Loading CHANGES +11 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,16 @@ *) applies to 0.9.6a (/0.9.6b) and 0.9.7 +) applies to 0.9.7 only +) Fix various bugs related to DSA S/MIME verification. Handle missing parameters in DSA public key structures and return an error in the DSA routines if parameters are absent. [Steve Henson] +) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this needs to match any other type at all we need to manually clear the tag cache. [Steve Henson] +) Changes to the "openssl engine" utility to include; - verbosity levels ('-v', '-vv', and '-vvv') that provide information about an ENGINE's available control commands. Loading Loading @@ -88,6 +98,7 @@ that they do not hold after the first thread unsets add_do_not_lock). [Bodo Moeller] >>>>>>> 1.823 +) Implement binary inversion algorithm for BN_mod_inverse in addition to the algorithm using long divison. The binary algorithm can be used only if the modulus is odd. On 32-bit systems, it is faster Loading crypto/asn1/tasn_dec.c +7 −2 Original line number Diff line number Diff line Loading @@ -611,8 +611,13 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl } else if(ret == -1) return -1; /* SEQUENCE, SET and "OTHER" are left in encoded form */ if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { /* Clear context cache for type OTHER because the auto clear when * we have a exact match wont work */ if(utype == V_ASN1_OTHER) { asn1_tlc_clear(ctx); /* SEQUENCE and SET must be constructed */ if((utype != V_ASN1_OTHER) && !cst) { } else if(!cst) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; } Loading crypto/asn1/x_pubkey.c +1 −1 Original line number Diff line number Diff line Loading @@ -198,7 +198,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) a=key->algor; if (ret->type == EVP_PKEY_DSA) { if (a->parameter->type == V_ASN1_SEQUENCE) if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { ret->pkey.dsa->write_params=0; cp=p=a->parameter->value.sequence->data; Loading crypto/dsa/dsa.h +2 −1 Original line number Diff line number Diff line Loading @@ -229,6 +229,7 @@ DH *DSA_dup_DH(const DSA *r); /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_DSA_strings(void); /* Error codes for the DSA functions. */ Loading @@ -250,9 +251,9 @@ DH *DSA_dup_DH(const DSA *r); /* Reason codes. */ #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 #define DSA_R_MISSING_PARAMETERS 101 #ifdef __cplusplus } #endif #endif crypto/dsa/dsa_err.c +1 −0 Original line number Diff line number Diff line Loading @@ -86,6 +86,7 @@ static ERR_STRING_DATA DSA_str_functs[]= static ERR_STRING_DATA DSA_str_reasons[]= { {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, {DSA_R_MISSING_PARAMETERS ,"missing parameters"}, {0,NULL} }; Loading Loading
CHANGES +11 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,16 @@ *) applies to 0.9.6a (/0.9.6b) and 0.9.7 +) applies to 0.9.7 only +) Fix various bugs related to DSA S/MIME verification. Handle missing parameters in DSA public key structures and return an error in the DSA routines if parameters are absent. [Steve Henson] +) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this needs to match any other type at all we need to manually clear the tag cache. [Steve Henson] +) Changes to the "openssl engine" utility to include; - verbosity levels ('-v', '-vv', and '-vvv') that provide information about an ENGINE's available control commands. Loading Loading @@ -88,6 +98,7 @@ that they do not hold after the first thread unsets add_do_not_lock). [Bodo Moeller] >>>>>>> 1.823 +) Implement binary inversion algorithm for BN_mod_inverse in addition to the algorithm using long divison. The binary algorithm can be used only if the modulus is odd. On 32-bit systems, it is faster Loading
crypto/asn1/tasn_dec.c +7 −2 Original line number Diff line number Diff line Loading @@ -611,8 +611,13 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl } else if(ret == -1) return -1; /* SEQUENCE, SET and "OTHER" are left in encoded form */ if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { /* Clear context cache for type OTHER because the auto clear when * we have a exact match wont work */ if(utype == V_ASN1_OTHER) { asn1_tlc_clear(ctx); /* SEQUENCE and SET must be constructed */ if((utype != V_ASN1_OTHER) && !cst) { } else if(!cst) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; } Loading
crypto/asn1/x_pubkey.c +1 −1 Original line number Diff line number Diff line Loading @@ -198,7 +198,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) a=key->algor; if (ret->type == EVP_PKEY_DSA) { if (a->parameter->type == V_ASN1_SEQUENCE) if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { ret->pkey.dsa->write_params=0; cp=p=a->parameter->value.sequence->data; Loading
crypto/dsa/dsa.h +2 −1 Original line number Diff line number Diff line Loading @@ -229,6 +229,7 @@ DH *DSA_dup_DH(const DSA *r); /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_DSA_strings(void); /* Error codes for the DSA functions. */ Loading @@ -250,9 +251,9 @@ DH *DSA_dup_DH(const DSA *r); /* Reason codes. */ #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 #define DSA_R_MISSING_PARAMETERS 101 #ifdef __cplusplus } #endif #endif
crypto/dsa/dsa_err.c +1 −0 Original line number Diff line number Diff line Loading @@ -86,6 +86,7 @@ static ERR_STRING_DATA DSA_str_functs[]= static ERR_STRING_DATA DSA_str_reasons[]= { {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, {DSA_R_MISSING_PARAMETERS ,"missing parameters"}, {0,NULL} }; Loading
