CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/06/15 01:35:49
Modified files:
lib/libssl/src/ssl: bs_ber.c bs_cbs.c bytestring.h
Log message:
Make CBS_get_any_asn1_element() more compliant with DER encoding.
CBS_get_any_asn1_element violates DER encoding by allowing indefinite
form. All callers except bs_ber.c expect DER encoding. The callers
must check to see if it was indefinite or not.
Rather than exposing all callers to this behavior,
cbs_get_any_asn1_element_internal() allows specifying whether you want to
allow the normally forbidden indefinite form. This is used by
CBS_get_any_asn1_element() for strict DER encoding and by a new static
function in bs_ber.c for the relaxed version.
While I was here, I added comments to differentiate between ASN.1
restrictions and CBS limitations.
ok miod@
