From df48efa77a697ce44629eab5836649a9ab2966ff Mon Sep 17 00:00:00 2001
From: Ron Eldor <Ron.Eldor@arm.com>
Date: Mon, 8 Apr 2019 13:28:24 +0300
Subject: [PATCH] Skip uncritical unsupported extensions

Skip extensions that have support in the `oid` layer`, but
no parser found in the x509 layer, in case these are not critical.
---
 library/x509_crt.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 5d82816f2..8024b51a0 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -820,7 +820,17 @@ static int x509_get_crt_ext( unsigned char **p,
             break;
 
         default:
-            return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
+            /*
+             * If this is a non-critical extension, which the oid layer
+             * supports, but there isn't an x509 parser for it,
+             * skip the extension.
+             */
+#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+            if( is_critical )
+                return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
+            else
+#endif
+                *p = end_ext_octet;
         }
     }