Commit graph

105 commits

Author SHA1 Message Date
Jaeden Amero 0cf1776a2d Merge remote-tracking branch 'origin/pr/2451' into mbedtls-2.7
* origin/pr/2451:
  Fix #2370, minor typos and spelling mistakes
2019-06-21 15:55:21 +01:00
Hanno Becker c24e019513 Improve documentation of mbedtls_x509_get_ext()
- Explain the use of explicit ASN.1 tagging for the extensions structuree
- Remove misleading comment which suggests that mbedtls_x509_get_ext()
  also parsed the header of the first extension, which is not the case.
2019-06-04 14:03:27 +01:00
Hanno Becker 19557c2078 Always return a high-level error code from X.509 module
Some functions within the X.509 module return an ASN.1 low level
error code where instead this error code should be wrapped by a
high-level X.509 error code as in the bulk of the module.

Specifically, the following functions are affected:
- mbedtls_x509_get_ext()
- x509_get_version()
- x509_get_uid()

This commit modifies these functions to always return an
X.509 high level error code.

Care has to be taken when adapting `mbetls_x509_get_ext()`:
Currently, the callers `mbedtls_x509_crt_ext()` treat the
return code `MBEDTLS_ERR_ASN1_UNEXPECTED_TAG` specially to
gracefully detect and continue if the extension structure is not
present. Wrapping the ASN.1 error with
`MBEDTLS_ERR_X509_INVALID_EXTENSIONS` and adapting the check
accordingly would mean that an unexpected tag somewhere
down the extension parsing would be ignored by the caller.

The way out of this is the following: Luckily, the extension
structure is always the last field in the surrounding structure,
so if there is some data remaining, it must be an Extension
structure, so we don't need to deal with a tag mismatch gracefully
in the first place.

We may therefore wrap the return code from the initial call to
`mbedtls_asn1_get_tag()` in `mbedtls_x509_get_ext()` by
`MBEDTLS_ERR_X509_INVALID_EXTENSIONS` and simply remove
the special treatment of `MBEDTLS_ERR_ASN1_UNEXPECTED_TAG`
in the callers `x509_crl_get_ext()` and `x509_crt_get_ext()`.

This renders `mbedtls_x509_get_ext()` unsuitable if it ever
happened that an Extension structure is optional and does not
occur at the end of its surrounding structure, but for CRTs
and CRLs, it's fine.

The following tests need to be adapted:
- "TBSCertificate v3, issuerID wrong tag"
  The issuerID is optional, so if we look for its presence
  but find a different tag, we silently continue and try
  parsing the subjectID, and then the extensions. The tag '00'
  used in this test doesn't match either of these, and the
  previous code would hence return LENGTH_MISMATCH after
  unsucessfully trying issuerID, subjectID and Extensions.
  With the new code, any data remaining after issuerID and
  subjectID _must_ be Extension data, so we fail with
  UNEXPECTED_TAG when trying to parse the Extension data.
- "TBSCertificate v3, UIDs, invalid length"
  The test hardcodes the expectation of
  MBEDTLS_ERR_ASN1_INVALID_LENGTH, which needs to be
  wrapped in MBEDTLS_ERR_X509_INVALID_FORMAT now.

Fixes #2431.
2019-06-04 14:03:27 +01:00
Hanno Becker 1de13dbc49 Obey bounds of ASN.1 substructures
When parsing a substructure of an ASN.1 structure, no field within
the substructure must exceed the bounds of the substructure.
Concretely, the `end` pointer passed to the ASN.1 parsing routines
must be updated to point to the end of the substructure while parsing
the latter.

This was previously not the case for the routines
- x509_get_attr_type_and_value(),
- mbedtls_x509_get_crt_ext(),
- mbedtls_x509_get_crl_ext().
These functions kept using the end of the parent structure as the
`end` pointer and would hence allow substructure fields to cross
the substructure boundary. This could lead to successful parsing
of ill-formed X.509 CRTs.

This commit fixes this.

Care has to be taken when adapting `mbedtls_x509_get_crt_ext()`
and `mbedtls_x509_get_crl_ext()`, as the underlying function
`mbedtls_x509_get_ext()` returns `0` if no extensions are present
but doesn't set the variable which holds the bounds of the Extensions
structure in case the latter is present. This commit addresses
this by returning early from `mbedtls_x509_get_crt_ext()` and
`mbedtls_x509_get_crl_ext()` if parsing has reached the end of
the input buffer.

The following X.509 parsing tests need to be adapted:
- "TBSCertificate, issuer two inner set datas"
  This test exercises the X.509 CRT parser with a Subject name
  which has two empty `AttributeTypeAndValue` structures.
  This is supposed to fail with `MBEDTLS_ERR_ASN1_OUT_OF_DATA`
  because the parser should attempt to parse the first structure
  and fail because of a lack of data. Previously, it failed to
  obey the (0-length) bounds of the first AttributeTypeAndValue
  structure and would try to interpret the beginning of the second
  AttributeTypeAndValue structure as the first field of the first
  AttributeTypeAndValue structure, returning an UNEXPECTED_TAG error.
- "TBSCertificate, issuer, no full following string"
  This test exercises the parser's behaviour on an AttributeTypeAndValue
  structure which contains more data than expected; it should therefore
  fail with MBEDTLS_ERR_ASN1_LENGTH_MISMATCH. Because of the missing bounds
  check, it previously failed with UNEXPECTED_TAG because it interpreted
  the remaining byte in the first AttributeTypeAndValue structure as the
  first byte in the second AttributeTypeAndValue structure.
- "SubjectAltName repeated"
  This test should exercise two SubjectAltNames extensions in succession,
  but a wrong length values makes the second SubjectAltNames extension appear
  outside of the Extensions structure. With the new bounds in place, this
  therefore fails with a LENGTH_MISMATCH error. This commit adapts the test
  data to put the 2nd SubjectAltNames extension inside the Extensions
  structure, too.
2019-06-04 14:03:27 +01:00
Junhwan Park e5d016356a x509.c: Fix potential memory leak in X.509 self test
Found and fixed by Junhwan Park in #2106.

Signed-off-by: Junhwan Park <semoking@naver.com>
2019-03-11 15:17:27 +02:00
Antonin Décimo 8fd9156a4a Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
Brendan Shanks b32233319b x509.c: Remove unused includes
Remove unused includes guarded by MBEDTLS_FS_IO, which doesn't appear
anywhere else in the file.
2018-07-02 12:13:26 +01:00
Andres Amaya Garcia 735b37eeef Correctly handle leap year in x509_date_is_valid()
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
2017-10-12 23:21:37 +01:00
Hanno Becker 61937d4a83 Rename time and index parameter to avoid name conflict.
As noted in #557, several functions use 'index' resp. 'time'
as parameter names in their declaration and/or definition, causing name
conflicts with the functions in the C standard library of the same
name some compilers warn about.

This commit renames the arguments accordingly.
2017-07-28 22:28:08 +01:00
Gilles Peskine 750c353c5c X.509 self-tests: replaced SHA-1 certificates by SHA-256 2017-06-06 18:44:13 +02:00
Janos Follath 87c980749d Fix buffer overread in mbedtls_x509_get_time()
A heap overread might happen when parsing malformed certificates.
Reported by Peng Li and Yueh-Hsun Lin.

Refactoring the parsing fixes the problem. This commit applies the
relevant part of the OpenVPN contribution applied to mbed TLS 1.3
in commit 17da9dd829.
2017-02-28 14:23:12 +00:00
Brian J Murray 1903fb312f Clarify Comments and Fix Typos (#651)
Fixes many typos, and errors in comments.

* Clarifies many comments
* Grammar correction in config.pl help text
* Removed comment about MBEDTLS_X509_EXT_NS_CERT_TYPE.
* Comment typo fix (Dont => Don't)
* Comment typo fix (assure => ensure)
* Comment typo fix (byes => bytes)
* Added citation for quoted standard
* Comment typo fix (one complement => 1's complement)

The is some debate about whether to prefer "one's complement",  "ones'
complement", or "1's complement".  The more recent RFCs related to TLS
(RFC 6347,  RFC 4347, etc) use " 1's complement", so I followed that
convention.

* Added missing ")" in comment
* Comment alignment
* Incorrect comment after #endif
2017-02-15 09:08:26 +00:00
Simon Butcher 488c08c00b Merge branch fixing date validity in X.509 2016-10-13 16:13:09 +01:00
Andres AG 4b76aecaf3 Add check for validity of date in x509_get_time() 2016-09-28 14:32:54 +01:00
Andres AG 4bdbe09f90 Fix sig->tag update in mbedtls_x509_get_sig() 2016-09-19 17:09:45 +01:00
Simon Butcher b5b6af2663 Puts platform time abstraction into its own header
Separates platform time abstraction into it's own header from the
general platform abstraction as both depend on different build options.
(MBEDTLS_PLATFORM_C vs MBEDTLS_HAVE_TIME)
2016-07-13 14:46:18 +01:00
SimonB d5800b7761 Abstracts away time()/stdlib.h into platform
Substitutes time() into a configurable platform interface to allow it to be
easily substituted.
2016-04-26 14:49:59 +01:00
Manuel Pégourié-Gonnard 37ff14062e Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Manuel Pégourié-Gonnard 620ee19823 Fix return of x509_self_test without SHA-1
No being able to run the test is not a failure
2015-08-07 10:57:47 +02:00
Manuel Pégourié-Gonnard 6fb8187279 Update date in copyright line 2015-07-28 17:11:58 +02:00
Manuel Pégourié-Gonnard e7e89844d6 Fix and document corner-cases of time checking 2015-06-22 23:41:24 +02:00
Manuel Pégourié-Gonnard 57e10d71be Fix potential NULL dereference.
Introduced when moving from gmtime_r() to gmtime().
Found with fbinfer.
2015-06-22 23:40:44 +02:00
Manuel Pégourié-Gonnard 1685368408 Rationalize snprintf() usage in X.509 modules 2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard 60c793bdc9 Split HAVE_TIME into HAVE_TIME + HAVE_TIME_DATE
First one means we have time() but it may not return the actual wall clock
time, second means it does.
2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard fb317c5221 Rename parameter in a x509 helper 2015-06-18 16:41:13 +02:00
Manuel Pégourié-Gonnard c730ed3f2d Rename boolean functions to be clearer 2015-06-02 10:38:50 +01:00
Manuel Pégourié-Gonnard 864108daab Move from gmtime_r to gmtime + mutexes
* gmtime_r is not standard so -std=c99 warns about it
* Anyway we need global mutexes in the threading layer, so better depend only
  on that, rather that global mutexes + some _r functions
2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard 6a8ca33fa5 Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED 2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard 1b8de57827 Remove a few redundant memset after calloc.
Using the following semantic patch provided by Mansour Moufid:

@@
expression x;
@@
  x = mbedtls_calloc(...)
  ...
- memset(x, 0, ...);
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard 7551cb9ee9 Replace malloc with calloc
- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too
2015-05-26 16:04:06 +02:00
Manuel Pégourié-Gonnard 0fe1f6d97e Remove debug line from selftest
Happened to cause a warning about %x vs uint32_t with arm-none-eabi-gcc 4.9
in addition to being useless
2015-05-12 13:22:02 +02:00
Manuel Pégourié-Gonnard eecb43cf0b Manually merge doc fixes from 1.3 2015-05-12 12:56:41 +02:00
Manuel Pégourié-Gonnard 43b37cbc92 Fix use of pem_read_buffer() in PK, DHM and X509 2015-05-12 11:26:43 +02:00
Manuel Pégourié-Gonnard e6ef16f98c Change X.509 verify flags to uint32_t 2015-05-11 19:54:43 +02:00
Manuel Pégourié-Gonnard 8408a94969 Remove MBEDTLS_ from internal macros 2015-04-09 13:52:55 +02:00
Manuel Pégourié-Gonnard 2cf5a7c98e The Great Renaming
A simple execution of tmp/invoke-rename.pl
2015-04-08 13:25:31 +02:00
Manuel Pégourié-Gonnard 26c9f90cae Merge branch 'mbedtls-1.3' into development
* mbedtls-1.3:
  Add missing depends in x509 programs
  Simplify ifdef checks in programs/x509
  Fix thread safety issue in RSA operations
  Add test certificate for bitstring in DN
  Add support for X.520 uniqueIdentifier
  Accept bitstrings in X.509 names
2015-03-31 17:56:15 +02:00
Manuel Pégourié-Gonnard dd5dbcae90 Accept bitstrings in X.509 names 2015-03-27 13:03:09 +01:00
Manuel Pégourié-Gonnard ca878dbaa5 Make md_info_t an opaque structure
- more freedom for us to change it in the future
- enforces hygiene
- performance impact of making accessors no longer inline should really be
  negligible
2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard c70581c272 Add POLARSSL_DEPRECATED_{WARNING,REMOVED} 2015-03-23 14:11:11 +01:00
Manuel Pégourié-Gonnard 47723147f5 Remove functions deprecated in 1.3 2015-03-20 18:21:12 +00:00
Manuel Pégourié-Gonnard 6e0643762d Reverse meaning of OID_CMP 2015-03-19 16:54:56 +00:00
Manuel Pégourié-Gonnard 7f8099773e Rename include directory to mbedtls 2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard fe44643b0e Rename website and repository 2015-03-06 13:17:10 +00:00
Mansour Moufid c531b4af3c Apply the semantic patch rm-malloc-cast.cocci.
for dir in library programs; do
        spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
        --in-place;
    done
2015-02-16 10:43:52 +00:00
Manuel Pégourié-Gonnard ac1f76c362 Merge remote-tracking branch 'rich/platform' into development
* rich/platform:
  Remove dependency on sscanf in lib x509
  Fix extra guard in memory_buffer_alloc
  rebase from development
  implemented macro overriding for polarssl_* library functions
  fix bug introduced by the addition of snprintf and assert macro which caused tests to fail without polarssl_platform_c defined
  add initial symbols to config and checks to check_config to allow use of macros to define standard functions
  reformat and arrange additions to config alphabetically
  add missing checks to check_config
  add macro definition of assert using polarssl_exit
  modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit
  add POLARSSL_PLATFORM_EXIT_ALT
  modify scripts/* and tests/* to use polarssl_snprintf
  modify programs/*.c to use polarssl_snprintf
  modify library/debug.c to use polarssl_snprintf
  modify library/x509*.c to use polarssl_snprintf
  modify library/net.c to use polarssl_snprintf
  modify oid.c to use polarssl_snprintf
  add platform_set_snprintf

Conflicts:
	library/memory_buffer_alloc.c
	programs/pkey/pk_sign.c
	programs/pkey/pk_verify.c
	programs/pkey/rsa_sign_pss.c
	programs/pkey/rsa_verify_pss.c
	programs/ssl/ssl_client2.c
	programs/ssl/ssl_pthread_server.c
	programs/test/benchmark.c
	programs/test/ssl_cert_test.c
2015-02-13 15:11:24 +00:00
Rich Evans 7d5a55a365 Remove dependency on sscanf in lib x509 2015-02-13 13:50:26 +00:00
Rich Evans fac657fd52 modify library/x509*.c to use polarssl_snprintf 2015-02-13 13:50:25 +00:00
Rich Evans 36796df815 Added missing stdio in lib x509.c needed for sscanf 2015-02-13 13:50:05 +00:00
Rich Evans 00ab47026b cleanup library and some basic tests. Includes, add guards to includes 2015-02-10 11:28:46 +00:00