summary refs log tree commit diff
path: root/crypto/src/tls/TlsExtensionsUtilities.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/tls/TlsExtensionsUtilities.cs')
-rw-r--r--crypto/src/tls/TlsExtensionsUtilities.cs9
1 files changed, 6 insertions, 3 deletions
diff --git a/crypto/src/tls/TlsExtensionsUtilities.cs b/crypto/src/tls/TlsExtensionsUtilities.cs

index 688fee3c7..5a13d8d2e 100644
--- a/crypto/src/tls/TlsExtensionsUtilities.cs
+++ b/crypto/src/tls/TlsExtensionsUtilities.cs
@@ -964,8 +964,10 @@ namespace Org.BouncyCastle.Tls
             while (buf.Position < buf.Length)
             {
                 byte[] derEncoding = TlsUtilities.ReadOpaque16(buf, 1);
-                Asn1Object asn1 = TlsUtilities.ReadDerObject(derEncoding);
-                authorities.Add(X509Name.GetInstance(asn1));
+                Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding);
+                X509Name ca = X509Name.GetInstance(asn1);
+                TlsUtilities.RequireDerEncoding(ca, derEncoding);
+                authorities.Add(ca);
             }
             return authorities;
         }
@@ -1111,8 +1113,9 @@ namespace Org.BouncyCastle.Tls
             while (buf.Position < buf.Length)
             {
                 byte[] derEncoding = TlsUtilities.ReadOpaque8(buf, 1);
-                Asn1Object asn1 = TlsUtilities.ReadDerObject(derEncoding);
+                Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding);
                 DerObjectIdentifier certificateExtensionOid = DerObjectIdentifier.GetInstance(asn1);
+                TlsUtilities.RequireDerEncoding(certificateExtensionOid, derEncoding);
 
                 if (filters.Contains(certificateExtensionOid))
                     throw new TlsFatalAlert(AlertDescription.illegal_parameter);
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-21 21:52:39 +0000