Allow arbitrary ciphers and hashes with PKCS #5 v2.0. The only

requirement is that OIDS for "<cipher>/CBC" and "HMAC(<hash>)" are
defined. This does assume the normal parameter set of just the IV, so
doesn't work right for (IIRC) RC5, but we don't have an OID set for
RC5/CBC anyway. Continue to default to SHA-1 plus AES-256 as prior
versions of the library can't handle any hashes other than SHA-1 or
any ciphers other than AES or DES. OpenSSL 1.0.0j seems to understand
SHA-256 + AES-256, though.

BER_Decoder::decode_optional was assuming optional values were
explicitly tagged. Now, only take that behavior if the input class tag
was for a context specific tagging.

Remove abort call for debugging from BER_Decoder

Add a new version of DER_Encoder::encode_if for single objects.

1 files changed, 0 insertions, 3 deletions

diff --git a/src/asn1/ber_dec.cpp b/src/asn1/ber_dec.cpp
index 497f2615f..25c412600 100644
--- a/src/asn1/ber_dec.cpp
+++ b/src/asn1/ber_dec.cpp
@@ -221,10 +221,7 @@ BER_Object BER_Decoder::get_next_object()
    size_t length = decode_length(source);
    next.value.resize(length);
    if(source->read(&next.value[0], length) != length)
-      {
-      abort();
       throw BER_Decoding_Error("Value truncated");
-      }
 
    if(next.type_tag == EOC && next.class_tag == UNIVERSAL)
       return get_next_object();