Dr. Stephen Henson
c776a3f398
make update
2014-01-06 13:33:27 +00:00
Dr. Stephen Henson
60df657b3a
make update
2013-12-08 13:23:14 +00:00
Dr. Stephen Henson
85615e33e5
Encode INTEGER correctly.
...
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc63c
)
2013-03-18 14:21:56 +00:00
Dr. Stephen Henson
62e4506a7d
Don't try and verify signatures if key is NULL (CVE-2013-0166)
...
Add additional check to catch this in ASN1_item_verify too.
2013-01-29 16:49:24 +00:00
Bodo Möller
bcc0e4ca7c
Fix Valgrind warning.
...
Submitted by: Adam Langley
2012-09-24 19:49:42 +00:00
Dr. Stephen Henson
eeca72f71e
PR: 2813
...
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>
Fix possible deadlock when decoding public keys.
2012-05-11 13:52:46 +00:00
Dr. Stephen Henson
8d5505d099
Check for potentially exploitable overflows in asn1_d2i_read_bio
...
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 12:13:59 +00:00
Andy Polyakov
2a477ccf0b
ans1/tasn_prn.c: avoid bool in variable names [from HEAD].
...
PR: 2776
2012-03-29 17:48:43 +00:00
Dr. Stephen Henson
f0729fc3e0
corrected fix to PR#2711 and also cover mime_param_cmp
2012-03-12 16:29:47 +00:00
Dr. Stephen Henson
a8595879ec
PR: 2742
...
Reported by: Dmitry Belyavsky <beldmit@gmail.com>
If resigning with detached content in CMS just copy data across.
2012-02-29 14:01:53 +00:00
Dr. Stephen Henson
33a688e806
Fix memory leak cause by race condition when creating public keys.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:16 +00:00
Dr. Stephen Henson
250f979237
PR: 2736
...
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
2012-02-27 18:45:18 +00:00
Dr. Stephen Henson
0a082e9b37
free headers after use in error message
2012-02-27 16:27:09 +00:00
Dr. Stephen Henson
697e4edcad
PR: 2711
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Tolerate bad MIME headers in parser.
2012-02-23 21:50:32 +00:00
Dr. Stephen Henson
9138e3c061
fix warning
2012-01-15 13:30:52 +00:00
Andy Polyakov
9b2a29660b
Sanitize usage of <ctype.h> functions. It's important that characters
...
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
2012-01-12 16:28:03 +00:00
Andy Polyakov
958e6a75a1
asn1/t_x509.c: fix serial number print, harmonize with a_int.c [from HEAD].
...
PR: 2675
Submitted by: Annie Yousar
2012-01-11 21:12:47 +00:00
Bodo Möller
67f8de9ab8
"make update"
2011-10-19 15:24:44 +00:00
Dr. Stephen Henson
6841abe842
update pkey method initialisation and copy
2011-10-11 18:16:02 +00:00
Dr. Stephen Henson
9309ea6617
Backport PSS signature support from HEAD.
2011-10-09 23:13:50 +00:00
Dr. Stephen Henson
5473b6bc2f
Fix memory leak. From HEAD.
2011-10-09 16:04:17 +00:00
Dr. Stephen Henson
dc100d87b5
Backport of password based CMS support from HEAD.
2011-10-09 15:28:02 +00:00
Dr. Stephen Henson
e34a303ce1
make depend
2011-09-16 23:15:22 +00:00
Dr. Stephen Henson
0ae7c43fa5
Improved error checking for DRBG calls.
...
New functionality to allow default DRBG type to be set during compilation
or during runtime.
2011-09-16 23:08:57 +00:00
Bodo Möller
7f1022a8b1
Fix memory leak on bad inputs.
2011-09-05 09:57:15 +00:00
Dr. Stephen Henson
91e97cbe4c
Don't use *from++ in tolower as this is implemented as a macro on some
...
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
2011-09-02 11:28:18 +00:00
Dr. Stephen Henson
2305ae5d8c
PR: 2556 (partial)
...
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:36 +00:00
Dr. Stephen Henson
33c98a28ac
correctly encode OIDs near 2^32
2011-06-22 15:15:48 +00:00
Dr. Stephen Henson
24d7159abd
Backport libcrypto audit: check return values of EVP functions instead
...
of assuming they will always suceed.
2011-06-03 20:53:00 +00:00
Dr. Stephen Henson
d99e6b5014
New function X509_ALGOR_set_md() to set X509_ALGOR (DigestAlgorithmIdentifier) from a digest algorithm (backport from HEAD).
2011-06-03 18:35:49 +00:00
Dr. Stephen Henson
260d08b814
Backport CMAC support from HEAD.
2011-06-03 15:08:42 +00:00
Dr. Stephen Henson
dca30c44f5
no need to include memory.h
2011-04-30 23:38:05 +00:00
Dr. Stephen Henson
d3203b931e
PR: 2433
...
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve
Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:20:05 +00:00
Dr. Stephen Henson
bbbf0d45ba
stop warning with no-engine
2011-01-13 15:42:47 +00:00
Dr. Stephen Henson
e501dbb658
Fix escaping code for string printing. If *any* escaping is enabled we
...
must escape the escape character itself (backslash).
2011-01-03 01:30:58 +00:00
Dr. Stephen Henson
945ba0300d
Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
...
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.
Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:56:25 +00:00
Dr. Stephen Henson
e97359435e
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
06226df1a9
The OID sanity check was incorrect. It should only disallow *leading* 0x80
...
values.
2010-03-07 16:40:19 +00:00
Dr. Stephen Henson
50f06b46f4
Check it actually compiles this time ;-)
2009-12-02 14:25:55 +00:00
Dr. Stephen Henson
be6076c0ad
PR: 2120
...
Submitted by: steve@openssl.org
Initialize fields correctly if pem_str or info are NULL in EVP_PKEY_asn1_new().
2009-12-02 13:57:03 +00:00
Dr. Stephen Henson
4434328b0a
PR: 2088
...
Submitted by: Aleksey Samsonov <s4ms0n0v@gmail.com>
Approved by: steve@openssl.org
Fix memory leak in d2i_PublicKey().
2009-11-12 19:57:39 +00:00
Dr. Stephen Henson
bf6eea6536
PR: 2090
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
Improve error checking in asn1_gen.c
2009-11-10 00:47:37 +00:00
Dr. Stephen Henson
ad187f8905
Fix unitialized warnings
2009-10-04 16:52:35 +00:00
Dr. Stephen Henson
fed5333248
PR: 2056
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:11:49 +00:00
Dr. Stephen Henson
6c29853bf2
PR: 1644
...
Submitted by: steve@openssl.org
Fix to make DHparams_dup() et al work in C++.
For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
2009-09-06 15:49:12 +00:00
Dr. Stephen Henson
e5eb96c83a
PR: 2013
...
Submitted by: steve@openssl.org
Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.
Add error checking to CRL generation in ca utility when nextUpdate is being
set.
2009-09-02 13:55:22 +00:00
Dr. Stephen Henson
ff0945cbdc
PR: 2004
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org
Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print
2009-08-10 14:57:11 +00:00
Dr. Stephen Henson
ec6158d029
PR: 1996
...
Submitted by: steve@openssl.org
Change conflicting name "BLOCK" to "OPENSSL_BLOCK".
2009-07-27 21:21:25 +00:00
Dr. Stephen Henson
b4c81fb6db
Update from 0.9.8-stable
2009-07-24 11:15:55 +00:00
Dr. Stephen Henson
0c644f1462
PR: 1985
...
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org
Initialise flags.
2009-07-11 21:42:47 +00:00