ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

x509: Properly wrap keyid in authorityKeyIdentifier in attribute certificates 

The correct encoding got lost in bdec2e4f52 ("refactored openac and
its attribute certificate factory").

Fixes #1370.
This commit is contained in:
Tobias Brunner 2016-03-31 12:14:47 +02:00
parent 3427e43f4b
commit 9aaea4dbfe
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/libstrongswan/plugins/x509/x509_ac.c
View File

@ -706,6 +706,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this)
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyIdentifier))
{
this->authKeyIdentifier = chunk_clone(keyIdentifier);
keyIdentifier = asn1_simple_object(ASN1_CONTEXT_S_0, keyIdentifier);
}
public->destroy(public);
}
@ -716,7 +717,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this)
return asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
asn1_wrap(ASN1_OCTET_STRING, "m",
asn1_wrap(ASN1_SEQUENCE, "cmm",
asn1_wrap(ASN1_SEQUENCE, "mmm",
keyIdentifier,
authorityCertIssuer,
authorityCertSerialNumber