feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

fixed ASN.1 decoding bug in the basic ca constraint certificate extension

Browse Source
This commit is contained in:
John Safranek
2012-05-25 16:32:10 -07:00
parent 28fb9fb0f7
commit c2292c31b0
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ctaocrypt/src/asn.c
View File

@ -2078,6 +2078,10 @@ static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert)
CYASSL_ENTER("DecodeBasicCaConstraint"); CYASSL_ENTER("DecodeBasicCaConstraint");
if (GetSequence(input, &idx, &length, sz) < 0) return; if (GetSequence(input, &idx, &length, sz) < 0) return;
if (length == 0) return;
/* If the basic ca constraint is false, this extension may be named, but
* left empty. So, if the length is 0, just return. */
if (input[idx++] != ASN_BOOLEAN) if (input[idx++] != ASN_BOOLEAN)
{ {
CYASSL_MSG("\tfail: constraint not BOOLEAN"); CYASSL_MSG("\tfail: constraint not BOOLEAN");