commit dc8751d31eb01fa8e09ceca4e918d92c00bbfad6
author Hanno Becker <hanno.becker@arm.com> Mon Sep 25 10:47:58 2017 +0100
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Mar 05 13:46:10 2018 +0100
tree b5eaf8cdfd5adeb30e83b67702750f1435eab5b2
parent 52de8e01a0c9700c39893c470fdd6b98da69f740

Fix bug in X.509 CRT verification code

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 18bc87c..845d92e 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -717,7 +717,7 @@
 
     memcpy( p, buf, crt->raw.len );
 
-    // Direct pointers to the new buffer 
+    // Direct pointers to the new buffer
     p += crt->raw.len - len;
     end = crt_end = p + len;
 
@@ -1958,7 +1958,7 @@
          */
         if( child->subject_raw.len == trust_ca->subject_raw.len &&
             memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
-                            child->issuer_raw.len ) == 0 )
+                    child->subject_raw.len ) == 0 )
         {
             check_path_cnt--;
         }
@@ -2008,7 +2008,7 @@
     if( trust_ca != NULL &&
         ( child->subject_raw.len != trust_ca->subject_raw.len ||
           memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
-                            child->issuer_raw.len ) != 0 ) )
+                  child->subject_raw.len ) != 0 ) )
     {
 #if defined(MBEDTLS_X509_CRL_PARSE_C)
         /* Check trusted CA's CRL for the chain's top crt */