wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Give error code resolution to wolfSSL_CertManagerCheckOCSPResponse

Browse Source
This commit is contained in:
Takashi Kojo
2019-08-20 07:22:54 +09:00
parent 7d4023f6a1
commit fd0390430d
3 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ocsp.c
View File

@ -299,7 +299,8 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
InitOcspResponse(ocspResponse, newStatus, response, responseSz);
ret = OcspResponseDecode(ocspResponse, ocsp->cm, ocsp->cm->heap, 0);
if (ret != 0) {
WOLFSSL_MSG("OcspResponseDecode failed");
ocsp->error = ret;
WOLFSSL_LEAVE("OcspResponseDecode failed", ocsp->error);
goto end;
}
@ -434,6 +435,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL);
return ret;
}
WOLFSSL_LEAVE("CheckOcspRequest", ocsp->error);
return OCSP_LOOKUP_FAIL;
}
#endif

9
wolfcrypt/src/asn.c
View File

@ -14479,6 +14479,7 @@ static int DecodeResponseData(byte* source,
int length;
int version;
word32 responderId = 0;
int ret;
WOLFSSL_ENTER("DecodeResponseData");
@ -14516,8 +14517,8 @@ static int DecodeResponseData(byte* source,
&resp->producedDateFormat, size) < 0)
return ASN_PARSE_E;
if (DecodeSingleResponse(source, &idx, resp, size) < 0)
return ASN_PARSE_E;
if ((ret = DecodeSingleResponse(source, &idx, resp, size)) < 0)
return ret; /* ASN_PARSE_E, ASN_BEFORE_DATE_E, ASN_AFTER_DATE_E */
/*
* Check the length of the ResponseData against the current index to
@ -14582,8 +14583,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
return ASN_INPUT_E;
end_index = idx + length;
if (DecodeResponseData(source, &idx, resp, size) < 0)
return ASN_PARSE_E;
if ((ret = DecodeResponseData(source, &idx, resp, size)) < 0)
return ret; /* ASN_PARSE_E, ASN_BEFORE_DATE_E, ASN_AFTER_DATE_E */
/* Get the signature algorithm */
if (GetAlgoId(source, &idx, &resp->sigOID, oidSigType, size) < 0)

1
wolfssl/internal.h
View File

@ -1857,6 +1857,7 @@ struct WOLFSSL_OCSP {
WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */
OcspEntry* ocspList; /* OCSP response list */
wolfSSL_Mutex ocspLock; /* OCSP list lock */
int error;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
int(*statusCb)(WOLFSSL*, void*);