aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2010-09-23 14:03:08 +0200
committerIngela Anderton Andin <[email protected]>2010-09-23 14:03:08 +0200
commit9c6809e4450e2323f2e4685b69ca4fa4bc8d579b (patch)
treee1e618b271717dae431e76b79b8a440b11007851 /lib/public_key
parentdc7d2319691fa599717c066460cce53ce97b6b18 (diff)
downloadotp-9c6809e4450e2323f2e4685b69ca4fa4bc8d579b.tar.gz
otp-9c6809e4450e2323f2e4685b69ca4fa4bc8d579b.tar.bz2
otp-9c6809e4450e2323f2e4685b69ca4fa4bc8d579b.zip
Better handling of v1 and v2 certificates.
V1 and v2 certificates does not have any extensions so then validate_extensions should just accept that there are none and not end up in missing_basic_constraints clause.
Diffstat (limited to 'lib/public_key')
-rw-r--r--lib/public_key/src/pubkey_cert.erl13
1 files changed, 9 insertions, 4 deletions
diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index 2335a4e4b4..ac59b6313d 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -223,10 +223,15 @@ validate_revoked_status(_OtpCert, UserState, _VerifyFun) ->
%%--------------------------------------------------------------------
validate_extensions(OtpCert, ValidationState, UserState, VerifyFun) ->
TBSCert = OtpCert#'OTPCertificate'.tbsCertificate,
- Extensions = TBSCert#'OTPTBSCertificate'.extensions,
- validate_extensions(OtpCert, Extensions, ValidationState, no_basic_constraint,
- is_self_signed(OtpCert), UserState, VerifyFun).
-
+ case TBSCert#'OTPTBSCertificate'.version of
+ N when N >= 3 ->
+ Extensions = TBSCert#'OTPTBSCertificate'.extensions,
+ validate_extensions(OtpCert, Extensions,
+ ValidationState, no_basic_constraint,
+ is_self_signed(OtpCert), UserState, VerifyFun);
+ _ -> %% Extensions not present in versions 1 & 2
+ {ValidationState, UserState}
+ end.
%%--------------------------------------------------------------------
-spec normalize_general_name({rdnSequence, term()}) -> {rdnSequence, term()}.
%%