| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current implementation uses an unsigned long, then switches to BN once
the arc exceeds its size. However, the complexity of BN_bn2dec() is
quadratic in the length of number being converted. This means that OIDs
with excessively large arcs take a lot of computation to convert to text.
While the X.660 specification states that arcs are unbounded, in reality
they are not overly large numbers - 640K^W64 bits ought to be enough for
any arc. Remove BN entirely, switch from unsigned long to uin64_t and fail
if an arc exceeds this size.
Identified via oss-fuzz timeouts - should fix #41028 and #44372.
ok tb@
|
|
|
|
|
|
|
|
|
| |
An IP address in a name constraint is actually an IP address concatenated
with a netmask, so it is twice as long as usual.
This fixes a third bug introduced in r1.3 and reported by Volker Schlecht
ok jsing
|
|
|
|
|
|
| |
Fixes a segfault reported by Volker Schlecht.
ok jsing
|
|
|
|
|
|
|
|
|
|
|
| |
a2i_GENERAL_NAME() modifies and returns the out argument that was
passed in unless out == NULL, in which case it returns something
freshly allocated. Thus, in v2i_GENERAL_NAME_ex() we must only free
ret if out == NULL so v2i_NAME_CONSTRAINTS() can free correctly.
Issue reported by Volker Schlecht
ok jsing
|
|
|
|
|
|
|
|
|
|
| |
Currently OBJ_obj2nid() with NID_undef returns NID_ccitt - this is due to
doing a lookup on an empty value and having NID_undef conflict with an
uninitialised NID value.
Somewhat based on OpenSSL 0fb99904809.
ok tb@
|
|
|
|
|
|
|
|
| |
a 'const uint8_t *a' to a 'const uint8_t a[32]' to match
the prototype in curve25519_internal.h and the other variant
inside OPENSSL_SMALL.
ok millert
|
|
|
|
|
|
|
|
|
|
| |
This is a very rarely used function and the crash is hard to reach in
practice. Instead of implementing BN_is_odd() badly by hand, just call
the real thing.
Reported by Guido Vranken
ok beck jsing
|
|
|
|
|
|
| |
From OpenSSL 6a009812, prompted by a report by Guido Vranken
ok beck jsing
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LibreSSL's pc files effectively hardcode the version to 1.0.0 since
LibreSSL exists. That probably never made much sense. This causes
some pain for ports that "need 'openssl' ['>= +1.1.0'] found '1.0.0'"
or similar while they would build perfectly fine with LibreSSL.
This only affects OpenBSD. We do not put the actual LibreSSL version
in there since it may cause trouble
Discussed with sthen, millert, inoguchi, beck over the past year.
Diff from/ok sthen
|
|
|
|
|
|
|
|
| |
The trust anchor can't inherit, but the code says that it can inherit
just not if the leaf tries to inherit from that. This makes no sense
and doesn't match what is done on the asid side.
ok jsing
|
| |
|
|
|
|
| |
CRL's signature is invalid, not the certificate's.
|
| |
|
| |
|
|
|
|
| |
spotted by/ok jmc
|
|
|
|
| |
to claudio
|
|
|
|
|
|
| |
CID 251047 251094
OK beck@ jsing@ millert@ tb@
|
|
|
|
|
|
| |
CID 250936 251103
OK beck@ jsing@ millert@ tb@
|
|
|
|
|
|
| |
CID 345116
ok beck@ tb@
|
|
|
|
|
|
|
|
| |
CID 25131
ok beck@ tb@
suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@
|
|
|
|
|
|
| |
ok beck@ tb@
suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
|
|
|
|
| |
ok beck@ tb@
|
|
|
|
| |
suggestion from tb@
|
|
|
|
|
|
| |
CID 21653
ok jsing@ millert@ tb@
|
|
|
|
| |
input from tb@
|
|
|
|
|
|
| |
CID 24893
ok jsing@ millert@ tb@
|
|
|
|
| |
ok jsing@ millert@ tb@
|
|
|
|
|
|
| |
CID 24839
ok jsing@ millert@ tb@
|
|
|
|
|
|
| |
CID 24778
ok jsing@ millert@ tb@
|
|
|
|
|
|
| |
CID 24812
ok jsing@ millert@ tb@
|
|
|
|
|
|
| |
It returns 1 on success and 0 for failure, never negative value.
ok jsing@ millert@ tb@
|
|
|
|
| |
ok jsing@ millert@ tb@
|
|
|
|
|
|
|
| |
CID 21665 24835
comment from jsing@ and tb@
ok jsing@ millert@ tb@
|
|
|
|
|
|
| |
CID 24869
ok jsing@ millert@ tb@
|
|
|
|
|
|
|
|
|
|
|
| |
freeing of what they return despite being get0 functions: the stack
of X509s that they return must be freed with sk_X509_free(). The get0
thus probably refers to the individual certs, but not to the stack
itself.
The libcrypto and libssl APIs never cease to amaze with new traps.
ok inoguchi
|
|
|
|
|
|
| |
CID 345137
ok jsing@ tb@
|
|
|
|
| |
ok tb@
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This function has a weird dance of allocating an ASN1_STRING in an
inner scope and assigning it to a void pointer in an outer scope for
passing it to X509_PUBKEY_set0_param() and ASN1_STRING_free() on error.
This can be simplified and streamlined.
ok inoguchi
|
|
|
|
|
|
|
|
|
|
|
|
| |
asn1_par.c r1.29 changed to access p[0] directly, and this pointer could be
overrun since ASN1_get_object advances pointer to the first content octet.
In case invalid ASN1 Boolean data, it has length but no content, I thought
this could be happen.
Adding check p with tot (diff below) will avoid this failure.
Reported by oss-fuzz 43633 and 43648(later)
ok tb@
|
|
|
|
| |
and Symbol addition and removal in libcrypto.
|
|
|
|
| |
ok inoguchi
|
|
|
|
| |
ok inoguchi jsing
|
|
|
|
| |
ok inoguchi jsing
|
|
|
|
| |
ok inoguchi jsing
|
|
|
|
|
|
|
|
|
| |
This removes OBJ_bsearch_ex_() from the exported symbols and makes
OBJ_bsearch_() semi-private. It is still used in libssl.
While here, remove some hideous unused macros
ok inoguchi jsing
|
|
|
|
|
|
|
| |
This moves {d2i,i2d}_ASN1_BOOLEAN() to internal only. They are unused,
but help us testing the encoding.
ok jsing
|
|
|
|
| |
ok inoguchi jsing
|