Fix CSR parsing header call

Change the secondary X509 CSR parsing call for the alternative MS header to only
occur if the first call fails due to the header being unfound, instead of any
call.
This commit is contained in:
Simon Butcher 2018-10-07 17:48:37 +01:00
parent 5199227d87
commit e1660af2e2

View file

@ -282,13 +282,14 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
"-----BEGIN CERTIFICATE REQUEST-----", "-----BEGIN CERTIFICATE REQUEST-----",
"-----END CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----",
buf, NULL, 0, &use_len ); buf, NULL, 0, &use_len );
if( ret != 0 ) if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
{ {
ret = mbedtls_pem_read_buffer( &pem, ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN NEW CERTIFICATE REQUEST-----", "-----BEGIN NEW CERTIFICATE REQUEST-----",
"-----END NEW CERTIFICATE REQUEST-----", "-----END NEW CERTIFICATE REQUEST-----",
buf, NULL, 0, &use_len ); buf, NULL, 0, &use_len );
} }
if( ret == 0 ) if( ret == 0 )
{ {
/* /*