From 7929229a32344dbef4c515201dcd32d414d9263e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 3 Dec 2015 09:53:20 +0100 Subject: [PATCH] Fix bug checking pathlen on first intermediate Remove check on the pathLenConstraint value when looking for a parent to the EE cert, as the constraint is on the number of intermediate certs below the parent, and that number is always 0 at that point, so the constraint is always satisfied. The check was actually off-by-one, which caused valid chains to be rejected under the following conditions: - the parent certificate is not a trusted root, and - it has pathLenConstraint == 0 (max_pathlen == 1 in our representation) fixes #280 --- ChangeLog | 7 +++++++ library/x509parse.c | 9 --------- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0bb206f3e..4d22cf5d0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,12 @@ PolarSSL ChangeLog += Version 1.2.19 released 2015-12-xx + +Bugfix + * Fix bug in certificate validation that caused valid chains to be rejected + when the first intermediate certificate has pathLenConstraint=0. Found by + Nicholas Wilson. Introduced in mbed TLS 1.3.15. #280 + = Version 1.2.18 released 2015-11-04 Security diff --git a/library/x509parse.c b/library/x509parse.c index c9db3fa5a..f0cf3a512 100644 --- a/library/x509parse.c +++ b/library/x509parse.c @@ -3679,15 +3679,6 @@ int x509parse_verify( x509_cert *crt, continue; } - /* +2 because the current step is not yet accounted for - * and because max_pathlen is one higher than it should be */ - if( parent->max_pathlen > 0 && - parent->max_pathlen < 2 + pathlen ) - { - parent = parent->next; - continue; - } - break; }