[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Richard Levitte
levitte at openssl.org
Tue Jan 23 19:30:44 UTC 2018
The branch OpenSSL_1_1_0-stable has been updated
via 38454902208c358ffaa140aef3077c2316f82b19 (commit)
via 3833ebea433dbb062fbdb69d300c5528b611a83a (commit)
from 0a05bbf8f434ba9df8c647e5475ff02997a83e0c (commit)
- Log -----------------------------------------------------------------
commit 38454902208c358ffaa140aef3077c2316f82b19
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Jan 22 19:03:37 2018 +0100
Have EVP_PKEY_asn1_find_str() work more like EVP_PKEY_asn1_find()
EVP_PKEY_asn1_find_str() would search through standard asn1 methods
first, then those added by the application, which EVP_PKEY_asn1_find()
worked the other way around. Also, EVP_PKEY_asn1_find_str() didn't
handle aliases.
This change brings EVP_PKEY_asn1_find_str() closer to EVP_PKEY_asn1_find().
Fixes #5086
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5137)
(cherry picked from commit 3bf0c3fe31d5339524dae671064cc5fe9e4bda38)
commit 3833ebea433dbb062fbdb69d300c5528b611a83a
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Jan 22 18:24:55 2018 +0100
Revert "EVP_PKEY_asn1_add0(): Check that this method isn't already registered"
This reverts commit d85722d31ac9ff0dc54c06cdc8d125acf56ca27a.
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5137)
(cherry picked from commit 7203c94e98c9fa76b0859c25b723b2bde4a9059b)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/ameth_lib.c | 24 +++++++++++++++---------
crypto/evp/evp_err.c | 4 +++-
include/openssl/evp.h | 1 +
3 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
index dca5aff..3ece13b 100644
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -143,7 +143,8 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
const char *str, int len)
{
int i;
- const EVP_PKEY_ASN1_METHOD *ameth;
+ const EVP_PKEY_ASN1_METHOD *ameth = NULL;
+
if (len == -1)
len = strlen(str);
if (pe) {
@@ -163,12 +164,12 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
#endif
*pe = NULL;
}
- for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
+ for (i = EVP_PKEY_asn1_get_count(); i-- > 0; ) {
ameth = EVP_PKEY_asn1_get0(i);
if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
continue;
- if (((int)strlen(ameth->pem_str) == len)
- && (strncasecmp(ameth->pem_str, str, len) == 0))
+ if ((int)strlen(ameth->pem_str) == len
+ && strncasecmp(ameth->pem_str, str, len) == 0)
return ameth;
}
return NULL;
@@ -176,16 +177,21 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
{
- if (pkey_asn1_find(ameth->pkey_id) != NULL) {
- EVPerr(EVP_F_EVP_PKEY_ASN1_ADD0,
- EVP_R_PKEY_ASN1_METHOD_ALREADY_REGISTERED);
- return 0;
- }
+ EVP_PKEY_ASN1_METHOD tmp = { 0, };
+
if (app_methods == NULL) {
app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
if (app_methods == NULL)
return 0;
}
+
+ tmp.pkey_id = ameth->pkey_id;
+ if (sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp) >= 0) {
+ EVPerr(EVP_F_EVP_PKEY_ASN1_ADD0,
+ EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED);
+ return 0;
+ }
+
if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
return 0;
sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index f5b8635..c4b163f 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -143,6 +143,8 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
{ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING),
"partially overlapping buffers"},
+ {ERR_REASON(EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED),
+ "pkey application asn1 method already registered"},
{ERR_REASON(EVP_R_PKEY_ASN1_METHOD_ALREADY_REGISTERED),
"pkey asn1 method already registered"},
{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index d2709ea..b7edb52 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1570,6 +1570,7 @@ int ERR_load_EVP_strings(void);
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
# define EVP_R_OPERATON_NOT_INITIALIZED 151
# define EVP_R_PARTIALLY_OVERLAPPING 162
+# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 175
# define EVP_R_PKEY_ASN1_METHOD_ALREADY_REGISTERED 164
# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
More information about the openssl-commits
mailing list