[openssl/openssl] fed15f: ASN1: Reject negative BIGNUM components

0 views
Skip to first unread message

Daniel Kubec

unread,
Dec 12, 2025, 9:03:35 AM (4 days ago) Dec 12
to openssl...@openssl.org
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: fed15f076fb22676208f70ec21b788589defd071
https://github.com/openssl/openssl/commit/fed15f076fb22676208f70ec21b788589defd071
Author: Daniel Kubec <ku...@openssl.org>
Date: 2025-12-12 (Fri, 12 Dec 2025)

Changed paths:
M crypto/asn1/x_bignum.c
M test/crltest.c
M test/testutil.h
M test/testutil/load.c
M test/x509_internal_test.c

Log Message:
-----------
ASN1: Reject negative BIGNUM components

In the ASN.1 structures we define the BIGNUM as positive and enforce
this during parsing. If the encoded value is negative, we raise an error
and reject the material.

Fixes #29210
Fixes #27407

Reviewed-by: Richard Levitte <lev...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29370)



To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages