- Fixed a bug where the CRL parser expected an EXPLICIT ASN.1 tag before version numbers

This commit is contained in:
Paul Bakker 2011-10-12 09:55:01 +00:00
parent c4909d95f1
commit 3329d1f805
2 changed files with 23 additions and 1 deletions

View File

@ -18,6 +18,8 @@ Changes
Bugfix Bugfix
* Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes * Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes
ticket #37) ticket #37)
* Fixed a bug where the CRL parser expected an EXPLICIT ASN.1 tag
before version numbers
= Version 1.0.0 released on 2011-07-27 = Version 1.0.0 released on 2011-07-27
Features Features

View File

@ -306,6 +306,26 @@ static int x509_get_version( unsigned char **p,
return( 0 ); return( 0 );
} }
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
static int x509_crl_get_version( unsigned char **p,
const unsigned char *end,
int *ver )
{
int ret;
if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
{
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
return( *ver = 0 );
return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
}
return( 0 );
}
/* /*
* CertificateSerialNumber ::= INTEGER * CertificateSerialNumber ::= INTEGER
*/ */
@ -1613,7 +1633,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
* *
* signature AlgorithmIdentifier * signature AlgorithmIdentifier
*/ */
if( ( ret = x509_get_version( &p, end, &crl->version ) ) != 0 || if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
( ret = x509_get_alg( &p, end, &crl->sig_oid1 ) ) != 0 ) ( ret = x509_get_alg( &p, end, &crl->sig_oid1 ) ) != 0 )
{ {
x509_crl_free( crl ); x509_crl_free( crl );