wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5256 from dgarske/cert_chain_der

Browse Source 
Fixes for loading a DER/ASN.1 certificate chain
This commit is contained in:
Sean Parkinson
2022-06-17 11:55:49 +10:00
committed by GitHub
parent 2834c22ce0 128ebf54e9
commit 4fc709d2af
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/ssl.c
View File

@@ -5622,7 +5622,8 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, const unsigned char* buff,
cnt++; cnt++;
#endif #endif
if ((idx + part->length + CERT_HEADER_SZ) > bufferSz) { if ((idx + part->length + CERT_HEADER_SZ) > bufferSz) {
WOLFSSL_MSG(" Cert Chain bigger than buffer"); WOLFSSL_MSG(" Cert Chain bigger than buffer. "
"Consider increasing MAX_CHAIN_DEPTH");
ret = BUFFER_E; ret = BUFFER_E;
} }
else { else {
@@ -5636,9 +5637,12 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, const unsigned char* buff,
} }
/* add CA's to certificate manager */ /* add CA's to certificate manager */
if (type == CA_TYPE) { if (ret == 0 && type == CA_TYPE) {
/* verify CA unless user set to no verify */ /* verify CA unless user set to no verify */
ret = AddCA(ctx->cm, &part, WOLFSSL_USER_CA, verify); ret = AddCA(ctx->cm, &part, WOLFSSL_USER_CA, verify);
if (ret == WOLFSSL_SUCCESS) {
ret = 0; /* converted success case */
}
gotOne = 0; /* don't exit loop for CA type */ gotOne = 0; /* don't exit loop for CA type */
} }
} }