summaryrefslogtreecommitdiff
path: root/lib/libcrypto/asn1
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libcrypto/asn1')
-rw-r--r--lib/libcrypto/asn1/a_verify.c9
-rw-r--r--lib/libcrypto/asn1/asn1.h3
-rw-r--r--lib/libcrypto/asn1/x_algor.c16
3 files changed, 25 insertions, 3 deletions
diff --git a/lib/libcrypto/asn1/a_verify.c b/lib/libcrypto/asn1/a_verify.c
index ea937cab3ac..3fc79b78f6f 100644
--- a/lib/libcrypto/asn1/a_verify.c
+++ b/lib/libcrypto/asn1/a_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_verify.c,v 1.20 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: a_verify.c,v 1.21 2015/01/28 04:14:31 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -85,6 +85,13 @@ ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
return -1;
}
+ if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,
+ ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
+ return -1;
+ }
+
EVP_MD_CTX_init(&ctx);
/* Convert signature OID into digest and public key OIDs */
diff --git a/lib/libcrypto/asn1/asn1.h b/lib/libcrypto/asn1/asn1.h
index a1cc7188568..5ec89db3f00 100644
--- a/lib/libcrypto/asn1/asn1.h
+++ b/lib/libcrypto/asn1/asn1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1.h,v 1.28 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: asn1.h,v 1.29 2015/01/28 04:14:31 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1279,6 +1279,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_ILLEGAL_TIME_VALUE 184
#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
+#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
#define ASN1_R_INVALID_DIGIT 130
#define ASN1_R_INVALID_MIME_TYPE 205
diff --git a/lib/libcrypto/asn1/x_algor.c b/lib/libcrypto/asn1/x_algor.c
index c069a5225c8..71aeaaade07 100644
--- a/lib/libcrypto/asn1/x_algor.c
+++ b/lib/libcrypto/asn1/x_algor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x_algor.c,v 1.12 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: x_algor.c,v 1.13 2015/01/28 04:14:31 beck Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@@ -136,3 +136,17 @@ X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
}
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int
+X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
+{
+ int rv = OBJ_cmp(a->algorithm, b->algorithm);
+ if (!rv) {
+ if (!a->parameter && !b->parameter)
+ rv = 0;
+ else
+ rv = ASN1_TYPE_cmp(a->parameter, b->parameter);
+ }
+ return(rv);
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-16 12:29:11 +0000