Return error when a bit string indicates an invalid amount of bits left

[openssl.git] / crypto / asn1 / asn1.h

diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index de845b26f314d8e8c7dda0962dbaedbc48cc5898..37adcb312a5f27cd394f47602c2dcf1890c5d387 100644 (file)
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -208,14 +208,14 @@ typedef struct asn1_const_ctx_st
 #define ASN1_OBJECT_FLAG_CRITICAL       0x02   /* critical x509v3 object id */
 #define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04  /* internal use */
 #define ASN1_OBJECT_FLAG_DYNAMIC_DATA   0x08   /* internal use */
-typedef struct asn1_object_st
+struct asn1_object_st
        {
        const char *sn,*ln;
        int nid;
        int length;
        const unsigned char *data;      /* data remains const after init */
        int flags;      /* Should we free this one */
-       } ASN1_OBJECT;
+       };
 
 #define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
 /* This indicates that the ASN1_STRING is not a real value but just a place
@@ -819,9 +819,9 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **p
 int            ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
                        int length );
 int            ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
-int            ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
-int            ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
-                                     unsigned char *flags, int flags_len);
+int            ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n);
+int            ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a,
+                                     const unsigned char *flags, int flags_len);
 
 #ifndef OPENSSL_NO_BIO
 int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
@@ -860,7 +860,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t)
 ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
             time_t t, int offset_day, long offset_sec);
 int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
-int ASN1_TIME_diff(int *pyear, int *psec,
+int ASN1_TIME_diff(int *pday, int *psec,
                        const ASN1_TIME *from, const ASN1_TIME *to);
 
 DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
@@ -1350,6 +1350,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_ILLEGAL_TIME_VALUE                       184
 #define ASN1_R_INTEGER_NOT_ASCII_FORMAT                         185
 #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG               128
+#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT             220
 #define ASN1_R_INVALID_BMPSTRING_LENGTH                         129
 #define ASN1_R_INVALID_DIGIT                            130
 #define ASN1_R_INVALID_MIME_TYPE                        205
@@ -1401,6 +1402,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_TIME_NOT_ASCII_FORMAT                    193
 #define ASN1_R_TOO_LONG                                         155
 #define ASN1_R_TYPE_NOT_CONSTRUCTED                     156
+#define ASN1_R_TYPE_NOT_PRIMITIVE                       195
 #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         157
 #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 158
 #define ASN1_R_UNEXPECTED_EOC                           159
@@ -1411,7 +1413,6 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  163
 #define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM              199
 #define ASN1_R_UNKNOWN_TAG                              194
-#define ASN1_R_UNKOWN_FORMAT                            195
 #define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE          164
 #define ASN1_R_UNSUPPORTED_CIPHER                       165
 #define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM                 166