diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2016-03-31 12:14:47 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2016-06-06 13:46:11 +0200 |
| commit | 9aaea4dbfe253f2d8f55252fa8ce43bf160256dc (patch) | |
| tree | 2ab65afd47472e655e56698a4c8d9fd03080b107 /src | |
| parent | 3427e43f4b8ef06867e53d438c798bc7cbf67cb5 (diff) | |
| download | strongswan-9aaea4dbfe253f2d8f55252fa8ce43bf160256dc.tar.bz2 strongswan-9aaea4dbfe253f2d8f55252fa8ce43bf160256dc.tar.xz | |
x509: Properly wrap keyid in authorityKeyIdentifier in attribute certificates
The correct encoding got lost in bdec2e4f5291 ("refactored openac and
its attribute certificate factory").
Fixes #1370.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ac.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index bfc200421..aea8eb53d 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -706,6 +706,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this) if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyIdentifier)) { this->authKeyIdentifier = chunk_clone(keyIdentifier); + keyIdentifier = asn1_simple_object(ASN1_CONTEXT_S_0, keyIdentifier); } public->destroy(public); } @@ -716,7 +717,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this) return asn1_wrap(ASN1_SEQUENCE, "mm", asn1_build_known_oid(OID_AUTHORITY_KEY_ID), asn1_wrap(ASN1_OCTET_STRING, "m", - asn1_wrap(ASN1_SEQUENCE, "cmm", + asn1_wrap(ASN1_SEQUENCE, "mmm", keyIdentifier, authorityCertIssuer, authorityCertSerialNumber |