Commit graph

328 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 2f09d59456 Add badkey-skipping to find_parent()
This is the last step towards removing the now-duplicated parent-searching
code in verify_top()
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard 3e329b8e8d Add badtime-skipping feature to new function
This is from the morally 5th (and soon obsolete) invocation of this function
in verify_top().

Doing this badtime-skipping when we search for a parent in the provided chain
is a change of behaviour, but it's backwards-compatible: it can only cause us
to accept valid chains that we used to reject before. Eg if the peer has a
chain with two version of an intermediate certificate with different validity
periods, the first non valid and the second valid - such cases are probably
rare or users would have complained already, but it doesn't hurt to handle it
properly as it allows for more uniform code.
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard 9c6118c498 Factor one more occurrence of code into function
This may look like a behaviour change because one check has been added to the
function that was previously done in only one of the 3 call sites. However it
is not, because:
- for the 2 call sites in verify(), the test always succeeds as path_cnt is 0.
- for the call site in verify_child(), the same test was done later anyway in
  verify_top()
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard 2f1c33dc33 Factor repeated code into function
There are 3 instance that were replaced, but 2 instances of variants of this
function exist and will be handled next (the extra parameter that isn't used
so far is in preparation for that):
- one in verify_child() where path_cnt constraint is handled too
- one in verify_top() where there is extra logic to skip parents that are
  expired or future, but only if there are better parents to be found
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard 17f4a6a609 Take shortcut for directly trusted EE cert
This is a slight change of behaviour in that the previous condition was:
- same subject
- signature matches
while the new condition is:
- exact same certificate

However the documentation for mbedtls_x509_crt_verify() (note on trust_ca)
mentions the new condition, so code that respected the documentation will keep
working.

In addition, this is a bit faster as it doesn't check the self-signature
(which never needs to be checked for certs in the trusted list).
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard c61e5c9304 Don't search twice for a non-existing parent 2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard b8acfd2ba8 Fix calls to check_parent()
When we're looking for a parent, in trusted CAs, 'top' should be 1.

This only impacted which call site for verify_top() was chosen, and the error
was then fixed inside verify_top() by iterating over CAs again, this time
correctly setting 'top' to 1.
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard 35407c7764 Add comments on chain verification cases
This is the beginning of a series of commits refactoring the chain
building/verification functions in order to:
- make it simpler to understand and work with
- prepare integration of restartable ECC
2017-08-08 11:06:50 +02:00
Manuel Pégourié-Gonnard 329e78c7fa Improve handling of md errors in X.509
md() already checks for md_info == NULL. Also, in the future it might also
return other errors (eg hardware errors if acceleration is used), so it make
more sense to check its return value than to check for NULL ourselves and then
assume no other error can occur.

Also, currently, md_info == NULL can never happen except if the MD and OID modules
get out of sync, or if the user messes with members of the x509_crt structure
directly.

This commit does not change the current behaviour, which is to treat MD errors
the same way as a bad signature or no trusted root.
2017-08-08 11:06:49 +02:00
Andres AG 80164741e1 Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-27 21:44:34 +01:00
Ron Eldor 3e19df5c95 Resource leak fix on windows platform
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-27 21:44:33 +01:00
Ron Eldor 8ab0595538 Wrong preproccessor condition fix
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-27 21:44:33 +01:00
Andres AG 7ca4a03955 Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-27 15:08:01 +01:00
Ron Eldor 36d904218b Resource leak fix on windows platform
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-27 15:08:01 +01:00
Ron Eldor 6314068d42 Wrong preproccessor condition fix
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-27 15:08:01 +01:00
Manuel Pégourié-Gonnard 9107b5fdd3 Improve comments 2017-07-06 12:16:25 +02:00
Manuel Pégourié-Gonnard 31458a1878 Only return VERIFY_FAILED from a single point
Everything else is a fatal error. Also improve documentation about that for
the vrfy callback.
2017-07-06 11:58:41 +02:00
Manuel Pégourié-Gonnard d15795acd5 Improve behaviour on fatal errors
If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.
2017-07-06 11:58:41 +02:00
Gilles Peskine 5d2511c4d4 SHA-1 deprecation: allow it in key exchange
By default, keep allowing SHA-1 in key exchange signatures. Disabling
it causes compatibility issues, especially with clients that use
TLS1.2 but don't send the signature_algorithms extension.

SHA-1 is forbidden in certificates by default, since it's vulnerable
to offline collision-based attacks.
2017-06-06 18:44:14 +02:00
Gilles Peskine 5e79cb3662 Remove SHA-1 in TLS by default
Default to forbidding the use of SHA-1 in TLS where it is unsafe: for
certificate signing, and as the signature hash algorithm for the TLS
1.2 handshake signature. SHA-1 remains allowed in HMAC-SHA-1 in the
XXX_SHA ciphersuites and in the PRF for TLS <= 1.1.

For easy backward compatibility for use in controlled environments,
turn on the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1 compiled-time option.
2017-06-06 18:44:13 +02:00
Simon Butcher fc794ff2b7 Merge branch 'iotssl-1071-ca-flags'
Fixes a regression introduced by an earlier commit that modified
x509_crt_verify_top() to ensure that valid certificates that are after past or
future valid in the chain are processed. However the change introduced a change
in behaviour that caused the verification flags MBEDTLS_X509_BADCERT_EXPIRED and
MBEDTLS_BADCERT_FUTURE to always be set whenever there is a failure in the
verification regardless of the cause.

The fix maintains both behaviours:

 * Ensure that valid certificates after future and past are verified
 * Ensure that the correct verification flags are set.
2017-02-27 19:06:05 +00:00
Andres AG c0db511820 Fix unused variable/function compilation warnings
This PR fixes a number of unused variable/function compilation warnings
that arise when using a config.h that does not define the macro
MBEDTLS_PEM_PARSE_C.
2017-02-15 22:54:42 +02:00
Simon B 3c6b18df3a Fix various compiler warnings with MSVC
Fixes various compiler warnings found with Microsoft Visual Studio 2015
(and earlier versions).
2017-02-15 09:08:26 +00:00
Andres AG d16506624a Fix verify out flags from x509_crt_verify_top()
This change fixes a regression introduced by an earlier commit that
modified x509_crt_verify_top() to ensure that valid certificates
that are after past or future valid in the chain are processed. However
the change introduced a change in behaviour that caused the
verification flags MBEDTLS_X509_BADCERT_EXPIRED and
MBEDTLS_BADCERT_FUTURE to always be set whenever there is a failure in
the verification regardless of the cause.

The fix maintains both behaviours:
  * Ensure that valid certificates after future and past are verified
  * Ensure that the correct verification flags are set.

To do so, a temporary pointer to the first future or past valid
certificate is maintained while traversing the chain. If a truly valid
certificate is found then that one is used, otherwise if no valid
certificate is found and the end of the chain is reached, the program
reverts back to using the future or past valid certificate.
2017-01-20 13:52:01 +00:00
Simon B 3249cb780b Fix various compiler warnings with MSVC
Fixes various compiler warnings found with Microsoft Visual Studio 2015
(and earlier versions).
2016-11-10 15:37:33 +00:00
Andres AG f9113194af Allow the entry_name size to be set in config.h
Allow the size of the entry_name character array in x509_crt.c to be
configurable through a macro in config.h. entry_name holds a
path/filename string. The macro introduced in
MBEDTLS_X509_MAX_FILE_PATH_LEN.
2016-09-16 11:42:35 +01:00
Janos Follath 98e28a74e3 Address user reported coverity issues. 2016-06-09 13:41:28 +01:00
Simon Butcher 4b852db299 Merge branch 'iotssl-629-der-trailing-bytes'
Fixes bug in mbedtls_x509_crt_parse that caused trailing extra data in the
buffer following DER certificates to be included in the raw representation.
2016-03-12 23:28:26 +00:00
Janos Follath b437b4b125 X509: Fix bug triggered by future CA among trusted
Fix an issue that caused valid certificates being rejected whenever an
expired or not yet valid version of the trusted certificate was before the
valid version in the trusted certificate list.
2016-03-09 19:32:10 +00:00
Manuel Pégourié-Gonnard 0c6aad90f2 x509: remove obsolete TODO comment
- basicContraints checks are done during verification
- there is no need to set extensions that are not present to default values,
  as the code using the extension will check if it was present using
ext_types. (And default values would not make sense anyway.)
2016-03-09 19:32:09 +00:00
Manuel Pégourié-Gonnard eeef947040 Clarify documentation about missing CRLs
Also tune up some working while at it.
2016-03-09 19:32:08 +00:00
Janos Follath cc0e49ddde x509: trailing bytes in DER: fix bug
Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the
buffer after DER certificates to be included in the raw representation. #377
2016-02-17 14:41:36 +00:00
Manuel Pégourié-Gonnard f4569b14c4 Fix bug checking pathlen on first intermediate
Remove check on the pathLenConstraint value when looking for a parent to the
EE cert, as the constraint is on the number of intermediate certs below the
parent, and that number is always 0 at that point, so the constraint is always
satisfied.

The check was actually off-by-one, which caused valid chains to be rejected
under the following conditions:
- the parent certificate is not a trusted root, and
- it has pathLenConstraint == 0 (max_pathlen == 1 in our representation)

fixes #280
2015-11-19 11:10:38 +01:00
Manuel Pégourié-Gonnard 537e2a9b58 Merge branch 'iotssl-518-winpathlen-restricted' into development-restricted
* iotssl-518-winpathlen-restricted:
  Fix potential heap corruption on Windows
2015-11-02 11:04:59 +09:00
Manuel Pégourié-Gonnard 568f1e7cb3 Merge branch 'iotssl-515-max-pathlen' into development
* iotssl-515-max-pathlen:
  Add Changelog entries for this branch
  Fix a style issue
  Fix whitespace at EOL issues
  Use symbolic constants in test data
  Fixed pathlen contraint enforcement.
  Additional corner cases for testing pathlen constrains. Just in case.
  Added test case for pathlen constrains in intermediate certificates
2015-11-02 05:49:08 +09:00
Manuel Pégourié-Gonnard e670f90e48 Fix whitespace at EOL issues 2015-10-30 09:23:19 +01:00
Manuel Pégourié-Gonnard 65eefc8707 Fix missing check for RSA key length on EE certs
- also adapt tests to use lesser requirement for compatibility with old
  testing material
2015-10-23 16:19:53 +02:00
Manuel Pégourié-Gonnard 261faed725 Fix potential heap corruption on Windows
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.
2015-10-21 10:25:22 +02:00
Janos Follath 5dd4fe1b30 Fixed pathlen contraint enforcement. 2015-10-12 09:02:20 +02:00
Manuel Pégourié-Gonnard 37ff14062e Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Manuel Pégourié-Gonnard fdbdd72b8b Skip to trusted certs early in the chain
This helps in the case where an intermediate certificate is directly trusted.
In that case we want to ignore what comes after it in the chain, not only for
performance but also to avoid false negatives (eg an old root being no longer
trusted while the newer intermediate is directly trusted).

closes #220
2015-09-01 17:24:42 +02:00
Manuel Pégourié-Gonnard 6fb8187279 Update date in copyright line 2015-07-28 17:11:58 +02:00
Manuel Pégourié-Gonnard fa67ebaebb Fix X.509 keysize check with multiple CAs
Assume we have two trusted CAs with the same name, the first uses ECDSA 256
bits, the second RSA 2048; cert is signed by the second. If we do the keysize
check before we checked the key types match, we'll raise the badkey flags when
checking the EC-256 CA and it will remain up even when we finally find the
correct CA. So, move the check for the key size after signature verification,
which implicitly checks the key type.
2015-06-27 14:41:38 +02:00
Manuel Pégourié-Gonnard 79c4e3ee59 Rm obsolete comments 2015-06-23 18:44:10 +02:00
Manuel Pégourié-Gonnard 655a964539 Adapt check_key_usage to new weird bits 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard 9a702255f4 Add parsing/printing for new X.509 keyUsage flags 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard b80d16d171 Fix return convention of x509_wildcard_verify() 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard f9b85d96a9 Fix potential resource leak in X.509 parse dir
Found with fbinfer.
2015-06-22 18:39:57 +02:00
Manuel Pégourié-Gonnard 1685368408 Rationalize snprintf() usage in X.509 modules 2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard 097c7bb05b Rename relevant global symbols from size to bitlen
Just applying rename.pl with this file:

mbedtls_cipher_get_key_size mbedtls_cipher_get_key_bitlen
mbedtls_pk_get_size mbedtls_pk_get_bitlen
MBEDTLS_BLOWFISH_MIN_KEY MBEDTLS_BLOWFISH_MIN_KEY_BITS
MBEDTLS_BLOWFISH_MAX_KEY MBEDTLS_BLOWFISH_MAX_KEY_BITS
2015-06-18 16:43:38 +02:00
Manuel Pégourié-Gonnard a83e4e2bf5 Extra check in verify_with_profile()
This could happen if someone doesn't set the SSL configuration properly. In
that case we don't want to segfault...
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard cbb1f6e5cb Implement cert profile checking 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard f8ea856296 Change data structure of profiles to bitfields
- allows to express 'none' or 'all' more easily than lists
- more compact and easier to declare statically
- easier to check too

Only drawback: if we ever have more than 32 curves, we'll need an ABI change to
make that field a uint64_t.
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard 88db5da117 Add pre-defined profiles for cert verification 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard 9505164ef4 Create cert profile API (unimplemented yet) 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard c730ed3f2d Rename boolean functions to be clearer 2015-06-02 10:38:50 +01:00
Manuel Pégourié-Gonnard 0574bb0bdb Merge branch 'mbedtls-1.3' into development
* mbedtls-1.3:
  Mark unused constant as such
  Update ChangeLog for recent external bugfix
  Serious bug fix in entropy.c
  Fix memleak with repeated [gc]cm_setkey()
  fix minor bug in path_cnt checks

Conflicts:
	include/mbedtls/cipher.h
	library/ccm.c
	library/entropy.c
	library/gcm.c
	library/x509_crt.c
2015-06-02 09:59:29 +01:00
Manuel Pégourié-Gonnard 6a8ca33fa5 Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED 2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard 944cfe8899 Allow use of global mutexes with threading_alt 2015-05-27 20:12:05 +02:00
Manuel Pégourié-Gonnard 1b8de57827 Remove a few redundant memset after calloc.
Using the following semantic patch provided by Mansour Moufid:

@@
expression x;
@@
  x = mbedtls_calloc(...)
  ...
- memset(x, 0, ...);
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard 7551cb9ee9 Replace malloc with calloc
- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too
2015-05-26 16:04:06 +02:00
Nicholas Wilson bc07c3a1f0 fix minor bug in path_cnt checks
If the top certificate occurs twice in trust_ca (for example) it would
not be good for the second instance to be checked with check_path_cnt
reduced twice!
2015-05-13 10:40:30 +01:00
Manuel Pégourié-Gonnard 0ece0f94f2 Fix checks for nul-termination 2015-05-12 12:43:54 +02:00
Manuel Pégourié-Gonnard 43b37cbc92 Fix use of pem_read_buffer() in PK, DHM and X509 2015-05-12 11:26:43 +02:00
Manuel Pégourié-Gonnard e6ef16f98c Change X.509 verify flags to uint32_t 2015-05-11 19:54:43 +02:00
Manuel Pégourié-Gonnard e36d56419e Merge branch 'mbedtls-1.3' into development
* mbedtls-1.3:
  fix bug in ssl_mail_client
  Adapt compat.sh to GnuTLS 3.4
  Fix undefined behaviour in x509

Conflicts:
	programs/ssl/ssl_mail_client.c
	tests/compat.sh
2015-04-30 13:52:25 +02:00
Manuel Pégourié-Gonnard 159c524df8 Fix undefined behaviour in x509 2015-04-30 11:21:18 +02:00
Manuel Pégourié-Gonnard 1e2eae02cb Adapt pthread implementation to recent changes 2015-04-29 02:08:34 +02:00
Manuel Pégourié-Gonnard e6028c93f5 Fix some X509 macro names
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
2015-04-20 12:19:02 +01:00
Manuel Pégourié-Gonnard b5f48ad82f manually merge 39a183a add x509_crt_verify_info() 2015-04-20 11:22:57 +01:00
Manuel Pégourié-Gonnard 39a183a629 Add x509_crt_verify_info() 2015-04-17 17:24:25 +02:00
Manuel Pégourié-Gonnard 8408a94969 Remove MBEDTLS_ from internal macros 2015-04-09 13:52:55 +02:00
Manuel Pégourié-Gonnard 2cf5a7c98e The Great Renaming
A simple execution of tmp/invoke-rename.pl
2015-04-08 13:25:31 +02:00
Manuel Pégourié-Gonnard 1d0ca1a336 Move key_usage to more that 8 bits 2015-03-27 16:50:00 +01:00
Manuel Pégourié-Gonnard 1022fed36e Remove redundant sig_oid2 in x509 structures 2015-03-27 16:34:42 +01:00
Manuel Pégourié-Gonnard a252af760f Minor source simplification 2015-03-27 16:15:55 +01:00
Manuel Pégourié-Gonnard ca878dbaa5 Make md_info_t an opaque structure
- more freedom for us to change it in the future
- enforces hygiene
- performance impact of making accessors no longer inline should really be
  negligible
2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard 6e0643762d Reverse meaning of OID_CMP 2015-03-19 16:54:56 +00:00
Manuel Pégourié-Gonnard 7f8099773e Rename include directory to mbedtls 2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard fe44643b0e Rename website and repository 2015-03-06 13:17:10 +00:00
Mansour Moufid 99b9259f76 Fix whitespace of 369e6c20. 2015-02-16 10:43:52 +00:00
Mansour Moufid c531b4af3c Apply the semantic patch rm-malloc-cast.cocci.
for dir in library programs; do
        spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
        --in-place;
    done
2015-02-16 10:43:52 +00:00
Rich Evans fac657fd52 modify library/x509*.c to use polarssl_snprintf 2015-02-13 13:50:25 +00:00
Rich Evans 00ab47026b cleanup library and some basic tests. Includes, add guards to includes 2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard 555fbf8758 Support composite RDNs in X.509 certs parsing 2015-02-04 17:11:55 +00:00
Manuel Pégourié-Gonnard 860b51642d Fix url again 2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard 7cbe1318d8 Fix more stdio inclusion issues 2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard acdb9b9525 Fix unchecked error code on Windows 2015-01-23 17:50:34 +00:00
Manuel Pégourié-Gonnard 085ab040aa Fix website url to use https. 2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard 9698f5852c Remove maintainer line. 2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard 19f6b5dfaa Remove redundant "all rights reserved" 2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard a658a4051b Update copyright 2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard b4fe3cb1fa Rename to mbed TLS in the documentation/comments 2015-01-22 16:11:05 +00:00
Manuel Pégourié-Gonnard 967a2a5f8c Change name to mbed TLS in the copyright notice 2015-01-22 14:28:16 +00:00
Manuel Pégourié-Gonnard 9439f93ea4 Use pk_load_file() in X509
Saves a bit of ROM. X509 depends on PK anyway.
2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard fd6c85c3eb Set a compile-time limit to X.509 chain length 2014-11-20 16:37:41 +01:00
Manuel Pégourié-Gonnard e5b0fc1847 Make malloc-init script a bit happier 2014-11-13 12:42:12 +01:00
Manuel Pégourié-Gonnard f631bbc1da Make x509_string_cmp() iterative 2014-11-13 12:42:06 +01:00
Manuel Pégourié-Gonnard 8a5e3d4a40 Forbid repeated X.509 extensions 2014-11-12 18:13:58 +01:00
Manuel Pégourié-Gonnard b134060f90 Fix memory leak with crafted X.509 certs 2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard ef9a6aec51 Allow comparing name with mismatched encodings 2014-10-17 12:42:31 +02:00
Manuel Pégourié-Gonnard 88421246d8 Rename a function 2014-10-17 12:42:30 +02:00
Paul Bakker 5a5fa92bfe x509_crt_parse() did not increase total_failed on PEM error
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
Manuel Pégourié-Gonnard d249b7ab9a Restore ability to trust non-CA selfsigned EE cert 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard c4eff16516 Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard 1c082f34f3 Update description and references for X.509 files 2014-06-23 11:52:59 +02:00
Paul Bakker 66d5d076f7 Fix formatting in various code to match spacing from coding style 2014-06-17 17:06:47 +02:00
Paul Bakker d8bb82665e Fix code styling for return statements 2014-06-17 14:06:49 +02:00
Paul Bakker 3461772559 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-06-14 16:46:03 +02:00
Paul Bakker c2ff2083ee Merge parsing and verification of RSASSA-PSS in X.509 modules 2014-06-12 22:02:47 +02:00
Manuel Pégourié-Gonnard d1539b1e88 Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT 2014-06-06 16:42:37 +02:00
Manuel Pégourié-Gonnard 53882023e7 Also verify CRLs signed with RSASSA-PSS 2014-06-05 17:59:55 +02:00
Manuel Pégourié-Gonnard 46db4b070c Use pk_verify_ext() in x509_crt.c 2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard bf696d030b Make sig_opts non-optional in X509 structures
This simplifies the code.
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard dddbb1d1eb Rm sig_params from various X509 structures 2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard 9113603b6b Use sig_opts in x509_sig_alg_gets() 2014-06-05 15:41:39 +02:00
Manuel Pégourié-Gonnard f75f2f7c46 Add sig_opts member to X509 structures 2014-06-05 15:14:59 +02:00
Manuel Pégourié-Gonnard 920e1cd5e2 Add basic PSS cert verification
Still todo:
- handle MGF-hash != sign-hash
- check effective salt len == announced salt len
- add support in the PK layer so that we don't have to bypass it here
2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard cac31eed9e Factor common code for printing sig_alg 2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard cf975a3857 Factor out some common code 2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard 9df5c96214 Fix dependencies 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard e76b750b69 Finish parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard f346bab139 Start parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard 59a75d5b9d Basic parsing of certs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
Paul Bakker 14b16c62e9 Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker)
Move strlen out of for loop.
Remove redundant null checks before free.
2014-05-28 11:34:33 +02:00
Paul Bakker b9e4e2c97a Fix formatting: fix some 'easy' > 80 length lines 2014-05-01 14:18:25 +02:00
Paul Bakker 9af723cee7 Fix formatting: remove trailing spaces, #endif with comments (> 10 lines) 2014-05-01 13:03:14 +02:00
Manuel Pégourié-Gonnard cef4ad2509 Adapt sources to configurable config.h name 2014-04-30 16:40:20 +02:00
Manuel Pégourié-Gonnard 7afb8a0dca Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
Manuel Pégourié-Gonnard 490047cc44 Code cosmetics 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard 312010e6e9 Factor common parent checking code 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard f93a3c4335 Check the CA bit on trusted CAs too 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard 99d4f19111 Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard 3fed0b3264 Factor some common code in x509_verify{,_child} 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard 603116c570 Add x509_crt_check_key_usage() 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard 8c045ef8e4 Fix embarrassing X.509 bug introduced in 9533765 2014-04-08 11:55:03 +02:00
Paul Bakker e4205dc50a Merged printing of X509 extensions 2014-04-04 15:36:10 +02:00
Paul Bakker 5ff3f9134b Small fix for EFI build under Windows in x509_crt.c 2014-04-04 15:08:20 +02:00
Manuel Pégourié-Gonnard 0db29b05b5 More compact code using macros 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 7b30cfc5b0 x509_crt_info() list output cosmectics 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard f6f4ab40d3 Print extended key usage in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 65c2ddc318 Print key_usage in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard bce2b30855 Print subject alt name in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 919f8f5829 Print NS Cert Type in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard b28487db1f Start printing extensions in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 9533765b25 Reject certs and CRLs from the future 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard c9093085ed Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
This reverts commit ab50d8d30c, reversing
changes made to e31b1d992a.
2014-02-12 09:39:59 +01:00
Manuel Pégourié-Gonnard 6df09578bb Revert "Mutex call in x509_crt.c depended on PTHREAD specific instead of generic"
This reverts commit 9eae7aae80.
2014-02-12 09:29:05 +01:00
Paul Bakker 9eae7aae80 Mutex call in x509_crt.c depended on PTHREAD specific instead of generic
threading
2014-02-06 14:51:53 +01:00
Paul Bakker 7dc4c44267 Library files moved to use platform layer 2014-02-06 13:20:16 +01:00
Manuel Pégourié-Gonnard 27b93ade6e Factor common code for printing sig_alg 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard 5cac583482 Factor out some common code 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard ce7c6fd433 Fix dependencies 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard 3c1e8b539c Finish parsing RSASSA-PSS parameters 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard d9fd87be33 Start parsing RSASSA-PSS parameters 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard b1d4eb16e4 Basic parsing of certs signed with RSASSA-PSS 2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard 7c59363a85 Remove a few dead stores 2014-01-22 13:02:39 +01:00
Paul Bakker 1a56fc96a3 Fixed x509_crt_parse_path() bug on Windows platforms 2013-12-19 13:52:33 +01:00
Manuel Pégourié-Gonnard 5ad68e42e5 Mutex x509_crt_parse_path() when pthreads is used 2013-11-28 18:07:39 +01:00
Manuel Pégourié-Gonnard 964bf9b92f Quit using readdir_r()
Prone to buffer overflows on some platforms.
2013-11-28 18:07:39 +01:00
Paul Bakker f2b4d86452 Fixed X.509 hostname comparison (with non-regular characters)
In situations with 'weird' certificate names or hostnames (containing
non-western allowed names) the check would falsely report a name or
wildcard match.
2013-11-21 17:30:23 +01:00
Paul Bakker 6edcd41c0a Addition conditions for UEFI environment under MSVC 2013-10-29 15:44:13 +01:00
Paul Bakker fa6a620b75 Defines for UEFI environment under MSVC added 2013-10-29 14:05:38 +01:00
Paul Bakker 60b1d10131 Fixed spelling / typos (from PowerDNS:codespell) 2013-10-29 10:02:51 +01:00
Paul Bakker be089b0483 Introduced POLARSSL_HAVE_READDIR_R for systems without it 2013-10-14 15:51:50 +02:00
Paul Bakker b9cfaa0c7f Explicit conversions and minor changes to prevent MSVC compiler warnings 2013-10-14 15:50:40 +02:00
Paul Bakker 4aa40d4f51 Better support for MSVC 2013-10-11 10:49:24 +02:00
Manuel Pégourié-Gonnard cbf3ef3861 RSA and ECDSA key exchanges don't depend on CRL 2013-09-24 21:25:53 +02:00
Paul Bakker 3cf63edc44 Typo in Windows error code in x509_crt.c 2013-09-23 15:10:16 +02:00
Paul Bakker c27c4e2efb Support faulty X509 v1 certificates with extensions
(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
2013-09-23 15:01:36 +02:00
Paul Bakker c559c7a680 Renamed x509_cert structure to x509_crt for consistency 2013-09-18 14:32:52 +02:00
Paul Bakker ddf26b4e38 Renamed x509parse_* functions to new form
e.g. x509parse_crtfile -> x509_crt_parse_file
2013-09-18 13:46:23 +02:00
Paul Bakker 369d2eb2a2 Introduced x509_crt_init(), x509_crl_init() and x509_csr_init() 2013-09-18 12:01:43 +02:00
Paul Bakker 86d0c1949e Generalized function names of x509 functions not parse-specific
x509parse_serial_gets -> x509_serial_gets
x509parse_dn_gets -> x509_dn_gets
x509parse_time_expired -> x509_time_expired
2013-09-18 12:01:42 +02:00
Paul Bakker 5187656211 Renamed X509 / X509WRITE error codes to generic (non-cert-specific) 2013-09-17 14:36:05 +02:00
Paul Bakker e9e6ae338b Moved x509_self_test() from x509_crt.c to x509.c and fixed mem-free bug 2013-09-16 22:55:51 +02:00
Paul Bakker da7711594e Changed pk_parse_get_pubkey() to pk_parse_subpubkey() 2013-09-16 22:45:03 +02:00
Paul Bakker 7c6b2c320e Split up X509 files into smaller modules 2013-09-16 21:41:54 +02:00
Renamed from library/x509parse.c (Browse further)