mirror of https://github.com/wolfSSL/wolfssl.git
error out with duplicate policy OID in a certificate policies extension
Jacob Barthelmeh
parent
ce6e3ce8d0
commit
faf2bacd56
|
|
@ -128,6 +128,23 @@ function run_renewcerts(){
|
|||
cat ca_tmp.pem >> server-revoked-cert.pem
|
||||
rm ca_tmp.pem
|
||||
###########################################################
|
||||
########## update and sign server-duplicate-policy.pem ####
|
||||
###########################################################
|
||||
echo "Updating server-duplicate-policy.pem"
|
||||
echo ""
|
||||
#pipe the following arguments to openssl req...
|
||||
echo -e "US\nMontana\nBozeman\nwolfSSL\ntesting duplicate policy\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-key.pem -nodes > ./test/server-duplicate-policy-req.pem
|
||||
|
||||
openssl x509 -req -in ./test/server-duplicate-policy-req.pem -extfile wolfssl.cnf -extensions policy_test -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > ./test/server-duplicate-policy.pem
|
||||
|
||||
rm ./test/server-duplicate-policy-req.pem
|
||||
|
||||
openssl x509 -in ca-cert.pem -text > ca_tmp.pem
|
||||
openssl x509 -in ./test/server-duplicate-policy.pem -text > srv_tmp.pem
|
||||
mv srv_tmp.pem ./test/server-duplicate-policy.pem
|
||||
cat ca_tmp.pem >> ./test/server-duplicate-policy.pem
|
||||
rm ca_tmp.pem
|
||||
###########################################################
|
||||
#### update and sign (1024-bit) server-cert.pem ###########
|
||||
###########################################################
|
||||
echo "Updating 1024-bit server-cert.pem"
|
||||
|
|
|
|||
|
|
@ -148,6 +148,21 @@ subjectKeyIdentifier=hash
|
|||
authorityKeyIdentifier=keyid,issuer
|
||||
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
||||
|
||||
# Test of rejecting duplicate policy extension OIDs
|
||||
[ policy_test ]
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
basicConstraints=CA:FALSE
|
||||
certificatePolicies=1.2.3.4,@policy_add
|
||||
|
||||
[ policy_add ]
|
||||
policyIdentifier=1.2.3.4
|
||||
CPS.1="www.wolfssl.com"
|
||||
userNotice.1=@policy_usr
|
||||
|
||||
[ policy_usr ]
|
||||
explicitText="Test of duplicate OIDs with different qualifiers"
|
||||
|
||||
#tsa default
|
||||
[ tsa ]
|
||||
default_tsa = tsa_config1
|
||||
|
|
|
|||
|
|
@ -0,0 +1,182 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 2 (0x2)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
Validity
|
||||
Not Before: Mar 10 20:37:22 2017 GMT
|
||||
Not After : Dec 5 20:37:22 2019 GMT
|
||||
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=testing duplicate policy, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
|
||||
01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
|
||||
f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75:
|
||||
f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab:
|
||||
64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e:
|
||||
86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25:
|
||||
4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c:
|
||||
34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6:
|
||||
8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc:
|
||||
40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8:
|
||||
dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3:
|
||||
e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9:
|
||||
64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0:
|
||||
c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77:
|
||||
ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4:
|
||||
b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22:
|
||||
a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f:
|
||||
ad:d7
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
|
||||
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
serial:9C:86:DC:5C:A7:73:35:83
|
||||
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Certificate Policies:
|
||||
Policy: 1.2.3.4
|
||||
Policy: 1.2.3.4
|
||||
CPS: www.wolfssl.com
|
||||
User Notice:
|
||||
Explicit Text: Test of duplicate OIDs with different qualifiers
|
||||
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
82:59:1f:4c:a7:19:9f:e7:ab:cc:51:21:da:ef:4f:73:75:22:
|
||||
6c:db:55:83:c4:35:c7:40:69:49:46:45:56:78:06:03:76:d8:
|
||||
3b:6c:75:aa:2c:a5:c0:61:e8:5c:c0:2b:ed:66:a9:66:c0:b3:
|
||||
37:83:23:c5:2c:b2:45:59:61:84:be:dd:44:72:00:7a:6b:f9:
|
||||
50:89:31:66:a7:84:46:74:0f:bb:5b:05:0d:1f:2d:4d:b4:dc:
|
||||
69:2c:e2:a0:fd:5e:93:14:c7:ce:a2:6e:50:61:8f:73:94:a0:
|
||||
7a:65:e5:9d:76:f0:1b:1c:da:da:72:3e:f9:8c:4d:c0:4a:cb:
|
||||
24:e8:40:51:a1:37:9c:e7:87:1a:0e:cd:a6:7f:54:39:65:5f:
|
||||
63:64:04:60:5e:cc:1d:a6:71:78:1f:44:32:32:f9:27:0d:23:
|
||||
75:95:01:0b:0d:f3:90:ec:e2:7e:df:0f:43:96:e4:32:c3:b4:
|
||||
e2:df:87:12:97:a1:1e:f1:c8:73:fe:5e:ea:55:5c:f7:4b:88:
|
||||
2e:31:6c:52:ff:b3:05:85:f7:fe:e7:ac:f6:74:a8:4f:8e:96:
|
||||
88:5f:73:5a:f1:77:9d:b9:16:a3:53:e2:4a:5b:e2:5e:2b:88:
|
||||
1c:a8:b8:ee:e2:ee:72:cb:b2:51:ab:c2:90:5f:15:df:1c:ff:
|
||||
fd:0d:95:20
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFJjCCBA6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
|
||||
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
|
||||
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
|
||||
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTcwMzEw
|
||||
MjAzNzIyWhcNMTkxMjA1MjAzNzIyWjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
|
||||
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxITAf
|
||||
BgNVBAsMGHRlc3RpbmcgZHVwbGljYXRlIHBvbGljeTEYMBYGA1UEAwwPd3d3Lndv
|
||||
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
|
||||
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8
|
||||
JDC4lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh
|
||||
5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4
|
||||
c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPh
|
||||
bV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KX
|
||||
c+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQAB
|
||||
o4IBcjCCAW4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSME
|
||||
gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
|
||||
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
|
||||
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
|
||||
c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAJyG3Fyn
|
||||
czWDMAkGA1UdEwQCMAAwdgYDVR0gBG8wbTAFBgMqAwQwZAYDKgMEMF0wGwYIKwYB
|
||||
BQUHAgEWD3d3dy53b2xmc3NsLmNvbTA+BggrBgEFBQcCAjAyGjBUZXN0IG9mIGR1
|
||||
cGxpY2F0ZSBPSURzIHdpdGggZGlmZmVyZW50IHF1YWxpZmllcnMwDQYJKoZIhvcN
|
||||
AQELBQADggEBAIJZH0ynGZ/nq8xRIdrvT3N1ImzbVYPENcdAaUlGRVZ4BgN22Dts
|
||||
daospcBh6FzAK+1mqWbAszeDI8UsskVZYYS+3URyAHpr+VCJMWanhEZ0D7tbBQ0f
|
||||
LU203Gks4qD9XpMUx86iblBhj3OUoHpl5Z128Bsc2tpyPvmMTcBKyyToQFGhN5zn
|
||||
hxoOzaZ/VDllX2NkBGBezB2mcXgfRDIy+ScNI3WVAQsN85Ds4n7fD0OW5DLDtOLf
|
||||
hxKXoR7xyHP+XupVXPdLiC4xbFL/swWF9/7nrPZ0qE+Olohfc1rxd525FqNT4kpb
|
||||
4l4riByouO7i7nLLslGrwpBfFd8c//0NlSA=
|
||||
-----END CERTIFICATE-----
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 11278944607300433283 (0x9c86dc5ca7733583)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
Validity
|
||||
Not Before: Mar 10 20:37:22 2017 GMT
|
||||
Not After : Dec 5 20:37:22 2019 GMT
|
||||
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
|
||||
f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
|
||||
de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
|
||||
21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
|
||||
32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
|
||||
8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
|
||||
a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
|
||||
a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
|
||||
82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
|
||||
3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
|
||||
76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
|
||||
73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
|
||||
de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
|
||||
cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
|
||||
b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
|
||||
13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
|
||||
ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
|
||||
36:79
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
|
||||
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
serial:9C:86:DC:5C:A7:73:35:83
|
||||
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
10:6b:75:29:65:17:7e:78:ae:85:2e:b7:a4:50:98:69:74:f9:
|
||||
50:a1:8e:2c:9f:b0:43:66:a1:e0:42:32:38:15:5f:2e:cc:cc:
|
||||
c4:b9:7c:b5:c2:bc:59:24:49:17:ad:1c:e4:6e:dc:70:e3:93:
|
||||
fc:69:dd:04:7b:41:dd:08:f0:13:ee:2a:cb:6f:cf:af:d4:96:
|
||||
3c:44:50:29:45:60:89:cd:ec:5f:c1:bb:b0:03:61:74:b3:29:
|
||||
ad:df:e9:7c:d9:f2:18:22:45:e7:3d:d4:72:37:2c:b4:18:7d:
|
||||
34:ca:55:00:0d:89:d0:f7:3e:81:4d:da:02:4c:2b:a6:61:4b:
|
||||
bf:b1:ec:73:11:6a:53:a3:0a:0f:20:04:5d:17:67:b1:a6:a2:
|
||||
37:a8:f5:ea:78:6d:00:8b:64:16:62:0a:6f:44:94:15:9e:4d:
|
||||
15:0c:33:f0:ba:9d:e2:be:69:6f:12:9f:69:95:39:ba:97:9e:
|
||||
c3:af:22:ad:f2:f2:3b:67:81:1a:99:d2:02:89:86:6d:8f:92:
|
||||
98:32:dd:c1:fa:2e:38:03:2e:fc:02:a5:e7:b8:dc:94:3b:88:
|
||||
15:4a:09:80:98:61:b4:5e:07:b5:87:57:f4:a0:91:5c:7e:89:
|
||||
f5:89:16:f2:7a:15:52:1b:55:26:7c:59:d2:d0:23:e3:0e:12:
|
||||
b1:99:f9:6b
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEqjCCA5KgAwIBAgIJAJyG3FynczWDMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
|
||||
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
|
||||
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
|
||||
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
|
||||
Fw0xNzAzMTAyMDM3MjJaFw0xOTEyMDUyMDM3MjJaMIGUMQswCQYDVQQGEwJVUzEQ
|
||||
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
|
||||
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
|
||||
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
|
||||
hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
|
||||
mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
|
||||
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
|
||||
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
|
||||
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
|
||||
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
|
||||
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
|
||||
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
|
||||
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
|
||||
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
|
||||
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAnIbcXKdzNYMwDAYD
|
||||
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAEGt1KWUXfniuhS63pFCYaXT5
|
||||
UKGOLJ+wQ2ah4EIyOBVfLszMxLl8tcK8WSRJF60c5G7ccOOT/GndBHtB3QjwE+4q
|
||||
y2/Pr9SWPERQKUVgic3sX8G7sANhdLMprd/pfNnyGCJF5z3UcjcstBh9NMpVAA2J
|
||||
0Pc+gU3aAkwrpmFLv7HscxFqU6MKDyAEXRdnsaaiN6j16nhtAItkFmIKb0SUFZ5N
|
||||
FQwz8Lqd4r5pbxKfaZU5upeew68irfLyO2eBGpnSAomGbY+SmDLdwfouOAMu/AKl
|
||||
57jclDuIFUoJgJhhtF4HtYdX9KCRXH6J9YkW8noVUhtVJnxZ0tAj4w4SsZn5aw==
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -5105,6 +5105,9 @@ static int DecodePolicyOID(char *out, word32 outSz, byte *in, word32 inSz)
|
|||
{
|
||||
word32 idx = 0;
|
||||
int total_length = 0, policy_length = 0, length = 0;
|
||||
#if defined(WOLFSSL_CERT_EXT) && !defined(WOLFSSL_DUP_CERTPOL)
|
||||
int i;
|
||||
#endif
|
||||
|
||||
WOLFSSL_ENTER("DecodeCertPolicy");
|
||||
|
||||
|
|
@ -5162,6 +5165,22 @@ static int DecodePolicyOID(char *out, word32 outSz, byte *in, word32 inSz)
|
|||
WOLFSSL_MSG("\tCouldn't decode CertPolicy");
|
||||
return ASN_PARSE_E;
|
||||
}
|
||||
#ifndef WOLFSSL_DUP_CERTPOL
|
||||
/* From RFC 5280 section 4.2.1.3 "A certificate policy OID MUST
|
||||
* NOT appear more than once in a certificate policies
|
||||
* extension". This is a sanity check for duplicates.
|
||||
* extCertPolicies should only have OID values, additional
|
||||
* qualifiers need to be stored in a seperate array. */
|
||||
for (i = 0; i < cert->extCertPoliciesNb; i++) {
|
||||
if (XMEMCMP(cert->extCertPolicies[i],
|
||||
cert->extCertPolicies[cert->extCertPoliciesNb],
|
||||
MAX_CERTPOL_SZ) == 0) {
|
||||
WOLFSSL_MSG("Duplicate policy OIDs not allowed");
|
||||
WOLFSSL_MSG("Use WOLFSSL_DUP_CERTPOL if wanted");
|
||||
return CERTPOLICIES_E;
|
||||
}
|
||||
}
|
||||
#endif /* !defined(WOLFSSL_DUP_CERTPOL) */
|
||||
cert->extCertPoliciesNb++;
|
||||
#else
|
||||
WOLFSSL_LEAVE("DecodeCertPolicy : unsupported mode", 0);
|
||||
|
|
|
|||
Loading…
Reference in New Issue