wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/asn1
History
Matt Caswell bcc6371443 Fix a text canonicalisation bug in CMS 
Where a CMS detached signature is used with text content the text goes
through a canonicalisation process first prior to signing or verifying a
signature. This process strips trailing space at the end of lines, converts
line terminators to CRLF and removes additional trailing line terminators
at the end of a file. A bug in the canonicalisation process meant that
some characters, such as form-feed, were incorrectly treated as whitespace
and removed. This is contrary to the specification (RFC5485). This fix
could mean that detached text data signed with an earlier version of
OpenSSL 1.1.0 may fail to verify using the fixed version, or text data
signed with a fixed OpenSSL may fail to verify with an earlier version of
OpenSSL 1.1.0. A workaround is to only verify the canonicalised text data
and use the "-binary" flag (for the "cms" command line application) or set
the SMIME_BINARY/PKCS7_BINARY/CMS_BINARY flags (if using CMS_verify()).

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5790)
2018-04-03 15:52:31 +01:00
..
a_bitstr.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_d2i_fp.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_digest.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_dup.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_gentm.c This has been added to avoid the situation where some host ctype.h functions 2017-08-22 09:45:25 +10:00
a_i2d_fp.c Add error handling in dsa_main and ASN1_i2d_bio. 2017-11-03 15:46:51 +01:00
a_int.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_mbstr.c This has been added to avoid the situation where some host ctype.h functions 2017-08-22 09:45:25 +10:00
a_object.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
a_octet.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_print.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_sign.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_strex.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
a_strnid.c This has been added to avoid the situation where some host ctype.h functions 2017-08-22 09:45:25 +10:00
a_time.c Fix return value of ASN1_TIME_compare 2017-08-30 11:24:02 -04:00
a_type.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
a_utctm.c This has been added to avoid the situation where some host ctype.h functions 2017-08-22 09:45:25 +10:00
a_utf8.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_verify.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ameth_lib.c Add functions for setting the new EVP_PKEY_ASN1_METHOD functions 2018-03-15 12:47:27 +00:00
asn1_err.c Limit ASN.1 constructed types recursive definition depth 2018-03-27 10:22:49 +01:00
asn1_gen.c Constify ASN1_generate_nconf 2016-06-04 21:30:41 -04:00
asn1_item_list.c Fix config option 'no-deprecated' 2016-10-19 12:11:56 +02:00
asn1_item_list.h make scrypt ASN.1 parameter functions public 2017-07-26 15:04:54 -04:00
asn1_lib.c Change return (x) to return x 2017-07-14 07:32:58 +10:00
asn1_locl.h asn1_item_embed_new(): don't free an embedded item 2017-10-24 20:52:12 +02:00
asn1_par.c Memory bounds checking in asn1 code. 2017-07-06 12:59:51 +10:00
asn_mime.c Fix a text canonicalisation bug in CMS 2018-04-03 15:52:31 +01:00
asn_moid.c This has been added to avoid the situation where some host ctype.h functions 2017-08-22 09:45:25 +10:00
asn_mstbl.c This has been added to avoid the situation where some host ctype.h functions 2017-08-22 09:45:25 +10:00
asn_pack.c Constify ASN1_item_unpack(). 2016-08-17 12:01:29 +01:00
bio_asn1.c Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
bio_ndef.c Add more zalloc 2016-05-29 01:36:11 +02:00
build.info Implement internal ASN.1 types INT32, UINT32, INT64, UINT64 2017-04-04 11:29:23 +02:00
charmap.h Generate copyright year properly 2018-02-13 13:22:30 -05:00
charmap.pl Update copyright year 2018-02-27 13:59:42 +00:00
d2i_pr.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
d2i_pu.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
evp_asn1.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
f_int.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
f_string.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
i2d_pr.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
i2d_pu.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
n_pkey.c ASN.1: adapt our use of INTxx et al by making them explicitely embedded 2017-04-13 10:23:31 +02:00
nsseq.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
p5_pbe.c Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data(). 2016-08-16 16:05:35 +01:00
p5_pbev2.c Clean one unused variable, plus an useless one. 2017-01-18 15:19:24 +01:00
p5_scrypt.c make scrypt ASN.1 parameter functions public 2017-07-26 15:04:54 -04:00
p8_pkey.c Constify private key decode. 2016-08-17 12:01:29 +01:00
standard_methods.h Update copyright year 2018-03-20 13:08:46 +00:00
t_bitst.c Constify some input buffers in asn1 2016-06-15 13:22:38 -04:00
t_pkey.c Constify ASN1_buf_print 2016-07-25 08:20:00 -04:00
t_spki.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
tasn_dec.c Update copyright year 2018-04-03 13:57:12 +01:00
tasn_enc.c Update copyright year 2018-04-03 13:57:12 +01:00
tasn_fre.c asn1_item_embed_new(): don't free an embedded item 2017-10-24 20:52:12 +02:00
tasn_new.c asn1_item_embed_new(): if locking failed, don't call asn1_item_embed_free() 2017-10-24 20:52:12 +02:00
tasn_prn.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
tasn_scn.c Add more zalloc 2016-05-29 01:36:11 +02:00
tasn_typ.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
tasn_utl.c Move the REF_PRINT support from e_os.h to internal/refcount.h. 2017-08-30 07:20:44 +10:00
tbl_standard.h Add some OID's from X.520 2017-05-31 13:33:20 -04:00
x_algor.c Address some code-analysis issues. 2017-12-08 10:49:41 -05:00
x_bignum.c Fix print of ASN.1 BIGNUM type. 2016-07-18 17:53:05 +01:00
x_info.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
x_int64.c Revert "Add some casts for %j" 2017-08-15 09:42:38 -04:00
x_long.c Memory bounds checking in asn1 code. 2017-07-06 12:59:51 +10:00
x_pkey.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_sig.c Add X509_getm_notBefore, X509_getm_notAfter 2016-08-21 18:25:23 +01:00
x_spki.c Cleanup some copyright stuff 2017-06-30 21:56:44 -04:00
x_val.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00