If a malformed certificate is loaded, and then a well-formed certificate
is loaded, the second load will fail with the same error (via error() on
the returned object) as for the first load. This appears to be because
the Convert::ASN1 parser is not reinitialised on new() when the parser
is in an error state. Test and patch attached.
Perl: v 5.10.1 (*) built for i686-linux-thread-multi
Convert::ASN1: v 0.22
Cheers
-Tom
| Subject: | invalid-then-valid.t |
use Test::More tests => 5;
BEGIN { use_ok('Crypt::X509') }
$invalid_cert = Crypt::X509->new( cert => 'invalid' );
ok( $invalid_cert->error, 'got error on invalid data' );
$cert = loadcert('t/verisign.der');
$valid_cert = Crypt::X509->new( cert => $cert );
ok( defined $valid_cert, 'new() returned something' );
is( $valid_cert->error, undef, 'decode successful' );
is( $valid_cert->not_after, 1848787199, 'not_after got parsed' );
sub loadcert {
my $file = shift;
open FILE, $file || die "cannot load test certificate" . $file . "\n";
binmode FILE; # HELLO Windows, dont fuss with this
my $holdTerminator = $/;
undef $/; # using slurp mode to read the DER-encoded binary certificate
my $cert = <FILE>;
$/ = $holdTerminator;
close FILE;
return $cert;
}
| Subject: | invalid-then-valid.patch |
--- /usr/share/perl5/site_perl/5.10.1/Crypt/X509.pm 2009-04-23 21:56:23.000000000 +1000
+++ X509.pm 2010-01-30 10:52:36.965738918 +1000
@@ -89,7 +89,7 @@
sub new {
my ( $class, %args ) = @_;
- if ( !defined($parser) ) {
+ if ( !defined($parser) || $parser->error ) {
$parser = _init();
}
my $self = $parser->decode( $args{'cert'} );