зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1154399 - Part 4: Simplify certificate parsing in OCSP responses. r=keeler
--HG-- extra : rebase_source : caf903d29b0adc22fcc7e87e4fa0019cfa48007e
This commit is contained in:
Родитель
f124561818
Коммит
95bd8011e6
|
@ -407,40 +407,26 @@ BasicResponse(Reader& input, Context& context)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Parse certificates, if any
|
// Parse certificates, if any
|
||||||
|
|
||||||
NonOwningDERArray certs;
|
NonOwningDERArray certs;
|
||||||
if (!input.AtEnd()) {
|
if (!input.AtEnd()) {
|
||||||
// We ignore the lengths of the wrappers because we'll detect bad lengths
|
rv = der::Nested(input, der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0,
|
||||||
// during parsing--too short and we'll run out of input for parsing a cert,
|
der::SEQUENCE, [&certs](Reader& certsDER) -> Result {
|
||||||
// and too long and we'll have leftover data that won't parse as a cert.
|
while (!certsDER.AtEnd()) {
|
||||||
|
Input cert;
|
||||||
// [0] wrapper
|
Result rv = der::ExpectTagAndGetTLV(certsDER, der::SEQUENCE, cert);
|
||||||
Reader wrapped;
|
if (rv != Success) {
|
||||||
rv = der::ExpectTagAndGetValueAtEnd(
|
return rv;
|
||||||
input, der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0, wrapped);
|
}
|
||||||
|
rv = certs.Append(cert);
|
||||||
|
if (rv != Success) {
|
||||||
|
return Result::ERROR_BAD_DER; // Too many certs
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return Success;
|
||||||
|
});
|
||||||
if (rv != Success) {
|
if (rv != Success) {
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
// SEQUENCE wrapper
|
|
||||||
Reader certsSequence;
|
|
||||||
rv = der::ExpectTagAndGetValueAtEnd(wrapped, der::SEQUENCE, certsSequence);
|
|
||||||
if (rv != Success) {
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
|
|
||||||
// sequence of certificates
|
|
||||||
while (!certsSequence.AtEnd()) {
|
|
||||||
Input cert;
|
|
||||||
rv = der::ExpectTagAndGetTLV(certsSequence, der::SEQUENCE, cert);
|
|
||||||
if (rv != Success) {
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
rv = certs.Append(cert);
|
|
||||||
if (rv != Success) {
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return ResponseData(tbsResponseData, context, signedData, certs);
|
return ResponseData(tbsResponseData, context, signedData, certs);
|
||||||
|
|
Загрузка…
Ссылка в новой задаче