mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 1031022: Go back to accepting explicit encoding of v1 for certificates and OCSP responses, r=cviecco
--HG-- extra : rebase_source : f0adf63879a48db6c036cce1a3e9a7b65e44fc4e
This commit is contained in:
parent
80f9373ca4
commit
da88992387
@ -58,6 +58,11 @@ BackCert::Init(const SECItem& certDER)
|
||||
} else if (nssCert->version.len == 1 &&
|
||||
nssCert->version.data[0] == static_cast<uint8_t>(der::Version::v2)) {
|
||||
version = der::Version::v2;
|
||||
} else if (nssCert->version.len == 1 &&
|
||||
nssCert->version.data[0] == static_cast<uint8_t>(der::Version::v2)) {
|
||||
// XXX(bug 1031093): We shouldn't accept an explicit encoding of v1, but we
|
||||
// do here for compatibility reasons.
|
||||
version = der::Version::v1;
|
||||
} else if (nssCert->version.len == 0) {
|
||||
version = der::Version::v1;
|
||||
} else {
|
||||
|
@ -655,6 +655,9 @@ OptionalVersion(Input& input, /*out*/ Version& version)
|
||||
switch (integerValue) {
|
||||
case static_cast<uint8_t>(Version::v3): version = Version::v3; break;
|
||||
case static_cast<uint8_t>(Version::v2): version = Version::v2; break;
|
||||
// XXX(bug 1031093): We shouldn't accept an explicit encoding of v1, but we
|
||||
// do here for compatibility reasons.
|
||||
case static_cast<uint8_t>(Version::v1): version = Version::v1; break;
|
||||
default:
|
||||
return Fail(SEC_ERROR_BAD_DER);
|
||||
}
|
||||
|
@ -167,7 +167,7 @@ TEST_F(pkixder_pki_types_tests, CertificateSerialNumberZeroLength)
|
||||
ASSERT_EQ(SEC_ERROR_BAD_DER, PR_GetError());
|
||||
}
|
||||
|
||||
TEST_F(pkixder_pki_types_tests, OptionalVersionV1ExplicitEncodingNotAllowed)
|
||||
TEST_F(pkixder_pki_types_tests, OptionalVersionV1ExplicitEncodingAllowed)
|
||||
{
|
||||
const uint8_t DER_OPTIONAL_VERSION_V1[] = {
|
||||
0xa0, 0x03, // context specific 0
|
||||
@ -178,9 +178,14 @@ TEST_F(pkixder_pki_types_tests, OptionalVersionV1ExplicitEncodingNotAllowed)
|
||||
ASSERT_EQ(Success, input.Init(DER_OPTIONAL_VERSION_V1,
|
||||
sizeof DER_OPTIONAL_VERSION_V1));
|
||||
|
||||
Version version;
|
||||
ASSERT_EQ(Failure, OptionalVersion(input, version));
|
||||
ASSERT_EQ(SEC_ERROR_BAD_DER, PR_GetError());
|
||||
// XXX(bug 1031093): We shouldn't accept an explicit encoding of v1, but we
|
||||
// do here for compatibility reasons.
|
||||
// Version version;
|
||||
// ASSERT_EQ(Failure, OptionalVersion(input, version));
|
||||
// ASSERT_EQ(SEC_ERROR_BAD_DER, PR_GetError());
|
||||
Version version = Version::v3;
|
||||
ASSERT_EQ(Success, OptionalVersion(input, version));
|
||||
ASSERT_EQ(Version::v1, version);
|
||||
}
|
||||
|
||||
TEST_F(pkixder_pki_types_tests, OptionalVersionV2)
|
||||
|
Loading…
Reference in New Issue
Block a user