[gnutls-devel] SSL certificate validation bugs in GnuTLS

Suman Jana suman at cs.utexas.edu
Thu Feb 13 09:33:36 CET 2014

  Sorry, one small correction. The "check_if_ca" function is actually 
defined in lib/x509/verify.c
  and it calls "gnutls_x509_crt_get_ca_status".


>>> 2. Path length constraints in CA certs should be enforced. GnuTLS 
>>> ignores
>>> Path length constraints.
>> Which version of gnutls did you use? GnuTLS supports path length
>> constraints for quite some time now.
>  We found the bug in GnuTLS 3.1.9. As you mentioned, GnuTLS 3.1.9 
> indeed parses
>  the path length constraints. However, it doesn't enforce them. During 
> CA certificate
>  verification, the function "check_if_ca" is called from verify.c. 
> "check_if_ca" is defined in
>  lib/x509/x509.c as follows -
>   int
>   gnutls_x509_crt_get_ca_status (gnutls_x509_crt_t cert, unsigned int 
> *critical)
>   {
>     int pathlen;
>     unsigned int ca;
>     return gnutls_x509_crt_get_basic_constraints (cert, critical, &ca,
>                                                 &pathlen);
>   }
>   The problem is that the pathlen value is never checked.

More information about the Gnutls-devel mailing list