diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2017-07-07 08:53:32 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-07-07 08:57:14 +0200 |
| commit | d7dc677ee5727617d8c8fc43754786527717a884 (patch) | |
| tree | 3fc8770bebd17ebf81b7e19725543ed626350432 | |
| parent | 93e0898f60ab261f45fea6772fda79049f60b5e2 (diff) | |
| download | strongswan-d7dc677ee5727617d8c8fc43754786527717a884.tar.bz2 strongswan-d7dc677ee5727617d8c8fc43754786527717a884.tar.xz | |
x509: Correctly encode nonce in OCSP request
The nonce value is encoded as OCTET STRING, however, the extension
values themselves must also be encoded as OCTET STRING.
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ocsp_request.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index e32f8eefe..aef76af32 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -209,7 +209,8 @@ static chunk_t build_nonce(private_x509_ocsp_request_t *this) } rng->destroy(rng); return asn1_wrap(ASN1_SEQUENCE, "cm", ASN1_nonce_oid, - asn1_simple_object(ASN1_OCTET_STRING, this->nonce)); + asn1_wrap(ASN1_OCTET_STRING, "m", + asn1_simple_object(ASN1_OCTET_STRING, this->nonce))); } /** |