Hide global _it variables in asn1.h

ok tb@

Fix i2d_ASN1_OBJECT()

When called with a pointer to NULL as an output buffer, one would expect
an i2d API to allocate the buffer and return it. The implementation here
is special and the allocation

Fix i2d_ASN1_OBJECT()

When called with a pointer to NULL as an output buffer, one would expect
an i2d API to allocate the buffer and return it. The implementation here
is special and the allocation dance was forgotten, resulting in a SIGSEGV.
Add said dance.

ok jsing

show more ...

Make i2d_ASN1_OBJECT() return -1 on error

This is what the (not quite appropriately) referenced ASN1_item_i2d()
page documents for errors, matches what the RETURN VALUE section has
been documenting

Make i2d_ASN1_OBJECT() return -1 on error

This is what the (not quite appropriately) referenced ASN1_item_i2d()
page documents for errors, matches what the RETURN VALUE section has
been documenting for ages, matches BoringSSL, it's the usal behavior
for i2d_*. It's also what OpenSSL (of course incorrectly) documents.

discussed with jsing

show more ...

Remove unnecessary parens from i2d_ASN1_OBJECT()

Hide symbols in asn1 and bio

ok jsing@

Simplify OBJ_obj2txt()

Instead of adding a NUL termination to OBJ_obj2txt(), move the aobj == NULL
or aobj->data == NULL checks to i2t_ASN1_OBJECT_internal(). The only other
caller, i2t_ASN1_OBJECT(

Simplify OBJ_obj2txt()

Instead of adding a NUL termination to OBJ_obj2txt(), move the aobj == NULL
or aobj->data == NULL checks to i2t_ASN1_OBJECT_internal(). The only other
caller, i2t_ASN1_OBJECT(), fails on aobj == NULL and aobj->length == 0, and
the latter condition is implied by aobj->data.

Cleaner solution for obj_dat.c r1.52
suggested by/ok jsing

show more ...

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_l

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

show more ...

Fix d2i_ASN1_OBJECT()

Due to a confusion of two CBS, the API would incorrectly advance the
*der_in pointer, resulting in a DER parse failure.

Issue reported by Aram Sargsyan

ok jsing

Convert asn1_ex_c2i() to CBS.

This allows us to make direct use of c2i_ASN1_OBJECT_cbs().

ok inoguchi@ tb@

Set ASN1_OBJECT_FLAG_DYNAMIC_DATA flag with t2i_ASN1_OBJECT_internal

'flags' should have ASN1_OBJECT_FLAG_DYNAMIC_DATA bit to free 'data'
by ASN1_OBJECT_free as c2i_ASN1_OBJECT_cbs does.

ok jsing@

Set ASN1_OBJECT_FLAG_DYNAMIC_DATA flag with t2i_ASN1_OBJECT_internal

'flags' should have ASN1_OBJECT_FLAG_DYNAMIC_DATA bit to free 'data'
by ASN1_OBJECT_free as c2i_ASN1_OBJECT_cbs does.

ok jsing@ tb@

show more ...

Convert c2i_ASN1_OBJECT() and d2i_ASN1_OBJECT to CBS.

Along the way, rather than having yet another piece of code that parses
OID arcs, reuse oid_parse_arc(). Always allocate a new ASN1_OBJECT rathe

Convert c2i_ASN1_OBJECT() and d2i_ASN1_OBJECT to CBS.

Along the way, rather than having yet another piece of code that parses
OID arcs, reuse oid_parse_arc(). Always allocate a new ASN1_OBJECT rather
than doing a crazy dance with ASN1_OBJECT_FLAG_DYNAMIC and trying to free
parts of an ASN1_OBJECT if one is passed in.

ok inoguchi@ tb@

show more ...

Move/group i2d_ASN1_OBJECT() and d2i_ASN1_OBJECT().

Provide t2i_ASN1_OBJECT_internal() and use it for OBJ_txt2obj()

The current OBJ_txt2obj() implementation converts the text to ASN.1
object content octets, builds a full DER encoding from it, then fe

Provide t2i_ASN1_OBJECT_internal() and use it for OBJ_txt2obj()

The current OBJ_txt2obj() implementation converts the text to ASN.1
object content octets, builds a full DER encoding from it, then feeds
the entire thing back through the DER to ASN.1 object conversion. Rather
than doing this crazy dance, provide an t2i_ASN1_OBJECT_internal() function
that converts the text to ASN.1 object content octets, then creates a new
ASN1_OBJECT and attaches the content octets to it.

ok inoguchi@ tb@

show more ...

Rewrite ascii/text to ASN.1 object conversion.

Rewrite the ascii/text to ASN.1 object conversion code using CBB/CBS,
while also addressing some of the bizarre behaviour (such as allowing
mixed separ

Rewrite ascii/text to ASN.1 object conversion.

Rewrite the ascii/text to ASN.1 object conversion code using CBB/CBS,
while also addressing some of the bizarre behaviour (such as allowing
mixed separators and treating '..' as a zero value).

ok inoguchi@ tb@

show more ...

Initialise *out_name at the start of i2t_ASN1_OBJECT_name().

ok tb@

Do not write out terminating NUL in i2a_ASN1_OBJECT()

The conversion to CBB made us write out an extra NUL since we no longer
use the return value of i2t_ASN1_OBJECT() (which returns strlen(data))
b

Do not write out terminating NUL in i2a_ASN1_OBJECT()

The conversion to CBB made us write out an extra NUL since we no longer
use the return value of i2t_ASN1_OBJECT() (which returns strlen(data))
but rather the size of the CBB (which includes a terminal NUL) to write
out data.

Issue found by anton via an openssl-ruby test failure.

ok jsing

show more ...

whitespace

Rewrite ASN1_OBJECT content to ascii/text conversion.

Rewrite the ASN1_OBJECT content to ascii/text conversion code using CBB and
CBS. Currently there is a strange split with i2t_ASN1_OBJECT() calli

Rewrite ASN1_OBJECT content to ascii/text conversion.

Rewrite the ASN1_OBJECT content to ascii/text conversion code using CBB and
CBS. Currently there is a strange split with i2t_ASN1_OBJECT() calling
OBJ_obj2txt() which implements the conversion, while OBJ_txt2obj() calls
back into the misnamed a2d_ASN1_OBJECT() function. Move the conversion
code into asn1/a_object.c and have OBJ_txt2obj() call that instead.

ok inoguchi@ tb@

show more ...

include asn1_locl.h where it will be needed for the bump.

discussed with jsing

Indent goto labels for diffability.

Whitespace change only.

Consolidate code/templates for ASN.1 types.

Where an ASN.1 type has its own file, move the ASN.1 item template and
template related functions into the file.

Discussed with tb@

Move ASN1_<type>_* functions to the top, encoding/decoding to the bottom.

No functional change.

Convert ASN1_OBJECT_new() to calloc().

Rather than using malloc() and then initialising all struct members, use
calloc() and only initialise the single non-zero value member.

ok schwarze@ tb@

Plug leak in c2i_ASN1_OBJECT

When using the object reuse facility of c2i_ASN1_OBJECT, the dynamically
allocated strings a may contain are set to NULL, so we must free them
beforehand. Also clear the

Plug leak in c2i_ASN1_OBJECT

When using the object reuse facility of c2i_ASN1_OBJECT, the dynamically
allocated strings a may contain are set to NULL, so we must free them
beforehand. Also clear the flag, because that's what OpenSSL chose to do.

From Richard Levitte OpenSSL 1.1.1 65b88a75921533ada8b465bc8d5c0817ad927947

ok inoguchi

show more ...

Add const to functions in asn1/asn1.h as they did in OpenSSL.
BIO_f_asn1() will be taken care of later.

Tested in a bulk by sthen
ok bcook jca jsing