kris
/
boringssl
1
0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4677 Ревизии
12 Клонове
38 MiB
ИН на ревизия: 01f26f3f32
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '01f26f3f32'
${ noResults }
boringssl/crypto/asn1/asn1_lib.c

asn1_lib.c 12 KiB
Директен файл Normal View История

Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
Remove string.h from base.h. Including string.h in base.h causes any file that includes a BoringSSL header to include string.h. Generally this wouldn't be a problem, although string.h might slow down the compile if it wasn't otherwise needed. However, it also causes problems for ipsec-tools in Android because OpenSSL didn't have this behaviour. This change removes string.h from base.h and, instead, adds it to each .c file that requires it. Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37 Reviewed-on: https://boringssl-review.googlesource.com/3200 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 9 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
Add visibility rules. This change marks public symbols as dynamically exported. This means that it becomes viable to build a shared library of libcrypto and libssl with -fvisibility=hidden. On Windows, one not only needs to mark functions for export in a component, but also for import when using them from a different component. Because of this we have to build with |BORINGSSL_IMPLEMENTATION| defined when building the code. Other components, when including our headers, won't have that defined and then the |OPENSSL_EXPORT| tag becomes an import tag instead. See the #defines in base.h In the asm code, symbols are now hidden by default and those that need to be exported are wrapped by a C function. In order to support Chromium, a couple of libssl functions were moved to ssl.h from ssl_locl.h: ssl_get_new_session and ssl_update_cache. Change-Id: Ib4b76e2f1983ee066e7806c24721e8626d08a261 Reviewed-on: https://boringssl-review.googlesource.com/1350 Reviewed-by: Adam Langley <agl@google.com>
преди 10 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
Work around language and compiler bug in memcpy, etc. Most C standard library functions are undefined if passed NULL, even when the corresponding length is zero. This gives them (and, in turn, all functions which call them) surprising behavior on empty arrays. Some compilers will miscompile code due to this rule. See also https://www.imperialviolet.org/2016/06/26/nonnull.html Add OPENSSL_memcpy, etc., wrappers which avoid this problem. BUG=23 Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e Reviewed-on: https://boringssl-review.googlesource.com/12928 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
преди 7 години
Match upstream's error codes for the old sigalg code. People seem to condition on these a lot. Since this code has now been moved twice, just make them all cross-module errors rather than leave a trail of renamed error codes in our wake. Change-Id: Iea18ab3d320f03cf29a64a27acca119768c4115c Reviewed-on: https://boringssl-review.googlesource.com/7431 Reviewed-by: Emily Stark (Dunn) <estark@google.com> Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
Remove trailing ';' from macros For consistency and to avoid a pedantic GCC warning (even though it's mostly old legacy code). Change-Id: Iea63eb0a82ff52914adc33b83e48450f4f6a49ef Reviewed-on: https://boringssl-review.googlesource.com/11021 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
преди 8 години
Fix cross-module errors. Some files in crypto/x509 were moved from crypto/asn1, so they emit errors from another module. Fix make_errors.go to account for this: cross module errors must use the foreign module as the first argument to OPENSSL_PUT_ERROR. Both the function code and the error code should be declared in the foreign module. Update make_errors.go to ignore cross-module error lines when deciding which function tokens to emit. Change-Id: Ic38377ddd56e22d033ef91318c30510762f6445d Reviewed-on: https://boringssl-review.googlesource.com/3383 Reviewed-by: Adam Langley <agl@google.com>
преди 9 години
Match upstream's error codes for the old sigalg code. People seem to condition on these a lot. Since this code has now been moved twice, just make them all cross-module errors rather than leave a trail of renamed error codes in our wake. Change-Id: Iea18ab3d320f03cf29a64a27acca119768c4115c Reviewed-on: https://boringssl-review.googlesource.com/7431 Reviewed-by: Emily Stark (Dunn) <estark@google.com> Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
Remove trailing ';' from macros For consistency and to avoid a pedantic GCC warning (even though it's mostly old legacy code). Change-Id: Iea63eb0a82ff52914adc33b83e48450f4f6a49ef Reviewed-on: https://boringssl-review.googlesource.com/11021 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Remove trailing ';' from macros For consistency and to avoid a pedantic GCC warning (even though it's mostly old legacy code). Change-Id: Iea63eb0a82ff52914adc33b83e48450f4f6a49ef Reviewed-on: https://boringssl-review.googlesource.com/11021 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix buffer overrun in ASN1_parse() and signed/unsigned warning. (Imported from upstream's 2442382e11c022aaab4fdc6975bd15d5a75c4db2 and 0ca67644ddedfd656d43a6639d89a6236ff64652) Change-Id: I601ef07e39f936e8f3e30412fd90cd339d712dc4 Reviewed-on: https://boringssl-review.googlesource.com/7742 Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
ASN1_get_object should not accept large universal tags. The high bits of the type get used for the V_ASN1_NEG bit, so when used with ASN1_ANY/ASN1_TYPE, universal tags become ambiguous. This allows one to create a negative zero, which should be impossible. Impose an upper bound on universal tags accepted by crypto/asn1 and add a test. BUG=590615 Change-Id: I363e01ebfde621c8865101f5bcbd5f323fb59e79 Reviewed-on: https://boringssl-review.googlesource.com/7238 Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix buffer overrun in ASN1_parse() and signed/unsigned warning. (Imported from upstream's 2442382e11c022aaab4fdc6975bd15d5a75c4db2 and 0ca67644ddedfd656d43a6639d89a6236ff64652) Change-Id: I601ef07e39f936e8f3e30412fd90cd339d712dc4 Reviewed-on: https://boringssl-review.googlesource.com/7742 Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
ASN1 sanity check. Primitive encodings shouldn't use indefinite length constructed form. PR#2438 (partial). (Imported from upstream's 9223a31eb72dc46085ce97736c119c541973511e) Change-Id: I832d0bcda491c03c799b7b70184a1a3ec16b1592
преди 10 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix buffer overrun in ASN1_parse() and signed/unsigned warning. (Imported from upstream's 2442382e11c022aaab4fdc6975bd15d5a75c4db2 and 0ca67644ddedfd656d43a6639d89a6236ff64652) Change-Id: I601ef07e39f936e8f3e30412fd90cd339d712dc4 Reviewed-on: https://boringssl-review.googlesource.com/7742 Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix buffer overrun in ASN1_parse() and signed/unsigned warning. (Imported from upstream's 2442382e11c022aaab4fdc6975bd15d5a75c4db2 and 0ca67644ddedfd656d43a6639d89a6236ff64652) Change-Id: I601ef07e39f936e8f3e30412fd90cd339d712dc4 Reviewed-on: https://boringssl-review.googlesource.com/7742 Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix buffer overrun in ASN1_parse() and signed/unsigned warning. (Imported from upstream's 2442382e11c022aaab4fdc6975bd15d5a75c4db2 and 0ca67644ddedfd656d43a6639d89a6236ff64652) Change-Id: I601ef07e39f936e8f3e30412fd90cd339d712dc4 Reviewed-on: https://boringssl-review.googlesource.com/7742 Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix buffer overrun in ASN1_parse() and signed/unsigned warning. (Imported from upstream's 2442382e11c022aaab4fdc6975bd15d5a75c4db2 and 0ca67644ddedfd656d43a6639d89a6236ff64652) Change-Id: I601ef07e39f936e8f3e30412fd90cd339d712dc4 Reviewed-on: https://boringssl-review.googlesource.com/7742 Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix buffer overrun in ASN1_parse() and signed/unsigned warning. (Imported from upstream's 2442382e11c022aaab4fdc6975bd15d5a75c4db2 and 0ca67644ddedfd656d43a6639d89a6236ff64652) Change-Id: I601ef07e39f936e8f3e30412fd90cd339d712dc4 Reviewed-on: https://boringssl-review.googlesource.com/7742 Reviewed-by: David Benjamin <davidben@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Check for overflows in ASN1_object_size(). (Imported from upstream's b10c10422a9ec4db426be3ef99031f0807d2ded0, ff8b6b92f44c682ad78f60c32ec154e0bfabebb2, and 134ab5139a8d41455a81d9fcc31b3edb8a4b2f5c.) Change-Id: Icf1661a4d0249ae5af72cda15b12822b86e35a82 Reviewed-on: https://boringssl-review.googlesource.com/10361 CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Check for overflows in ASN1_object_size(). (Imported from upstream's b10c10422a9ec4db426be3ef99031f0807d2ded0, ff8b6b92f44c682ad78f60c32ec154e0bfabebb2, and 134ab5139a8d41455a81d9fcc31b3edb8a4b2f5c.) Change-Id: Icf1661a4d0249ae5af72cda15b12822b86e35a82 Reviewed-on: https://boringssl-review.googlesource.com/10361 CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Check for overflows in ASN1_object_size(). (Imported from upstream's b10c10422a9ec4db426be3ef99031f0807d2ded0, ff8b6b92f44c682ad78f60c32ec154e0bfabebb2, and 134ab5139a8d41455a81d9fcc31b3edb8a4b2f5c.) Change-Id: Icf1661a4d0249ae5af72cda15b12822b86e35a82 Reviewed-on: https://boringssl-review.googlesource.com/10361 CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Fix off by 1 in ASN1_STRING_set() (Imported from upstream's 061d6c25ba7cb0524756a872e92da1de2d494d68.) Change-Id: I817c5919a48316401a028f6dbc16461e8599fe1d Reviewed-on: https://boringssl-review.googlesource.com/10560 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
преди 8 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Work around language and compiler bug in memcpy, etc. Most C standard library functions are undefined if passed NULL, even when the corresponding length is zero. This gives them (and, in turn, all functions which call them) surprising behavior on empty arrays. Some compilers will miscompile code due to this rule. See also https://www.imperialviolet.org/2016/06/26/nonnull.html Add OPENSSL_memcpy, etc., wrappers which avoid this problem. BUG=23 Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e Reviewed-on: https://boringssl-review.googlesource.com/12928 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
преди 7 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Work around language and compiler bug in memcpy, etc. Most C standard library functions are undefined if passed NULL, even when the corresponding length is zero. This gives them (and, in turn, all functions which call them) surprising behavior on empty arrays. Some compilers will miscompile code due to this rule. See also https://www.imperialviolet.org/2016/06/26/nonnull.html Add OPENSSL_memcpy, etc., wrappers which avoid this problem. BUG=23 Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e Reviewed-on: https://boringssl-review.googlesource.com/12928 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
преди 7 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
преди 10 години
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
Switch OPENSSL_VERSION_NUMBER to 1.1.0. Although we are derived from 1.0.2, we mimic 1.1.0 in some ways around our FOO_up_ref functions and opaque libssl types. This causes some difficulties when porting third-party code as any OPENSSL_VERSION_NUMBER checks for 1.1.0 APIs we have will be wrong. Moreover, adding accessors without changing OPENSSL_VERSION_NUMBER can break external projects. It is common to implement a compatibility version of an accessor under #ifdef as a static function. This then conflicts with our headers if we, unlike OpenSSL 1.0.2, have this function. This change switches OPENSSL_VERSION_NUMBER to 1.1.0 and atomically adds enough accessors for software with 1.1.0 support already. The hope is this will unblock hiding SSL_CTX and SSL_SESSION, which will be especially useful with C++-ficiation. The cost is we will hit some growing pains as more 1.1.0 consumers enter the ecosystem and we converge on the right set of APIs to import from upstream. It does not remove any 1.0.2 APIs, so we will not require that all projects support 1.1.0. The exception is APIs which changed in 1.1.0 but did not change the function signature. Those are breaking changes. Specifically: - SSL_CTX_sess_set_get_cb is now const-correct. - X509_get0_signature is now const-correct. For C++ consumers only, this change temporarily includes an overload hack for SSL_CTX_sess_set_get_cb that keeps the old callback working. This is a workaround for Node not yet supporting OpenSSL 1.1.0. The version number is set at (the as yet unreleased) 1.1.0g to denote that this change includes https://github.com/openssl/openssl/pull/4384. Bug: 91 Change-Id: I5eeb27448a6db4c25c244afac37f9604d9608a76 Reviewed-on: https://boringssl-review.googlesource.com/10340 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
преди 8 години
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442 
  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/asn1.h>

  58. 

  59. #include <limits.h>

  60. #include <string.h>

  61. 

  62. #include <openssl/asn1_mac.h>

  63. #include <openssl/err.h>

  64. #include <openssl/mem.h>

  65. 

  66. #include "../internal.h"

  67. 

  68. 

  69. /* Cross-module errors from crypto/x509/i2d_pr.c. */

  70. OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE)

  71. 

  72. /* Cross-module errors from crypto/x509/algorithm.c. */

  73. OPENSSL_DECLARE_ERROR_REASON(ASN1, CONTEXT_NOT_INITIALISED)

  74. OPENSSL_DECLARE_ERROR_REASON(ASN1, DIGEST_AND_KEY_TYPE_NOT_SUPPORTED)

  75. OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_MESSAGE_DIGEST_ALGORITHM)

  76. OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_SIGNATURE_ALGORITHM)

  77. OPENSSL_DECLARE_ERROR_REASON(ASN1, WRONG_PUBLIC_KEY_TYPE)

  78. /*

  79.  * Cross-module errors from crypto/x509/asn1_gen.c. TODO(davidben): Remove

  80.  * these once asn1_gen.c is gone.

  81.  */

  82. OPENSSL_DECLARE_ERROR_REASON(ASN1, DEPTH_EXCEEDED)

  83. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BITSTRING_FORMAT)

  84. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BOOLEAN)

  85. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_FORMAT)

  86. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_HEX)

  87. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_IMPLICIT_TAG)

  88. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_INTEGER)

  89. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_NESTED_TAGGING)

  90. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_NULL_VALUE)

  91. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_OBJECT)

  92. OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_TIME_VALUE)

  93. OPENSSL_DECLARE_ERROR_REASON(ASN1, INTEGER_NOT_ASCII_FORMAT)

  94. OPENSSL_DECLARE_ERROR_REASON(ASN1, INVALID_MODIFIER)

  95. OPENSSL_DECLARE_ERROR_REASON(ASN1, INVALID_NUMBER)

  96. OPENSSL_DECLARE_ERROR_REASON(ASN1, LIST_ERROR)

  97. OPENSSL_DECLARE_ERROR_REASON(ASN1, MISSING_VALUE)

  98. OPENSSL_DECLARE_ERROR_REASON(ASN1, NOT_ASCII_FORMAT)

  99. OPENSSL_DECLARE_ERROR_REASON(ASN1, OBJECT_NOT_ASCII_FORMAT)

  100. OPENSSL_DECLARE_ERROR_REASON(ASN1, SEQUENCE_OR_SET_NEEDS_CONFIG)

  101. OPENSSL_DECLARE_ERROR_REASON(ASN1, TIME_NOT_ASCII_FORMAT)

  102. OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_FORMAT)

  103. OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_TAG)

  104. OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_TYPE)

  105. 

  106. static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,

  107.                            long max);

  108. static void asn1_put_length(unsigned char **pp, int length);

  109. 

  110. int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,

  111.                     int *pclass, long omax)

  112. {

  113.     int i, ret;

  114.     long l;

  115.     const unsigned char *p = *pp;

  116.     int tag, xclass, inf;

  117.     long max = omax;

  118. 

  119.     if (!max)

  120.         goto err;

  121.     ret = (*p & V_ASN1_CONSTRUCTED);

  122.     xclass = (*p & V_ASN1_PRIVATE);

  123.     i = *p & V_ASN1_PRIMITIVE_TAG;

  124.     if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */

  125.         p++;

  126.         if (--max == 0)

  127.             goto err;

  128.         l = 0;

  129.         while (*p & 0x80) {

  130.             l <<= 7L;

  131.             l |= *(p++) & 0x7f;

  132.             if (--max == 0)

  133.                 goto err;

  134.             if (l > (INT_MAX >> 7L))

  135.                 goto err;

  136.         }

  137.         l <<= 7L;

  138.         l |= *(p++) & 0x7f;

  139.         tag = (int)l;

  140.         if (--max == 0)

  141.             goto err;

  142.     } else {

  143.         tag = i;

  144.         p++;

  145.         if (--max == 0)

  146.             goto err;

  147.     }

  148. 

  149.     /* To avoid ambiguity with V_ASN1_NEG, impose a limit on universal tags. */

  150.     if (xclass == V_ASN1_UNIVERSAL && tag > V_ASN1_MAX_UNIVERSAL)

  151.         goto err;

  152. 

  153.     *ptag = tag;

  154.     *pclass = xclass;

  155.     if (!asn1_get_length(&p, &inf, plength, max))

  156.         goto err;

  157. 

  158.     if (inf && !(ret & V_ASN1_CONSTRUCTED))

  159.         goto err;

  160. 

  161. #if 0

  162.     fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d  (%d > %d)\n",

  163.             (int)p, *plength, omax, (int)*pp, (int)(p + *plength),

  164.             (int)(omax + *pp));

  165. 

  166. #endif

  167.     if (*plength > (omax - (p - *pp))) {

  168.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);

  169.         /*

  170.          * Set this so that even if things are not long enough the values are

  171.          * set correctly

  172.          */

  173.         ret |= 0x80;

  174.     }

  175.     *pp = p;

  176.     return (ret | inf);

  177.  err:

  178.     OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG);

  179.     return (0x80);

  180. }

  181. 

  182. static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,

  183.                            long max)

  184. {

  185.     const unsigned char *p = *pp;

  186.     unsigned long ret = 0;

  187.     unsigned long i;

  188. 

  189.     if (max-- < 1)

  190.         return 0;

  191.     if (*p == 0x80) {

  192.         *inf = 1;

  193.         ret = 0;

  194.         p++;

  195.     } else {

  196.         *inf = 0;

  197.         i = *p & 0x7f;

  198.         if (*(p++) & 0x80) {

  199.             if (i > sizeof(ret) || max < (long)i)

  200.                 return 0;

  201.             while (i-- > 0) {

  202.                 ret <<= 8L;

  203.                 ret |= *(p++);

  204.             }

  205.         } else

  206.             ret = i;

  207.     }

  208.     if (ret > LONG_MAX)

  209.         return 0;

  210.     *pp = p;

  211.     *rl = (long)ret;

  212.     return 1;

  213. }

  214. 

  215. /*

  216.  * class 0 is constructed constructed == 2 for indefinite length constructed

  217.  */

  218. void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,

  219.                      int xclass)

  220. {

  221.     unsigned char *p = *pp;

  222.     int i, ttag;

  223. 

  224.     i = (constructed) ? V_ASN1_CONSTRUCTED : 0;

  225.     i |= (xclass & V_ASN1_PRIVATE);

  226.     if (tag < 31)

  227.         *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);

  228.     else {

  229.         *(p++) = i | V_ASN1_PRIMITIVE_TAG;

  230.         for (i = 0, ttag = tag; ttag > 0; i++)

  231.             ttag >>= 7;

  232.         ttag = i;

  233.         while (i-- > 0) {

  234.             p[i] = tag & 0x7f;

  235.             if (i != (ttag - 1))

  236.                 p[i] |= 0x80;

  237.             tag >>= 7;

  238.         }

  239.         p += ttag;

  240.     }

  241.     if (constructed == 2)

  242.         *(p++) = 0x80;

  243.     else

  244.         asn1_put_length(&p, length);

  245.     *pp = p;

  246. }

  247. 

  248. int ASN1_put_eoc(unsigned char **pp)

  249. {

  250.     unsigned char *p = *pp;

  251.     *p++ = 0;

  252.     *p++ = 0;

  253.     *pp = p;

  254.     return 2;

  255. }

  256. 

  257. static void asn1_put_length(unsigned char **pp, int length)

  258. {

  259.     unsigned char *p = *pp;

  260.     int i, l;

  261.     if (length <= 127)

  262.         *(p++) = (unsigned char)length;

  263.     else {

  264.         l = length;

  265.         for (i = 0; l > 0; i++)

  266.             l >>= 8;

  267.         *(p++) = i | 0x80;

  268.         l = i;

  269.         while (i-- > 0) {

  270.             p[i] = length & 0xff;

  271.             length >>= 8;

  272.         }

  273.         p += l;

  274.     }

  275.     *pp = p;

  276. }

  277. 

  278. int ASN1_object_size(int constructed, int length, int tag)

  279. {

  280.     int ret = 1;

  281.     if (length < 0)

  282.         return -1;

  283.     if (tag >= 31) {

  284.         while (tag > 0) {

  285.             tag >>= 7;

  286.             ret++;

  287.         }

  288.     }

  289.     if (constructed == 2) {

  290.         ret += 3;

  291.     } else {

  292.         ret++;

  293.         if (length > 127) {

  294.             int tmplen = length;

  295.             while (tmplen > 0) {

  296.                 tmplen >>= 8;

  297.                 ret++;

  298.             }

  299.         }

  300.     }

  301.     if (ret >= INT_MAX - length)

  302.         return -1;

  303.     return ret + length;

  304. }

  305. 

  306. int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)

  307. {

  308.     if (str == NULL)

  309.         return 0;

  310.     dst->type = str->type;

  311.     if (!ASN1_STRING_set(dst, str->data, str->length))

  312.         return 0;

  313.     dst->flags = str->flags;

  314.     return 1;

  315. }

  316. 

  317. ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)

  318. {

  319.     ASN1_STRING *ret;

  320.     if (!str)

  321.         return NULL;

  322.     ret = ASN1_STRING_new();

  323.     if (!ret)

  324.         return NULL;

  325.     if (!ASN1_STRING_copy(ret, str)) {

  326.         ASN1_STRING_free(ret);

  327.         return NULL;

  328.     }

  329.     return ret;

  330. }

  331. 

  332. int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)

  333. {

  334.     unsigned char *c;

  335.     const char *data = _data;

  336. 

  337.     if (len < 0) {

  338.         if (data == NULL)

  339.             return (0);

  340.         else

  341.             len = strlen(data);

  342.     }

  343.     if ((str->length <= len) || (str->data == NULL)) {

  344.         c = str->data;

  345.         if (c == NULL)

  346.             str->data = OPENSSL_malloc(len + 1);

  347.         else

  348.             str->data = OPENSSL_realloc(c, len + 1);

  349. 

  350.         if (str->data == NULL) {

  351.             OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  352.             str->data = c;

  353.             return (0);

  354.         }

  355.     }

  356.     str->length = len;

  357.     if (data != NULL) {

  358.         OPENSSL_memcpy(str->data, data, len);

  359.         /* an allowance for strings :-) */

  360.         str->data[len] = '\0';

  361.     }

  362.     return (1);

  363. }

  364. 

  365. void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)

  366. {

  367.     if (str->data)

  368.         OPENSSL_free(str->data);

  369.     str->data = data;

  370.     str->length = len;

  371. }

  372. 

  373. ASN1_STRING *ASN1_STRING_new(void)

  374. {

  375.     return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));

  376. }

  377. 

  378. ASN1_STRING *ASN1_STRING_type_new(int type)

  379. {

  380.     ASN1_STRING *ret;

  381. 

  382.     ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));

  383.     if (ret == NULL) {

  384.         OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  385.         return (NULL);

  386.     }

  387.     ret->length = 0;

  388.     ret->type = type;

  389.     ret->data = NULL;

  390.     ret->flags = 0;

  391.     return (ret);

  392. }

  393. 

  394. void ASN1_STRING_free(ASN1_STRING *a)

  395. {

  396.     if (a == NULL)

  397.         return;

  398.     if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))

  399.         OPENSSL_free(a->data);

  400.     OPENSSL_free(a);

  401. }

  402. 

  403. int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)

  404. {

  405.     int i;

  406. 

  407.     i = (a->length - b->length);

  408.     if (i == 0) {

  409.         i = OPENSSL_memcmp(a->data, b->data, a->length);

  410.         if (i == 0)

  411.             return (a->type - b->type);

  412.         else

  413.             return (i);

  414.     } else

  415.         return (i);

  416. }

  417. 

  418. int ASN1_STRING_length(const ASN1_STRING *x)

  419. {

  420.     return M_ASN1_STRING_length(x);

  421. }

  422. 

  423. void ASN1_STRING_length_set(ASN1_STRING *x, int len)

  424. {

  425.     M_ASN1_STRING_length_set(x, len);

  426.     return;

  427. }

  428. 

  429. int ASN1_STRING_type(ASN1_STRING *x)

  430. {

  431.     return M_ASN1_STRING_type(x);

  432. }

  433. 

  434. unsigned char *ASN1_STRING_data(ASN1_STRING *x)

  435. {

  436.     return M_ASN1_STRING_data(x);

  437. }

  438. 

  439. const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x)

  440. {

  441.     return x->data;

  442. }