Commit graph

9617 commits

Author SHA1 Message Date
Hanno Becker 2224ccf390 Don't use assertion for failures of mbedtls_x509_crt_x_acquire()
These functions may afil in a regular run, e.g. due to an out of memory
error.
2019-06-28 14:48:31 +01:00
Hanno Becker d92078fc55 Fix copy pasta in x509_crt.h 2019-06-28 14:48:31 +01:00
Hanno Becker 608de6a50d Reference copy-less versions of X.509 CRT frame/PK getters 2019-06-28 14:48:31 +01:00
Hanno Becker ed05888195 x509_crt.c: Add blank line to increase readability 2019-06-28 14:48:31 +01:00
Manuel Pégourié-Gonnard 4e24c449e2
Merge pull request #592 from ARMmbed/static_config_extended_ms
[Baremetal] Exemplify hardcoding of SSL configuration at compile-time in the example of ExtendedMasterSecret
2019-06-28 13:49:35 +02:00
Hanno Becker 35b86a872f [FIXUP] Fix bug in ASN.1 traversal of silently ignored tag 2019-06-25 10:41:34 +01:00
Hanno Becker 2656bfe9b0 [FIXUP] Fix typo in declaration of mbedtls_x509_memcasecmp() 2019-06-25 10:41:34 +01:00
Hanno Becker 08d341211d Move signature-info extraction out of MBEDTLS_X509_REMOVE_INFO
During rebase, the definition of ::mbedtls_x509_crt_sig_info
as well as x509_crt_free_sig_info() and x509_crt_get_sig_info()
were accidentally guarded by !MBEDTLS_X509_REMOVE_INFO.

This commit moves their definition outside of that guard.
2019-06-25 10:41:31 +01:00
Hanno Becker 040c564888 Fix certificate validity checking logic to work with !TIME_DATE
If MBEDTLS_HAVE_TIME_DATE is undefined, the functions
`mbedtls_x509_time_is_past()` and `mbedtls_x509_time_is_future()`
are still defined but return `0` (that is, no time is seen to in
the past or future). To maintain functional correctness, this
means that these functions have to be called in a way where
the condition being checked for is the erroneous one: Concretely,
one shouldn't check that a CRT's `validFrom` is in the past,
or that its `validTo` is in the future, because that would
fail if !MBEDTLS_HAVE_TIME_DATE. Instead, one should check
that `validFrom` is NOT in the future, and `validTo` is NOT
in the past. That was the logic previously, but an uncautious
change during transition to X.509 on-demand parsing has
changed it. This commit fixes this.
2019-06-25 09:11:11 +01:00
Hanno Becker 97aa4363e1 Simplify X.509 CRT version check in UID parsing
WHen parsing the CRT version, we already check that
version is either 1, 2, or 3, so checking whether
version == 2 or version == 3 is equivalent to
version != 1.
2019-06-25 09:11:11 +01:00
Hanno Becker 60785d113b Remove unused variable warning in on-demand X.509 parsing 2019-06-25 09:11:11 +01:00
Hanno Becker 7c5fbbeec0 Reduce number of parallel workers in X.509 CRT threading test
The previous tests used 100 parallel workers which for EC certificates
leads to a memory usage of more than 1Mb, hence leading to an out of memory
condition in tests using the memory buffer allocator which has a pool of 1Mb.

Use 25 workers but an increased number of iterations per worker instead.
2019-06-25 09:11:11 +01:00
Hanno Becker e908412a35 Simplify logic for issuer/subject ID parsing 2019-06-25 09:11:11 +01:00
Hanno Becker fd64f14ef9 Remove redundant CRT version check during CRT parsing 2019-06-25 09:11:11 +01:00
Hanno Becker 938a80507a Add MBEDTLS_X509_ON_DEMAND_PARSING to baremetal config 2019-06-25 09:11:11 +01:00
Hanno Becker b36a245654 Add comment to #endif indicating which condition was guarded 2019-06-25 09:10:57 +01:00
Hanno Becker 484caf0abc Consistently use (type *) instead of (type*) for pointer conversion 2019-06-25 09:10:57 +01:00
Hanno Becker 2ba9fbdfe9 Allow multiple concurrent readers for X.509 CRT frame and PK context
Previously, only one thread could access the parsing cache of an X.509 CRT
at a time. Firstly, this leads to significant performance penalties on
systems running many concurrent threads which share CRT structures --
for example, server threads sharing an SSL configuration containing the
server CRT. Secondly, the locking should be logically unnecessary, because
the threads are supposed to access the CRT frame and PK in a read-only,
or at least thread-safe manner.

This commit modifies the X.509 CRT cache implementation by allowing an
arbitrary number of concurrent readers, locking only the path of setting
up and clearing the cache.
2019-06-25 09:10:57 +01:00
Hanno Becker d687ef0a91 Move X.509 threading test to separate test suite
This allows to build the library + tests via `make` without
specifying `PTHREAD=1`, in which case the X.509 threading
test suite will be silently dropped.

This is analogous to the pre-existing handling of the example
application `ssl_pthread_server`, which is only build if `PTHREAD=1`
and silently dropped otherwise.
2019-06-25 09:10:57 +01:00
Hanno Becker 22cf255e09 Force linking of pthread in 'full config' tests in all.sh 2019-06-25 09:10:57 +01:00
Hanno Becker fa37d07a0d Make: Link test suites with pthread if PTHREAD is set 2019-06-25 09:10:57 +01:00
Hanno Becker 1ba602c2f6 CMake: Link test suites with pthread if LINK_WITH_PTHREAD set
The pre-existing LINK_WITH_PTHREAD CMake option controls whether
`pthread` should be linked into the library, but didn't apply
to the test suites so far.

This commit also links test suites to `pthread` in CMake-based
builds which have LINK_WITH_PTHREAD set.
2019-06-25 09:10:57 +01:00
Hanno Becker fd8b7bd63f Add concurrent X.509 CRT verification test
This commit enhances the X.509 parsing test suite by a test
which exercises multiple threads concurrently verifying the
same certificate with the same set of trusted roots.
2019-06-25 09:10:57 +01:00
Hanno Becker 4b70e12dde Document mbedtls_x509_crt_pk_{acquire/release}()
In contrast to mbedtls_x509_crt_frame_acquire(), the public key context
returned by mbedtls_x509_crt_pk_acquire() cannot be marked `const` because
the caller must be able to use it e.g. for mbedtls_pk_sign() and
mbedtls_pk_verify(), which don't have `const` input parameters.

Instead, return a non-`const` context, but explicitly state that callers
must use that context in a thread-safe way.
2019-06-25 09:10:57 +01:00
Hanno Becker b8670fcab3 Document mbedtls_x509_crt_frame_{acquire/release}() 2019-06-25 09:10:57 +01:00
Hanno Becker 5f268b3cf6 Don't allow change of CRT frame returned by x509_crt_frame_acquire() 2019-06-25 09:10:57 +01:00
Hanno Becker 9219f9e7b8 Fix yet another occasions of 'setup' vs. 'set up' typo in x509_crt.h 2019-06-25 09:10:57 +01:00
Hanno Becker 1250623ad1 Mark CRT frame argument to mbedtls_x509_xxx_from_frame() constant 2019-06-25 09:10:57 +01:00
Hanno Becker a4dfc0d73d Move X.509 CRT cache handling functions to x509_internal.h 2019-06-25 09:10:57 +01:00
Hanno Becker 3c3d5c5836 Fix spacing in declaration of mbedtls_asn1_get_sequence_of() 2019-06-25 09:10:57 +01:00
Hanno Becker c0dab627ce Fix typo 'setup' -> 'set up' throughout x509_crt.h 2019-06-25 09:10:57 +01:00
Hanno Becker fd5c185ed6 Use uint16_t to store key usage field in X.509 CRT
Also, reorder the fields to avoid padding, thereby reducing the size of
mbedtls_x509_crt_frame by 2 Bytes.
2019-06-25 09:10:57 +01:00
Hanno Becker 00d390338d Move internal mbedtls_x509_crt_cache to x509_internal.h
We cannot move it to x509_crt.c because there are some static inline
function definitions in x509_crt.h which access members of
mbedtls_x509_crt_cache.
2019-06-25 09:10:57 +01:00
Hanno Becker 54f1c2cb20 Rename MBEDTLS_X509_SAFE_SNPRINTF_WITH_ERROR to _WITH_CLEANUP 2019-06-25 09:10:57 +01:00
Hanno Becker f332a97e1b Add ASN.1 API to free linked list representation of ASN.1 sequences 2019-06-25 09:10:57 +01:00
Hanno Becker 7b8e11e724 Avoid allocating empty buffers when handling length-0 CRTs 2019-06-25 09:10:57 +01:00
Hanno Becker 0ed348a14e Update VS2010 project file 2019-06-25 09:10:57 +01:00
Hanno Becker 529f25d119 Don't use mbedtls_asn1_get_sequence_of() in x509_crt.c
This commit modifies the implementation of x509_get_ext_key_usage()
to not rely on mbedtls_asn1_get_sequence_of() but to instead use
mbedtls_asn1_traverse_sequence_of() with the same sequence-building
callback that also x509_get_subject_alt_name() uses, and which agrees
with the callback used by mbedtls_asn1_get_sequence_of().

The reason for this is that with this change, Mbed TLS itself isn't
using mbedtls_asn1_get_sequence_of() anymore, but only the more powerful
mbedtls_asn1_traverse_sequence_of(), so that unless application code
makes use of mbedtls_asn1_get_sequence_of(), its implementation
-- including the underlying sequence building callback -- will be
removed by link time garbage collection.
2019-06-25 09:10:57 +01:00
Hanno Becker 15b73b4066 Correct placement of comment on X.509 SAN parsing 2019-06-25 09:10:57 +01:00
Hanno Becker e452add01e Comment on return value type in two internal X.509 functions 2019-06-25 09:10:57 +01:00
Hanno Becker be0cf9b1f6 Improve formatting in x509.c 2019-06-25 09:10:57 +01:00
Hanno Becker f6bc8886c7 Move declarations of internal X.509 functions to separate header
This makes it easier to distinguish public from internal functions;
for us, for users, and for automated API compatibility checkers.
2019-06-25 09:10:57 +01:00
Hanno Becker 1421246d44 Update version_features.c 2019-06-25 09:07:16 +01:00
Hanno Becker a7ac412dcd Update query_config.c 2019-06-25 09:07:16 +01:00
Hanno Becker 76428359b3 Move existence check for pk/frame to mbedtls_x509_crt_provide_xxx() 2019-06-25 09:07:16 +01:00
Hanno Becker bc685199d9 Implement MBEDTLS_X509_ALWAYS_FLUSH 2019-06-25 09:07:16 +01:00
Hanno Becker ffcd8c39a4 Introduce compile-time option to always flush X.509 CRT caches
This commit introduces a compile-time option MBEDTLS_X509_ALWAYS_FLUSH
which controls whether releasing of CRT frames or public key contexts
associated to X.509 CRTs (or, in the future, other cached parsed X.509
structures) should lead to freeing those structures immediately.

Enabling this alongside of the MBEDTLS_X509_ON_DEMAND_PARSING leads
to significant reduction of the average RAM consumption of Mbed TLS.

The option is enabled by default to reduce the permanent RAM overhead of
MBEDTLS_X509_ON_DEMAND_PARSING in case the latter is *disabled* (default).
(Note that there is very little performance penalty enabling
MBEDTLS_X509_ALWAYS_FLUSH in case MBEDTLS_X509_ON_DEMAND_PARSING is disabled,
because hardly any parsing needs to be done to setup a CRT frame / PK context
from the legacy `mbedtls_x509_crt` structure.)
2019-06-25 09:07:16 +01:00
Hanno Becker c6d1c3ed1c Remove frame/pk parameter from mbedtls_x509_crt_xxx_release() 2019-06-25 09:07:16 +01:00
Hanno Becker 7dbf49a518 Enable threading in all.sh test for X.509 on demand parsing 2019-06-25 09:07:16 +01:00
Hanno Becker 38f0cb487c Introduce helpers for conversion between X.509 buffer structs
This commit introduces two static helpers
- `x509_buf_to_buf_raw()`
- `x509_buf_raw_to_buf()`
which convert to/from the old `mbedtls_x509_buf` and
the new `mbedtls_x509_buf_raw` (the latter omitting the
ASN.1 tag field).
2019-06-25 09:07:16 +01:00