aboutsummaryrefslogtreecommitdiff
path: root/openssl/crypto/asn1
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/crypto/asn1')
-rw-r--r--openssl/crypto/asn1/a_type.c3
-rw-r--r--openssl/crypto/asn1/a_utctm.c2
-rw-r--r--openssl/crypto/asn1/asn1.h1
-rw-r--r--openssl/crypto/asn1/asn1_gen.c9
-rw-r--r--openssl/crypto/asn1/asn1_lib.c7
-rw-r--r--openssl/crypto/asn1/asn1_par.c2
-rw-r--r--openssl/crypto/asn1/bio_ndef.c6
-rw-r--r--openssl/crypto/asn1/p8_pkey.c3
-rw-r--r--openssl/crypto/asn1/tasn_dec.c24
-rw-r--r--openssl/crypto/asn1/tasn_new.c7
-rw-r--r--openssl/crypto/asn1/tasn_prn.c3
-rw-r--r--openssl/crypto/asn1/x_bignum.c69
-rw-r--r--openssl/crypto/asn1/x_long.c149
-rw-r--r--openssl/crypto/asn1/x_x509.c12
14 files changed, 189 insertions, 108 deletions
diff --git a/openssl/crypto/asn1/a_type.c b/openssl/crypto/asn1/a_type.c
index 4a36aff6a..af795306b 100644
--- a/openssl/crypto/asn1/a_type.c
+++ b/openssl/crypto/asn1/a_type.c
@@ -119,6 +119,9 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
case V_ASN1_OBJECT:
result = OBJ_cmp(a->value.object, b->value.object);
break;
+ case V_ASN1_BOOLEAN:
+ result = a->value.boolean - b->value.boolean;
+ break;
case V_ASN1_NULL:
result = 0; /* They do not have content. */
break;
diff --git a/openssl/crypto/asn1/a_utctm.c b/openssl/crypto/asn1/a_utctm.c
index 0578c8887..724a10be4 100644
--- a/openssl/crypto/asn1/a_utctm.c
+++ b/openssl/crypto/asn1/a_utctm.c
@@ -297,7 +297,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
if (!OPENSSL_gmtime(&t, &ttm))
return -2;
- if (!OPENSSL_gmtime_diff(&day, &sec, &stm, &ttm))
+ if (!OPENSSL_gmtime_diff(&day, &sec, &ttm, &stm))
return -2;
if (day > 0)
diff --git a/openssl/crypto/asn1/asn1.h b/openssl/crypto/asn1/asn1.h
index bb6ac95bd..68e791fcd 100644
--- a/openssl/crypto/asn1/asn1.h
+++ b/openssl/crypto/asn1/asn1.h
@@ -795,6 +795,7 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT)
ASN1_STRING *ASN1_STRING_new(void);
void ASN1_STRING_free(ASN1_STRING *a);
+void ASN1_STRING_clear_free(ASN1_STRING *a);
int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
ASN1_STRING *ASN1_STRING_type_new(int type);
diff --git a/openssl/crypto/asn1/asn1_gen.c b/openssl/crypto/asn1/asn1_gen.c
index 132a9ef46..11b582dd3 100644
--- a/openssl/crypto/asn1/asn1_gen.c
+++ b/openssl/crypto/asn1/asn1_gen.c
@@ -279,6 +279,9 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
int tmp_tag, tmp_class;
+ if (elem == NULL)
+ return 0;
+
for (i = 0, p = elem; i < len; p++, i++) {
/* Look for the ':' in name value pairs */
if (*p == ':') {
@@ -350,13 +353,17 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
break;
case ASN1_GEN_FLAG_FORMAT:
+ if(!vstart) {
+ ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_FORMAT);
+ return -1;
+ }
if (!strncmp(vstart, "ASCII", 5))
arg->format = ASN1_GEN_FORMAT_ASCII;
else if (!strncmp(vstart, "UTF8", 4))
arg->format = ASN1_GEN_FORMAT_UTF8;
else if (!strncmp(vstart, "HEX", 3))
arg->format = ASN1_GEN_FORMAT_HEX;
- else if (!strncmp(vstart, "BITLIST", 3))
+ else if (!strncmp(vstart, "BITLIST", 7))
arg->format = ASN1_GEN_FORMAT_BITLIST;
else {
ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
diff --git a/openssl/crypto/asn1/asn1_lib.c b/openssl/crypto/asn1/asn1_lib.c
index 00733a6a8..0b61fc930 100644
--- a/openssl/crypto/asn1/asn1_lib.c
+++ b/openssl/crypto/asn1/asn1_lib.c
@@ -430,6 +430,13 @@ void ASN1_STRING_free(ASN1_STRING *a)
OPENSSL_free(a);
}
+void ASN1_STRING_clear_free(ASN1_STRING *a)
+{
+ if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
+ OPENSSL_cleanse(a->data, a->length);
+ ASN1_STRING_free(a);
+}
+
int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
{
int i;
diff --git a/openssl/crypto/asn1/asn1_par.c b/openssl/crypto/asn1/asn1_par.c
index f6cd4b2b8..a5d2da10b 100644
--- a/openssl/crypto/asn1/asn1_par.c
+++ b/openssl/crypto/asn1/asn1_par.c
@@ -337,7 +337,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
}
} else {
- if (BIO_write(bp, "BAD ENUMERATED", 11) <= 0)
+ if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
goto end;
}
M_ASN1_ENUMERATED_free(bs);
diff --git a/openssl/crypto/asn1/bio_ndef.c b/openssl/crypto/asn1/bio_ndef.c
index 5817a2b8a..4a73ca9ea 100644
--- a/openssl/crypto/asn1/bio_ndef.c
+++ b/openssl/crypto/asn1/bio_ndef.c
@@ -162,6 +162,9 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
p = OPENSSL_malloc(derlen);
+ if(!p)
+ return 0;
+
ndef_aux->derbuf = p;
*pbuf = p;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
@@ -229,6 +232,9 @@ static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
p = OPENSSL_malloc(derlen);
+ if(!p)
+ return 0;
+
ndef_aux->derbuf = p;
*pbuf = p;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
diff --git a/openssl/crypto/asn1/p8_pkey.c b/openssl/crypto/asn1/p8_pkey.c
index 90754831f..0a425cd29 100644
--- a/openssl/crypto/asn1/p8_pkey.c
+++ b/openssl/crypto/asn1/p8_pkey.c
@@ -69,7 +69,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
if (operation == ASN1_OP_FREE_PRE) {
PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
- if (key->pkey->value.octet_string)
+ if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING
+ && key->pkey->value.octet_string != NULL)
OPENSSL_cleanse(key->pkey->value.octet_string->data,
key->pkey->value.octet_string->length);
}
diff --git a/openssl/crypto/asn1/tasn_dec.c b/openssl/crypto/asn1/tasn_dec.c
index 459566440..7fd336a40 100644
--- a/openssl/crypto/asn1/tasn_dec.c
+++ b/openssl/crypto/asn1/tasn_dec.c
@@ -304,9 +304,16 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
case ASN1_ITYPE_CHOICE:
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
-
- /* Allocate structure */
- if (!*pval && !ASN1_item_ex_new(pval, it)) {
+ if (*pval) {
+ /* Free up and zero CHOICE value if initialised */
+ i = asn1_get_choice_selector(pval, it);
+ if ((i >= 0) && (i < it->tcount)) {
+ tt = it->templates + i;
+ pchptr = asn1_get_field_ptr(pval, tt);
+ ASN1_template_free(pchptr, tt);
+ asn1_set_choice_selector(pval, -1, it);
+ }
+ } else if (!ASN1_item_ex_new(pval, it)) {
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
@@ -386,6 +393,17 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
+ /* Free up and zero any ADB found */
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ if (tt->flags & ASN1_TFLG_ADB_MASK) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ ASN1_template_free(pseqval, seqtt);
+ }
+ }
+
/* Get each field entry */
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
const ASN1_TEMPLATE *seqtt;
diff --git a/openssl/crypto/asn1/tasn_new.c b/openssl/crypto/asn1/tasn_new.c
index d25c68c54..7d2964f02 100644
--- a/openssl/crypto/asn1/tasn_new.c
+++ b/openssl/crypto/asn1/tasn_new.c
@@ -315,13 +315,16 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
ASN1_STRING *str;
int utype;
- if (it && it->funcs) {
+ if (!it)
+ return 0;
+
+ if (it->funcs) {
const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
if (pf->prim_new)
return pf->prim_new(pval, it);
}
- if (!it || (it->itype == ASN1_ITYPE_MSTRING))
+ if (it->itype == ASN1_ITYPE_MSTRING)
utype = -1;
else
utype = it->utype;
diff --git a/openssl/crypto/asn1/tasn_prn.c b/openssl/crypto/asn1/tasn_prn.c
index 11d784ccd..7c54f9d1d 100644
--- a/openssl/crypto/asn1/tasn_prn.c
+++ b/openssl/crypto/asn1/tasn_prn.c
@@ -220,6 +220,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
if (!asn1_template_print_ctx(out, fld, indent,
it->templates, pctx))
return 0;
+ break;
}
/* fall thru */
case ASN1_ITYPE_MSTRING:
@@ -289,6 +290,8 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
const ASN1_TEMPLATE *seqtt;
seqtt = asn1_do_adb(fld, tt, 1);
+ if(!seqtt)
+ return 0;
tmpfld = asn1_get_field_ptr(fld, seqtt);
if (!asn1_template_print_ctx(out, tmpfld,
indent + 2, seqtt, pctx))
diff --git a/openssl/crypto/asn1/x_bignum.c b/openssl/crypto/asn1/x_bignum.c
index 1f1036409..a5a403c26 100644
--- a/openssl/crypto/asn1/x_bignum.c
+++ b/openssl/crypto/asn1/x_bignum.c
@@ -98,46 +98,55 @@ ASN1_ITEM_end(CBIGNUM)
static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *pval = (ASN1_VALUE *)BN_new();
- if(*pval) return 1;
- else return 0;
+ *pval = (ASN1_VALUE *)BN_new();
+ if (*pval)
+ return 1;
+ else
+ return 0;
}
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- if(!*pval) return;
- if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
- else BN_free((BIGNUM *)*pval);
- *pval = NULL;
+ if (!*pval)
+ return;
+ if (it->size & BN_SENSITIVE)
+ BN_clear_free((BIGNUM *)*pval);
+ else
+ BN_free((BIGNUM *)*pval);
+ *pval = NULL;
}
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it)
{
- BIGNUM *bn;
- int pad;
- if(!*pval) return -1;
- bn = (BIGNUM *)*pval;
- /* If MSB set in an octet we need a padding byte */
- if(BN_num_bits(bn) & 0x7) pad = 0;
- else pad = 1;
- if(cont) {
- if(pad) *cont++ = 0;
- BN_bn2bin(bn, cont);
- }
- return pad + BN_num_bytes(bn);
+ BIGNUM *bn;
+ int pad;
+ if (!*pval)
+ return -1;
+ bn = (BIGNUM *)*pval;
+ /* If MSB set in an octet we need a padding byte */
+ if (BN_num_bits(bn) & 0x7)
+ pad = 0;
+ else
+ pad = 1;
+ if (cont) {
+ if (pad)
+ *cont++ = 0;
+ BN_bn2bin(bn, cont);
+ }
+ return pad + BN_num_bytes(bn);
}
static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
- BIGNUM *bn;
- if(!*pval) bn_new(pval, it);
- bn = (BIGNUM *)*pval;
- if(!BN_bin2bn(cont, len, bn)) {
- bn_free(pval, it);
- return 0;
- }
- return 1;
+ BIGNUM *bn;
+ if (!*pval)
+ bn_new(pval, it);
+ bn = (BIGNUM *)*pval;
+ if (!BN_bin2bn(cont, len, bn)) {
+ bn_free(pval, it);
+ return 0;
+ }
+ return 1;
}
-
-
diff --git a/openssl/crypto/asn1/x_long.c b/openssl/crypto/asn1/x_long.c
index f39361974..3aed44a3d 100644
--- a/openssl/crypto/asn1/x_long.c
+++ b/openssl/crypto/asn1/x_long.c
@@ -97,87 +97,100 @@ ASN1_ITEM_end(ZLONG)
static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(long *)pval = it->size;
- return 1;
+ *(long *)pval = it->size;
+ return 1;
}
static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(long *)pval = it->size;
+ *(long *)pval = it->size;
}
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it)
{
- long ltmp;
- unsigned long utmp;
- int clen, pad, i;
- /* this exists to bypass broken gcc optimization */
- char *cp = (char *)pval;
-
- /* use memcpy, because we may not be long aligned */
- memcpy(&ltmp, cp, sizeof(long));
-
- if(ltmp == it->size) return -1;
- /* Convert the long to positive: we subtract one if negative so
- * we can cleanly handle the padding if only the MSB of the leading
- * octet is set.
- */
- if(ltmp < 0) utmp = -ltmp - 1;
- else utmp = ltmp;
- clen = BN_num_bits_word(utmp);
- /* If MSB of leading octet set we need to pad */
- if(!(clen & 0x7)) pad = 1;
- else pad = 0;
-
- /* Convert number of bits to number of octets */
- clen = (clen + 7) >> 3;
-
- if(cont) {
- if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
- for(i = clen - 1; i >= 0; i--) {
- cont[i] = (unsigned char)(utmp & 0xff);
- if(ltmp < 0) cont[i] ^= 0xff;
- utmp >>= 8;
- }
+ long ltmp;
+ unsigned long utmp;
+ int clen, pad, i;
+ /* this exists to bypass broken gcc optimization */
+ char *cp = (char *)pval;
+
+ /* use memcpy, because we may not be long aligned */
+ memcpy(&ltmp, cp, sizeof(long));
+
+ if (ltmp == it->size)
+ return -1;
+ /*
+ * Convert the long to positive: we subtract one if negative so we can
+ * cleanly handle the padding if only the MSB of the leading octet is
+ * set.
+ */
+ if (ltmp < 0)
+ utmp = -ltmp - 1;
+ else
+ utmp = ltmp;
+ clen = BN_num_bits_word(utmp);
+ /* If MSB of leading octet set we need to pad */
+ if (!(clen & 0x7))
+ pad = 1;
+ else
+ pad = 0;
+
+ /* Convert number of bits to number of octets */
+ clen = (clen + 7) >> 3;
+
+ if (cont) {
+ if (pad)
+ *cont++ = (ltmp < 0) ? 0xff : 0;
+ for (i = clen - 1; i >= 0; i--) {
+ cont[i] = (unsigned char)(utmp & 0xff);
+ if (ltmp < 0)
+ cont[i] ^= 0xff;
+ utmp >>= 8;
}
- return clen + pad;
+ }
+ return clen + pad;
}
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
- int neg, i;
- long ltmp;
- unsigned long utmp = 0;
- char *cp = (char *)pval;
- if(len > (int)sizeof(long)) {
- ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
- return 0;
- }
- /* Is it negative? */
- if(len && (cont[0] & 0x80)) neg = 1;
- else neg = 0;
- utmp = 0;
- for(i = 0; i < len; i++) {
- utmp <<= 8;
- if(neg) utmp |= cont[i] ^ 0xff;
- else utmp |= cont[i];
- }
- ltmp = (long)utmp;
- if(neg) {
- ltmp++;
- ltmp = -ltmp;
- }
- if(ltmp == it->size) {
- ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
- return 0;
- }
- memcpy(cp, &ltmp, sizeof(long));
- return 1;
+ int neg, i;
+ long ltmp;
+ unsigned long utmp = 0;
+ char *cp = (char *)pval;
+ if (len > (int)sizeof(long)) {
+ ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+ return 0;
+ }
+ /* Is it negative? */
+ if (len && (cont[0] & 0x80))
+ neg = 1;
+ else
+ neg = 0;
+ utmp = 0;
+ for (i = 0; i < len; i++) {
+ utmp <<= 8;
+ if (neg)
+ utmp |= cont[i] ^ 0xff;
+ else
+ utmp |= cont[i];
+ }
+ ltmp = (long)utmp;
+ if (neg) {
+ ltmp++;
+ ltmp = -ltmp;
+ }
+ if (ltmp == it->size) {
+ ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+ return 0;
+ }
+ memcpy(cp, &ltmp, sizeof(long));
+ return 1;
}
static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
- int indent, const ASN1_PCTX *pctx)
- {
- return BIO_printf(out, "%ld\n", *(long *)pval);
- }
+ int indent, const ASN1_PCTX *pctx)
+{
+ return BIO_printf(out, "%ld\n", *(long *)pval);
+}
diff --git a/openssl/crypto/asn1/x_x509.c b/openssl/crypto/asn1/x_x509.c
index cd838e01c..55319acf9 100644
--- a/openssl/crypto/asn1/x_x509.c
+++ b/openssl/crypto/asn1/x_x509.c
@@ -172,8 +172,14 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
{
const unsigned char *q;
X509 *ret;
+ int freeret = 0;
+
/* Save start position */
q = *pp;
+
+ if(!a || *a == NULL) {
+ freeret = 1;
+ }
ret = d2i_X509(a, pp, length);
/* If certificate unreadable then forget it */
if (!ret)
@@ -186,7 +192,11 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
goto err;
return ret;
err:
- X509_free(ret);
+ if(freeret) {
+ X509_free(ret);
+ if (a)
+ *a = NULL;
+ }
return NULL;
}