commit cebdf17159b5f2f63338a27faaff06e4df94396f
author Paul Bakker <p.j.bakker@polarssl.org> Fri Nov 11 15:01:31 2011 +0000
committer Paul Bakker <p.j.bakker@polarssl.org> Fri Nov 11 15:01:31 2011 +0000
tree 250954fd185da88e48ec9ff88a7573c0526e74ef
parent 03a30d34dc5c1b9eae5805bf6c12b38ac0bf5faa

 - Allowed X509 key usage parsing to accept 4 byte values instead of the standard 1 byte version sometimes used by Microsoft. (Closes ticket #38)

library/x509parse.c

diff --git a/library/x509parse.c b/library/x509parse.c
index 9fc8831..ceb3db2 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -749,7 +749,7 @@
     if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
         return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
 
-    if( bs.len != 1 )
+    if( bs.len > 1 )
         return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
                 POLARSSL_ERR_ASN1_INVALID_LENGTH );