ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

Fix up serialNumber in openssl PKCS#7 if it has a leading MSB set

This commit is contained in:
Martin Willi 2012-11-29 16:35:06 +01:00
parent 71dd4e7895
commit 0a344da291
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/libstrongswan/plugins/openssl/openssl_pkcs7.c
View File

@ -593,6 +593,7 @@ static bool decrypt(private_openssl_pkcs7_t *this,
X509_ALGOR *alg;
X509_NAME *name;
ASN1_INTEGER *sn;
u_char zero = 0;
int oid;
if (CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg) == 1 &&
@ -609,8 +610,12 @@ static bool decrypt(private_openssl_pkcs7_t *this,
{
continue;
}
serial = identification_create_from_encoding(
ID_KEY_ID, openssl_asn1_str2chunk(sn));
chunk = openssl_asn1_str2chunk(sn);
if (chunk.len && chunk.ptr[0] | 0x80)
{ /* if MSB is set, append a zero to make it non-negative */
chunk = chunk_cata("cc", chunk_from_thing(zero), chunk);
}
serial = identification_create_from_encoding(ID_KEY_ID, chunk);
private = find_private(issuer, serial);
issuer->destroy(issuer);
serial->destroy(serial);