The encoding of negative ASN1 INTEGERs and the conversion of BNs to negative integers was completely broken. Also added a NEG_PUBKEY_BUG compilation option to compensate for public keys improperly encoded as negative integers.

commit: 1ad2ecb66f24dc4d03e137b9f73224dc376ab5f4 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Fri May 14 18:21:21 1999 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Fri May 14 18:21:21 1999 +0000
tree: 148aaf10ddaacff24f37a92a004c2e763d5ef9a2
parent: 2a82c7cf252387b67d79383d518fad4a10bb253e [diff] [blame]
diff --git a/CHANGES b/CHANGES
index 1bd0fc2..b72f682 100644
--- a/CHANGES
+++ b/CHANGES

@@ -10,6 +10,12 @@
                                    [23-Dec-1998] down below; but in later
                                    versions, these hyphens are gone.]
 
+  *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
+     to and from BNs: it was completely broken. New compilation option
+     NEG_PUBKEY_BUG to allow for some broken certificates that encode public
+     key elements as negative integers.
+     [Steve Henson]
+
   *) Reorganize and speed up MD5.
      [Andy Polyakov <appro@fy.chalmers.se>]
commit	1ad2ecb66f24dc4d03e137b9f73224dc376ab5f4	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Fri May 14 18:21:21 1999 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Fri May 14 18:21:21 1999 +0000
tree	148aaf10ddaacff24f37a92a004c2e763d5ef9a2
parent	2a82c7cf252387b67d79383d518fad4a10bb253e [diff] [blame]