From a7598705bf1fae1530cbf614ce9fce44f3850284 Mon Sep 17 00:00:00 2001
From: Andres Amaya Garcia <andres.amayagarcia@arm.com>
Date: Fri, 25 Aug 2017 10:56:00 +0100
Subject: [PATCH] Parse the OCSP response version

---
 library/x509_ocsp.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/library/x509_ocsp.c b/library/x509_ocsp.c
index f9be67b82c..e3c90b048d 100644
--- a/library/x509_ocsp.c
+++ b/library/x509_ocsp.c
@@ -128,6 +128,17 @@ static int x509_ocsp_get_response_version( unsigned char **p,
                                            const unsigned char *end,
                                            int *version )
 {
+    int ret;
+
+    if( ( ret = mbedtls_asn1_get_int( p, end, version ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
+    else if( *version != MBEDTLS_X509_OCSP_VERSION_1 )
+        return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_VERSION +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
     return( 0 );
 }