feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

1. Reject DSA certificates instead of ignoring them.

Browse Source 
2. Resolved potential crash when trying to calculate a Subject Key
   ID when the public key is missing from a certificate.
This commit is contained in:
John Safranek
2013-10-16 10:16:04 -07:00
parent dba488ba70
commit 8295d8bb4a
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ctaocrypt/src/asn.c
View File

@@ -1244,6 +1244,7 @@ int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
{ {
cert->publicKey = 0; cert->publicKey = 0;
cert->pubKeySize = 0;
cert->pubKeyStored = 0; cert->pubKeyStored = 0;
cert->signature = 0; cert->signature = 0;
cert->subjectCN = 0; cert->subjectCN = 0;
@@ -1419,9 +1420,6 @@ static int GetKey(DecodedCert* cert)
return ASN_PARSE_E; return ASN_PARSE_E;
switch (cert->keyOID) { switch (cert->keyOID) {
case DSAk:
/* do nothing */
break;
#ifndef NO_RSA #ifndef NO_RSA
case RSAk: case RSAk:
{ {
@@ -2992,7 +2990,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
return ASN_SIG_OID_E; return ASN_SIG_OID_E;
#ifndef NO_SKID #ifndef NO_SKID
if (cert->extSubjKeyIdSet == 0) { if (cert->extSubjKeyIdSet == 0
&& cert->publicKey != NULL && cert->pubKeySize > 0) {
Sha sha; Sha sha;
InitSha(&sha); InitSha(&sha);
ShaUpdate(&sha, cert->publicKey, cert->pubKeySize); ShaUpdate(&sha, cert->publicKey, cert->pubKeySize);