x509parse_crt() now better handles PEM error situations

Because of new pem_read_buffer() handling of when it writes use_len, x509parse_crt() is able to better handle situations where a PEM blob results in an error but the other blobs can still be parsed. (cherry picked from commit 6417186365f4a73a719fff754fefe8edcef2bc28)
2013-06-24 19:05:46 +02:00 · 2013-06-24 19:05:46 +02:00 · 5ed3b34e22
commit 5ed3b34e22
parent 00b2860e8d
1 changed files with 10 additions and 0 deletions
--- a/library/x509parse.c
+++ b/library/x509parse.c
@ -1430,10 +1430,20 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
                buflen -= use_len;
                buf += use_len;
            }
+            else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
+            {
+                return( ret );
+            }
            else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
            {
                pem_free( &pem );

+                /*
+                 * PEM header and footer were found
+                 */
+                buflen -= use_len;
+                buf += use_len;
+
                if( first_error == 0 )
                    first_error = ret;