifier.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
The new verifier API is currently unused as we still operate the verifier
in legacy mode. Therefore ctx->xsc is always set and the EXFLAG_PROXY will
soon be dropped from the library, so this error on encountering proxy certs
is effectively doubly dead code.
ok jsing
|
| |
|
|
|
|
|
|
| |
This removes the ProxyCertInfo extension from RFC 3820 from the list of
supported extensions. Since it is a critical extension, this means that
certificates containing it will no longer be considered valid by default.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
No change according to diff -w
|
| |
|
|
|
| |
This function is no longer used directly by regress, so it can now be local
to this file.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
By introducing X509_get0_uids(), one can add RPKI profile compliance
checks to conform the absence of the issuerUID and subjectUID.
OK tb@ jsing@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h
fix suggested by & ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ASN.1 template for GENERAL_NAME and its corresponding C structure
disagree on the type of the x400Address member. This results in an ASN.1
string to be considered as an ASN.1 type, which allows an attacker to read
(essentially) arbitrary memory. Fix this by forcing comparison as strings.
While the underlying type confusion has been present since time immemorial,
this particular bug came with the EdiPartyName fix (6.8/008_asn1.patch.sig).
Reported by David Benjamin, fix suggested by jsing.
Release date for this was set to be January 31. Unilaterally pushed back to
February 7 by OpenSSL by way of announcement of many completely unrelated
embargoed issues, some of which they had been sitting on since July 2020.
ok beck jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use x509_verify.h from the libcrypto sources instead of the public copy.
The x509_verify.h header was installed as a public header since early on
we had ideas of using a public API in libtls, but we eventually decided
against that. It makes no sense to install a public header that hides
everything behind LIBRESSL_INTERNAL. The public API will not be exposed
anytime soon if at all.
ok jsing
|
| |
|
|
|
|
|
| |
Simplify x509v3_cache_extensions() by using a wrapper to avoid
duplication of code for locking and checking the EXFLAG_INVALID flag.
OK tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
|
|
| |
This is an obvious omission from the OpenSSL 1.1 and OpenSSL 3 API which
does not provide a way to access the tbs sigalg of a CRL. This is needed
in security/pivy.
From Alex Wilson
ok jsing
|
