diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2018-11-12 03:34:31 +0300 |
---|---|---|
committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2018-11-14 14:32:45 +0300 |
commit | 69c45d7f5f47eaae4b3abdbf0a4a37c9ece6d9fd (patch) | |
tree | e117189e2b0805612d207aa820028c7e0d7ab80c | |
parent | 3be37ad42c89f6ef50528d2c0497a94ba3700fbb (diff) | |
download | gnutls-69c45d7f5f47eaae4b3abdbf0a4a37c9ece6d9fd.tar.gz |
pkcs7: allow BER encoding when parsing encapContentInfo.eContent
CMS specification explicitly allows BER encoding in CMS files. RFC 4134
example 4.5 uses BER indefinite encoding.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
-rw-r--r-- | lib/x509/pkcs7.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c index 955cb5ae9c..37e2cc3a51 100644 --- a/lib/x509/pkcs7.c +++ b/lib/x509/pkcs7.c @@ -111,7 +111,7 @@ static int _decode_pkcs7_signed_data(gnutls_pkcs7_t pkcs7) /* Try reading as octet string according to rfc5652. If that fails, attempt * a raw read according to rfc2315 */ - result = _gnutls_x509_read_string(c2, "encapContentInfo.eContent", &pkcs7->der_signed_data, ASN1_ETYPE_OCTET_STRING, 0); + result = _gnutls_x509_read_string(c2, "encapContentInfo.eContent", &pkcs7->der_signed_data, ASN1_ETYPE_OCTET_STRING, 1); if (result < 0) { result = _gnutls_x509_read_value(c2, "encapContentInfo.eContent", &pkcs7->der_signed_data); if (result < 0) { @@ -130,7 +130,7 @@ static int _decode_pkcs7_signed_data(gnutls_pkcs7_t pkcs7) goto cleanup; } - result = asn1_get_length_der(pkcs7->der_signed_data.data+tag_len, pkcs7->der_signed_data.size-tag_len, &len_len); + result = asn1_get_length_ber(pkcs7->der_signed_data.data+tag_len, pkcs7->der_signed_data.size-tag_len, &len_len); if (result < 0) { gnutls_assert(); result = GNUTLS_E_ASN1_DER_ERROR; |