wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix not ignoring date errors when VERIFY_SKIP_DATE is set

Browse Source
This commit is contained in:
Kareem
2023-03-03 11:42:46 -07:00
parent 8ec339d11c
commit 2bb8eeae85
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/asn.c
View File

@@ -21266,8 +21266,11 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
cert->badDate = 0; cert->badDate = 0;
cert->criticalExt = 0; cert->criticalExt = 0;
if ((ret = DecodeToKey(cert, verify)) < 0) { if ((ret = DecodeToKey(cert, verify)) < 0) {
if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) {
cert->badDate = ret; cert->badDate = ret;
if (verify == VERIFY_SKIP_DATE)
ret = 0;
}
else else
return ret; return ret;
} }
@@ -21510,6 +21513,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
ret = DecodeCert(cert, verify, &cert->criticalExt); ret = DecodeCert(cert, verify, &cert->criticalExt);
if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) { if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) {
cert->badDate = ret; cert->badDate = ret;
if (verify == VERIFY_SKIP_DATE)
ret = 0;
} }
else if (ret < 0) { else if (ret < 0) {
WOLFSSL_ERROR_VERBOSE(ret); WOLFSSL_ERROR_VERBOSE(ret);