commit b9983be73ac28212befc6d84afa74769e87fe518
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jul 03 22:51:07 2017 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Aug 08 11:06:50 2017 +0200
tree 6b3d010ab4e4b6a5c3271341a9b9782829da8093
parent 66fac75f8b0bfac336267e6dba1b19fd080999e7

Move one special case from verify_top() to child()

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 899660f..7a5ebef 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2000,15 +2000,12 @@
  * See comments for mbedtls_x509_crt_verify_with_profile()
  * (also for notation used belowe)
  *
- * This function is called in two cases:
+ * This function is called in one circumstance with two sub-cases:
  *  - child was found to have a parent in trusted roots, in which case we're
  *    called with trust_ca pointing directly to that parent (not the full list)
  *      - this happens in cases 1, 2 and 3 of the comment on verify()
  *      - case 1 is special as child and trust_ca point to copies of the same
  *      certificate then
- *  - child was found to have no parent either in the chain or in trusted CAs,
- *    in which case we're called with trust_ca set to NULL
- *      - this is cases 4 and 5 of the comment on verify()
  *
  * For historical reasons, the function currently does not assume that
  * trust_ca points directly to the right root in the first case, so it always
@@ -2027,14 +2024,7 @@
 
     (void) self_cnt;
 
-    /* Special case #1: no root, stop here */
-    if( trust_ca == NULL )
-    {
-        *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
-        goto callback;
-    }
-
-    /* Special case #2: child == trust_ca: trust and that's it */
+    /* Special case: child == trust_ca: trust and that's it */
     if( child->raw.len == trust_ca->raw.len &&
         memcmp( child->raw.p, trust_ca->raw.p, child->raw.len ) == 0 )
     {
@@ -2127,11 +2117,11 @@
     /* Look for a parent upwards the chain */
     parent = x509_crt_find_parent( child, child->next, 0, path_cnt, 0 );
 
-    /* No parent at all? Let verify_top() handle that case */
+    /* No parent at all? We're done here */
     if( parent == NULL )
     {
-        return( x509_crt_verify_top( child, NULL, ca_crl, profile,
-                                     path_cnt, self_cnt, flags, f_vrfy, p_vrfy ) );
+        *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+        goto callback;
     }
 
     /* Counting intermediate self-issued (not necessarily self-signed) certs
@@ -2164,7 +2154,8 @@
     if( ret != 0 )
         return( ret );
 
-    /* child is verified to be a child of the parent, call verify callback */
+callback:
+    /* chain upwards of child done, call callback on child */
     if( NULL != f_vrfy )
         if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
             return( ret );