Add explicit LL suffixes to large constants to appease some compilers on
32-bit systems.

Test CBB_add_u64()

Add coverage for CBS additions.

Use correct type for tmp in test_write_bytes()

Add regress for CBB_add_space().

Add regress coverage for CBB_add_u32().

Add regress for CBB_discard_child().

Converted from BoringSSL.

Change test to use length 128 (shortest long-form encoding).

From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df

simplify length checking in do_indefinite_convert

Fixes Coverity 117506, 117507, 117508
ok doug@

Change CBS_dup() to also sync the offset.

Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.

ok miod@ jsing@

Convert bytestringtest to individual checks and don't short circuit.

The statements were chained together with OR which makes it more annoying
to debug. Also, it was short circuiting all tests as soon as one function
failed. Since the functions are independent, they should each run until
error.

Discussed with miod@ and jsing@

Add tests for CBS_offset() and CBS_write_bytes().

"no problem" miod@, tweak + ok jsing@

Be more strict about BER and DER terminology.

bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like
encoding with one violation (indefinite form) to strict DER. Rename
the functions to reflect this.

ok miod@ jsing@

Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

Add more error checking and free resources in bytestringtest.

KNF bytestring files.

I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.

miod is ok with the general process.

Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.

This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.

BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.

Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.

input + ok jsing@, miod@

Test CBB_add_u64()

Add coverage for CBS additions.

Use correct type for tmp in test_write_bytes()

Add regress for CBB_add_space().

Add regress coverage for CBB_add_u32().

Add regress for CBB_discard_child().

Converted from BoringSSL.

Change test to use length 128 (shortest long-form encoding).

From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df

simplify length checking in do_indefinite_convert

Fixes Coverity 117506, 117507, 117508
ok doug@

Change CBS_dup() to also sync the offset.

Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.

ok miod@ jsing@

Convert bytestringtest to individual checks and don't short circuit.

The statements were chained together with OR which makes it more annoying
to debug. Also, it was short circuiting all tests as soon as one function
failed. Since the functions are independent, they should each run until
error.

Discussed with miod@ and jsing@

Add tests for CBS_offset() and CBS_write_bytes().

"no problem" miod@, tweak + ok jsing@

Be more strict about BER and DER terminology.

bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like
encoding with one violation (indefinite form) to strict DER. Rename
the functions to reflect this.

ok miod@ jsing@

Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

Add more error checking and free resources in bytestringtest.

KNF bytestring files.

I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.

miod is ok with the general process.

Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.

This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.

BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.

Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.

input + ok jsing@, miod@

Add coverage for CBS additions.

Use correct type for tmp in test_write_bytes()

Add regress for CBB_add_space().

Add regress coverage for CBB_add_u32().

Add regress for CBB_discard_child().

Converted from BoringSSL.

Change test to use length 128 (shortest long-form encoding).

From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df

simplify length checking in do_indefinite_convert

Fixes Coverity 117506, 117507, 117508
ok doug@

Change CBS_dup() to also sync the offset.

Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.

ok miod@ jsing@

Convert bytestringtest to individual checks and don't short circuit.

The statements were chained together with OR which makes it more annoying
to debug. Also, it was short circuiting all tests as soon as one function
failed. Since the functions are independent, they should each run until
error.

Discussed with miod@ and jsing@

Add tests for CBS_offset() and CBS_write_bytes().

"no problem" miod@, tweak + ok jsing@

Be more strict about BER and DER terminology.

bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like
encoding with one violation (indefinite form) to strict DER. Rename
the functions to reflect this.

ok miod@ jsing@

Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

Add more error checking and free resources in bytestringtest.

KNF bytestring files.

I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.

miod is ok with the general process.

Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.

This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.

BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.

Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.

input + ok jsing@, miod@

Use correct type for tmp in test_write_bytes()

Add regress for CBB_add_space().

Add regress coverage for CBB_add_u32().

Add regress for CBB_discard_child().

Converted from BoringSSL.

Change test to use length 128 (shortest long-form encoding).

From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df

simplify length checking in do_indefinite_convert

Fixes Coverity 117506, 117507, 117508
ok doug@

Change CBS_dup() to also sync the offset.

Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.

ok miod@ jsing@

Convert bytestringtest to individual checks and don't short circuit.

The statements were chained together with OR which makes it more annoying
to debug. Also, it was short circuiting all tests as soon as one function
failed. Since the functions are independent, they should each run until
error.

Discussed with miod@ and jsing@

Add tests for CBS_offset() and CBS_write_bytes().

"no problem" miod@, tweak + ok jsing@

Be more strict about BER and DER terminology.

bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like
encoding with one violation (indefinite form) to strict DER. Rename
the functions to reflect this.

ok miod@ jsing@

Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

Add more error checking and free resources in bytestringtest.

KNF bytestring files.

I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.

miod is ok with the general process.

Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.

This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.

BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.

Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.

input + ok jsing@, miod@

Add regress for CBB_add_space().

Add regress coverage for CBB_add_u32().

Add regress for CBB_discard_child().

Converted from BoringSSL.

Change test to use length 128 (shortest long-form encoding).

From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df

simplify length checking in do_indefinite_convert

Fixes Coverity 117506, 117507, 117508
ok doug@

Change CBS_dup() to also sync the offset.

Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.

ok miod@ jsing@

Convert bytestringtest to individual checks and don't short circuit.

The statements were chained together with OR which makes it more annoying
to debug. Also, it was short circuiting all tests as soon as one function
failed. Since the functions are independent, they should each run until
error.

Discussed with miod@ and jsing@

Add tests for CBS_offset() and CBS_write_bytes().

"no problem" miod@, tweak + ok jsing@

Be more strict about BER and DER terminology.

bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like
encoding with one violation (indefinite form) to strict DER. Rename
the functions to reflect this.

ok miod@ jsing@

Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

Add more error checking and free resources in bytestringtest.

KNF bytestring files.

I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.

miod is ok with the general process.

Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.

This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.

BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.

Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.

input + ok jsing@, miod@

Add regress coverage for CBB_add_u32().

Add regress for CBB_discard_child().

Converted from BoringSSL.

Change test to use length 128 (shortest long-form encoding).

From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df

simplify length checking in do_indefinite_convert

Fixes Coverity 117506, 117507, 117508
ok doug@

Change CBS_dup() to also sync the offset.

Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.

ok miod@ jsing@

Convert bytestringtest to individual checks and don't short circuit.

The statements were chained together with OR which makes it more annoying
to debug. Also, it was short circuiting all tests as soon as one function
failed. Since the functions are independent, they should each run until
error.

Discussed with miod@ and jsing@

Add tests for CBS_offset() and CBS_write_bytes().

"no problem" miod@, tweak + ok jsing@

Be more strict about BER and DER terminology.

bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like
encoding with one violation (indefinite form) to strict DER. Rename
the functions to reflect this.

ok miod@ jsing@

Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

Add more error checking and free resources in bytestringtest.

KNF bytestring files.

I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.

miod is ok with the general process.

Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.

This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.

BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.

Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.

input + ok jsing@, miod@

Add regress for CBB_discard_child().

Converted from BoringSSL.

Change test to use length 128 (shortest long-form encoding).

From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df

simplify length checking in do_indefinite_convert

Fixes Coverity 117506, 117507, 117508
ok doug@

Change CBS_dup() to also sync the offset.

Previously, CBS_dup() had its own offset. However, it is more consistent
to copy everything.

ok miod@ jsing@

Convert bytestringtest to individual checks and don't short circuit.

The statements were chained together with OR which makes it more annoying
to debug. Also, it was short circuiting all tests as soon as one function
failed. Since the functions are independent, they should each run until
error.

Discussed with miod@ and jsing@

Add tests for CBS_offset() and CBS_write_bytes().

"no problem" miod@, tweak + ok jsing@

Be more strict about BER and DER terminology.

bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like
encoding with one violation (indefinite form) to strict DER. Rename
the functions to reflect this.

ok miod@ jsing@

Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

Add more error checking and free resources in bytestringtest.

KNF bytestring files.

I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.

miod is ok with the general process.

Import BoringSSL's crypto bytestring and crypto bytebuilder APIs.

This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.

BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.

Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.

input + ok jsing@, miod@