Fix typo in OCSP nonce extension.
Set correct type in ASN1_STRING for INTEGER and ENUMERATED types. Make ASN1_INTEGER_get() and ASN1_ENUMERATED_get() return -1 for invalid type rather than 0 (which is often valid). -1 may also be valid but this is less likely. Load OCSP error strings in ERR_load_crypto_strings().
This commit is contained in:
parent
bf0d176e48
commit
a8312c0e24
@ -114,7 +114,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
|
||||
if (i == V_ASN1_NEG_ENUMERATED)
|
||||
neg=1;
|
||||
else if (i != V_ASN1_ENUMERATED)
|
||||
return(0);
|
||||
return -1;
|
||||
|
||||
if (a->length > sizeof(long))
|
||||
{
|
||||
@ -122,7 +122,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
|
||||
return(0xffffffffL);
|
||||
}
|
||||
if (a->data == NULL)
|
||||
return(0);
|
||||
return 0;
|
||||
|
||||
for (i=0; i<a->length; i++)
|
||||
{
|
||||
|
@ -360,7 +360,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a)
|
||||
if (i == V_ASN1_NEG_INTEGER)
|
||||
neg=1;
|
||||
else if (i != V_ASN1_INTEGER)
|
||||
return(0);
|
||||
return -1;
|
||||
|
||||
if (a->length > sizeof(long))
|
||||
{
|
||||
@ -368,7 +368,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a)
|
||||
return(0xffffffffL);
|
||||
}
|
||||
if (a->data == NULL)
|
||||
return(0);
|
||||
return 0;
|
||||
|
||||
for (i=0; i<a->length; i++)
|
||||
{
|
||||
|
@ -657,6 +657,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
|
||||
ASN1_TYPE *typ = NULL;
|
||||
int ret = 0;
|
||||
const ASN1_PRIMITIVE_FUNCS *pf;
|
||||
ASN1_INTEGER **tint;
|
||||
pf = it->funcs;
|
||||
if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
|
||||
/* If ANY type clear type and set pointer to internal value */
|
||||
@ -700,7 +701,10 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
|
||||
case V_ASN1_NEG_INTEGER:
|
||||
case V_ASN1_ENUMERATED:
|
||||
case V_ASN1_NEG_ENUMERATED:
|
||||
if(!c2i_ASN1_INTEGER((ASN1_INTEGER **)pval, &cont, len)) goto err;
|
||||
tint = (ASN1_INTEGER **)pval;
|
||||
if(!c2i_ASN1_INTEGER(tint, &cont, len)) goto err;
|
||||
/* Fixup type to match the expected form */
|
||||
(*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
|
||||
break;
|
||||
|
||||
case V_ASN1_OCTET_STRING:
|
||||
|
@ -83,6 +83,7 @@
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/dso.h>
|
||||
#include <openssl/engine.h>
|
||||
#include <openssl/ocsp.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
void ERR_load_crypto_strings(void)
|
||||
@ -122,5 +123,6 @@ void ERR_load_crypto_strings(void)
|
||||
ERR_load_RAND_strings();
|
||||
ERR_load_DSO_strings();
|
||||
ERR_load_ENGINE_strings();
|
||||
ERR_load_OCSP_strings();
|
||||
#endif
|
||||
}
|
||||
|
@ -173,7 +173,7 @@ static void *ocsp_nonce_new(void)
|
||||
static int i2d_ocsp_nonce(void *a, unsigned char **pp)
|
||||
{
|
||||
ASN1_OCTET_STRING *os = a;
|
||||
if(*pp) {
|
||||
if(pp) {
|
||||
memcpy(*pp, os->data, os->length);
|
||||
*pp += os->length;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user