- Introduced POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION flag to continue parsing when encountering a critical flag that's not supported by PolarSSL
- Minor Fix in ASN.1 comments of PrivateKeyInfo
This commit is contained in:
parent
09b1ec68c8
commit
5c721f98fd
@ -180,6 +180,17 @@
|
||||
* Enable the checkup functions (*_self_test).
|
||||
*/
|
||||
#define POLARSSL_SELF_TEST
|
||||
|
||||
/**
|
||||
* \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
|
||||
*
|
||||
* If set, the X509 parser will not break-off when parsing an X509 certificate
|
||||
* and encountering an unknown critical extension.
|
||||
*
|
||||
* Uncomment to prevent an error.
|
||||
*
|
||||
#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
|
||||
*/
|
||||
/* \} name */
|
||||
|
||||
/**
|
||||
|
@ -1013,12 +1013,14 @@ static int x509_get_crt_ext( unsigned char **p,
|
||||
/* No parser found, skip extension */
|
||||
*p = end_ext_octet;
|
||||
|
||||
#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
|
||||
if( is_critical )
|
||||
{
|
||||
/* Data is marked as critical: fail */
|
||||
return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
|
||||
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
@ -1916,6 +1918,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
|
||||
* PrivatKeyInfo object (PKCS#8) or a RSAPrivateKey (PKCS#1) directly.
|
||||
*
|
||||
* PrivateKeyInfo ::= SEQUENCE {
|
||||
* version Version,
|
||||
* algorithm AlgorithmIdentifier,
|
||||
* PrivateKey BIT STRING
|
||||
* }
|
||||
|
Loading…
Reference in New Issue
Block a user