update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing

2013-06-17 14:48:51 -07:00
parent d02af46256
commit 85d25798a5
9 changed files with 131 additions and 123 deletions
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@@ -5302,7 +5302,9 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
    if (GetCRL_Signature(buff, &idx, dcrl, sz) < 0)
        return ASN_PARSE_E;

-    #ifndef NO_SKID
+    /* openssl doesn't add skid by default for CRLs cause firefox chokes
+       we're not assuming it's available yet */
+    #if !defined(NO_SKID) && defined(CRL_SKID_READY)
        if (dcrl->extAuthKeyIdSet)
            ca = GetCA(cm, dcrl->extAuthKeyId);
        if (ca == NULL)