wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

OCSP Date Checks

Browse Source 
When calling DecodeResponseData(), no matter the return value, if it is
not success, it is assigned to ASN_PARSE_E. This isn't the pattern for
other branch parsing. Return the value returned.

This is seen when decoding an OCSP response that is past the
next-available time.
This commit is contained in:
John Safranek
2024-02-16 12:12:27 -08:00
parent 92b8196059
commit 52f4dcd7aa
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
wolfcrypt/src/asn.c
View File

@@ -35934,13 +35934,11 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
if (ret == 0) { if (ret == 0) {
word32 dataIdx = 0; word32 dataIdx = 0;
/* Decode the response data. */ /* Decode the response data. */
if (DecodeResponseData( ret = DecodeResponseData(
GetASNItem_Addr(dataASN[OCSPBASICRESPASN_IDX_TBS_SEQ], source), GetASNItem_Addr(dataASN[OCSPBASICRESPASN_IDX_TBS_SEQ], source),
&dataIdx, resp, &dataIdx, resp,
GetASNItem_Length(dataASN[OCSPBASICRESPASN_IDX_TBS_SEQ], source) GetASNItem_Length(dataASN[OCSPBASICRESPASN_IDX_TBS_SEQ], source)
) < 0) { );
ret = ASN_PARSE_E;
}
} }
#ifdef WC_RSA_PSS #ifdef WC_RSA_PSS
if (ret == 0 && (dataASN[OCSPBASICRESPASN_IDX_SIGNATURE_PARAMS].tag != 0)) { if (ret == 0 && (dataASN[OCSPBASICRESPASN_IDX_SIGNATURE_PARAMS].tag != 0)) {