From 2bcb87efa3187ea2dca7cd506dade7bd90066830 Mon Sep 17 00:00:00 2001 From: lloyd Date: Sat, 5 Apr 2014 18:40:11 +0000 Subject: Make X.509 extension decoding failures point back to the problem extension --- src/lib/cert/x509/x509_ext.cpp | 23 +++++++++++++++-------- src/lib/cert/x509/x509_ext.h | 4 ++-- 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/src/lib/cert/x509/x509_ext.cpp b/src/lib/cert/x509/x509_ext.cpp index f058357c1..f56014ab7 100644 --- a/src/lib/cert/x509/x509_ext.cpp +++ b/src/lib/cert/x509/x509_ext.cpp @@ -128,19 +128,26 @@ void Extensions::decode_from(BER_Decoder& from_source) Certificate_Extension* ext = get_extension(oid); - if(!ext) - { - if(!critical || !should_throw) - continue; - + if(!ext && critical && m_throw_on_unknown_critical) throw Decoding_Error("Encountered unknown X.509 extension marked " "as critical; OID = " + oid.as_string()); - } - ext->decode_inner(value); + if(ext) + { + try + { + ext->decode_inner(value); + } + catch(std::exception& e) + { + throw Decoding_Error("Exception while decoding extension " + + oid.as_string() + ": " + e.what()); + } - extensions.push_back(std::make_pair(ext, critical)); + extensions.push_back(std::make_pair(ext, critical)); + } } + sequence.verify_end(); } diff --git a/src/lib/cert/x509/x509_ext.h b/src/lib/cert/x509/x509_ext.h index 20be18a71..963a0ea68 100644 --- a/src/lib/cert/x509/x509_ext.h +++ b/src/lib/cert/x509/x509_ext.h @@ -70,13 +70,13 @@ class BOTAN_DLL Extensions : public ASN1_Object Extensions& operator=(const Extensions&); Extensions(const Extensions&); - Extensions(bool st = true) : should_throw(st) {} + Extensions(bool st = true) : m_throw_on_unknown_critical(st) {} ~Extensions(); private: static Certificate_Extension* get_extension(const OID&); std::vector > extensions; - bool should_throw; + bool m_throw_on_unknown_critical; }; namespace Cert_Extension { -- cgit v1.2.3