generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
13,557 Commits 16 Branches 258 Tags
Commit Graph

864 Commits

Author SHA1 Message Date
Rich Salz
2c60925d1c RT2914: NULL check missing in X509_name_canon 
Check for NULL return from X509_NAME_ENTRY_new()

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2015-01-04 14:51:04 -05:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that 
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-12-30 22:10:26 +00:00
Matt Caswell
53e95716f5 Change all instances of OPENSSL_NO_DEPRECATED to OPENSSL_USE_DEPRECATED 
Introduce use of DECLARE_DEPRECATED

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-12-18 19:57:14 +00:00
Kurt Roeckx
5a1e8c67a9 Return error when a bit string indicates an invalid amount of bits left 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-12-18 15:03:52 +01:00
Dr. Stephen Henson
89f40f369f Reject invalid constructed encodings. 
According to X6.90 null, object identifier, boolean, integer and enumerated
types can only have primitive encodings: return an error if any of
these are received with a constructed encoding.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-12-17 14:25:58 +00:00
Rich Salz
5cf37957fb RT3543: Remove #ifdef LINT 
I also replaced some exit/return wrappers in various
programs (from main) to standardize on return.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-10 17:31:04 -05:00
Matt Caswell
76b2a02274 Implement internally opaque bn access from asn1 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:26 +00:00
Dr. Stephen Henson
f072785eb4 Remove fipscanister build functionality from makefiles. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:23:45 +00:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-11-28 18:32:43 -05:00
Emilia Kasper
95b1752cc7 Add i2d_re_X509_tbs 
i2d_re_X509_tbs re-encodes the TBS portion of the certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-09-05 17:18:06 +02:00
Kurt Cancemi
b0426a0f8c RT3508: Remove unused variable introduced by b09eb24 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-31 23:43:37 -04:00
Rich Salz
b09eb246e2 RT3246: req command prints version number wrong 
Make X509_REQ_print_ex do the same thing that
X509_REQ_print does.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-08-28 19:17:05 -04:00
Raphael Spreitzer
f9fb43e176 RT2400: ASN1_STRING_to_UTF8 missing initializer 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-27 22:59:05 -04:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements 
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 11:49:16 -04:00
Jonas Maebe
1c4b688cb4 multi_split: check for NULL when allocating parts and bpart, and for failure of sk_BIO_push() 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:48 +02:00
Jonas Maebe
8957278869 mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:14 +02:00
Jonas Maebe
15297d962c mime_hdr_new: free mhdr, tmpname, tmpval on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:54 +02:00
Jonas Maebe
c9c63b0180 ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:34 +02:00
Jonas Maebe
b9b9f853b5 SetBlob: free rgSetBlob on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:35:11 +02:00
Frdric Giudicelli
c753e71e0a RT783: Minor optimization to ASN1_INTEGER_set 
Remove local variable and avoid extra assignment.

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:54:43 -04:00
Hans Wennborg
01e438f288 RT3023: Redundant logical expressions 
Remove some redundant logical expressions

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:45:00 -04:00
Dr Stephen Henson
b00f586a81 Fix d4a4370050f7d72239b92a60ab9d4a2dd5e9fd84 
Fully remove old error, per drH
Reviewed-by: rsalz
 2014-08-11 17:32:57 -04:00
Scott Schaefer
d4a4370050 RT 2517: Various typo's. 
Reviewed-by: Emilia Kasper

Many of these were already fixed, this catches the last
few that were missed.
 2014-08-11 13:43:31 -04:00
Emilia Kasper
0042fb5fd1 Fix OID handling: 
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 20:36:41 +01:00
Dr. Stephen Henson
55707a36cc Add license info. 2014-07-04 18:41:45 +01:00
Dr. Stephen Henson
398e99fe5e ASN1 sanity check. 
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
 2014-07-02 00:59:26 +01:00
Dr. Stephen Henson
0e7bda79a1 Handle BER length encoding. 
Tolerate BER length encoding which may include leading zeroes.

PR#2746
 2014-06-29 00:07:08 +01:00
Dr. Stephen Henson
11da66f8b1 Tolerate critical AKID in CRLs. 
PR#3014
 2014-06-27 18:49:32 +01:00
Dr. Stephen Henson
d2aea03829 Memory leak and NULL dereference fixes. 
PR#3403
 2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
3009244da4 Set default global mask to UTF8 only. 2014-06-01 15:03:00 +01:00
Dr. Stephen Henson
b48310627d Don't try and verify signatures if key is NULL (CVE-2013-0166) 
Add additional check to catch this in ASN1_item_verify too.
(cherry picked from commit 66e8211c0b1347970096e04b18aa52567c325200)
 2014-04-01 16:37:51 +01:00
Dr. Stephen Henson
2514fa79ac Add functions returning security bits. 
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
 2014-03-28 14:49:04 +00:00
Dr. Stephen Henson
4cfeb00be9 make depend 2014-02-19 20:09:08 +00:00
Dr. Stephen Henson
84917787b5 Remove references to o_time.h 2014-02-19 20:06:13 +00:00
Scott Schaefer
2b4ffc659e Fix various spelling errors 2014-02-14 22:29:12 +00:00
Dr. Stephen Henson
847865d0f9 Add suppot for ASCII with CRLF canonicalisation. 2014-02-13 14:35:56 +00:00
Dr. Stephen Henson
85c9ba2342 Support setting of "no purpose" for trust. 
If the oid parameter is set to NULL in X509_add1_trust_object
create an empty list of trusted purposes corresponding to
"no purpose" if trust is checked.
 2013-11-11 22:39:23 +00:00
Ben Laurie
79b9209883 More diagnostics for invalid OIDs. 2013-09-20 14:38:36 +01:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
dc1ce3bc64 Add KDF for DH. 
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.

Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
 2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
5de18d5d0d Encode INTEGER correctly. 
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc63c3e15b6db5a15a728bc288f2cc2bbc7)
 2013-03-18 14:22:08 +00:00
Ben Laurie
975dfb1c6c make depend. 2013-02-21 18:17:38 +00:00
Ben Laurie
a6bbbf2ff5 Make "make depend" work on MacOS out of the box. 2013-01-19 14:14:30 +00:00
Dr. Stephen Henson
2e8cb108dc initial support for delta CRL generations by diffing two full CRLs 2012-12-04 18:35:36 +00:00
Dr. Stephen Henson
46a6cec699 Reorganise parameters for OPENSSL_gmtime_diff. 
Make ASN1_UTCTIME_cmp_time_t more robust by using the new time functions.
 2012-11-21 14:13:20 +00:00
Dr. Stephen Henson
360ef6769e first parameter is difference in days, not years 2012-11-20 15:19:53 +00:00
Dr. Stephen Henson
d223dfe641 make depend 2012-11-19 15:13:33 +00:00
Dr. Stephen Henson
1c455bc084 new function ASN1_TIME_diff to calculate difference between two ASN1_TIME structures 2012-11-19 15:12:07 +00:00
Dr. Stephen Henson
98a7edf9f0 make depend 2012-11-19 13:18:09 +00:00
Dr. Stephen Henson
918e613a32 oops, add missing asn_mstbl.c 2012-10-24 13:27:46 +00:00