Check validity of potential parent before checking signature

The function `x509_crt_find_parent_in()` traverses a list of CRTs to find a potential parent to a given CRT. So far, the logic was the following: For each candidate, - check basic parenting skills (mostly name match) - verify signature - verify validity This order is insuitable for the new acquire/release layer of indirection when dealing with CRTs, because we either have to query the candidate's CRT frame twice, or query frame and PK simultaneously. This commit moves the validity check to the beginning of the routine to allow querying for the frame and then for the PK. The entry point for restartable ECC needs to be moved for that to not forget the validity-flag while pausing ECC computations.
2025-03-23 00:05:07 +00:00 · 2019-02-24 17:47:46 +00:00 · 2019-02-24 17:47:46 +00:00 · a788cab46d
parent 1e0677acc1
commit a788cab46d
1 changed files with 26 additions and 13 deletions
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@ -2346,21 +2346,35 @@ static int x509_crt_find_parent_in(

    for( parent = candidates; parent != NULL; parent = parent->next )
    {
-        /* basic parenting skills (name, CA bit, key usage) */
-        if( x509_crt_check_parent( child, parent, top ) != 0 )
-            continue;
+        int parent_valid, parent_match, path_len_ok;

-        /* +1 because stored max_pathlen is 1 higher that the actual value */
-        if( parent->max_pathlen > 0 &&
-            (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt )
-        {
-            continue;
-        }
-
-        /* Signature */
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
 check_signature:
 #endif
+
+        parent_valid = parent_match = path_len_ok = 0;
+
+        if( mbedtls_x509_time_is_past( &parent->valid_from ) &&
+            mbedtls_x509_time_is_future( &parent->valid_to ) )
+        {
+            parent_valid = 1;
+        }
+
+        /* basic parenting skills (name, CA bit, key usage) */
+        if( x509_crt_check_parent( child, parent, top ) == 0 )
+            parent_match = 1;
+
+        /* +1 because stored max_pathlen is 1 higher that the actual value */
+        if( !( parent->max_pathlen > 0 &&
+               (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt ) )
+        {
+            path_len_ok = 1;
+        }
+
+        if( parent_match == 0 || path_len_ok == 0 )
+            continue;
+
+        /* Signature */
        ret = x509_crt_check_signature( child, parent, rs_ctx );

 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
@ -2382,8 +2396,7 @@ check_signature:
            continue;

        /* optional time check */
-        if( mbedtls_x509_time_is_past( &parent->valid_to ) ||
-            mbedtls_x509_time_is_future( &parent->valid_from ) )
+        if( !parent_valid )
        {
            if( fallback_parent == NULL )
            {