From 2da39033b98d3d0a36f4f7adc5433443547f4f40 Mon Sep 17 00:00:00 2001
From: ran <edding.suree@gmail.com>
Date: Sun, 12 Apr 2026 20:49:33 +0800
Subject: [PATCH] fix: enforce pathLenConstraint regardless of keyUsage
 extension

The pathLenConstraint check in the certificate chain validation was
gated on the keyUsage extension being present. When a CA certificate
omitted the keyUsage extension but included basicConstraints with a
pathLenConstraint, the constraint was silently skipped, allowing
chains that exceeded the maximum permitted depth.

Remove the keyUsage guard so pathLenConstraint is enforced whenever
basicConstraints is present.
---
 lib/x509.js | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/lib/x509.js b/lib/x509.js
index b4a4f6d7a..4d26bdb9d 100644
--- a/lib/x509.js
+++ b/lib/x509.js
@@ -3186,10 +3186,9 @@ pki.verifyCertificateChain = function(caStore, chain, options) {
           error: pki.certificateError.bad_certificate
         };
       }
-      // if error is not null and keyUsage is available, then we know it
-      // has keyCertSign and there is a basic constraints extension too,
-      // which means we can check pathLenConstraint (if it exists)
-      if(error === null && keyUsageExt !== null &&
+      // check pathLenConstraint (if it exists) regardless of whether
+      // keyUsage extension is present
+      if(error === null && bcExt !== null &&
         'pathLenConstraint' in bcExt) {
         // pathLen is the maximum # of intermediate CA certs that can be
         // found between the current certificate and the end-entity (depth 0)