| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
Such uri's must be parsed and allowed, but then should
fail if a name constraint is present.
Adds regress testing for this same case.
fixes https://github.com/libressl-portable/openbsd/issues/131
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
| |
While seemingly illogical and not what is done in Go's validator, this
mimics OpenSSL's behavior so that callback overrides for the expiry of
a certificate will not "sticky" override a failure to build a chain.
ok jsing@
|
| |
|
|
| |
extract_min_max().
|
| |
|
|
|
|
|
|
| |
Exposed by recent rewrite of ASN1_STRING_to_UTF8().
CID 352831
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Factor the trimming of the end and the counting of unused bits into
helper functions and reuse an ASN.1 bit string API to set the unused
bits and the ASN1_STRING_FLAG_BITS_SET. With a couple of explanatory
comments it becomes much clearer what the code is actually doing and
why.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
In order to set the BIT STRING containing an address prefix, use existing
helper functions from the ASN.1 code instead of redoing everything by
hand. Make the function single exit and rename a few variables to make
it clearer what is being done.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
X509v3_asid_subset() assumes that both asnum and rdi are present while
they are both marked OPTIONAL in RFC 3779, 3.2.3. It will crash if
either one is missing. In RPKI land RDI is a MUST NOT use (e.g, RFC
6487, 4.8.11), so this API is currently useless (and seemingly unused).
Pick apart an ugly logical pipeline and implement this check in a
readable fashion.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The values 0, 1, 3, 4, 5 all have some meaning, none of which is failure.
If caching of X509v3 extensions fails, returning X509_V_ERR_UNSPECIFIED,
i.e., 1 is a bad idea since that means the cert is a CA with appropriate
basic constraints. Revert to OpenSSL behavior which is to ignore failure
to cache extensions at the risk of reporting lies.
Since no return value can indicate failure, we can't fix this in
X509_check_ca() itself. Application code will have to call (and check)
the magic X509_check_purpose(x, -1, -1) to ensure extensions are cached,
then X509_check_ca() can't lie.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
For some unknown historical reason, X509_ATTRIBUTE allows for a single
ASN.1 value or an ASN.1 SET OF, rather than requiring an ASN.1 SET OF.
Simplify encoding and remove support for single values - this is similar
to OpenSSL e20b57270dec.
This removes the last use of COMBINE in the ASN.1 decoder.
ok tb@
|
| |
|
|
| |
Requested by jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
X509v3_{addr,asid}_is_canonical() check that the ipAddrBlocks and
autonomousSysIds extension conform to RFC 3779. These checks are not
cheap. Certs containing non-conformant extensions should not be
considered valid, so mark them with EXFLAG_INVALID while caching the
extension information in x509v3_cache_extensions(). This way the
expensive check while walking the chains during X509_verify_cert() is
replaced with a cheap check of the extension flags. This avoids a lot
of superfluous work when validating numerous certs with similar chains
against the same roots as is done in rpki-client.
Issue noticed and fix suggested by claudio
ok claudio inoguchi jsing
|
| |
|
|
|
|
| |
Ensure that EXFLAG_INVALID is set on X509_get_purpose() failure.
ok inoguchi jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
An IA5STRING is a Pascal string that can have embedded NULs and is
not NUL terminated (except that for legacy reasons it happens to be).
Instead of taking the strlen(), use the already known ASN.1 length and
use strndup() instead of strdup() to generate NUL terminated strings
after some existing code has checked that there are no embedded NULs.
In v2i_GENERAL_NAME_ex() use %.*s to print the bytes. This is not
optimal and might be switched to using strvis() later.
ok beck inoguchi jsing
|
| |
|
|
|
|
|
|
|
|
| |
gcc 4 on sparc64 issues a few 'warning: value computed is not used'.
There are two cases: sk_set_cmp_function() returns the old comparison
function of the stack which we don't care about. The one warning about
an sk_delete() is about a return value that we know already and which
we will free a few lines down.
ok inoguchi miod
|
| |
|
|
|
|
|
|
|
|
| |
Some things issue and expect that we support a non-standard extension of
accepting any email address from a host by prefixing an email name
constraint with @. This used to be the case with the old code as well.
Pointed out and based on a diff by Alex Wilson.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Instead of having the caller allocate and pass in a new
x509_constraints_name struct, handle allocation inside
x509_constraints_validate(). Also make the error optional.
All this is done to simplify the call sites and to make it
more obvious that there are no leaks.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
The dirname constraint must be a prefix in DER format, so relax the
check from requiring equal-length strings to allow shorter names also.
From Alex Wilson
ok jsing
|
| |
|
|
|
|
| |
From Alex Wilson
ok jsing
|
| |
|
|
|
|
|
|
| |
The previous versions were too strict and disallowed leading dots.
From Alex Wilson
ok jsing
|
| | |
|
| |
|
|
|
|
| |
From Alex Wilson
ok jsing
|
| |
|
|
|
|
| |
defined behavior.
ok deraadt inoguchi
|
| | |
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
|
|
| |
An IP address in a name constraint is actually an IP address concatenated
with a netmask, so it is twice as long as usual.
This fixes a third bug introduced in r1.3 and reported by Volker Schlecht
ok jsing
|
| |
|
|
|
|
| |
Fixes a segfault reported by Volker Schlecht.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
a2i_GENERAL_NAME() modifies and returns the out argument that was
passed in unless out == NULL, in which case it returns something
freshly allocated. Thus, in v2i_GENERAL_NAME_ex() we must only free
ret if out == NULL so v2i_NAME_CONSTRAINTS() can free correctly.
Issue reported by Volker Schlecht
ok jsing
|
| |
|
|
|
|
|
|
| |
The trust anchor can't inherit, but the code says that it can inherit
just not if the leaf tries to inherit from that. This makes no sense
and doesn't match what is done on the asid side.
ok jsing
|
| |
|
|
|
|
| |
CID 345116
ok beck@ tb@
|
| |
|
|
|
|
|
|
| |
CID 25131
ok beck@ tb@
suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@
|
| |
|
|
| |
ok inoguchi jsing
|
| |
|
|
| |
ok inoguchi jsing
|
| |
|
|
|
|
|
| |
This is unused and was removed in OpenSSL 5b70372d when it was
replaced with an ASN.1 ADB callback (which we don't support).
ok inoguchi jsing
|
| |
|
|
|
|
|
|
| |
Inline X509_OBJECT_free_contents() in X509_OBJECT_free() and
remove this dangerous API. It was left over when x509_vfy.h
was made opaque.
ok inoguchi jsing
|
| |
|
|
|
| |
This marks the start of major surgery in libcrypto. Do not attempt to
build the tree for a while (~50 commits).
|
| |
|
|
|
|
|
|
| |
As suggested by schwarze, this removes
X509_EX_V_{INIT,NETSCAPE_HACK} and X509_EXT_PACK_{STRING,UNKNOWN}
ok inoguchi jsing
|
| | |
|
| |
|
|
|
|
| |
that will need it in the upcoming bump.
discussed with jsing
|
| |
|
|
|
| |
Adjust a comment to reality, zap a stray empty line and fix whitespace
before comment after #endif
|
| |
|
|
|
|
|
|
|
| |
as well as the X509_STORE_CTX_verify_cb and X509_STORE_CTX_verify_fn types
This will fix the X509_STORE_set_verify_func macro which is currently
broken, as pointed out by schwarze.
ok inoguchi jsing
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
suggested by jsing
|
| |
|
|
| |
suggested by jsing
|
| |
|
|
|
|
| |
more readable.
Repeated complaints by jsing
|
| |
|
|
|
|
| |
sk_find + sk_value into something easier to follow and swallow.
ok inoguchi jsing
|
