#define X509_OBJ_NOT_AFTER 9
#define X509_OBJ_SUBJECT 10
#define X509_OBJ_SUBJECT_PUBLIC_KEY_INFO 11
+#define X509_OBJ_OPTIONAL_EXTENSIONS 16
#define X509_OBJ_EXTN_ID 19
#define X509_OBJ_CRITICAL 20
#define X509_OBJ_EXTN_VALUE 21
break;
case X509_OBJ_VERSION:
this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
- DBG2(" v%d", this->version);
+ if (this->version < 1 || this->version > 3)
+ {
+ DBG1("X.509v%d not supported", this->version);
+ goto end;
+ }
+ else
+ {
+ DBG2(" X.509v%d", this->version);
+ }
break;
case X509_OBJ_SERIAL_NUMBER:
this->serialNumber = object;
goto end;
}
break;
+ case X509_OBJ_OPTIONAL_EXTENSIONS:
+ if (this->version != 3)
+ {
+ DBG1("Only X.509v3 certificates have extensions");
+ goto end;
+ }
+ break;
case X509_OBJ_EXTN_ID:
extn_oid = asn1_known_oid(object);
break;
this->encoding = chunk_empty;
this->encoding_hash = chunk_empty;
this->tbsCertificate = chunk_empty;
- this->version = 3;
+ this->version = 1;
this->serialNumber = chunk_empty;
this->notBefore = 0;
this->notAfter = 0;
projects / thirdparty / strongswan.git / commitdiff
