Address reviewed items
This commit is contained in:
parent
e8c7d6f818
commit
2b66a9f1ec
@ -82,7 +82,8 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
|
||||
WOLFSSL_ENTER("InitCRL_Entry");
|
||||
|
||||
XMEMCPY(crle->issuerHash, dcrl->issuerHash, CRL_DIGEST_SIZE);
|
||||
XMEMCPY(crle->crlHash, dcrl->crlHash, CRL_DIGEST_SIZE);
|
||||
/* XMEMCPY(crle->crlHash, dcrl->crlHash, CRL_DIGEST_SIZE);
|
||||
* copy the hash here if needed for optimized comparisons */
|
||||
XMEMCPY(crle->lastDate, dcrl->lastDate, MAX_DATE_SIZE);
|
||||
XMEMCPY(crle->nextDate, dcrl->nextDate, MAX_DATE_SIZE);
|
||||
crle->lastDateFormat = dcrl->lastDateFormat;
|
||||
|
@ -4583,10 +4583,6 @@ Signer* GetCAByName(void* vp, byte* hash)
|
||||
if (XMEMCMP(hash, signers->subjectNameHash,
|
||||
SIGNER_DIGEST_SIZE) == 0) {
|
||||
ret = signers;
|
||||
} else if (cm->crl != NULL && cm->crl->crlList != NULL &&
|
||||
XMEMCMP(hash, cm->crl->crlList->crlHash,
|
||||
SIGNER_DIGEST_SIZE) == 0) {
|
||||
ret = signers;
|
||||
}
|
||||
signers = signers->next;
|
||||
}
|
||||
|
@ -15798,7 +15798,8 @@ void InitDecodedCRL(DecodedCRL* dcrl, void* heap)
|
||||
dcrl->signatureOID = 0;
|
||||
dcrl->signature = NULL;
|
||||
XMEMSET(dcrl->issuerHash, 0, SIGNER_DIGEST_SIZE);
|
||||
XMEMSET(dcrl->crlHash, 0, SIGNER_DIGEST_SIZE);
|
||||
/* XMEMSET(dcrl->crlHash, 0, SIGNER_DIGEST_SIZE);
|
||||
* initialize the hash here if needed for optimized comparisons */
|
||||
XMEMSET(dcrl->lastDate, 0, MAX_DATE_SIZE);
|
||||
XMEMSET(dcrl->nextDate, 0, MAX_DATE_SIZE);
|
||||
XMEMSET(dcrl->extAuthKeyId, 0, KEYID_SIZE);
|
||||
@ -16006,10 +16007,11 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
|
||||
WOLFSSL_MSG("ParseCRL");
|
||||
|
||||
/* raw crl hash */
|
||||
wc_Sha sha;
|
||||
wc_InitSha(&sha);
|
||||
wc_ShaUpdate(&sha, buff, sz);
|
||||
wc_ShaFinal(&sha, dcrl->crlHash);
|
||||
/* hash here if needed for optimized comparisons
|
||||
* wc_Sha sha;
|
||||
* wc_InitSha(&sha);
|
||||
* wc_ShaUpdate(&sha, buff, sz);
|
||||
* wc_ShaFinal(&sha, dcrl->crlHash); */
|
||||
|
||||
if (GetSequence(buff, &idx, &len, sz) < 0)
|
||||
return ASN_PARSE_E;
|
||||
@ -16037,8 +16039,7 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
|
||||
if experiencing issues uncomment NO_SKID define in CRL section of
|
||||
wolfssl/wolfcrypt/settings.h */
|
||||
#ifndef NO_SKID
|
||||
ca = GetCAByName(cm, dcrl->crlHash); /* most unique */
|
||||
if (ca == NULL && dcrl->extAuthKeyIdSet)
|
||||
if (dcrl->extAuthKeyIdSet)
|
||||
ca = GetCA(cm, dcrl->extAuthKeyId); /* more unique than issuerHash */
|
||||
if (ca == NULL)
|
||||
ca = GetCAByName(cm, dcrl->issuerHash); /* last resort */
|
||||
|
@ -1856,7 +1856,8 @@ typedef struct CRL_Entry CRL_Entry;
|
||||
struct CRL_Entry {
|
||||
CRL_Entry* next; /* next entry */
|
||||
byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */
|
||||
byte crlHash[CRL_DIGEST_SIZE]; /* raw crl data hash */
|
||||
/* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */
|
||||
/* restore the hash here if needed for optimized comparisons */
|
||||
byte lastDate[MAX_DATE_SIZE]; /* last date updated */
|
||||
byte nextDate[MAX_DATE_SIZE]; /* next update date */
|
||||
byte lastDateFormat; /* last date format */
|
||||
|
@ -1619,8 +1619,8 @@ extern void uITRON4_free(void *p) ;
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CRL
|
||||
/* not widely supported yet */
|
||||
#undef NO_SKID
|
||||
/* may not be widely supported */
|
||||
/* #undef NO_SKID */
|
||||
/* #define NO_SKID */
|
||||
#endif
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user