yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-04-30 02:50:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Fill base data for x509_crl_entry in CRL correctly

Browse source 
- Internal structure of sequences is not optional anymore (as per RFC)
 - nextUpdate handles optionality correct if no revokedCertificates are present.
 - x509parse_crl_info handles the case of no entries correctly
This commit is contained in:
Paul Bakker 2009-07-27 20:21:53 +00:00
parent 345fb49cb7
commit 9be19375e5
1 changed files with 11 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
library/x509parse.c
View file

@ -701,15 +701,13 @@ static int x509_get_entries( unsigned char **p,
unsigned char *end, unsigned char *end,
x509_crl_entry *entry ) x509_crl_entry *entry )
{ {
int ret; int ret, entry_len;
x509_crl_entry *cur_entry = entry; x509_crl_entry *cur_entry = entry;
if( *p == end ) if( *p == end )
return( 0 ); return( 0 );
entry->raw.tag = **p; if( ( ret = asn1_get_tag( p, end, &entry_len,
if( ( ret = asn1_get_tag( p, end, &entry->raw.len,
ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 ) ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
{ {
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
@ -718,8 +716,7 @@ static int x509_get_entries( unsigned char **p,
return( ret ); return( ret );
} }
entry->raw.p = *p; end = *p + entry_len;
end = *p + entry->raw.len;
while( *p < end ) while( *p < end )
{ {
@ -728,12 +725,13 @@ static int x509_get_entries( unsigned char **p,
if( ( ret = asn1_get_tag( p, end, &len2, if( ( ret = asn1_get_tag( p, end, &len2,
ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 ) ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
{ {
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
return( 0 );
return( ret ); return( ret );
} }
cur_entry->raw.tag = **p;
cur_entry->raw.p = *p;
cur_entry->raw.len = len2;
if( ( ret = x509_get_serial( p, end, &cur_entry->serial ) ) != 0 ) if( ( ret = x509_get_serial( p, end, &cur_entry->serial ) ) != 0 )
return( ret ); return( ret );
@ -1324,7 +1322,9 @@ int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen )
if( ( ret = x509_get_UTCTime( &p, end, &crl->next_update ) ) != 0 ) if( ( ret = x509_get_UTCTime( &p, end, &crl->next_update ) ) != 0 )
{ {
if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE | if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE |
POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ) POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) &&
ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE |
POLARSSL_ERR_ASN1_OUT_OF_DATA ) )
{ {
x509_crl_free( crl ); x509_crl_free( crl );
return( ret ); return( ret );
@ -2024,7 +2024,7 @@ int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl )
prefix ); prefix );
SAFE_SNPRINTF(); SAFE_SNPRINTF();
while( entry != NULL ) while( entry != NULL && entry->raw.len != 0 )
{ {
ret = snprintf( p, n, "\n%sserial number: ", ret = snprintf( p, n, "\n%sserial number: ",
prefix ); prefix );