wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Check CRL extension errors but don't require them

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2020-01-07 11:55:07 +01:00
parent 443b7ed0c4
commit e0ab92058b
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
wolfcrypt/src/asn.c
View File

@ -16030,14 +16030,17 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf,
idx = *inOutIdx; idx = *inOutIdx;
/* CRL Extensions are optional */
if ((idx + 1) > sz) if ((idx + 1) > sz)
return BUFFER_E; return 0;
/* CRL Extensions are optional */
if (GetASNTag(buf, &idx, &tag, sz) < 0) if (GetASNTag(buf, &idx, &tag, sz) < 0)
return ASN_PARSE_E; return 0;
/* CRL Extensions are optional */
if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
return ASN_PARSE_E; return 0;
if (GetLength(buf, &idx, &length, sz) < 0) if (GetLength(buf, &idx, &length, sz) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
@ -16130,8 +16133,8 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
if (ParseCRL_CertList(dcrl, buff, &idx, idx + len) < 0) if (ParseCRL_CertList(dcrl, buff, &idx, idx + len) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
/* CRL Extensions optional, ignoring errors */ if (ParseCRL_Extensions(dcrl, buff, &idx, idx + len) < 0)
ParseCRL_Extensions(dcrl, buff, &idx, idx + len); return ASN_PARSE_E;
idx = dcrl->sigIndex; idx = dcrl->sigIndex;