From: Dr. Stephen Henson Date: Wed, 24 May 2000 13:09:59 +0000 (+0000) Subject: Add DSA library string. Workaround for IIS .key file invalid X-Git-Tag: OpenSSL_0_9_5~6 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=b4b41f48d1cfb6151e24e9c5f28019d3cfa5ec96;ds=sidebyside Add DSA library string. Workaround for IIS .key file invalid ASN1 encoding. --- diff --git a/CHANGES b/CHANGES index b1b2850c1a..bc4f2218d6 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.5a and 0.9.6 [xx XXX 2000] + *) Add missing DSA library text string. Work around for some IIS + key files with invalid SEQUENCE encoding. + [Steve Henson] + *) Add a document (doc/standards.txt) that list all kinds of standards and so on that are implemented in OpenSSL. [Richard Levitte] diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index d804986b73..5a7d494ff0 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -211,7 +211,11 @@ RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) M_ASN1_BIT_STRING_free(os); c.q=c.p; if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err; - c.slen-=(c.p-c.q); + /* Note: some versions of IIS key files use length values that are + * too small for the surrounding SEQUENCEs. This following line + * effectively disable length checking. + */ + c.slen = 0; M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA); } diff --git a/crypto/err/err.c b/crypto/err/err.c index 0944cc220e..b0ee24c324 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -137,6 +137,7 @@ static ERR_STRING_DATA ERR_str_libraries[]= {ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, {ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, {ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, +{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, {ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, {ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, {ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"},