kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
e6eef1ca16
boringssl/crypto/x509
History
David Benjamin 80aa694975 Always push errors on BIO_read_asn1 failure. 
This is consistent with the old behavior of d2i_*_fp and avoids tripping
Conscrypt's unnecessarily fragile error-handling (see
https://github.com/google/conscrypt/pull/552).

Additionally, by source inspection, CPython expects
ASN1_R_HEADER_TOO_LONG on EOF, analogously to PEM_R_NO_START_LINE. Fix
that. The other errors are a bit haphazard in the old implementation
(that code is really hard to follow), so I didn't match it too
carefully. In particular, OpenSSL would report ASN1_R_HEADER_TOO_LONG on
some generic tag parsing, but that is inconsistent with
ASN1_R_HEADER_TOO_LONG being an EOF signal.

Update-Note: https://boringssl-review.googlesource.com/32106 may have
caused some compatibility issues. This should fix it.

Change-Id: Idfe2746ffd7733de4338e14c58a40753e98a791e
Reviewed-on: https://boringssl-review.googlesource.com/c/32444
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-10-11 19:53:15 +00:00
..
a_digest.c
a_sign.c Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. 2017-09-18 19:16:51 +00:00
a_strex.c Use new encoding functions in ASN1_mbstring_ncopy. 2018-05-11 21:58:47 +00:00
a_verify.c Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. 2017-09-18 19:16:51 +00:00
algorithm.c Align EVP_PKEY Ed25519 API with upstream. 2017-06-12 12:04:11 +00:00
asn1_gen.c Sync asn1_gen.c with upstream 1.0.2. 2017-07-05 21:37:08 +00:00
by_dir.c Remove files from Trusty which can't link because of Trusty libc. 2018-04-19 19:06:58 +00:00
by_file.c Fix ERR_GET_REASON checks. 2018-09-26 19:02:42 +00:00
charmap.h
i2d_pr.c
internal.h Align EVP_PKEY Ed25519 API with upstream. 2017-06-12 12:04:11 +00:00
make_many_constraints.go Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
many_constraints.pem Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
many_names1.pem Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
many_names2.pem Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
many_names3.pem Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
rsa_pss.c Align EVP_PKEY Ed25519 API with upstream. 2017-06-12 12:04:11 +00:00
some_names1.pem Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
some_names2.pem Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
some_names3.pem Fix some issues with name constraints test certs. 2017-09-20 21:06:00 +00:00
t_crl.c Replace BIO_new + BIO_set_fp with BIO_new_fp. 2018-09-26 17:21:08 +00:00
t_req.c Replace BIO_new + BIO_set_fp with BIO_new_fp. 2018-09-26 17:21:08 +00:00
t_x509.c Replace BIO_new + BIO_set_fp with BIO_new_fp. 2018-09-26 17:21:08 +00:00
t_x509a.c
vpm_int.h Tighten and test name-checking functions. 2018-03-30 16:50:11 +00:00
x509_att.c
x509_cmp.c Add PKCS12_create. 2018-05-11 21:59:34 +00:00
x509_d2.c
x509_def.c Update location of root certificates on Fuchsia 2018-04-25 21:32:20 +00:00
x509_ext.c
x509_lu.c Add a bunch of X509_STORE getters and setters. 2018-05-11 21:59:58 +00:00
x509_obj.c Unexport more of lhash. 2017-10-25 04:17:18 +00:00
x509_r2x.c
x509_req.c Add some OpenSSL compatibility functions and hacks. 2018-05-08 01:22:04 +00:00
x509_set.c Add some OpenSSL compatibility functions and hacks. 2018-05-08 01:22:04 +00:00
x509_test.cc Always push errors on BIO_read_asn1 failure. 2018-10-11 19:53:15 +00:00
x509_time_test.cc Make X509 time validation stricter. 2018-06-25 17:54:33 +00:00
x509_trs.c Avoid modifying stack in sk_find. 2018-04-12 21:02:12 +00:00
x509_txt.c Unexport more of lhash. 2017-10-25 04:17:18 +00:00
x509_v3.c
x509_vfy.c Don't accept “SSL client” as a substitute for S/MIME in the Netscape cert type extension. 2018-08-06 21:52:28 +00:00
x509_vpm.c Avoid modifying stack in sk_find. 2018-04-12 21:02:12 +00:00
x509.c
x509cset.c Add a pile of compatibility functions. 2018-08-13 23:13:26 +00:00
x509name.c Fix bugs in X509_NAME_add_entry. 2018-05-03 17:40:43 +00:00
x509rset.c
x509spki.c
x_algor.c Const-correct X509_ALGOR_get0. 2017-11-22 22:52:38 +00:00
x_all.c Fix undefined function pointer casts in {d2i,i2d}_Foo_{bio,fp} 2018-10-01 17:34:53 +00:00
x_attrib.c
x_crl.c Correctly find all critical CRL extensions. 2016-10-24 20:09:28 +00:00
x_exten.c
x_info.c
x_name.c Add X509_NAME_get0_der from OpenSSL 1.1.0. 2017-12-06 17:49:04 +00:00
x_pkey.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
x_pubkey.c
x_req.c
x_sig.c
x_spki.c
x_val.c
x_x509.c Add some OpenSSL compatibility functions and hacks. 2018-05-08 01:22:04 +00:00
x_x509a.c Delete some dead code from crypto/x509. 2017-06-09 19:58:08 +00:00