diff options
| -rw-r--r-- | instance.go | 2 | ||||
| -rw-r--r-- | x509.go | 13 |
2 files changed, 10 insertions, 5 deletions
diff --git a/instance.go b/instance.go index 461ab6c..178b058 100644 --- a/instance.go +++ b/instance.go @@ -27,6 +27,7 @@ type LogParameters struct { TreeId int64 // used internally by Trillian Prefix string MaxRange int64 // max entries per get-entries request + MaxChain int64 // max submitter certificate chain length AnchorPool *x509.CertPool // for chain verification AnchorList []*x509.Certificate // for access to the raw certificates Signer crypto.Signer @@ -77,6 +78,7 @@ func NewLogParameters(treeId int64, prefix string, anchorPath, keyPath string) ( TreeId: treeId, Prefix: prefix, MaxRange: 2, // TODO: allow configuration + MaxChain: 3, // TODO: allow configuration AnchorPool: anchorPool, AnchorList: anchorList, Signer: key, @@ -180,13 +180,16 @@ func buildChainFromB64List(lp *LogParameters, b64chain []string) ([]*x509.Certif return nil, fmt.Errorf("chain verification failed: %v", err) } if len(chains) == 0 { - return nil, fmt.Errorf("chain verification failed: no chain") + return nil, fmt.Errorf("bad certificate chain length: empty") } - chain := chains[0] // if we found multiple paths just pick the first one - // TODO: check that len(chain) is OK - - return chain, nil + // there might be several valid chains + for _, chain := range chains { + if int64(len(chain)) <= lp.MaxChain { + return chain, nil // just pick the first valid chain + } + } + return nil, fmt.Errorf("bad certificate chain length: too large") } // verifySignature checks if signature is valid for some serialized data. The |