wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Give error code resolution to wolfSSL_CertManagerCheckOCSPResponse

Browse Source
This commit is contained in:
Takashi Kojo
2019-08-20 07:22:54 +09:00
parent 7d4023f6a1
commit fd0390430d
3 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ocsp.c
View File

@@ -299,7 +299,8 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
InitOcspResponse(ocspResponse, newStatus, response, responseSz); InitOcspResponse(ocspResponse, newStatus, response, responseSz);
ret = OcspResponseDecode(ocspResponse, ocsp->cm, ocsp->cm->heap, 0); ret = OcspResponseDecode(ocspResponse, ocsp->cm, ocsp->cm->heap, 0);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG("OcspResponseDecode failed"); ocsp->error = ret;
WOLFSSL_LEAVE("OcspResponseDecode failed", ocsp->error);
goto end; goto end;
} }
@@ -434,6 +435,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL); XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL);
return ret; return ret;
} }
WOLFSSL_LEAVE("CheckOcspRequest", ocsp->error);
return OCSP_LOOKUP_FAIL; return OCSP_LOOKUP_FAIL;
} }
#endif #endif

9
wolfcrypt/src/asn.c
View File

@@ -14479,6 +14479,7 @@ static int DecodeResponseData(byte* source,
int length; int length;
int version; int version;
word32 responderId = 0; word32 responderId = 0;
int ret;
WOLFSSL_ENTER("DecodeResponseData"); WOLFSSL_ENTER("DecodeResponseData");
@@ -14516,8 +14517,8 @@ static int DecodeResponseData(byte* source,
&resp->producedDateFormat, size) < 0) &resp->producedDateFormat, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
if (DecodeSingleResponse(source, &idx, resp, size) < 0) if ((ret = DecodeSingleResponse(source, &idx, resp, size)) < 0)
return ASN_PARSE_E; return ret; /* ASN_PARSE_E, ASN_BEFORE_DATE_E, ASN_AFTER_DATE_E */
/* /*
* Check the length of the ResponseData against the current index to * Check the length of the ResponseData against the current index to
@@ -14582,8 +14583,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
return ASN_INPUT_E; return ASN_INPUT_E;
end_index = idx + length; end_index = idx + length;
if (DecodeResponseData(source, &idx, resp, size) < 0) if ((ret = DecodeResponseData(source, &idx, resp, size)) < 0)
return ASN_PARSE_E; return ret; /* ASN_PARSE_E, ASN_BEFORE_DATE_E, ASN_AFTER_DATE_E */
/* Get the signature algorithm */ /* Get the signature algorithm */
if (GetAlgoId(source, &idx, &resp->sigOID, oidSigType, size) < 0) if (GetAlgoId(source, &idx, &resp->sigOID, oidSigType, size) < 0)

1
wolfssl/internal.h
View File

@@ -1857,6 +1857,7 @@ struct WOLFSSL_OCSP {
WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */ WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */
OcspEntry* ocspList; /* OCSP response list */ OcspEntry* ocspList; /* OCSP response list */
wolfSSL_Mutex ocspLock; /* OCSP list lock */ wolfSSL_Mutex ocspLock; /* OCSP list lock */
int error;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
int(*statusCb)(WOLFSSL*, void*); int(*statusCb)(WOLFSSL*, void*);