mirror of https://github.com/wolfSSL/wolfssl.git
fixed ASN.1 decoding bug in the basic ca constraint certificate extension
parent
28fb9fb0f7
commit
c2292c31b0
|
@ -2078,6 +2078,10 @@ static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert)
|
|||
CYASSL_ENTER("DecodeBasicCaConstraint");
|
||||
if (GetSequence(input, &idx, &length, sz) < 0) return;
|
||||
|
||||
if (length == 0) return;
|
||||
/* If the basic ca constraint is false, this extension may be named, but
|
||||
* left empty. So, if the length is 0, just return. */
|
||||
|
||||
if (input[idx++] != ASN_BOOLEAN)
|
||||
{
|
||||
CYASSL_MSG("\tfail: constraint not BOOLEAN");
|
||||
|
|
Loading…
Reference in New Issue