| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
These will be used in libcrypto.
With input from and ok tb@
|
|
|
|
|
|
| |
This will be used in the libcrypto certificate transparency code.
ok tb@
|
|
|
|
|
|
|
|
| |
This will be used in the TLSv1.3 record layer.
From BoringSSL.
ok tb@
|
|
|
|
|
|
|
|
| |
If the CBS data contains a zero byte, then CBS_strdup() is only going to
return part of the data - add an explicit CBS_contains_zero_byte() and
treat such data as an error case.
ok tb@
|
| |
|
|
|
|
|
| |
The bytestring APIs are self contained, hence including openssl headers
here is unnecessary.
|
|
|
|
| |
ok bcook@ jsing@
|
|
|
|
|
|
| |
spelt malloc+memcpy, which is what is used in all except two places.
ok deraadt@ doug@
|
|
|
|
|
|
|
| |
Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.
ok miod@ jsing@
|
|
|
|
|
|
| |
Suggested by jsing@.
ok jsing@ miod@
|
|
|
|
|
|
|
| |
This is useful for when you need to check the data ahead and then continue
on from the same spot.
input + ok jsing@ miod@
|
|
|
|
| |
ok miod@ jsing@
|
|
|
|
|
|
| |
This is a common operation when dealing with CBS.
ok miod@ jsing@
|
|
|
|
| |
"why not" miod@, sure jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CBS_get_any_asn1_element violates DER encoding by allowing indefinite
form. All callers except bs_ber.c expect DER encoding. The callers
must check to see if it was indefinite or not.
Rather than exposing all callers to this behavior,
cbs_get_any_asn1_element_internal() allows specifying whether you want to
allow the normally forbidden indefinite form. This is used by
CBS_get_any_asn1_element() for strict DER encoding and by a new static
function in bs_ber.c for the relaxed version.
While I was here, I added comments to differentiate between ASN.1
restrictions and CBS limitations.
ok miod@
|
|
|
|
|
|
| |
Currently, CBS only handles short-form tags.
ok miod@ jsing@
|
|
|
|
| |
ok jsing@
|
|
|
|
|
|
| |
This function is documented as allowing NULL for out_header_len.
ok jsing@
|
|
|
|
| |
tweak + ok jsing@
|
|
|
|
| |
ok jsing@
|
|
|
|
|
|
|
|
|
|
| |
ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).
Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16
ok deraadt@ jsing@
|
|
|
|
|
|
|
|
| |
I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.
miod is ok with the general process.
|
|
This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.
BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.
Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.
input + ok jsing@, miod@
|