1 2023-11-16 Werner Koch <wk@gnupg.org>
4 + commit 7b3e4785e54280d1a13c5bc839bdc6722d898ac7
7 2023-11-14 Werner Koch <wk@gnupg.org>
9 Add Brainpool curve detection using parameters with compressed BP.
10 + commit eb23f853f178f8d381254e2cb03c0ebff57828d6
11 * src/keyinfo.c (ecdomainparm_to_name): Add variants for Brainpool.
13 2023-11-01 NIIBE Yutaka <gniibe@fsij.org>
15 build: Remove HAVE_W32CE_SYSTEM.
16 + commit bce1c52b260da063c6198fe270cd46baf1368d9e
17 * configure.ac (HAVE_W32CE_SYSTEM): Remove.
19 2023-09-01 NIIBE Yutaka <gniibe@fsij.org>
21 build: Change the default for --with-libtool-modification.
22 + commit 2c4551c0c405a736e1b3953b2a58ec5104c52083
23 * configure.ac (--with-libtool-modification): default=never.
25 2023-08-16 NIIBE Yutaka <gniibe@fsij.org>
27 build: New configure option --with-libtool-modification.
28 + commit e0a46b490926879b5519e2e8dfb97226ec024817
29 * Makefile.am (EXTRA_DIST): Add build-aux/libtool-patch.sed.
30 * build-aux/libtool-patch.sed: New.
31 * configure.ac (--with-libtool-modification): New.
32 * build-aux/ltmain.sh: Revert our own local modification.
34 2023-06-19 Werner Koch <wk@gnupg.org>
37 + commit 557999424ebd13e70d6fc17e648a5dd2a06f440b
40 Correctly detect write errors while creating CMS objects.
41 + commit 9ced7706f2738128aa5068727ea348c44f42e16e
42 * src/cms.c (write_encrypted_cont): Take care of write errors.
44 2023-05-16 NIIBE Yutaka <gniibe@fsij.org>
46 build: Sync libtool from libgpg-error for 64-bit Windows.
47 + commit a920c2ff1a723031e8c6b8b61632bad46a740c83
48 * build-aux/ltmain.hs: Update from libgpg-error.
50 2023-05-12 NIIBE Yutaka <gniibe@fsij.org>
52 tests: Use -no-fast-install LDFLAGS for Windows.
53 + commit 74fb95dbaf70d97b67793b29497b1e7b29a5e2f1
54 * tests/Makefile.am [HAVE_W32_SYSTEM] (AM_LDFLAGS): Conditionalize.
56 2023-04-05 NIIBE Yutaka <gniibe@fsij.org>
58 build: Update gpg-error.m4.
59 + commit 53b9fa1d58ba522ca0eea4fe460719722e6e1ef5
60 * m4/gpg-error.m4: Update from libgpg-error master.
62 2022-12-06 Werner Koch <wk@gnupg.org>
65 + commit bffa9b346071725363a483db547e7dced9721cb5
68 2022-11-23 Werner Koch <wk@gnupg.org>
70 Fix an integer overflow in the CRL signature parser.
71 + commit f61a5ea4e0f6a80fd4b28ef0174bee77793cf070
72 * src/crl.c (parse_signature): N+N2 now checked for overflow.
74 * src/ocsp.c (parse_response_extensions): Do not accept too large
76 (parse_single_extensions): Ditto.
78 2022-11-02 NIIBE Yutaka <gniibe@fsij.org>
80 build: Update m4/libgcrypt.m4.
81 + commit 4076b60f7cef4fddc3d30f6e6d4078081dbc7167
82 * m4/libgcrypt.m4: Update from libgcrypt master.
84 2022-11-01 NIIBE Yutaka <gniibe@fsij.org>
86 build: Prefer gpgrt-config when available.
87 + commit 13307b22882a220d206341e1196e74fd37418c2f
88 * src/ksba.m4: Overriding the decision by --with-libksba-prefix, use
89 gpgrt-config ksba when gpgrt-config is available.
91 2022-10-24 NIIBE Yutaka <gniibe@fsij.org>
93 build: Update gpg-error.m4.
94 + commit c3c1627f34234e3d54fe1f3411ac499dd7e3b3b0
95 * m4/gpg-error.m4: Update from libgpg-error 1.46.
97 2022-10-07 Werner Koch <wk@gnupg.org>
100 + commit 29814959fe2b65c6d4ac35dea261006a8cad3661
103 2022-10-05 Werner Koch <wk@gnupg.org>
105 Detect a possible overflow directly in the TLV parser.
106 + commit 4b7d9cd4a018898d7714ce06f3faf2626c14582b
107 * src/ber-help.c (_ksba_ber_read_tl): Check for overflow of a commonly
110 2022-09-16 Werner Koch <wk@gnupg.org>
113 + commit d3c1e063d708a46ef39152256f8b1ea466b61be0
116 2022-07-19 NIIBE Yutaka <gniibe@fsij.org>
118 build: Update config.guess and config.sub.
119 + commit 466837db84fb318eaaee1aba6cc3939c16a3e2ba
120 * build-aux/config.guess: Update from upstream.
121 * build-aux/config.sub: Ditto.
123 build: Support cross compile.
124 + commit ca9a04569020c51719ab45ebd35a3cbb1f35c6aa
125 * configure.ac (AX_CC_FOR_BUILD): New.
126 * m4/ax_cc_for_build.m4: New.
127 * src/Makefile.am: Use EXEEXT_FOR_BUILD.
129 2022-06-28 NIIBE Yutaka <gniibe@fsij.org>
131 build: Update gpg-error.m4.
132 + commit e51d5c7ce81fe3f90039ad970fbb82f751a645fc
133 * m4/gpg-error.m4: Update from libgpg-error.
135 2022-03-31 NIIBE Yutaka <gniibe@fsij.org>
137 build: When no gpg-error-config, not install ksba-config.
138 + commit 41000330cdba87afdf9ea0b481e0260dab262a54
139 * configure.ac (USE_GPGRT_CONFIG): New.
140 * src/Makefile.am [USE_GPGRT_CONFIG]: Conditionalize the install
143 2022-03-22 NIIBE Yutaka <gniibe@fsij.org>
145 Fix test of t-cms-parser.
146 + commit e751d1fa01bd3e593eeccbeffb729176a59ca28c
147 * tests/t-cms-parser.c (one_file): Open the file with binary flag.
149 2022-02-26 Werner Koch <wk@gnupg.org>
151 ocsp: Accept a server not responding with a nonce.
152 + commit 24992a4a7a61d93759e1dbd104b845903d4589bf
153 * src/ocsp.h (struct ksba_ocsp_s): Remove good_nonce.
154 * src/ocsp.c (parse_response_extensions): No not set good_nonce.
155 (ksba_ocsp_parse_response): Simplify the check.
157 ocsp: Fix detecting the right response item.
158 + commit c9cde18bc84a1b3bb7de22ca80264c418ffd0fee
159 * src/ocsp.c (ksba_ocsp_prepare_request): Store the value of the
162 2021-12-22 NIIBE Yutaka <gniibe@fsij.org>
164 build: Update for newer autoconf.
165 + commit 51b565054096926dc97fc2ebb72c7de05a127dff
166 * configure.ac (AC_PREREQ): Require >= 2.69.
167 (AC_HEADER_STDC): Remove.
169 2021-11-29 NIIBE Yutaka <gniibe@fsij.org>
171 Silence warning for ksba_isotime_t.
172 + commit 64ef3144abee7afbc93a87e960b9a79c7b43cfca
173 * src/time.c (_ksba_current_time): Let it return the result.
175 Fix ksba.pc to use HTTPS for the URL.
176 + commit 4898212c705a49da0384ac8f1b44f2d6592a990e
177 * src/ksba.pc.in: Use https.
179 2021-11-10 NIIBE Yutaka <gniibe@fsij.org>
181 libtool: Link without -flat_namespace for macOS.
182 + commit 0d7a62c355ea18031daf00490da9f7c9f33683c3
183 * m4/libtool.m4: Not setting 10.0 to MACOSX_DEPLOYMENT_TARGET when not
184 defined. Only specify -flat_namespace to linker for specific
185 (older) versions and hosts.
187 2021-10-13 NIIBE Yutaka <gniibe@fsij.org>
189 ASN.1 parser: Provide token table (no more %token-table).
190 + commit f3b7dd4167779f2694e932ad7c2adba98ff9a21d
191 * src/asn1-parse.y (%token-table): Remove.
193 (yylex): Use token_table.
195 2021-09-22 Andreas Metzler <ametzler@bebt.de>
197 build: Use automake primitives to install libksba.def.
198 + commit ce1de8cb2bcd712381f77519de4da87af42879a4
199 * src/Makekefile.am: Do not use explicit $INSTALL to install
200 libksba.def, fixes windows parallel build error.
202 2021-08-18 Werner Koch <wk@gnupg.org>
204 Avoid warnings about NULL ptr deref in ASN.1 helpers.
205 + commit c242f31b6d520a7f87bf36782e4b5c8da7dc045d
206 * src/asn1-func.c (_ksba_asn_set_value): Add extra asserts. Fix the
207 VALTYPE_BOOL case, which is actually not in Libksba.
209 2021-08-05 NIIBE Yutaka <gniibe@fsij.org>
211 build: Simplify configure.ac.
212 + commit 379e787a965148fa5613ccd4e2b8c3c00feb45d9
213 * configure.ac (AC_CHECK_HEADERS): Remove string.h.
214 (AC_CHECK_FUNCS): Remove memmove, strchr, strtol and strtoul.
216 2021-06-10 Werner Koch <wk@gnupg.org>
219 + commit 6b3573afb03afd4560f78bec73ec192e09fdd9d5
222 2021-06-02 Werner Koch <wk@gnupg.org>
224 Support Authenticated-Enveloped-Data Content Type.
225 + commit 81fdcd680c127cbc7cfb977aa43aa45ffce0f5fc
226 * src/cms.h (struct ksba_cms_s): Remove struct data which was not
227 used. Add struct authdata.
228 * src/cms.asn (AuthEnvelopedData): New.
229 (id-authEnvelopedData): New.
230 * src/ksba.h.in (ksba_content_type_t): Add KSBA_CT_AUTHENVELOPED_DATA.
231 * src/cms.c (content_handlers): Ditto.
232 (ksba_cms_release): Free the new fields.
233 (ksba_cms_get_message_digest): Hack to return authtag.
234 (ct_parse_signed_data): Remove useless condition which was always true.
235 * src/cms-parser.c (parse_encrypted_content_info): Add arg
237 (_ksba_cms_parse_enveloped_data_part_1): Detect GCM with AES and parse
239 (_ksba_cms_parse_enveloped_data_part_2): Parse the MAC part and store
240 it for retrieval by ksba_cms_get_message_digest.
241 * tests/t-cms-parser.c (one_file): Handle authdata.
243 2021-05-27 NIIBE Yutaka <gniibe@fsij.org>
245 build: _DARWIN_C_SOURCE should be 1.
246 + commit a375a3d20e831c58c3b87abb41f3a8e8b723d985
247 * configure.ac (*-apple-darwin*): Set _DARWIN_C_SOURCE 1.
249 2021-05-18 Werner Koch <wk@gnupg.org>
251 Support password based decryption.
252 + commit cb7f2484a09cbe3cddcee6d2a752148df937cf0e
253 * src/cms.asn (RecipientInfo): Add pwri element.
254 (PasswordRecipientInfo): New.
255 * src/keyinfo.c (get_algorithm): Add arg to specify the expected tag.
257 (_ksba_parse_algorithm_identifier3): New to specify the expected tag.
258 * src/cms.c: Include stringbuf.h.
259 (ksba_cms_get_issuer_serial): Return an error code for pwri.
260 (ksba_cms_get_enc_val): Add special code for pwri.
262 * tests/t-cms-parser.c (one_file): Detect pwri recipients.
264 2021-04-21 NIIBE Yutaka <gniibe@fsij.org>
266 build: Update gpg-error.m4.
267 + commit 72f19cdabfb26bf51c6a4ea2e17154adf7e5a96b
268 * m4/gpg-error.m4: Update from libgpg-error.
270 2021-04-20 Jakub Jelen <jjelen@redhat.com>
272 Fixes for static analysis reports.
273 + commit fbb1f303198b5ff0cc7012eaef210ad2cf22edb5
274 * tests/t-oid.c (main): Reset freed pointer for next iteration.
275 * src/time.c (_ksba_current_time): Use snprintf to avoid buffer overrun.
276 * src/asn1-func.c (_ksba_asn_expand_object_id): Initialize NAME2.
277 * src/ber-help.c (_ksba_ber_count_tl): Mark identical branches as
278 intentional for coverity.
280 2021-04-06 Werner Koch <wk@gnupg.org>
283 + commit 1015bea2f8a55b965dee29e17118bc73c2deca39
286 build: Add the usual release targets.
287 + commit 1050939435548baa30a8ba8c20b7824ec7b2841e
288 * Makefile.am (release, sign-release): New targets.
290 2021-02-22 Werner Koch <wk@gnupg.org>
292 Support Brainpoolp256r1 and Brainpoolp384r1 with ECDomainParameters.
293 + commit 4243085d7d4361d8900010ed32018985b133f958
294 * src/keyinfo.c (ecdomainparm_to_name): Two more entries.
296 2021-02-01 Werner Koch <wk@gnupg.org>
298 Support Brainpoolp512r1 certs specified with ECDomainParameters.
299 + commit e51873b567d9f9cce708d191b29f09d56ea16f2d
300 * src/keyinfo.c (ecdomainparm_to_name): New table.
301 (_ksba_keyinfo_to_sexp): Support ECDomainParameter lookup.
303 2020-12-21 Werner Koch <wk@gnupg.org>
305 Fix a possible segv in case of an unknown CMS object.
306 + commit fe03ab4c14e71cb08210159a943a6edded6cdc4d
307 * src/cms.c (ksba_cms_get_enc_val): Fix strcmp.
309 2020-11-18 Werner Koch <wk@gnupg.org>
312 + commit 9c0a818cd89cf90e87a3fdf5f7b2d82062645229
313 * configure.ac: Set LT version to C21/A13/R0.
315 Add SPDX identifiers.
316 + commit b426d2216583b8165abe89900578e0dbf9590571
317 * src/version.c (cright_blurb): New.
318 (ksba_check_version): Detect request for the cright blurb.
320 Allow for NDEF list of certs and CRLs in CMS.
321 + commit b6438e768cf969a74b985bf2686d7cf0b4323355
322 * src/cms-parser.c (_ksba_cms_parse_signed_data_part_2): Fix endtag
325 * tests/t-cms-parser.c (main): Allow several files on the command line
326 and add more files to the default invocation.
328 2020-11-18 NIIBE Yutaka <gniibe@fsij.org>
330 m4: Update with newer autoconf constructs.
331 + commit 1ef7f310d8bb0990d2c7a65f34ffa46f77c5d35d
332 * src/ksba.m4: Replace AC_HELP_STRING to AS_HELP_STRING.
334 build: Update to newer autoconf constructs.
335 + commit 0d46f2c000c45147db9a2c418248108bf444afb9
336 * configure.ac (AC_INIT): Use 'https://'.
337 Use AC_CONFIG_HEADERS instead of AM_CONFIG_HEADER.
338 Use AC_USE_SYSTEM_EXTENSIONS instead of AC_GNU_SOURCE.
339 Use AS_HELP_STRING instead of AC_HELP_STRING.
340 * gl/m4/onceonly_2_57.m4: Remove.
341 * m4/gpg-error.m4: Update from libgpg-error.
342 * m4/libtool.m4: Update from libgpg-error.
343 * m4/libgcrypt.m4: Update from libgcrypt.
345 build: Use modern Autoconf check for type.
346 + commit 60b32609ae7f7940c11117cb545c571356743624
347 * configure.ac (u32): Use AC_CHECK_TYPES.
348 * m4/Makefile.am (EXTRA_DIST): Update.
349 * m4/gnupg-typedef.m4: Remove.
350 * tests/sha1.c: Use HAVE_TYPE_U32.
352 2020-06-17 Werner Koch <wk@gnupg.org>
354 Support TR-03111 plain format ECDSA signature verification.
355 + commit 486fb0257d08c9a90571aa8433c1c61b53dda4fe
356 * src/keyinfo.c (sig_algo_table): Add ECDSA algos from TR-03111.
357 (cryptval_to_sexp): Support plain ecdsa format.
359 2020-05-28 Werner Koch <wk@gnupg.org>
361 Let ksba_cms_identify detect the new OpenPGP keyblock content.
362 + commit 5cdf0b5b0f1994405c8689ceaee76126755dcd1c
363 * src/ksba.h.in (KSBA_CT_OPENPGP_KEYBLOCK): New.
364 * src/cms.c: Add to table.
365 * tests/t-cms-parser.c (one_file): Ditto.
367 2020-05-19 Werner Koch <wk@gnupg.org>
370 + commit f30f604700d37f1932d399ab2fb552713007117f
373 2020-05-18 Werner Koch <wk@gnupg.org>
375 Finish creation of ECDSA and EdDSA certificates.
376 + commit 71a2f1e87790cc4fccd4e5e60ffd368fbfd85bb2
377 * src/keyinfo.c (_ksba_keyinfo_from_sexp): Skip writing curve
378 parameter in algoinfo mode.
380 (curve_names): Add field pkalgo and set for rfc8410 algos.
381 (get_ecc_curve_oid): New arg r_pkalgo.
382 (_ksba_keyinfo_from_sexp): Take are of a forced algo. Add code path
383 for rfc8410 public key.
384 * src/certreq.h (struct ksba_certreq_s): Add flag 'is_ecc'.
385 * src/certreq.c (ksba_certreq_add_extension): Set that flag.
386 (ksba_certreq_set_sig_val): Use sig_val.is_ecc also for EdDSA.
387 (build_cri): Rewrite using the DER builder.
389 2020-05-15 Werner Koch <wk@gnupg.org>
391 Allow direct construction of encapsulated octet and bit strings.
392 + commit 2605a994a2c7a4c06e7a2efb69e620fd687359ba
393 * src/ksba.h.in (KSBA_CLASS_ENCAPSULATE): New pseudo class.
394 * src/der-builder.c (struct item_s): Add field 'encapsulate'. Change
395 'class' to a 2 bit field. Decrease size of 'hdrlen' to 10 bits which
397 (_ksba_der_builder_reset): Clear 'encapsulate'.
398 (_ksba_der_add_ptr): Mask CLASS to avoid possible compiler warnings.
399 (add_val_core): Ditto.
400 (_ksba_der_add_tag): Ditto. Set ENCAPSULATE.
401 (compute_lengths): Account for extra octet.
402 (_ksba_der_builder_get): Implement encapsulated data.
404 * tests/t-der-builder.c (test_der_builder): Add test cases for
407 2020-05-14 Werner Koch <wk@gnupg.org>
409 Publish constants for the DER builder.
410 + commit 0e0fad9335ba8afe319fdb36e735533cff71a2b4
411 * src/ksba.h.in (KSBA_CLASS_): New constants.
412 (KSBA_TYPE_): New constants.
413 * src/der-builder.c (struct item_s): Increase size of HDRLEN and TAG.
414 (count_tl, write_tl): Support tags > 30.
416 * tests/t-der-builder.c: New
417 * tests/Makefile.am (TESTS): Add file.
419 Simplify the ksba_keyinfo_from_sexp function.
420 + commit 88647cd33059129dca6d17434208d5f68108daf3
421 * src/keyinfo.c: Include der-builder.h
422 (get_ecc_curve_oid): Change to return a string.
423 (oid_from_buffer): Ditto.
424 (_ksba_keyinfo_from_sexp): Rewrite.
426 Fix DER builder to a allow a single primitive element.
427 + commit 31c42e7568a7532f8fb5d291f5c4a26594d74ad4
428 * src/der-builder.c (_ksba_der_builder_get): Allow a single item.
430 Fold duplicated code in keyinfo.c into one function.
431 + commit fae738f23b5bfde8fa25b6759fd1aac6809b40ca
432 * src/keyinfo.c (_ksba_algoinfo_from_sexp): Remove.
433 (_ksba_keyinfo_from_sexp): Add arg algoinfomode
434 * src/certreq.c (ksba_certreq_add_subject): Adjust for change.
435 (ksba_certreq_set_serial): Use _ksba_keyinfo_from_sexp in
438 * tests/cert-basic.c (one_file): Adjust for change.
440 2020-05-14 Trammell Hudson <hudson@trmm.net>
442 Fix qsort handler to reproducible sort the string table.
443 + commit cdbced98819dd0b1478db1bb82bbc249d52e32ae
444 * src/asn1-gentables.c (cmp_string): Comapre the strings if they have
447 2020-05-12 Werner Koch <wk@gnupg.org>
449 New API to construct arbitrary DER objects in memory.
450 + commit 30d35448cd585156a0461f02934a356894e6867b
451 * src/der-builder.h (struct ksba_der_s, ksba_der_t): Move to ...
452 * src/ksba.h.in: here.
453 (ksba_der_release): New.
454 (ksba_der_builder_new): New.
455 (ksba_der_builder_reset): New.
456 (ksba_der_add_ptr): New.
457 (ksba_der_add_val): New.
458 (ksba_der_add_int): New.
459 (ksba_der_add_oid): New.
460 (ksba_der_add_bts): New.
461 (ksba_der_add_der): New.
462 (ksba_der_add_tag): New.
463 (ksba_der_add_end): New.
464 (ksba_der_builder_get): New.
465 * src/libksba.def: Add new functions.
466 * src/libksba.vers: Ditto.
467 * src/visibility.c: Add wrapper.
468 * src/visibility.h (ksba_der_add_val): Add usual macro magic.
470 Allow parsing of EdDSA certificates.
471 + commit 60943d9f18162c7a55a635b122888b9f53690e77
472 * src/keyinfo.c (sig_algo_table): Remove unused params for EdDSA
474 (_ksba_keyinfo_to_sexp): Add curve to EdDSA algos.
475 (cryptval_to_sexp): Add special handling for EdDSA algos.
477 2020-05-11 Werner Koch <wk@gnupg.org>
479 Support creation of ECDSA signed data.
480 + commit cda81bec2e141f67e6ee905eac0e719abb7ef20c
481 * src/der-builder.c (_ksba_der_add_int): New.
482 * src/cms.h (struct sig_val_s): Add struct ecc.
483 * src/cms.c (ksba_cms_release): Release ecc.
484 (ksba_cms_set_sig_val): Support ecdsa.
485 (build_signed_data_rest): Ditto.
487 * tests/samples/ecdsa-sample1.p7s: New.
488 * tests/samples/ecdsa-sample1.p7s.asn: New.
489 * tests/samples/rsa-sample1.p7s: New.
490 * tests/samples/rsa-sample1.p7s.asn: New.
492 2020-05-04 Werner Koch <wk@gnupg.org>
494 Support creation of ECDH enveloped data object (part 2 of 2)
495 + commit 8ade151b10480cb03998669e928cfd2e159531c0
496 * src/cms.c (build_enveloped_data_header): Write out ECDH info.
498 Add a dedicated BIT STRING function to the new DER builder.
499 + commit be1b4416afc3d646b43c5541b2d79036b6e7cdaf
500 * src/der-builder.c (_ksba_der_add_bts): New.
502 2020-05-01 Werner Koch <wk@gnupg.org>
504 Support creation of ECDH enveloped data object (part 1)
505 + commit 0ddfbb464e0a86164768bd42e3e02a07f06dca62
506 * src/cms.h (struct enc_val_s): Add new fields for ECDH.
507 * src/cms.c: Include der-builder.h
508 (log_sexp): New but commented debug helper.
509 (ksba_cms_release): Free new ECDH values.
510 (ksba_cms_set_enc_val): Support ECDH.
511 (build_enveloped_data_header): Rewrite to make use of the new DER
514 Add a new DER builder for internal use.
515 + commit cf49d3e60a67180fcb1b9005d910f015b388cf3c
516 * src/der-builder.c: New.
517 * src/der-builder.h: New.
518 * src/util.c (_ksba_reallocarray): New.
520 Add new internal function to get the encoded issuer.
521 + commit 9c52d0787e0d0e78c8f10523a1c12fd83126393b
522 * src/cert.c (_ksba_cert_get_issuer_dn_ptr): New.
523 (_ksba_cert_get_serial_ptr): Return the full DER encoding and not just
525 * src/ocsp.c (ksba_ocsp_prepare_request): Adjust for this change.
527 Add RSA encrypted sample file.
528 + commit 0aee4bf128097cbce7e26b76a06d41045fd9d26a
531 Move ASN.1 constants to a separate header.
532 + commit d1ca2c8b65da20f5c407a1c9aad721ace4de460e
533 * src/asn1-func.h: Factor constants out to ...
534 * src/asn1-constants.h: new.
535 * src/Makefile.am (libksba_la_SOURCES): Add new file.
537 2020-04-21 Werner Koch <wk@gnupg.org>
539 Support parsing of the CMS KeyAgreeRecipientInfo.
540 + commit 401dc58d3d55ed58a0ac4e1f286a7e19ed9e956c
541 * src/cms-parser.c (_ksba_cms_parse_enveloped_data_part_1): Decode at
542 the RecipientInfo level.
543 * src/cms.c (ksba_cms_get_issuer_serial): Adjust for this change.
544 Support KeyAgreeRecipientInfo.
545 (ksba_cms_get_enc_val): Ditto.
546 (dbg_print_sexp): New commented debug helper.
547 * src/keyinfo.c (enc_algo_table): Add and entry of ECDH.
548 (_ksba_parse_algorithm_identifier2): Make R_NREAD optional.
549 (cryptval_to_sexp): Add args to support ECDH.
550 (_ksba_sigval_to_sexp): Adjust for this.
551 (_ksba_encval_to_sexp): Ditto.
552 (_ksba_encval_kari_to_sexp): New.
554 * tests/t-cms-parser.c (one_file): Print the enc-val.
556 * tests/samples/ecdh-sample1.p7m: New sample.
557 * tests/samples/ecdh-sample1.p7m.asn: And a dump with some comments.
559 Extend the parser to better handle CHOICE elements.
560 + commit d07733cf94a255ae804f1964e0fd769f2b337965
561 * src/asn1-func.c (find_node): Support '+' operator.
562 * src/ber-decoder.c (find_anchor_node): Support CHOICE tag.
563 (decoder_next): Set the outer sequence length also for context tags.
565 2020-04-14 Werner Koch <wk@gnupg.org>
567 Allow for Null hash algo parameters on rsaPSS and add pss flag.
568 + commit 17a09f41fc4b26b7af839be2b9666c94e5a22097
569 * src/ber-help.c (_ksba_parse_optional_null): New.
570 * src/ber-help.h (parse_optional_null): New macro.
571 * src/crl.c (ksba_crl_get_sig_val): Insert a "pss" flag.
572 * src/keyinfo.c (cryptval_to_sexp): Ditto.
573 (_ksba_keyinfo_get_pss_info): Allow for NULL parameter.
575 2020-04-09 Werner Koch <wk@gnupg.org>
577 Support rsaPSS also for CRLs.
578 + commit e6e9858970ed37f4d1b82b63868f2f855b4509fe
579 * src/crl.c: Include stringbuf.h
580 (ksba_crl_get_sig_val): Extend to return PSS parameter.
582 * tests/t-crl-parser.c (one_file): Print parameter.
584 Refactor PSS parameter parsing.
585 + commit 5c08d7ea8e0f6945082c1c6947aa333b6d36d789
586 * src/keyinfo.c (cryptval_to_sexp): Move pssRSA parser to ...
587 (_ksba_keyinfo_get_pss_info): new.
589 Merge copies of stringbuf functions into one new header.
590 + commit 641fc8b6deac2262978c5212fd0d41b6d0a07277
591 * src/stringbuf.h: New.
592 * src/Makefile.am (libksba_la_SOURCES): Add it.
593 * src/dn.c: Move stringbuf functions to new file.
594 * src/keyinfo.c: Ditto.
596 2020-04-08 Werner Koch <wk@gnupg.org>
598 Add read-only support for rsaPSS.
599 + commit f5695be600abe905476f45808ef7df850d9a4dae
600 * src/ber-help.c (_ksba_parse_context_tag): Minor tweak in the
601 returned error codes.
602 * src/keyinfo.c (SUPPORTED_RSAPSS): New.
603 (pk_algo_table): Add rsaPSS.
604 (sig_algo_table): Add rsaPSS.
605 (put_stringbuf_uint): New.
606 (cryptval_to_sexp): Parse out the rsaPSS parameters.
608 Remove duplicated code and make parse wrappers internally available.
609 + commit 152d04749cceeaccf309a3b150000da09aa503b5
610 * src/ber-help.c (_ksba_parse_sequence): New. Code taken from ocsp.c
611 or crl.c and function name prefixed with _ksba_.
612 (_ksba_parse_context_tag): Ditto.
613 (_ksba_parse_enumerated): Ditto.
614 (_ksba_parse_integer): Ditto.
615 (_ksba_parse_octet_string): Ditto.
616 (_ksba_parse_optional_boolean): Ditto.
617 (_ksba_parse_object_id_into_str): Ditto.
618 (_ksba_parse_asntime_into_isotime): Ditto.
619 * src/ber-help.h: Add new prototypes and macros fro easier use.
620 (parse_skip): Moved from ocsp.c and crl.c as inline to here.
621 * src/crl.c: Remove parse fucntions.
622 * src/ocsp.c: Remove parse fucntions.
624 * src/Makefile.am (ber_dump_SOURCES): Add time.c
626 2020-04-03 Werner Koch <wk@gnupg.org>
628 Very minor patch cleanup.
629 + commit 1119068b2e9f3bc1555dcc78fa54716733470b01
630 * src/keyinfo.c (pkalgo_t): Remove trailing comma
632 2020-03-31 NIIBE Yutaka <gniibe@fsij.org>
634 ecc: Add Ed25519 and Ed448 public key support.
635 + commit 2625e13bc9d5ed1292eacba38683e5f3b1371237
636 * src/keyinfo.c (PKALGO_ED25519, PKALGO_ED448): New.
637 (PKALGO_X25519, PKALGO_X448): New for future.
639 (sig_algo_table): New entries for Ed25519 and Ed448 for future.
640 (_ksba_keyinfo_from_sexp): Add handling for Ed25519 and Ed448.
642 2020-03-30 Werner Koch <wk@gnupg.org>
644 Allow optional elements in keyinfo objects.
645 + commit 1e903fe558bd6583c5447fbebe2ef019229dbfdc
646 * src/keyinfo.c (_ksba_keyinfo_from_sexp): Allow for optiona elements.
647 (_ksba_algoinfo_from_sexp): Ditto.
649 2020-01-21 Werner Koch <wk@gnupg.org>
651 tests: Implement option --to-str for t-dn-parser.
652 + commit bf52cfb8f2b624fb4e24b4bc1089f74429b70b5a
653 * tests/t-dnparser.c (main): Implement option.
655 2019-08-20 NIIBE Yutaka <gniibe@fsij.org>
657 pkgconfig: Fix ksba.pc.
658 + commit 3df0cd32e3b21b7da96a93d1f84d6cb6a77b89be
659 * src/ksba.pc.in (Cflags, Libs): Have flags.
661 2019-07-22 NIIBE Yutaka <gniibe@fsij.org>
663 build: Use {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD for helper program.
664 + commit b92ec7f502d9a1107ac69dacce9ff684f5ae1c07
665 * src/Makefile.am: Add {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD for
668 2019-04-26 Werner Koch <wk@gnupg.org>
670 Add support for authenticode signing.
671 + commit 1f0afa452e1276c98c2932e7247e36e0d74cc306
672 * src/cms.c (content_handlers): Add KSBA_CT_SPC_IND_DATA_CTX.
674 Add constants KSBA_VERSION and KSBA_VERSION_NUMBER.
675 + commit 158539fd0c82522665fc4be86ba32f7f8553bc9b
676 * src/ksba.h: Rename to ...
677 * src/ksba.h.in: this.
678 (KSBA_VERSION, KSBA_VERSION_NUMBER): New.
679 * configure.ac (VERSION_NUMBER): Set it.
680 (AC_CONFIG_FILES): Add ksba.h
682 2019-03-06 NIIBE Yutaka <gniibe@fsij.org>
685 + commit 09a4cfae14397605bb32ddd4449b47d32e5090ab
686 * m4/libgcrypt.m4: Update from libgcrypt master.
688 2019-02-27 NIIBE Yutaka <gniibe@fsij.org>
690 Revert wrong fix for ECDSA.
691 + commit f37361f86d2228aa5c5b09db188b8c6ba33cc435
692 * src/certreq.c (ksba_certreq_set_sig_val): Add back MSB handling of
695 Don't remove leading zero byte.
696 + commit 9fea74575085352daec89b64bd36db5df9a05fb8
697 * src/cms.c (ksba_cms_set_sig_val): Don't remove leading zero byte.
698 (ksba_cms_set_enc_val): Likewise.
699 * src/certreq.c (ksba_certreq_set_sig_val): Likewise for RSA.
701 2019-02-26 NIIBE Yutaka <gniibe@fsij.org>
703 Fixing ECDSA, support EdDSA signatures in CSRs.
704 + commit 5d9278f3d13050eddd68d8a1c490274a4f631f5f
705 * src/certreq.c (ksba_certreq_set_sig_val): Remove MSB handling of
706 0x80 for ECDSA, because it is done by GnuPG.
708 Distinguishing EdDSA signature in libgcrypt format, make a signature
709 simply concatinate r and s.
711 2019-02-14 Damien Goutte-Gattat via Gnupg-devel <gnupg-devel@gnupg.org>
713 Support multi-valued signatures in CSRs.
714 + commit 98882064f45778927d38c6fdbe008f5858b36813
715 * src/certreq.c (ksba_certreq_set_sig_val): Support signatures
716 made of several values.
718 2019-01-16 NIIBE Yutaka <gniibe@fsij.org>
720 build: With LD_LIBRARY_PATH defined, use --disable-new-dtags.
721 + commit 3f99f332ada603468eb30d77649c4fdf84b383e6
722 * configure.ac (LDADD_FOR_TESTS_KLUDGE): New for --disable-new-dtags.
723 * tests/Makefile.am (LDADD): Use LDADD_FOR_TESTS_KLUDGE.
725 2018-11-13 NIIBE Yutaka <gniibe@fsij.org>
727 build: Update autogen.rc.
728 + commit c37cdbd0f1b4a682799e0661178e392227cca938
729 * autogen.rc: Remove obsolete --with-gpg-error-prefix option.
731 2018-11-08 NIIBE Yutaka <gniibe@fsij.org>
733 Add annotation for fall through path.
734 + commit 3f5dcb5ff6721b0c70c8b0e320e4fd58f1c2cada
735 * src/ber-decoder.c (decoder_next): Add FALLTHROUGH.
737 2018-11-02 NIIBE Yutaka <gniibe@fsij.org>
739 build: Update gpg-error.m4 and ksba.m4.
740 + commit 5a7c0d8667ceddf7820131865dad0ab850e5c3a4
741 * m4/gpg-error.m4: Update to 2018-11-02.
742 * src/ksba.m4: Add AC_MSG_NOTICE.
744 2018-10-29 NIIBE Yutaka <gniibe@fsij.org>
746 build: Update gpg-error.m4 and ksba.m4.
747 + commit 9917a23a6c8177f79bdd8da031d3b7135b597c91
748 * m4/gpg-error.m4: Update to 2018-10-29.
749 * src/ksba.m4: Follow the change of gpgrt-config.
751 2018-10-26 NIIBE Yutaka <gniibe@fsij.org>
753 ksba.m4: Fix calling by gpgrt-config.
754 + commit 825a4a9e93655b136dd2eee685e0e67aca912a01
755 * src/ksba.m4: Fix condition and use "ksba" for *.pc.
757 ksba.m4: Better backward compatibility.
758 + commit d3fdae7a299a0514b90dbb7f45a0d08ee5d93078
759 * m4/gpg-error.m4: Update.
760 * src/ksba.m4: Don't assume ksba-config is newer.
761 Fix KSBA_CONFIG which used LIBKSBA_CONFIG wrongly.
764 + commit 910c148825d50798689998ed760b658f2aeeee64
765 * src/ksba.m4: Use AC_PATH_PROG to detect ksba-config.
767 build: Improve ksba.m4.
768 + commit f0116c07d0d89fc7114dedeb3fc638ab9dae2254
769 * src/ksba.m4: Don't try gpgrt-config when LIBKSBA_CONFIG set. Fall
770 back to detecting ksba-config, when gpgrt-config doesn't work well.
772 build: Relax build requirements.
773 + commit a32a50c7726ee7c6ac320d99b9ab42f073960cc9
774 * m4/gpg-error.m4: Update from libgpg-error 1.33.
775 * src/ksba.m4: Don't require AM_PATH_GPG_ERROR. Use GPGRT_CONFIG when
776 it is confirmed that it is available and working well.
777 * configure.ac (AM_PATH_GPG_ERROR): No requirement for newer version
778 (It was because of new gpgrt-config which supports *.pc files).
780 2018-10-25 NIIBE Yutaka <gniibe@fsij.org>
782 build: Require libgpg-error >= 1.33.
783 + commit 07cf4a9ab6f1a7b68aeda39ba03691e713254418
784 * configure.ac (NEED_GPG_ERROR_VERSION): Require >= 1.33.
785 * m4/gpg-error.m4: Update from libgpg-error 1.33.
786 * src/ksba.m4: Fix to support --with-libksba-prefix.
788 2018-10-24 NIIBE Yutaka <gniibe@fsij.org>
791 + commit 4754816d10a38ebe97acd2f3bfaa835055566696
792 * src/ksba.pc.in: Fix typo.
794 build: Fix previous commit.
795 + commit 5a21f7465ca2aadfb3877a53f6536859b6973463
798 build: Compatibility to pkg-config.
799 + commit dfc3ad5c6e97cc11de4faa19de59203ae8d5eb1a
800 * src/ksba-config.in: Support --variable and --modversion.
802 build: Make ksba.m4 use gpg-error-config.
803 + commit ce5247c0f3fcbe8a1e70c33ab4c83d807aecce63
804 * src/ksba.m4: Use gpg-error-config.
806 build: Provide libassuan.pc, generated by configure.
807 + commit d0016a76942eb58748182ad282c03d5cd7a0dc86
808 * configure.ac (PACKAGE, VERSION): Remove.
809 Generate src/ksba.pc.
810 * src/Makefile.am (pkgconfigdir, pkgconfig_DATA): New.
811 * src/ksba-config.in: Use @PACKAGE_VERSION@.
812 * src/ksba.pc.in: New.
814 build: Update gpg-error.m4 from libgpg-error.
815 + commit ec4e838ca91849b493f7ea77074e4415ed6a2d4a
816 * m4/gpg-error.m4: Update from libgpg-error 1.33.
818 2018-10-23 Werner Koch <wk@gnupg.org>
820 Fix error detection in the CMS parser which may led to a NULL-deref.
821 + commit a1ce3c17ee0d44ba8c7c9553824ba55b7950e930
822 * src/cms.c (build_signed_data_rest): Fix c+p bug.
824 Use only one .PHONY target in a Makefile.
825 + commit d56bddc68db86878e1b3497362407c994c2841ca
826 * Makefile.am (.PHONY): Move to the end.
828 Fix test for existence of the signing_time.
829 + commit a0bbba1c49286f09c5f2eb3cd788938fac2ed252
830 * src/cms.c (build_signed_data_attributes): Fix test.
832 2017-08-22 Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
835 + commit af99234b21c98ad1a4eaf2b72fb52de67beba9d3
836 * configure.ac: Revert last change and define HAVE_GCOV if not
838 * tests/detached-sig.csm: New file.
839 * tests/Makefile.am (EXTRA_DIST): Add detached-sig.csm.
840 * tests/t-cms-parser.c (main): Use detached-sig.csm as test file.
842 2017-08-18 Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
844 Fix non-maintainer build.
845 + commit 457d2f0c6a1fea394de6d48afb1c1c0189c52878
846 * configure.ac: Always check for gcov program to make sure
847 the automake variable is defined.
849 Fix all compiler warnings.
850 + commit 982faa2c354a2d23ffd4a0bad584e145faf809bc
851 * src/asn1-parse.y (import_defs, identifier_list): Comment out unused part
852 of the grammar that causes a shift-reduce conflict.
853 * src/cms-parser.c (_ksba_cms_parse_enveloped_data_part_1): Initialize
854 some variables to help suppress uninitialized use warning.
855 * src/crl.c (oidstr_issuingDistributionPoint): Comment out unused OID.
856 * src/gen-help.h (ksba_asn_parse_file, ksba_asn_tree_dump): Add declarations.
858 2017-08-15 Kai Michaelis <kai@gnupg.org>
860 Fix memory leaks in ksba_cms_identify and tests.
861 + commit a1d9b046aec8cedda16a9e24eb8d2ed021f68d5d
862 * tests/t-reader.c: free prepend_srcdir() result.
863 * tests/t-cms-parser: ditto & release writer instance.
864 * src/cms.c: fix mem leak in ksba_cms_identify().
866 2017-08-10 Kai Michaelis <kai@gnupg.org>
868 Enable CMS parser test.
869 + commit 39e633d6d224cafa83d884865ac4e372709d91b7
870 * tests/Makefile.am: add t-cms-parser to the list of tests.
871 * tests/t-cms-parser.c: change default test file to something that
874 Generate coverage information.
875 + commit 3e029a4ed0059116febe05924a14009ca622e3c5
876 * autogen.sh: add options --coverage and --report to help w/ coverage
877 info collection and reporting.
878 * m4/gcov.m4: new file. Boilerplate for locating gcov et.al.
879 * Makefile.am: add coverage-report target
883 2017-08-09 Kai Michaelis <kai@gnupg.org>
886 + commit ad36a28e3a0580c1a9547843c03e1af172681efc
887 * src/reader.c: include unistd.h
889 Don't use decls in for-loop headers.
890 + commit 707862ab44fb6cca79dacbf866a7066d941b92fc
891 libksba compiles w/ C90
893 Add missing fd support to ksba_reader_t.
894 + commit c7f4ef5b5ebc8d6be2c56f14da999a36735a2eba
895 * src/reader.c: add branches for READER_TYPE_FD
896 * tests/t-reader.c: tests for above
898 2017-06-19 Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
900 configure: Add flag to disable documentation build.
901 + commit ab23f39a91b5c16eda2d9d581f9bf2ab2da39cf2
902 * configure.ac: Add new option --disable-doc.
903 (BUILD_DOC): New automake conditional.
904 * Makefile.am (SUBDIRS): Make doc optional based on BUILD_DOC.
905 (DISTCHECK_CONFIGURE_FLAGS): New variable.
907 Signed-Off-By: Marcus Brinkmann <mb@g10code.com>
909 2017-04-20 Andre Heinecke <aheinecke@intevation.de>
911 tests: Open testfile in binary mode.
912 + commit 3bb0c54fe47eb72e1e7be93de8775b37045de34d
913 * tests/t-crl-parser.c (one_file): Read file in binary mode.
915 2017-03-08 Justus Winter <justus@g10code.com>
917 build: Use macOS' compatibility macros to enable all features.
918 + commit 561d03a008150c201ece22b29c97b24a1f6bf590
919 * configure.ac: On macOS, use the compatibility macros to expose every
920 feature of the libc. This is the equivalent of _GNU_SOURCE on GNU
923 2016-10-14 Werner Koch <wk@gnupg.org>
925 Let configure print a note if Yacc is not Bison.
926 + commit 100ed5092aec0afe16ca7a4fe660602745e92a36
927 * m4/ax_prog_bison.m4: New.
928 * m4/Makefile.am (EXTRA_DIST): Add it.
929 * configure.ac: Test for Bison and print a note.
931 2016-08-22 Werner Koch <wk@gnupg.org>
934 + commit 25cc42cf61a56e01f1bd72883e452f691dda8309
935 * configure.ac: Set LT version to C19/A/11/R6.
937 Use size_t for the result of fread.
938 + commit 68fba3d8d7757b7f7ed75fdebd2b91299943503b
939 * src/reader.c (ksba_reader_read): Make 'n' and size_t.
941 Limit allocation in the BER decoder to 16 MiB.
942 + commit 89d898346b75337ec2546c672ea720c5c956b53a
943 * src/ber-decoder.c (MAX_IMAGE_LENGTH): New.
944 (decoder_next): Limit allcoation to MAX_IMAGE_LENGTH.
945 (_ksba_ber_decoder_dump, _ksba_ber_decoder_decode): Ditto.
947 2016-07-17 Tomáš Trnka <tomastrnka@gmx.com>
949 Encode OCSP nonce value as an octet string (RFC 6960)
950 + commit eb7833b8720cd0831c78d42e993ca878cecf27bc
951 * src/ocsp.c (ksba_ocsp_set_nonce): Stop removing the sign bit.
952 (write_request_extensions): Encode nonce as octet string.
953 (parse_response_extensions): Decode nonce as octet string.
955 2016-07-13 Werner Koch <wk@gnupg.org>
957 build: Update config.{guess,sub} to {2016-05-15,2016-06-20}.
958 + commit ee203f948a6573809672d9e61177145a13b3987d
959 * build-aux/config.guess: Update.
960 * build-aux/config.sub: Update.
962 2016-06-27 Werner Koch <wk@gnupg.org>
964 tests: Fix a memory leak.
965 + commit 995d2e34932143cc9888db779cb3ecd92ae6e32e
966 * tests/t-oid.c (test_oid_to_str): Free STR.
968 Use modern error macros and fix a missing assignment.
969 + commit b60e5140f85fc00cd131ab635d4202693759abe1
970 * src/ocsp.c: Remove errno.h. Replace gpg_error_from_errno(errno) by
971 gpg_error_from_syserror ().
972 (parse_response): Ditto. Return direct becuase static analyzer may
973 not grasp that gpg_error_from_syserror will never return false.
974 (ksba_ocsp_get_responder_id): Actually return an error for NO_DATA.
976 Detect invalid RDN names and avoid a read from uninitialized variable.
977 + commit 7243a3c6ed1635eef45b567b37a025e4a5e0dc51
978 * src/dn.c (parse_rdn): Bail out for an invalid name.
980 2016-05-25 Werner Koch <wk@gnupg.org>
981 Pascal Cuoq <cuoq@trust-in-soft.com>
983 Fix OOB read in parse_distribution_point.
984 + commit 43f890f37b514757db5653608ec59b5a74e8e092
985 * src/cert.c (parse_distribution_point): Check TI.length.
987 2016-05-11 Werner Koch <wk@gnupg.org>
989 Make sure that ASN.1 data is stored in an all-initialized buffer.
990 + commit 2a9fc5654df497b91ab9b64e946c1e19371888e5
991 * src/ber-decoder.c (decoder_next): Clear the image buffer.
993 2016-05-03 Werner Koch <wk@gnupg.org>
996 + commit 3a92e8c8939767d19aaa48f051d721d582ab0eff
997 * configure.ac: Set LT version to C19/A11/R5.
999 Update config.{guess,sub} to 2016-04-02 and 2016-03-30.
1000 + commit 8290fabdb260e228c3b89706c88caf90da77358b
1001 * build-aux/config.guess: Update.
1002 * build-aux/config.sub: Update.
1004 Create an SWDB file during "make distcheck"
1005 + commit ec820ebbb05cbc0d5ee00f086364ecaf3efa54cb
1006 * Makefile.am (distcheck-hook): New.
1008 Fix an undefined return value in ksba_cert_get_digest_algo.
1009 + commit 3f74c2cc0068d0b3584627af73c8c42ce720a826
1010 * src/cert.c (ksba_cert_get_digest_algo): Set ALGO in the error case.
1011 * tests/cert-basic.c (one_file): Take care of printf which does not
1014 Fix an OOB read access in _ksba_dn_to_str.
1015 + commit 6be61daac047d8e6aa941eb103f8e71a1d4e3c75
1016 * src/dn.c (append_utf8_value): Use a straightforward check to fix an
1019 Fix possible read access beyond the buffer.
1020 + commit a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
1021 * src/ber-help.c (_ksba_ber_parse_tl): Add extra sanity check.
1022 * src/cert.c (ksba_cert_get_cert_policies): Check TLV given length
1023 against buffer length.
1024 (ksba_cert_get_ext_key_usages): Ditto.
1025 * src/ocsp.c (parse_asntime_into_isotime): Ditto.
1027 2015-10-28 Werner Koch <wk@gnupg.org>
1029 Add more curves to the name->OID table.
1030 + commit 3d968bbffc3a0acda890e342fbbfa5b34a26085e
1031 * src/keyinfo.c (curve_names): Add more curves.
1033 Fix lookup of ECC OIDs by name.
1034 + commit 9df0ac3a4afa0272dbff08d17e9064f13be95814
1035 * src/keyinfo.c (get_ecc_curve_oid): Fix obviously never tested table
1038 2015-08-25 Werner Koch <wk@gnupg.org>
1040 Add configure option --enable-build-timestamp.
1041 + commit 538188812ace9594aad92a9b0f73b75e5ffc4526
1042 * configure.ac (BUILD_TIMESTAMP): Set to "<none>" by default. Add
1045 2015-04-10 Werner Koch <wk@gnupg.org>
1048 + commit b46ea28e82d67a2072817294115360fd3e1ab20c
1051 2015-04-09 Werner Koch <wk@gnupg.org>
1053 Do not abort on decoder stack overflow.
1054 + commit 07116a314f4dcd4d96990bbd74db95a03a9f650a
1055 * src/ber-decoder.c (push_decoder_state, pop_decoder_state): Return an
1057 (set_error): Prefix error message with "ksba:". Act on new return code.
1058 (decoder_next): Act on new return code.
1060 Fix integer overflow in the BER decoder.
1061 + commit aea7b6032865740478ca4b706850a5217f1c3887
1062 * src/ber-decoder.c (ber_decoder_s): Change val.length from int to
1064 (sum_a1_a2_gt_b, sum_a1_a2_ge_b): New.
1065 (decoder_next): Check for integer overflow. Use new sum function for
1067 (_ksba_ber_decoder_dump): Use size_t for n to match change of
1068 val.length. Adjust printf fomrat. Check for integer overflow and use
1069 gpg_error_from_syserror instead of GPG_ERR_ENOMEM.
1070 (_ksba_ber_decoder_decode): Use new sum function for size check.
1071 Check for integer overflow. Use size_t for n to match change of
1074 2015-04-08 Werner Koch <wk@gnupg.org>
1076 Fix encoding of invalid utf-8 strings in dn.c.
1077 + commit 243d12fdec66a4360fbb3e307a046b39b5b4ffc3
1078 * src/dn.c (append_quoted, append_atv): Use snprintf.
1079 (append_utf8_value): Fix invalid encoding handling.
1081 2015-01-30 Werner Koch <wk@gnupg.org>
1083 w32: Use -static-libgcc to avoid linking to libgcc_s_sjlj-1.dll.
1084 + commit 792f4b36f998beba3515b776e8ca76ecbf20e468
1085 * src/Makefile.am (extra_ltoptions): New.
1086 (libksba_la_LDFLAGS): Use it.
1088 Update ASN.1 grammar for newer Bison versions.
1089 + commit 569f3da664de81638bcb322d6e9380f3ff16f70c
1090 * src/asn1-parse.y (YYERROR_VERBOSE): Replace by ...
1091 (%define parse.error.verbose): this.
1092 (YYPARSE_PARM, YYLEX_PARM): Replace by ...
1094 (%pure_parser): Replace by ...
1095 (%define api.pure full): this.
1096 (yyerror): Add arg parm.
1098 2015-01-28 Werner Koch <wk@gnupg.org>
1100 Require automake 1.14 and update build-aux files.
1101 + commit 32b3a47a358d694332450f9c2487a88aedc46ca7
1102 * Makefile.am (AUTOMAKE_OPTIONS): Move to ...
1103 * configure.ac (AM_INIT_AUTOMAKE: here. Add serial-tests.
1105 2014-11-25 Werner Koch <wk@gnupg.org>
1108 + commit 02079b56b8d0d922bb84981270fafbc36637b417
1109 * configure.ac: Set LT version to C19/A11/R3.
1111 build: Update version number magic.
1112 + commit 00ef765bc1aff709e990f9fd984e25aa8e09f482
1113 * autogen.sh: Update from gnupg master.
1114 * configure.ac: Change for new init style. Create VERSION.
1115 * Makefile.am (dist-hook): Do no create VERSION
1117 Fix buffer overflow in ksba_oid_to_str.
1118 + commit f715b9e156dfa99ae829fc694e5a0abd23ef97d7
1119 * src/oid.c (ksba_oid_to_str): Fix unsigned underflow.
1121 * tests/Makefile.am (noinst_PROGRAMS): Move t-oid to ..
1123 * tests/t-oid.c (test_oid_to_str): New.
1124 (main): Run the new tests by default. The former functionality
1125 requires the use of one of the new options.
1127 2014-09-25 Werner Koch <wk@gnupg.org>
1129 Strip CRs while building the oid translation table.
1130 + commit 6692de1398629061d405099bb22e9480475928af
1131 * tests/Makefile.am (oidtranstbl.h): Strip CRs
1133 2014-09-18 Werner Koch <wk@gnupg.org>
1136 + commit 447784c718c817ab8036af7d81ce5a6bbb1f1df0
1137 * configure.ac: Set LT version to C19/A11/R2.
1139 2014-07-22 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
1141 Fix two memory leaks in cert-basic test.
1142 + commit 4486cb8228eeaefccc800e550cae4cd4701967c1
1143 * tests/cert-basic.c (one_file): always free public key and der2.
1145 Enable optional valgrind for testsuite.
1146 + commit 64902148236af8f39397bfaf6b5494b342027948
1147 * configure.ac: Enable gnulib valgrind module.
1148 * gl/m4/gnulib.m4: Enable valgrind module.
1149 * tests/Makefile.am: Enable valgrind as LOG_COMPILER.
1150 * gl/m4/valgrind-tests.m4: New
1152 Fix memory leak in crl parsing code.
1153 + commit 42aca4c9e575d44436e82e2e6bad6c967f12f21b
1154 * src/crl.c (store_one_entry_extension): Free memory at oid variable -
1155 otherwise libksba leaks memory on crl parsing.
1157 Adapt mkoidtbl script to newer dumpasn1 database format.
1158 + commit 21cf824e1547d94f898946715b525e7d41de5899
1159 * tests/mkoidtbl.awk: optionally parse oid at OID line.
1161 Reuse common test functions in cert-basic test.
1162 + commit 70bb73e5da9be83ec170829d7cdab5a1da89d408
1163 * tests/cert-basic.c (xmalloc, print_hex, print_sexp, print_time,
1166 tests: fix print_sexp and print_sexp_hex functions.
1167 + commit ce85db73a9330371d456ccd6a49a8682c31d0ed4
1168 * tests/t-common.h (print_sexp, print_sexp_hex): advance pointer on
1171 tests: Pass -no-install to libtool.
1172 + commit 7f9e09611fce8466a98f53c5dfe4bebb398c708f
1173 * tests/Makefile.am: add AM_LDFLAGS = -no-install
1175 2014-04-15 Werner Koch <wk@gnupg.org>
1177 tests: Fix warning about unused var.
1178 + commit 5b79ad34ea2d7a86cfe465c81ff6bcd7fc1c06fc
1179 * tests/t-dnparser.c (main): Drop unneeded var INPUTLEN.
1181 Fix possible segv if NULL is passed as cert.
1182 + commit 6fd166870237d5b913fb59cb2a4356fed1734efa
1183 * src/cert.c (ksba_cert_get_digest_algo): Fix !cert case.
1185 2014-01-10 Werner Koch <wk@gnupg.org>
1188 + commit f73e671406eefa96aba98f609cb68a9caae6bb7a
1189 * autogen.rc: Remove cruft.
1191 Use the generic autogen.sh script.
1192 + commit 3943ea7f7dd739dc2c259b76a569a46259d47c43
1193 * Makefile.am (EXTRA_DIST): Add autogen.rc.
1195 * autogen.sh: Update from current GnuPG.
1196 * ltmain.sh: Move to build-aux/.
1198 * config.guess: Ditto.
1199 * config.sub: Ditto.
1201 * doc/mdate-sh: Ditto.
1202 * doc/texinfo.tex: Ditto.
1203 * install-sh: Ditto.
1206 * configure.ac (AC_CONFIG_AUX_DIR): New.
1208 2014-01-08 Werner Koch <wk@gnupg.org>
1210 Add --enable-silent-rules stuff.
1211 + commit 629c1f0b16b12418711516de3bef5298ab45fe12
1212 * configure.ac: Add AM_SILENT_RULES.
1214 Fix libtool 2.4.2 to correctly detect .def files.
1215 + commit a7b75d6e8e8af79eab9ece7a4061ea48eab8a81d
1216 * ltmain.sh (sed_uncomment_deffile): New.
1217 (orig_export_symbols): Uncomment def file before testing for EXPORTS.
1218 * m4/libtool.m4: Do the same for the generated code.
1220 2013-12-10 David 'Digit' Turner <digit@google.com>
1222 Update libtool to support Android.
1223 + commit d69cde444b2a4b106b4d8c6857efe7d5e8ce18fc
1224 * m4/libtool.m4: Add "linux*android*" case. Taken from the libtool
1227 2013-12-10 Werner Koch <wk@gnupg.org>
1229 Add build support for ppc64le.
1230 + commit a34986a19b2d597cfa3fac099abe243ce1a896a5
1231 * config.guess, config.sub: Update to latest version (2013-11-29).
1232 * m4/libtool.m4: Add patches for ppc64le.
1234 Fix duplicate definition of TRUE and FALSE in grammar file.
1235 + commit ab3fe5dccd5bd814f9e2db943380b28598f8cb7a
1236 * src/asn1-parse.y (YYPRINT): Define.
1237 (%token-table): Define.
1238 (TRUE,FALSE,BOOLEAN): Prefix these tokens with "ksba_" to avoid name
1240 (key_word, key_word_token): Remove arrays.
1241 (%token): Add literal strings to almost all tokens.
1242 (yylex): Use yytname array for keyword lookup.
1244 2012-11-16 Werner Koch <wk@gnupg.org>
1246 Improve parsing of the GIT revision number.
1247 + commit 7b9662f2bf28feb575c4b2b181d88ca61ad43d53
1248 * configure.ac (mmm4_revision): Use git rev-parse.
1250 Fix non-portable use of chmod in autogen.sh.
1251 + commit c18bf9d08d95a73192e12580ce5eae3454c07c0d
1252 * autogen.sh: Remove option -c from chmod.
1254 2012-09-27 Werner Koch <wk@gnupg.org>
1257 + commit ea8487406ecafbcf190008b6c8a5c8e7c63ed6b8
1258 * configure.ac: Set LT version to C19/A11/R1.
1260 2012-09-26 Werner Koch <wk@gnupg.org>
1262 Update build helper scripts.
1263 + commit 1533a9662128fca669eeb661308939cdc8e5d74b
1264 * config.guess, config.sub: Update to version 2012-07-31.
1265 * ltmain.sh: Update to version 2.4.2.
1266 * install-sh, m4/libtool.m4, m4/ltoptions.m4, m4/ltversion.m4
1267 * m4/lt~obsolete.m4: Update to autoconf 2.69 versions.
1269 Adjust for stricter autoconf requirements.
1270 + commit 3e71347052593f4ba3312eb31e932765be1c93ec
1271 * configure.ac: Fix usage of AC_LANG_PROGRAM.
1273 Do not distribute a copy of gitlog-to-changelog.
1274 + commit 5d60c0f340584b280762864fc1cb65013c55503d
1275 * Makefile.am (AUTOMAKE_OPTIONS): Do not create a tar.gz.
1276 (gen-ChangeLog): Require an installed gitlog-to-changelog.
1277 * build-aux/gitlog-to-changelog: Remove.
1279 Allow building with w64-mingw32.
1280 + commit 3776ae8f4ea642ad6ac0af726e90492e6f82eb5f
1281 * autogen.sh <--build-w32>: Support the w64-mingw32 toolchain. Also
1282 prepare for 64 bit building.
1284 Switch to the new automagic beta numbering scheme.
1285 + commit 120d58757d43d10278d4f5ec4126bc18d2ccd28a
1286 * configure.ac: Add all the required m4 magic.
1288 Change library license to LGPLv3+/GPLv2+.
1289 + commit d4333eefc945750613ac9483a41793b5971e3cfe
1290 * COPYING.GPLv2, COPYING.GPLv3, COPYING.LGPLv3: New.
1291 * COPYING: Replace text by a reference to the new files.
1292 * AUTHORS: Update copyright, license, and maintainer information.
1293 * Makefile.am (EXTRA_DIST): Distribute the new files.
1295 Remove unused or useless files.
1296 + commit 9abb7c027e9501012f96393c80607c4ad6a8a38f
1297 * src/asn1-parse.h: Remove empty file.
1298 * src/asn1-parse.y: Do not include asn1-parse.h.
1300 2011-12-06 Werner Koch <wk@gnupg.org>
1302 Allow to set subject and issuer.
1303 + commit aa6cbc8332e59ad94b104b51ea59784f17e522f6
1304 * src/certreq.c (ksba_certreq_set_issuer): Do not check the subject.
1306 2011-12-01 Werner Koch <wk@gnupg.org>
1308 Post release updates.
1309 + commit 3f957f48388756732b5795b77b65d5ab7c0c8298
1312 Generate the ChangeLog from commit logs.
1313 + commit 1120a33155aa3246b6aeed2dcd6a1315969c632d
1314 * build-aux/gitlog-to-changelog: New script. Taken from gnulib.
1315 * build-aux/git-log-fix: New file.
1316 * build-aux/git-log-footer: New file.
1317 * doc/HACKING: New file.
1318 * ChangeLog: New file.
1319 * Makefile.am (EXTRA_DIST): Add new files.
1320 (gen-ChangeLog): New.
1321 (dist-hook): Run gen-ChangeLog.
1322 * autogen.sh: Install commit-msg hook for git.
1324 Rename all ChangeLog files to ChangeLog-2011.
1326 2011-12-01 Werner Koch <wk@gnupg.org>
1328 NB: Changes done before December 1st, 2011 are described in
1329 per directory files named ChangeLog-2011. See doc/HACKING for
1333 Copyright (C) 2011 g10 Code GmbH
1335 Copying and distribution of this file and/or the original GIT
1336 commit log messages, with or without modification, are
1337 permitted provided the copyright notice and this notice are