[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Mon Sep 7 09:38:31 UTC 2015 

The branch master has been updated
       via  0e2d091103ed5846c72a5c9e8b10e25ead4bf152 (commit)
       via  68572c8af3ebb0a0729acad2196763df463927c1 (commit)
      from  26d57a1a9225db13324d6c699753437da4de910c (commit)


- Log -----------------------------------------------------------------
commit 0e2d091103ed5846c72a5c9e8b10e25ead4bf152
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Aug 26 13:49:49 2015 +0100

    Updates for NumericString support
    
    Ensure that EBCDIC support works and update a comment.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

commit 68572c8af3ebb0a0729acad2196763df463927c1
Author: Dmitry Belyavsky <beldmit at gmail.com>
Date:   Wed Aug 26 13:34:31 2015 +0100

    Add NumericString support
    
    GOST requires improved NumericString support.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/a_mbstr.c  | 30 +++++++++++++++++++++++++++---
 crypto/asn1/a_strnid.c |  5 ++++-
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
index 241eb60..46100c3 100644
--- a/crypto/asn1/a_mbstr.c
+++ b/crypto/asn1/a_mbstr.c
@@ -72,13 +72,14 @@ static int cpy_asc(unsigned long value, void *arg);
 static int cpy_bmp(unsigned long value, void *arg);
 static int cpy_univ(unsigned long value, void *arg);
 static int cpy_utf8(unsigned long value, void *arg);
+static int is_numeric(unsigned long value);
 static int is_printable(unsigned long value);
 
 /*
  * These functions take a string in UTF8, ASCII or multibyte form and a mask
  * of permissible ASN1 string types. It then works out the minimal type
- * (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) and
- * creates a string of the correct type with the supplied data. Yes this is
+ * (using the order Numeric < Printable < IA5 < T61 < BMP < Universal < UTF8)
+ * and creates a string of the correct type with the supplied data. Yes this is
  * horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
  * size limits too.
  */
@@ -169,7 +170,9 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 
     /* Now work out output format and string type */
     outform = MBSTRING_ASC;
-    if (mask & B_ASN1_PRINTABLESTRING)
+    if (mask & B_ASN1_NUMERICSTRING)
+        str_type = V_ASN1_NUMERICSTRING;
+    else if (mask & B_ASN1_PRINTABLESTRING)
         str_type = V_ASN1_PRINTABLESTRING;
     else if (mask & B_ASN1_IA5STRING)
         str_type = V_ASN1_IA5STRING;
@@ -320,6 +323,8 @@ static int type_str(unsigned long value, void *arg)
 {
     unsigned long types;
     types = *((unsigned long *)arg);
+    if ((types & B_ASN1_NUMERICSTRING) && !is_numeric(value))
+        types &= ~B_ASN1_NUMERICSTRING;
     if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
         types &= ~B_ASN1_PRINTABLESTRING;
     if ((types & B_ASN1_IA5STRING) && (value > 127))
@@ -419,3 +424,22 @@ static int is_printable(unsigned long value)
 #endif                          /* CHARSET_EBCDIC */
     return 0;
 }
+
+/* Return 1 if the character is a digit or space */
+static int is_numeric(unsigned long value)
+{
+    int ch;
+    if (value > 0x7f)
+        return 0;
+    ch = (int)value;
+#ifndef CHARSET_EBCDIC
+    if (!isdigit(ch) && ch != ' ')
+        return 0;
+#else
+    if (ch > os_toascii['9'])
+        return 0;
+    if (ch < os_toascii['0'] && ch != os_toascii[' '])
+        return 0;
+#endif
+    return 1;
+}
diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index 7bfc768..1c6bbd4 100644
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -192,7 +192,10 @@ static const ASN1_STRING_TABLE tbl_standard[] = {
     {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
     {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
     {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
-    {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
+    {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
+    {NID_INN, 1, 12, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
+    {NID_OGRN, 1, 13, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
+    {NID_SNILS, 1, 11, B_ASN1_NUMERICSTRING, STABLE_NO_MASK}
 };
 
 static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,

More information about the openssl-commits mailing list