Commit Graph

1099 Commits

Author SHA1 Message Date
Kurt Roeckx
605236f6a8 Fix more d2i cases to properly update the input pointer
Thanks to David Benjamin <davidben@google.com> for pointing them out.

Reviewed-by: Steve Henson <steve@openssl.org>
MR #1198
2015-10-03 13:22:52 +02:00
David Woodhouse
984d6c6052 Fix no-stdio build
Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

   +Replace FILE BIO's with dummy ops that fail.
   +Include <stdio.h> for sscanf() even with no-stdio (since the declaration
    is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
    variable, since it can be larger than a 'long'. And we don't rely on the
    availability of strtoull().
   +Remove OPENSSL_stderr(); not used.
   +Make OPENSSL_showfatal() do nothing (currently without stdio there's
    nothing we can do).
   +Remove file-based functionality from ssl/. The function
    prototypes were already gone, but not the functions themselves.
   +Remove unviable conf functionality via SYS_UEFI
   +Add fallback definition of BUFSIZ.
   +Remove functions taking FILE * from header files.
   +Add missing DECLARE_PEM_write_fp_const
   +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
    so remove its prototype.
   +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
   +Eliminate SRP_VBASE_init() and supporting functions. Users will need to
    build the verifier manually instead.
   +Eliminate compiler warning for unused do_pk8pkey_fp().
   +Disable TEST_ENG_OPENSSL_PKEY.
   +Disable GOST engine as is uses [f]printf all over the place.
   +Eliminate compiler warning for unused send_fp_chars().

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-29 21:59:19 -04:00
Dr. Stephen Henson
1e898fb0f5 Move certificate request and CRL routines to x509 dir.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 16:35:55 +01:00
Dr. Stephen Henson
0d0099ea3b Move functions.
Move various functions tagged onto t_x509.c to more appropriate places.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 16:05:33 +01:00
Dr. Stephen Henson
7880e14318 Use accessors in X509_REQ_print().
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 13:08:05 +01:00
Dr. Stephen Henson
32f5c25164 Use accessor functions in X509_CRL_print().
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 13:07:46 +01:00
Dr. Stephen Henson
1f143e08a5 New accessor X509_REQ_get_X509_PUBKEY()
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 13:07:22 +01:00
Dr. Stephen Henson
331bf00bed Return shared OIDs when decoding.
When an OID is decoded see if it exists in the registered OID table
and if so return the shared OID instead of dynamically allocating
an ASN1_OBJECT.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-19 05:57:19 +01:00
Dr. Stephen Henson
6e63c142f2 Embed various signature algorithms.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-17 17:18:59 +01:00
Filipe DA SILVA
0e04674e96 RT4047: Set reference count earlier
Make sure it's valid very early.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-17 11:58:24 -04:00
Dr. Stephen Henson
95ed0e7c1f Embed X509_REQ_INFO
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:33:25 +01:00
Dr. Stephen Henson
5cf6abd805 Embed X509_CINF
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:33:25 +01:00
Dr. Stephen Henson
7aef39a72a X509_CRL_INFO embed
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:17:39 +01:00
Dr. Stephen Henson
2869e79f42 Change X509_VAL in X509 structure to embedded.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:17:39 +01:00
Dr. Stephen Henson
de17bd5d7f New ASN.1 embed macro.
New ASN.1 macro ASN1_EMBED. This is the same as ASN1_SIMPLE except the
structure is not allocated: it is part of the parent. That is instead of

FOO *x;

it must be:

FOO x;

This reduces memory fragmentation and make it impossible to accidentally
set a mandatory field to NULL.

This currently only works for SEQUENCE and since it is equivalent to
ASN1_SIMPLE it cannot be tagged, OPTIONAL, SET OF or SEQUENCE OF.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:17:39 +01:00
Kurt Roeckx
a46c9789ce d2i: don't update input pointer on failure
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
MR #1005
2015-09-14 23:53:03 +02:00
Ben Laurie
df2ee0e27d Enable -Wmissing-variable-declarations and
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require
any code changes).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-11 04:51:55 +01:00
David Woodhouse
d728f0f5f2 RT3993: Fix error found by VS2008
Cast and then negate, don't negate an unsigned.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-08 23:32:53 -04:00
Matt Caswell
0e2d091103 Updates for NumericString support
Ensure that EBCDIC support works and update a comment.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-07 10:34:44 +01:00
Dmitry Belyavsky
68572c8af3 Add NumericString support
GOST requires improved NumericString support.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-09-07 10:34:44 +01:00
Rich Salz
b0809bc8ff RT3998: Allow scrypt to be disabled
This does 64-bit division and multiplication, and on 32-bit platforms
pulls in libgcc symbols (and MSVC does similar) which may not be
available.  Mostly done by David Woodhouse.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-09-04 14:09:14 -04:00
David Woodhouse
47bbaa5b60 Revert "OPENSSL_NO_xxx cleanup: RFC3779"
This reverts the non-cleanup parts of commit c73ad69017. We do actually
have a reasonable use case for OPENSSL_NO_RFC3779 in the EDK2 UEFI
build, since we don't have a strspn() function in our runtime environment
and we don't want the RFC3779 functionality anyway.

In addition, it changes the default behaviour of the Configure script so
that RFC3779 support isn't disabled by default. It was always disabled
from when it was first added in 2006, right up until the point where
OPENSSL_NO_RFC3779 was turned into a no-op, and the code in the
Configure script was left *trying* to disable it, but not actually
working.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:31:09 -04:00
Rich Salz
64b25758ed remove 0 assignments.
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:26:34 -04:00
Rich Salz
b51bce9420 Add and use OPENSSL_zalloc
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-02 22:05:37 -04:00
Dr. Stephen Henson
66e87a9f09 make update
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-02 21:26:17 +01:00
Dr. Stephen Henson
e3e571925c make X509_CRL opaque
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-02 21:26:17 +01:00
Dr. Stephen Henson
25a5d1b8c4 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-08-31 23:18:55 +01:00
mrpre
a7e974c7be check bn_new return value
Slightly modified from the original PR.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-08-31 16:03:31 -04:00
Dr. Stephen Henson
124055a96e make X509_REQ opaque
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-08-31 20:58:33 +01:00
Dr. Stephen Henson
bc3686dfb0 make X509_CERT_AUX opaque
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-08-31 20:58:33 +01:00
Alessandro Ghedini
55500ea7c4 GH354: Memory leak fixes
Fix more potential leaks in X509_verify_cert()
Fix memory leak in ClientHello test
Fix memory leak in gost2814789 test
Fix potential memory leak in PKCS7_verify()
Fix potential memory leaks in X509_add1_reject_object()
Refactor to use "goto err" in cleanup.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-08-28 11:18:04 -04:00
Rich Salz
fbfcb22439 RT3999: Remove sub-component version strings
Especially since after the #ifdef cleanups this is not useful.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-10 12:13:32 -04:00
Rich Salz
0bc2f36555 Remove obsolete key formats.
Remove support for RSA_NET and Netscape key format (-keyform n).

Also removed documentation of SGC.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-07-16 01:06:48 -04:00
Rich Salz
74924dcb38 More secure storage of key material.
Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-06-23 17:09:35 -04:00
Dr. Stephen Henson
f2dc4d517f Encode b == NULL or blen == 0 as zero.
PR#3904

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-06-13 12:25:42 +01:00
Dr. Stephen Henson
4336de0c63 Check ASN1_INTEGER_get for errors.
Check return value when calling ASN1_INTEGER_get to retrieve a certificate
serial number. If an error occurs (which will be caused by the value being
out of range) revert to hex dump of serial number.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-06-06 13:17:06 +01:00
Sergey Agievich
3418f7b7b0 Add funtions to set item_sign and item_verify
PR#3872

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
(cherry picked from commit ad0fb7f498)

Conflicts:
	crypto/asn1/ameth_lib.c
2015-06-03 15:39:29 +01:00
Richard Levitte
0f539dc1a2 Fix the update target and remove duplicate file updates
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Dr. Stephen Henson
3a752c85ee make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-21 12:48:03 +01:00
Dr. Stephen Henson
e98aa30d55 Add scrypt PBE algorithm code.
This adds support for the ASN.1 structures in draft-josefsson-scrypt-kdf-03
Private keys encrypted by scrypt can now be decrypted transparently as long
as they don't exceed the memory limits.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-21 12:48:02 +01:00
Dr. Stephen Henson
c5f2810581 Add functions to convert between uint64_t and ASN1_INTEGER.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-20 15:04:19 +01:00
Dr. Stephen Henson
6c5b6cb035 ASN1 INTEGER refactor.
Rewrite and tidy ASN1_INTEGER and ASN1_ENUMERATED handling.

Remove code duplication.

New functions to convert between int64_t and ASN.1 types without the
quirks of the old long conversion functions.

Add documentation.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-18 18:38:42 +01:00
Richard Levitte
a3aadb2d9c make depend
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:38:31 +02:00
Richard Levitte
b39fc56061 Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Rich Salz
75ebbd9aa4 Use p==NULL not !p (in if statements, mainly)
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-11 10:06:38 -04:00
Rich Salz
86885c2895 Use "==0" instead of "!strcmp" etc
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-06 22:37:53 -04:00
Gunnar Kudrjavets
4c9b0a0314 Initialize potentially uninitialized local variables
Compiling OpenSSL code with MSVC and /W4 results in a number of warnings.
One category of warnings is particularly interesting - C4701 (potentially
uninitialized local variable 'name' used). This warning pretty much means
that there's a code path which results in uninitialized variables being used
or returned. Depending on compiler, its options, OS, values in registers
and/or stack, the results can be nondeterministic. Cases like this are very
hard to debug so it's rational to fix these issues.

This patch contains a set of trivial fixes for all the C4701 warnings (just
initializing variables to 0 or NULL or appropriate error code) to make sure
that deterministic values will be returned from all the execution paths.

RT#3835

Signed-off-by: Matt Caswell <matt@openssl.org>

Matt's note: All of these appear to be bogus warnings, i.e. there isn't
actually a code path where an unitialised variable could be used - its just
that the compiler hasn't been able to figure that out from the logic. So
this commit is just about silencing spurious warnings.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-06 13:06:46 +01:00
Rich Salz
16f8d4ebf0 memset, memcpy, sizeof consistency fixes
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy.  Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05 22:18:59 -04:00
Rich Salz
b4faea50c3 Use safer sizeof variant in malloc
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Dr. Stephen Henson
b8cba00807 Return an error in ASN1_TYPE_unpack_sequence if argument is NULL
Thanks to Brian Carpenter for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 13:05:31 +01:00
Dr. Stephen Henson
b6eb9827a6 Add OSSL_NELEM macro.
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an
array.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-03 12:53:08 +01:00
Rich Salz
25aaa98aa2 free NULL cleanup -- coda
After the finale, the "real" final part. :)  Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:37:16 -04:00
Rich Salz
666964780a Remove goto inside an if(0) block
There were a dozen-plus instances of this construct:
   if (0) { label: ..... }

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:29:48 -04:00
Rich Salz
efa7dd6444 free NULL cleanup 11
Don't check for NULL before calling free functions. This gets:
        ERR_STATE_free
        ENGINE_free
        DSO_free
        CMAC_CTX_free
        COMP_CTX_free
        CONF_free
        NCONF_free NCONF_free_data _CONF_free_data
        A sk_free use within OBJ_sigid_free
        TS_TST_INFO_free (rest of TS_ API was okay)
        Doc update for UI_free (all uses were fine)
        X509V3_conf_free
        X509V3_section_free
        X509V3_string_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c free null cleanup finale
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
23a1d5e97c free NULL cleanup 7
This gets BN_.*free:
    BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
    BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free

Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 21:37:06 -04:00
Rich Salz
4b45c6e52b free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
        CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 17:57:32 -04:00
Rich Salz
222561fe8e free NULL cleanup 5a
Don't check for NULL before calling a free routine.  This gets X509_.*free:
    x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
    X509_STORE_free X509_STORE_CTX_free X509_PKEY_free
    X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 17:33:59 -04:00
Rich Salz
2ace745022 free NULL cleanup 8
Do not check for NULL before calling a free routine.  This addresses:
    ASN1_BIT_STRING_free ASN1_GENERALIZEDTIME_free ASN1_INTEGER_free
    ASN1_OBJECT_free ASN1_OCTET_STRING_free ASN1_PCTX_free ASN1_SCTX_free
    ASN1_STRING_clear_free ASN1_STRING_free ASN1_TYPE_free
    ASN1_UTCTIME_free M_ASN1_free_of

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 11:31:07 -04:00
Rich Salz
2d29e2df0c realloc of NULL is like malloc
ANSI C, and OpenSSL's malloc wrapper do this, also.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 16:34:52 -04:00
Rich Salz
b196e7d936 remove malloc casts
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Dr. Stephen Henson
a0eed48d37 Fix encoding bug in i2c_ASN1_INTEGER
Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as
negative.

Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and
Hanno Böck <hanno@hboeck.de> for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-18 14:41:06 +01:00
Viktor Dukhovni
61986d32f3 Code style: space after 'if'
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-16 13:44:59 -04:00
Dr. Stephen Henson
111b60bea0 Reject empty generation strings.
Reported by Hanno Böck <hanno@hboeck.de>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-16 16:04:23 +01:00
Dr. Stephen Henson
c4137b5e82 Limit depth of nested sequences when generating ASN.1
Reported by Hanno Böck <hanno@hboeck.de>
PR#3800

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-16 16:04:23 +01:00
Dr. Stephen Henson
f617b4969a Don't set *pval to NULL in ASN1_item_ex_new.
While *pval is usually a pointer in rare circumstances it can be a long
value. One some platforms (e.g. WIN64) where
sizeof(long) < sizeof(ASN1_VALUE *) this will write past the field.

*pval is initialised correctly in the rest of ASN1_item_ex_new so setting it
to NULL is unecessary anyway.

Thanks to Julien Kauffmann for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-10 19:50:51 +01:00
Dr. Stephen Henson
19fcbc8949 make depend
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-03 18:31:15 +01:00
Dr. Stephen Henson
a469a6770a Remove old ASN.1 functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-03 18:30:09 +01:00
Dr. Stephen Henson
1880790e2e Remove unnecessary use of ASN1_const_CTX
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-03 18:29:48 +01:00
Emilia Kasper
11305038e9 make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-01 22:31:28 +02:00
Dr. Stephen Henson
b9395187df Remove old ASN.1 code from evp_asn1.c
Rewrite ASN1_TYPE_set_int_octetstring and ASN1_TYPE_get_int_octetstring
to use the new ASN.1 code instead of the old macros.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 19:18:51 +01:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Dr. Stephen Henson
e93c8748ab Remove duplicate code.
Update code to use ASN1_TYPE_pack_sequence and ASN1_TYPE_unpack_sequence
instead of performing the same operation manually.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:31 +01:00
Dr. Stephen Henson
22f5bd3dd2 New ASN1_TYPE SEQUENCE functions.
Add new functions ASN1_TYPE_pack_sequence and ASN1_TYPE_unpack_sequence:
these encode and decode ASN.1 SEQUENCE using an ASN1_TYPE structure.

Update ordinals.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:31 +01:00
Dr. Stephen Henson
94f4b4b313 Rewrite X509_PKEY_new to avoid old ASN1. macros.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:31 +01:00
Dr. Stephen Henson
3a1f43023a Remove unnecessary asn1_mac.h includes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:30 +01:00
Dr. Stephen Henson
b1f3442857 Remove d2i_X509_PKEY and i2d_X509_PKEY
Remove partially implemented d2i_X509_PKEY and i2d_X509_PKEY: nothing
uses them and they don't work properly. Update ordinals.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 15:39:18 +00:00
Rich Salz
c5ba2d9904 free NULL cleanup
EVP_.*free; this gets:
        EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free
        EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it
        EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 10:54:15 -04:00
Dr. Stephen Henson
23dc1706e8 Make asn1_ex_i2c, asn1_ex_c2i static.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 12:08:48 +00:00
Dr. Stephen Henson
ee9d76371a Remove combine option from ASN.1 code.
Remove the combine option. This was used for compatibility with some
non standard behaviour in ancient versions of OpenSSL: specifically
the X509_ATTRIBUTE and DSAPublicKey handling. Since these have now
been revised it is no longer needed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 22:04:15 +00:00
Dr. Stephen Henson
c315a547e6 Move more internal only functions to asn1_locl.h
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-26 00:44:22 +00:00
Dr. Stephen Henson
cb14aec713 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 15:48:16 +00:00
Dr. Stephen Henson
c1ee50aac2 Move internal only ASN.1 functions to asn1_locl.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 15:48:16 +00:00
Rich Salz
ca3a82c3b3 free NULL cleanup
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-25 11:31:18 -04:00
Dr. Stephen Henson
9837bfbfc7 make depend
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 14:15:00 +00:00
Dr. Stephen Henson
2743e38c2f make X509_NAME opaque
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 14:15:00 +00:00
Matt Caswell
266483d2f5 RAND_bytes updates
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:38:07 +00:00
Dr. Stephen Henson
2e43027757 make ASN1_OBJECT opaque
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 17:35:58 +00:00
Dr. Stephen Henson
86d20cb6fd make depend
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:05:05 +00:00
Dr. Stephen Henson
5fe736e5fc Move some ASN.1 internals to asn1_int.h
Move ASN.1 internals used across multiple directories into new internal
header file asn1_int.h remove crypto/Makefile hack which allowed other
directories to include "asn1_locl.h"

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:03:36 +00:00
Rich Salz
0dfb9398bb free NULL cleanup
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets ASN1_OBJECT_free and ASN1_STRING_free.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 07:52:24 -04:00
Dr. Stephen Henson
dd12df794a Remove old style ASN.1 support.
Remove old ASN.1 COMPAT type. This was meant as a temporary measure
so older ASN.1 code (from OpenSSL 0.9.6) still worked. It's a hack
which breaks constification and hopefully nothing uses it now, if
it ever did.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-23 23:21:40 +00:00
Dr. Stephen Henson
06e6aa47de Fix build.
Remove x_exten.c and x_exten.o from crypto/asn1/Makefile: they've moved now.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-23 18:47:05 +00:00
Dr. Stephen Henson
4903abd50a make X509_EXTENSION opaque
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-23 18:27:04 +00:00
Dr. Stephen Henson
4fe67498b0 Remove deleted functions, update ordinals.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-23 13:47:57 +00:00
Dr. Stephen Henson
564df0ddea Remove {i2d,d2i}_ASN1_BOOLEAN
Remove {i2d,d2i}_ASN1_BOOLEAN.

Rewrite single occurrence of d2i_ASN1_BOOLEAN in asn1_parse2

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-23 13:15:07 +00:00
Dr. Stephen Henson
f422a51486 Remove old ASN.1 code.
Remove old M_ASN1_ macros and replace any occurences with the corresponding
function.

Remove d2i_ASN1_bytes, d2i_ASN1_SET, i2d_ASN1_SET: no longer used internally.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-23 13:15:06 +00:00
Matt Caswell
5e5d53d341 Fix a failure to NULL a pointer freed on error.
Reported by the LibreSSL project as a follow on to CVE-2015-0209

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:01:13 +00:00
Dr. Stephen Henson
e677e8d135 Fix ASN1_TYPE_cmp
Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This
can be triggered during certificate verification so could be a DoS attack
against a client or a server enabling client authentication.

CVE-2015-0286

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:01:13 +00:00
Dr. Stephen Henson
8106d61c35 Free up ADB and CHOICE if already initialised.
CVE-2015-0287

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-03-19 11:11:02 +00:00
Dr. Stephen Henson
9b0a453190 Make X509_ATTRIBUTE opaque.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-16 15:54:19 +00:00
Carl Jackson
da27006df0 Fix regression in ASN1_UTCTIME_cmp_time_t
Previously, ASN1_UTCTIME_cmp_time_t would return 1 if s > t, -1 if
s < t, and 0 if s == t.

This behavior was broken in a refactor [0], resulting in the opposite
time comparison behavior.

[0]: 904348a492

PR#3706

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-15 19:46:24 +00:00
Dr. Stephen Henson
3d6aa6d441 Allocate string types directly.
Allocate and free ASN.1 string types directly instead of going through
the ASN.1 item code.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-13 16:42:44 +00:00
Dr. Stephen Henson
b5f07d6a66 Remove obsolete declarations.
Remove DECLARE_ASN1_SET_OF and DECLARE_PKCS12_STACK_OF these haven't been
used internally in OpenSSL for some time.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-12 14:12:17 +00:00
Dr. Stephen Henson
5dc1247a74 ASN.1 print fix.
When printing out an ASN.1 structure if the type is an item template don't
fall thru and attempt to interpret as a primitive type.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-12 13:31:43 +00:00
Matt Caswell
34a7ed0c39 Fix asn1_item_print_ctx
The call to asn1_do_adb can return NULL on error, so we should check the
return value before attempting to use it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-12 09:22:19 +00:00
Matt Caswell
9e488fd6ab ASN1_primitive_new NULL param handling
ASN1_primitive_new takes an ASN1_ITEM * param |it|. There are a couple
of conditional code paths that check whether |it| is NULL or not - but
later |it| is deref'd unconditionally. If |it| was ever really NULL then
this would seg fault. In practice ASN1_primitive_new is marked as an
internal function in the public header file. The only places it is ever
used internally always pass a non NULL parameter for |it|. Therefore, change
the code to sanity check that |it| is not NULL, and remove the conditional
checking.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-12 09:20:45 +00:00
Matt Caswell
ac5a110621 Fix seg fault in ASN1_generate_v3/ASN1_generate_nconf
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-03-11 11:18:15 +00:00
Dmitry-Me
0b142f022e Fix wrong numbers being passed as string lengths
Signed-off-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-09 21:02:41 +01:00
Dr. Stephen Henson
a8ae0891d4 Cleanse PKCS#8 private key components.
New function ASN1_STRING_clear_free which cleanses an ASN1_STRING
structure before freeing it.

Call ASN1_STRING_clear_free on PKCS#8 private key components.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-08 16:27:55 +00:00
Matt Caswell
918bb86529 Unchecked malloc fixes
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-03-05 09:09:57 +00:00
Dr. Stephen Henson
437b14b533 Fix format script.
The format script didn't correctly recognise some ASN.1 macros and
didn't reformat some files as a result. Fix script and reformat
affected files.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-03-02 13:26:29 +00:00
Dr. Stephen Henson
259c360d0b Remove obsolete IMPLEMENT_ASN1_SET_OF
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-09 12:47:28 +00:00
Rich Salz
fbf08b79ff Remove X509_PAIR
Unused type; a pair X509 certificates. Intended for LDAP support.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-06 10:55:31 -05:00
Rich Salz
5b18d3025c util/mkstack.pl now generates entire safestack.h
The mkstack.pl script now generates the entire safestack.h file.
It generates output that follows the coding style.
Also, removed all instances of the obsolete IMPLEMENT_STACK_OF
macro.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-06 10:47:53 -05:00
Dr. Stephen Henson
52e028b9de Check PKCS#8 pkey field is valid before cleansing.
PR:3683
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-03 13:58:14 +00:00
Rich Salz
02a938c953 Dead code removal: #if 0 asn1, pkcs7
Keep one #if 0 but rename the symbol to be more descriptive of what
it's doing (you can disable support for old broken Netscape software).

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-30 15:35:49 -05:00
Richard Levitte
c6ef15c494 clang on Linux x86_64 complains about unreachable code.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-01-29 01:54:09 +01:00
Rich Salz
1a5adcfb5e "#if 0" removal: header files
Remove all "#if 0" blocks from header files.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-27 17:44:12 -05:00
Rich Salz
474e469bbd OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
	GENUINE_DSA         OPENSSL_NO_SHA0
	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 12:34:45 -05:00
Rich Salz
c73ad69017 OPENSSL_NO_xxx cleanup: RFC3779
Remove OPENSSL_NO_RFCF3779.

Also, makevms.com was ignored by some of the other cleanups, so
I caught it up.  Sorry I ignored you, poor little VMS...

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 10:19:14 -05:00
Rich Salz
a00ae6c46e OPENSSL_NO_xxx cleanup: many removals
The following compile options (#ifdef's) are removed:
    OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
    OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
    OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
    OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY

This diff is big because of updating the indents on preprocessor lines.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 10:06:22 -05:00
Kurt Roeckx
2747d73c14 Fix segfault with empty fields as last in the config.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-24 14:46:50 +01:00
Rob Stradling
004efdbb41 Use inner algorithm when printing certificate.
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-22 12:40:42 +00:00
Matt Caswell
50e735f9e5 Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the
script should not move them)

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
739a5eee61 Rerun util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
b853717fc4 Fix strange formatting by indent
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:08 +00:00
Matt Caswell
dbd87ffc21 indent has problems with comments that are on the right hand side of a line.
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:08 +00:00
Matt Caswell
c80fd6b215 Further comment changes for reformat (master)
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:19:59 +00:00
Rich Salz
4b618848f9 Cleanup OPENSSL_NO_xxx, part 1
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160
OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO
Two typo's on #endif comments fixed:
	OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB
	OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-14 15:57:28 -05:00
Dr. Stephen Henson
cb62ab4b17 use correct function name
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-06 21:03:50 +00:00
Dr. Stephen Henson
4c52816d35 Constify ASN1_TYPE_cmp add X509_ALGOR_cmp.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-01-05 14:52:55 +00:00
Dr. Stephen Henson
684400ce19 Fix various certificate fingerprint issues.
By using non-DER or invalid encodings outside the signed portion of a
certificate the fingerprint can be changed without breaking the signature.
Although no details of the signed portion of the certificate can be changed
this can cause problems with some applications: e.g. those using the
certificate fingerprint for blacklists.

1. Reject signatures with non zero unused bits.

If the BIT STRING containing the signature has non zero unused bits reject
the signature. All current signature algorithms require zero unused bits.

2. Check certificate algorithm consistency.

Check the AlgorithmIdentifier inside TBS matches the one in the
certificate signature. NB: this will result in signature failure
errors for some broken certificates.

3. Check DSA/ECDSA signatures use DER.

Reencode DSA/ECDSA signatures and compare with the original received
signature. Return an error if there is a mismatch.

This will reject various cases including garbage after signature
(thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
(negative or with leading zeroes).

CVE-2014-8275
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-01-05 14:35:19 +00:00
Rich Salz
2c60925d1c RT2914: NULL check missing in X509_name_canon
Check for NULL return from X509_NAME_ENTRY_new()

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-01-04 14:51:04 -05:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-30 22:10:26 +00:00
Matt Caswell
53e95716f5 Change all instances of OPENSSL_NO_DEPRECATED to OPENSSL_USE_DEPRECATED
Introduce use of DECLARE_DEPRECATED

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-12-18 19:57:14 +00:00
Kurt Roeckx
5a1e8c67a9 Return error when a bit string indicates an invalid amount of bits left
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-18 15:03:52 +01:00
Dr. Stephen Henson
89f40f369f Reject invalid constructed encodings.
According to X6.90 null, object identifier, boolean, integer and enumerated
types can only have primitive encodings: return an error if any of
these are received with a constructed encoding.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-12-17 14:25:58 +00:00
Rich Salz
5cf37957fb RT3543: Remove #ifdef LINT
I also replaced some exit/return wrappers in various
programs (from main) to standardize on return.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-10 17:31:04 -05:00
Matt Caswell
76b2a02274 Implement internally opaque bn access from asn1
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 21:40:26 +00:00
Dr. Stephen Henson
f072785eb4 Remove fipscanister build functionality from makefiles.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:23:45 +00:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-28 18:32:43 -05:00
Emilia Kasper
95b1752cc7 Add i2d_re_X509_tbs
i2d_re_X509_tbs re-encodes the TBS portion of the certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-09-05 17:18:06 +02:00
Kurt Cancemi
b0426a0f8c RT3508: Remove unused variable introduced by b09eb24
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-31 23:43:37 -04:00
Rich Salz
b09eb246e2 RT3246: req command prints version number wrong
Make X509_REQ_print_ex do the same thing that
X509_REQ_print does.

Reviewed-by: Matt Caswell <matt@openssl.org>
2014-08-28 19:17:05 -04:00
Raphael Spreitzer
f9fb43e176 RT2400: ASN1_STRING_to_UTF8 missing initializer
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-27 22:59:05 -04:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-18 11:49:16 -04:00
Jonas Maebe
1c4b688cb4 multi_split: check for NULL when allocating parts and bpart, and for failure of sk_BIO_push()
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:37:48 +02:00
Jonas Maebe
8957278869 mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:37:14 +02:00
Jonas Maebe
15297d962c mime_hdr_new: free mhdr, tmpname, tmpval on error path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:36:54 +02:00
Jonas Maebe
c9c63b0180 ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:36:34 +02:00
Jonas Maebe
b9b9f853b5 SetBlob: free rgSetBlob on error path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:35:11 +02:00
Frdric Giudicelli
c753e71e0a RT783: Minor optimization to ASN1_INTEGER_set
Remove local variable and avoid extra assignment.

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
2014-08-15 10:54:43 -04:00
Hans Wennborg
01e438f288 RT3023: Redundant logical expressions
Remove some redundant logical expressions

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
2014-08-15 10:45:00 -04:00
Dr Stephen Henson
b00f586a81 Fix d4a4370050
Fully remove old error, per drH
Reviewed-by: rsalz
2014-08-11 17:32:57 -04:00
Scott Schaefer
d4a4370050 RT 2517: Various typo's.
Reviewed-by: Emilia Kasper

Many of these were already fixed, this catches the last
few that were missed.
2014-08-11 13:43:31 -04:00
Emilia Kasper
0042fb5fd1 Fix OID handling:
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-06 20:36:41 +01:00
Dr. Stephen Henson
55707a36cc Add license info. 2014-07-04 18:41:45 +01:00
Dr. Stephen Henson
398e99fe5e ASN1 sanity check.
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
2014-07-02 00:59:26 +01:00
Dr. Stephen Henson
0e7bda79a1 Handle BER length encoding.
Tolerate BER length encoding which may include leading zeroes.

PR#2746
2014-06-29 00:07:08 +01:00
Dr. Stephen Henson
11da66f8b1 Tolerate critical AKID in CRLs.
PR#3014
2014-06-27 18:49:32 +01:00
Dr. Stephen Henson
d2aea03829 Memory leak and NULL dereference fixes.
PR#3403
2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
3009244da4 Set default global mask to UTF8 only. 2014-06-01 15:03:00 +01:00
Dr. Stephen Henson
b48310627d Don't try and verify signatures if key is NULL (CVE-2013-0166)
Add additional check to catch this in ASN1_item_verify too.
(cherry picked from commit 66e8211c0b)
2014-04-01 16:37:51 +01:00
Dr. Stephen Henson
2514fa79ac Add functions returning security bits.
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
2014-03-28 14:49:04 +00:00
Dr. Stephen Henson
4cfeb00be9 make depend 2014-02-19 20:09:08 +00:00
Dr. Stephen Henson
84917787b5 Remove references to o_time.h 2014-02-19 20:06:13 +00:00
Scott Schaefer
2b4ffc659e Fix various spelling errors 2014-02-14 22:29:12 +00:00
Dr. Stephen Henson
847865d0f9 Add suppot for ASCII with CRLF canonicalisation. 2014-02-13 14:35:56 +00:00
Dr. Stephen Henson
85c9ba2342 Support setting of "no purpose" for trust.
If the oid parameter is set to NULL in X509_add1_trust_object
create an empty list of trusted purposes corresponding to
"no purpose" if trust is checked.
2013-11-11 22:39:23 +00:00
Ben Laurie
79b9209883 More diagnostics for invalid OIDs. 2013-09-20 14:38:36 +01:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
dc1ce3bc64 Add KDF for DH.
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.

Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
5de18d5d0d Encode INTEGER correctly.
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc63c)
2013-03-18 14:22:08 +00:00
Ben Laurie
975dfb1c6c make depend. 2013-02-21 18:17:38 +00:00
Ben Laurie
a6bbbf2ff5 Make "make depend" work on MacOS out of the box. 2013-01-19 14:14:30 +00:00
Dr. Stephen Henson
2e8cb108dc initial support for delta CRL generations by diffing two full CRLs 2012-12-04 18:35:36 +00:00
Dr. Stephen Henson
46a6cec699 Reorganise parameters for OPENSSL_gmtime_diff.
Make ASN1_UTCTIME_cmp_time_t more robust by using the new time functions.
2012-11-21 14:13:20 +00:00
Dr. Stephen Henson
360ef6769e first parameter is difference in days, not years 2012-11-20 15:19:53 +00:00
Dr. Stephen Henson
d223dfe641 make depend 2012-11-19 15:13:33 +00:00
Dr. Stephen Henson
1c455bc084 new function ASN1_TIME_diff to calculate difference between two ASN1_TIME structures 2012-11-19 15:12:07 +00:00
Dr. Stephen Henson
98a7edf9f0 make depend 2012-11-19 13:18:09 +00:00
Dr. Stephen Henson
918e613a32 oops, add missing asn_mstbl.c 2012-10-24 13:27:46 +00:00
Dr. Stephen Henson
30765fed55 New config module for string tables. This can be used to add new
multi string components (as used in DN fields or request attributes)
or change the values of existing ones.
2012-10-22 13:05:54 +00:00
Dr. Stephen Henson
d35c0ff30b fix ASN1_STRING_TABLE_add so it can override existing string table values 2012-10-19 15:06:31 +00:00
Bodo Möller
7f429a5dbf Fix Valgrind warning.
Submitted by: Adam Langley
2012-09-24 19:49:16 +00:00
Dr. Stephen Henson
dfcf48f499 New functions to retrieve certificate signatures and signature OID NID. 2012-06-13 13:08:12 +00:00
Dr. Stephen Henson
4b9e0b5f74 print out issuer and subject unique identifier fields in certificates 2012-06-12 13:41:18 +00:00
Dr. Stephen Henson
4242a090c7 PR: 2813
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
2012-05-11 13:53:37 +00:00
Dr. Stephen Henson
d9a9d10f4f Check for potentially exploitable overflows in asn1_d2i_read_bio
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 16:19:56 +00:00
Andy Polyakov
6da165c631 ans1/tasn_prn.c: avoid bool in variable names.
PR: 2776
2012-03-29 17:48:19 +00:00
Dr. Stephen Henson
78dfd43955 corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 16:32:19 +00:00
Dr. Stephen Henson
3c6a7cd44b PR: 2742
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

If resigning with detached content in CMS just copy data across.
2012-02-29 14:02:02 +00:00
Dr. Stephen Henson
dc4f678cdc Fix memory leak cause by race condition when creating public keys.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:02 +00:00
Dr. Stephen Henson
68a7b5ae1e PR: 2736
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
2012-02-27 18:45:28 +00:00
Dr. Stephen Henson
228a8599ff free headers after use in error message 2012-02-27 16:27:17 +00:00
Dr. Stephen Henson
6941b7b918 PR: 2711
Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.
2012-02-23 21:50:44 +00:00
Dr. Stephen Henson
9bd20155ba fix warning 2012-01-15 13:30:41 +00:00
Andy Polyakov
a50bce82ec Sanitize usage of <ctype.h> functions. It's important that characters
are passed zero-extended, not sign-extended.
PR: 2682
2012-01-12 16:21:35 +00:00
Andy Polyakov
6e913f9901 asn1/t_x509.c: fix serial number print, harmonize with a_int.c.
PR: 2675
Submitted by: Annie Yousar
2012-01-11 21:12:22 +00:00
Dr. Stephen Henson
afb14cda8c Initial experimental support for X9.42 DH parameter format to handle
RFC5114 parameters and X9.42 DH public and private keys.
2011-12-07 00:32:34 +00:00
Dr. Stephen Henson
3231e42d72 update pkey method initialisation and copy 2011-10-11 18:15:31 +00:00
Bodo Möller
837e1b6812 Fix memory leak on bad inputs. 2011-09-05 09:57:20 +00:00
Dr. Stephen Henson
a60cc6b4f0 Don't use *from++ in tolower as this is implemented as a macro on some
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
2011-09-02 11:28:27 +00:00
Dr. Stephen Henson
9fe51d5f73 PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:53 +00:00
Dr. Stephen Henson
b507284c7e correctly encode OIDs near 2^32 2011-06-22 15:15:58 +00:00
Dr. Stephen Henson
9a85e53813 no need to include memory.h 2011-04-30 23:37:42 +00:00
Dr. Stephen Henson
f9678b8b57 Fix memory leak. 2011-02-07 13:34:00 +00:00
Bodo Möller
9d0397e977 make update 2011-02-03 10:17:53 +00:00
Bodo Möller
2440d8b1db Fix error codes. 2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
7d05edd12e PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:19:52 +00:00
Dr. Stephen Henson
d3f17e5ed3 stop warning with no-engine 2011-01-13 15:41:58 +00:00
Dr. Stephen Henson
968062b7d3 Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
2011-01-03 01:31:24 +00:00
Dr. Stephen Henson
d7d5a55d22 Support routines for ASN1 scanning function, doesn't do much yet. 2010-12-13 18:15:28 +00:00
Dr. Stephen Henson
8ec3fa0597 fix signature printing routines 2010-10-04 13:58:41 +00:00
Dr. Stephen Henson
39239280f3 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:58:09 +00:00
Ben Laurie
c8bbd98a2b Fix warnings. 2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
359b0c9fb8 experimental function to convert ASN1_TIME to tm, not used or even compiled in yet 2010-05-03 12:17:44 +00:00
Dr. Stephen Henson
e19f6678f5 print signature parameters with CRLs too 2010-03-14 13:10:48 +00:00
Dr. Stephen Henson
8d207ee3d1 add X509_CRL_sign_ctx function 2010-03-14 12:52:38 +00:00
Dr. Stephen Henson
85522a074c Algorithm specific ASN1 signing functions. 2010-03-11 13:32:38 +00:00
Dr. Stephen Henson
ce25c7207b New function X509_ALGOR_set_md() to set X509_ALGOR (DigestAlgorithmIdentifier)
from a digest algorithm.
2010-03-11 13:27:05 +00:00
Dr. Stephen Henson
31904ecdf3 RSA PSS verification support including certificates and certificate
requests. Add new ASN1 signature initialisation function to handle this
case.
2010-03-08 18:10:35 +00:00
Dr. Stephen Henson
809cd0a22d print outermost signature algorithm parameters too 2010-03-07 17:02:47 +00:00
Dr. Stephen Henson
7ed485bc9f The OID sanity check was incorrect. It should only disallow *leading* 0x80
values.
2010-03-07 16:40:05 +00:00
Dr. Stephen Henson
9ef6fe8c2e typo 2010-03-07 15:37:37 +00:00
Dr. Stephen Henson
a5667732b9 update ASN1 sign/verify to use EVP_DigestSign and EVP_DigestVerify 2010-03-07 12:05:45 +00:00
Dr. Stephen Henson
148924c1f4 fix indent, newline 2010-03-06 18:14:13 +00:00
Dr. Stephen Henson
fa1ba589f3 Add algorithm specific signature printing. An individual ASN1 method can
now print out signatures instead of the standard hex dump.

More complex signatures (e.g. PSS) can print out more meaningful information.

Sample DSA version included that prints out the signature parameters r, s.

[Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding
 new fields in the middle has no compatibility issues]
2010-03-06 18:05:05 +00:00
Dr. Stephen Henson
c8ef656df2 Make CMAC API similar to HMAC API. Add methods for CMAC. 2010-02-08 15:31:35 +00:00
Dr. Stephen Henson
ec7d16ffdd Check it actually compiles this time ;-) 2009-12-02 14:25:40 +00:00
Dr. Stephen Henson
5656f33cea PR: 2120
Submitted by: steve@openssl.org

Initialize fields correctly if pem_str or info are NULL in  EVP_PKEY_asn1_new().
2009-12-02 13:56:45 +00:00
Dr. Stephen Henson
3d63b3966f Split PBES2 into cipher and PBKDF2 versions. This tidies the code somewhat
and is a pre-requisite to adding password based CMS support.
2009-11-25 22:01:06 +00:00
Dr. Stephen Henson
c18e51ba5e PR: 2088
Submitted by: Aleksey Samsonov <s4ms0n0v@gmail.com>
Approved by: steve@openssl.org

Fix memory leak in d2i_PublicKey().
2009-11-12 19:56:56 +00:00
Dr. Stephen Henson
b599006751 PR: 2090
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
2009-11-10 00:48:07 +00:00
Dr. Stephen Henson
04f9095d9e Fix unitialized warnings 2009-10-04 16:52:51 +00:00
Dr. Stephen Henson
78ca13a272 PR: 2056
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:11:04 +00:00
Dr. Stephen Henson
b6dcdbfc94 Audit libcrypto for unchecked return values: fix all cases enountered 2009-09-23 23:43:49 +00:00
Dr. Stephen Henson
f4274da164 PR: 1644
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
2009-09-06 15:49:46 +00:00
Dr. Stephen Henson
17b5326ba9 PR: 2013
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.
2009-09-02 13:54:50 +00:00
Dr. Stephen Henson
e33d290159 PR: 2004
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org

Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print
2009-08-10 14:56:57 +00:00
Dr. Stephen Henson
d9d0f1b52c Reject leading 0x80 in OID subidentifiers. 2009-08-06 16:32:54 +00:00
Dr. Stephen Henson
512d359e26 Update from 1.0.0-stable. 2009-07-27 21:22:02 +00:00
Dr. Stephen Henson
6e0c9e6008 Update from 1.0.0-stable. 2009-07-11 21:43:50 +00:00
Dr. Stephen Henson
220bd84911 Updates from 1.0.0-stable 2009-04-06 15:22:01 +00:00
Dr. Stephen Henson
14023fe352 Merge from 1.0.0-stable branch. 2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
73ba116e96 Update from stable branch. 2009-03-25 12:54:14 +00:00