Commit 8e7bc8fe authored by Nikos Mavrogiannopoulos's avatar Nikos Mavrogiannopoulos
Browse files

Tolerate DER time encoding errors

It seems that openssl generated certificates may contain invalid
formatted times, and gnutls will no longer parse them. Ignore such
formatting errors when DER decoding.

We should reconsider this in the future (#207)

Resolves #196

Signed-off-by: Nikos Mavrogiannopoulos's avatarNikos Mavrogiannopoulos <>
parent 5faeef3c
......@@ -262,7 +262,12 @@ int _gnutls_check_if_sorted(gnutls_x509_crt_t * crt, int nr);
inline static int _asn1_strict_der_decode (asn1_node * element, const void *ider,
int len, char *errorDescription)
return asn1_der_decoding2(element, ider, &len, ASN1_DECODE_FLAG_STRICT_DER, errorDescription);
return asn1_der_decoding2(element, ider, &len, _ASN1_DER_FLAGS, errorDescription);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment