forge
forge copied to clipboard
Should not assume TLS certificate chain is provided in order
The TLS 1.2 specification required the certificate chain to be in order:
The sender's certificate MUST come first in the list. Each following certificate MUST directly certify the one preceding it.
However, in practice, servers are commonly misconfigured to violate this requirement, and so TLS 1.3 relaxed it from MUST to SHOULD:
The sender's certificate MUST come in the first CertificateEntry in the list. Each following certificate SHOULD directly certify the one immediately preceding it.
For compatibility, Forge should not assume the chain is provided in order. It currently assumes this here:
https://github.com/digitalbazaar/forge/blob/2bb97afb5058285ef09bcf1d04d6bd6b87cffd58/lib/x509.js#L3033-L3039
https://github.com/digitalbazaar/forge/blob/2bb97afb5058285ef09bcf1d04d6bd6b87cffd58/lib/x509.js#L3059-L3061