wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add back a removed comment and give RFC reference.

Browse Source
This commit is contained in:
Anthony Hu
2025-06-25 16:01:04 -04:00
parent 1dff76782b
commit a0cd18daea
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
wolfcrypt/src/asn.c
View File

@@ -40565,7 +40565,10 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
/* Length of extension data. */
int length = (int)dataASN[CERTEXTASN_IDX_VAL].length;
/* Check for duplicate extension */
/* Check for duplicate extension. RFC 5280 Section 4.2 states that
* a certificate must not include more than one instance of a
* particular extension. Note that the same guidance does not appear
* for CRLs but the same reasoning should apply. */
if ((oid == AUTH_KEY_OID && seenAuthKey) ||
(oid == CRL_NUMBER_OID && seenCrlNum)) {
WOLFSSL_MSG("Duplicate CRL extension found");
@@ -40628,6 +40631,7 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
FREE_MP_INT_SIZE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
}
/* TODO: check criticality */
/* Move index on to next extension. */
idx += (word32)length;
}