generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() so it correctly works out

Browse Source 
the length of negative integers.
This commit is contained in:
Dr. Stephen Henson 1999-06-24 01:50:27 +00:00
parent 946cbf67af
commit 034292ad6a
2 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGES
View File

@ -4,6 +4,14 @@
Changes between 0.9.3a and 0.9.4 Changes between 0.9.3a and 0.9.4
*) Fix a bug in d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() which can mess
up the length of negative integers. This has now been simplified to just
store the length when it is first determined and use it later, rather
than trying to keep track of where data is copied and updating it to
point to the end.
[Steve Henson, reported by Brien Wheeler
<bwheeler@authentica-security.com>]
*) Add a new function PKCS7_signatureVerify. This allows the verification *) Add a new function PKCS7_signatureVerify. This allows the verification
of a PKCS#7 signature but with the signing certificate passed to the of a PKCS#7 signature but with the signing certificate passed to the
function itself. This contrasts with PKCS7_dataVerify which assumes the function itself. This contrasts with PKCS7_dataVerify which assumes the

20
crypto/asn1/a_int.c
View File

@ -125,13 +125,8 @@ int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL); ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
if (pad) *(p++)=pb; if (pad) *(p++)=pb;
if (a->length == 0) if (a->length == 0) *(p++)=0;
*(p++)=0; else if (t == V_ASN1_INTEGER) memcpy(p,a->data,(unsigned int)a->length);
else if (t == V_ASN1_INTEGER)
{
memcpy(p,a->data,(unsigned int)a->length);
p+=a->length;
}
else { else {
/* Begin at the end of the encoding */ /* Begin at the end of the encoding */
n=a->data + a->length - 1; n=a->data + a->length - 1;
@ -148,10 +143,9 @@ int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
i--; i--;
/* Complement any octets left */ /* Complement any octets left */
for(;i > 0; i--) *(p--) = *(n--) ^ 0xff; for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
p += a->length;
} }
*pp=p; *pp+=r;
return(r); return(r);
} }
@ -159,7 +153,7 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
long length) long length)
{ {
ASN1_INTEGER *ret=NULL; ASN1_INTEGER *ret=NULL;
unsigned char *p,*to,*s; unsigned char *p,*to,*s, *pend;
long len; long len;
int inf,tag,xclass; int inf,tag,xclass;
int i; int i;
@ -174,6 +168,7 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
p= *pp; p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length); inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
pend = p + len;
if (inf & 0x80) if (inf & 0x80)
{ {
i=ASN1_R_BAD_OBJECT_HEADER; i=ASN1_R_BAD_OBJECT_HEADER;
@ -220,13 +215,11 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
if(!i) { if(!i) {
*s = 1; *s = 1;
s[len] = 0; s[len] = 0;
p += len;
len++; len++;
} else { } else {
*(to--) = (*(p--) ^ 0xff) + 1; *(to--) = (*(p--) ^ 0xff) + 1;
i--; i--;
for(;i > 0; i--) *(to--) = *(p--) ^ 0xff; for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
p += len;
} }
} else { } else {
ret->type=V_ASN1_INTEGER; ret->type=V_ASN1_INTEGER;
@ -236,14 +229,13 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
len--; len--;
} }
memcpy(s,p,(int)len); memcpy(s,p,(int)len);
p+=len;
} }
if (ret->data != NULL) Free((char *)ret->data); if (ret->data != NULL) Free((char *)ret->data);
ret->data=s; ret->data=s;
ret->length=(int)len; ret->length=(int)len;
if (a != NULL) (*a)=ret; if (a != NULL) (*a)=ret;
*pp=p; *pp=pend;
return(ret); return(ret);
err: err:
ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);