Dr. Stephen Henson
85c9ba2342
Support setting of "no purpose" for trust.
...
If the oid parameter is set to NULL in X509_add1_trust_object
create an empty list of trusted purposes corresponding to
"no purpose" if trust is checked.
2013-11-11 22:39:23 +00:00
Ben Laurie
79b9209883
More diagnostics for invalid OIDs.
2013-09-20 14:38:36 +01:00
Veres Lajos
478b50cf67
misspellings fixes by https://github.com/vlajos/misspell_fixer
2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
dc1ce3bc64
Add KDF for DH.
...
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.
Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
5de18d5d0d
Encode INTEGER correctly.
...
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc63c
)
2013-03-18 14:22:08 +00:00
Ben Laurie
975dfb1c6c
make depend.
2013-02-21 18:17:38 +00:00
Ben Laurie
a6bbbf2ff5
Make "make depend" work on MacOS out of the box.
2013-01-19 14:14:30 +00:00
Dr. Stephen Henson
2e8cb108dc
initial support for delta CRL generations by diffing two full CRLs
2012-12-04 18:35:36 +00:00
Dr. Stephen Henson
46a6cec699
Reorganise parameters for OPENSSL_gmtime_diff.
...
Make ASN1_UTCTIME_cmp_time_t more robust by using the new time functions.
2012-11-21 14:13:20 +00:00
Dr. Stephen Henson
360ef6769e
first parameter is difference in days, not years
2012-11-20 15:19:53 +00:00
Dr. Stephen Henson
d223dfe641
make depend
2012-11-19 15:13:33 +00:00
Dr. Stephen Henson
1c455bc084
new function ASN1_TIME_diff to calculate difference between two ASN1_TIME structures
2012-11-19 15:12:07 +00:00
Dr. Stephen Henson
98a7edf9f0
make depend
2012-11-19 13:18:09 +00:00
Dr. Stephen Henson
918e613a32
oops, add missing asn_mstbl.c
2012-10-24 13:27:46 +00:00
Dr. Stephen Henson
30765fed55
New config module for string tables. This can be used to add new
...
multi string components (as used in DN fields or request attributes)
or change the values of existing ones.
2012-10-22 13:05:54 +00:00
Dr. Stephen Henson
d35c0ff30b
fix ASN1_STRING_TABLE_add so it can override existing string table values
2012-10-19 15:06:31 +00:00
Bodo Möller
7f429a5dbf
Fix Valgrind warning.
...
Submitted by: Adam Langley
2012-09-24 19:49:16 +00:00
Dr. Stephen Henson
dfcf48f499
New functions to retrieve certificate signatures and signature OID NID.
2012-06-13 13:08:12 +00:00
Dr. Stephen Henson
4b9e0b5f74
print out issuer and subject unique identifier fields in certificates
2012-06-12 13:41:18 +00:00
Dr. Stephen Henson
4242a090c7
PR: 2813
...
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>
Fix possible deadlock when decoding public keys.
2012-05-11 13:53:37 +00:00
Dr. Stephen Henson
d9a9d10f4f
Check for potentially exploitable overflows in asn1_d2i_read_bio
...
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 16:19:56 +00:00
Andy Polyakov
6da165c631
ans1/tasn_prn.c: avoid bool in variable names.
...
PR: 2776
2012-03-29 17:48:19 +00:00
Dr. Stephen Henson
78dfd43955
corrected fix to PR#2711 and also cover mime_param_cmp
2012-03-12 16:32:19 +00:00
Dr. Stephen Henson
3c6a7cd44b
PR: 2742
...
Reported by: Dmitry Belyavsky <beldmit@gmail.com>
If resigning with detached content in CMS just copy data across.
2012-02-29 14:02:02 +00:00
Dr. Stephen Henson
dc4f678cdc
Fix memory leak cause by race condition when creating public keys.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:02 +00:00
Dr. Stephen Henson
68a7b5ae1e
PR: 2736
...
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
2012-02-27 18:45:28 +00:00
Dr. Stephen Henson
228a8599ff
free headers after use in error message
2012-02-27 16:27:17 +00:00
Dr. Stephen Henson
6941b7b918
PR: 2711
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Tolerate bad MIME headers in parser.
2012-02-23 21:50:44 +00:00
Dr. Stephen Henson
9bd20155ba
fix warning
2012-01-15 13:30:41 +00:00
Andy Polyakov
a50bce82ec
Sanitize usage of <ctype.h> functions. It's important that characters
...
are passed zero-extended, not sign-extended.
PR: 2682
2012-01-12 16:21:35 +00:00
Andy Polyakov
6e913f9901
asn1/t_x509.c: fix serial number print, harmonize with a_int.c.
...
PR: 2675
Submitted by: Annie Yousar
2012-01-11 21:12:22 +00:00
Dr. Stephen Henson
afb14cda8c
Initial experimental support for X9.42 DH parameter format to handle
...
RFC5114 parameters and X9.42 DH public and private keys.
2011-12-07 00:32:34 +00:00
Dr. Stephen Henson
3231e42d72
update pkey method initialisation and copy
2011-10-11 18:15:31 +00:00
Bodo Möller
837e1b6812
Fix memory leak on bad inputs.
2011-09-05 09:57:20 +00:00
Dr. Stephen Henson
a60cc6b4f0
Don't use *from++ in tolower as this is implemented as a macro on some
...
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
2011-09-02 11:28:27 +00:00
Dr. Stephen Henson
9fe51d5f73
PR: 2556 (partial)
...
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:53 +00:00
Dr. Stephen Henson
b507284c7e
correctly encode OIDs near 2^32
2011-06-22 15:15:58 +00:00
Dr. Stephen Henson
9a85e53813
no need to include memory.h
2011-04-30 23:37:42 +00:00
Dr. Stephen Henson
f9678b8b57
Fix memory leak.
2011-02-07 13:34:00 +00:00
Bodo Möller
9d0397e977
make update
2011-02-03 10:17:53 +00:00
Bodo Möller
2440d8b1db
Fix error codes.
2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
df6de39fe7
Change AR to ARX to allow exclusion of fips object modules
2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
7d05edd12e
PR: 2433
...
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve
Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:19:52 +00:00
Dr. Stephen Henson
d3f17e5ed3
stop warning with no-engine
2011-01-13 15:41:58 +00:00
Dr. Stephen Henson
968062b7d3
Fix escaping code for string printing. If *any* escaping is enabled we
...
must escape the escape character itself (backslash).
2011-01-03 01:31:24 +00:00
Dr. Stephen Henson
d7d5a55d22
Support routines for ASN1 scanning function, doesn't do much yet.
2010-12-13 18:15:28 +00:00
Dr. Stephen Henson
8ec3fa0597
fix signature printing routines
2010-10-04 13:58:41 +00:00
Dr. Stephen Henson
39239280f3
Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
...
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.
Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:58:09 +00:00
Ben Laurie
c8bbd98a2b
Fix warnings.
2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
359b0c9fb8
experimental function to convert ASN1_TIME to tm, not used or even compiled in yet
2010-05-03 12:17:44 +00:00