mbedtls

mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-10-14 06:47:09 +00:00

History

Andrzej Kurek acf7f2ce93 Guard from undefined behaviour in case of an INT_MAX max_pathlen When parsing a certificate with the basic constraints extension the max_pathlen that was read from it was incremented regardless of its value. However, if the max_pathlen is equal to INT_MAX (which is highly unlikely), an undefined behaviour would occur. This commit adds a check to ensure that such value is not accepted as valid. Relevant tests for INT_MAX and INT_MAX-1 are also introduced. Certificates added in this commit were generated using the test_suite_x509write, function test_x509_crt_check. Input data taken from the "Certificate write check Server1 SHA1" test case, so the generated files are like the "server1.crt", but with the "is_ca" field set to 1 and max_pathlen as described by the file name. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>		2020-04-17 11:29:20 +02:00
..
dir-maxpath
dir1	Add tests for x509_crt_parse_path()	2013-11-28 18:07:39 +01:00
dir2
dir3
dir4
.gitignore
bitstring-in-dn.pem
cert_example_multi.crt
cert_example_multi_nocn.crt
cert_example_wildcard.crt
cert_md2.crt
cert_md4.crt
cert_md5.crt
cert_sha1.crt
cert_sha224.crt
cert_sha256.crt
cert_sha384.crt
cert_sha512.crt
cert_v1_with_ext.crt	Support faulty X509 v1 certificates with extensions	2013-09-23 15:01:36 +02:00
cli-rsa-sha1.crt
cli-rsa-sha256.crt
cli-rsa-sha256.crt.der
cli-rsa-sha256.key.der
cli-rsa.key
cli-rsa.key.der
cli.opensslconf
cli2.crt
cli2.crt.der
cli2.key
cli2.key.der
crl-ec-sha1.pem
crl-ec-sha224.pem
crl-ec-sha256.pem
crl-ec-sha384.pem
crl-ec-sha512.pem	Update EC certs to use NIST-256 and NIST-384	2013-09-24 21:25:54 +02:00
crl-future.pem
crl-idp.pem
crl-idpnc.pem
crl-malformed-trailing-spaces.pem
crl-rsa-pss-sha1-badsign.pem
crl-rsa-pss-sha1.pem	Parse CRLs signed with RSASSA-PSS	2014-06-02 16:10:29 +02:00
crl-rsa-pss-sha224.pem
crl-rsa-pss-sha256.pem
crl-rsa-pss-sha384.pem
crl-rsa-pss-sha512.pem
crl.pem
crl_cat_ec-rsa.pem
crl_cat_ecfut-rsa.pem	Update soon to be expired crl	2019-07-10 17:26:39 +03:00
crl_cat_rsa-ec.pem
crl_cat_rsabadpem-ec.pem	Add tests for concatenated CRLs	2014-11-19 16:08:34 +01:00
crl_expired.pem
crl_md2.pem	- Added extra X509 regression and coverage tests	2009-07-19 20:30:14 +00:00
crl_md4.pem
crl_md5.pem
crl_sha1.pem
crl_sha224.pem
crl_sha256.pem
crl_sha384.pem
crl_sha512.pem	- Corrected parsing of UTCTime dates before 1990 and after 1950	2011-02-20 10:40:16 +00:00
crt_cat_rsaexp-ec.pem	Add tests for concatenated CRLs	2014-11-19 16:08:34 +01:00
dh.1000.pem
dh.optlen.pem
dhparams.pem
ec_224_prv.pem
ec_224_pub.pem
ec_256_long_prv.pem
ec_256_prv.pem
ec_256_pub.pem	Add test for EC keys with all curves.	2013-08-16 14:00:52 +02:00
ec_384_prv.pem
ec_384_pub.pem	Add test for EC keys with all curves.	2013-08-16 14:00:52 +02:00
ec_521_prv.pem
ec_521_pub.pem	Add test for EC keys with all curves.	2013-08-16 14:00:52 +02:00
ec_521_short_prv.pem	pk_write test cases with short/long private key	2018-09-05 17:26:31 +02:00
ec_bp256_prv.pem
ec_bp256_pub.pem
ec_bp384_prv.pem
ec_bp384_pub.pem
ec_bp512_prv.pem
ec_bp512_pub.pem
ec_prv.pk8.der	Add tests for x509parse_key_ec()	2013-07-08 17:32:26 +02:00
ec_prv.pk8.pem
ec_prv.pk8.pw.der
ec_prv.pk8.pw.pem	Adapt test files to supported PKCS#8 modes	2013-07-08 17:32:26 +02:00
ec_prv.pk8nopub.der	Fix parsing of PKCS#8 encoded Elliptic Curve keys.	2018-03-22 18:01:18 -07:00
ec_prv.pk8nopub.pem	Fix parsing of PKCS#8 encoded Elliptic Curve keys.	2018-03-22 18:01:18 -07:00
ec_prv.pk8nopubparam.der
ec_prv.pk8nopubparam.pem
ec_prv.pk8param.der	Fix parsing of PKCS#8 encoded Elliptic Curve keys.	2018-03-22 18:01:18 -07:00
ec_prv.pk8param.pem	Fix parsing of PKCS#8 encoded Elliptic Curve keys.	2018-03-22 18:01:18 -07:00
ec_prv.sec1.der	Add tests for x509parse_key_ec()	2013-07-08 17:32:26 +02:00
ec_prv.sec1.pem
ec_prv.sec1.pw.pem
ec_prv.specdom.der	Add test for SpecifiedECDomain	2014-03-19 16:50:59 +01:00
ec_pub.der
ec_pub.pem
enco-ca-prstr.pem
enco-cert-utf8str.pem	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
format_gen.key
format_gen.pub
format_pkcs12.fmt
format_rsa.key	- Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20 )	2011-07-13 11:26:43 +00:00
hash_file_1	- Added shax_file tests and data files	2009-07-05 11:30:16 +00:00
hash_file_2
hash_file_3
hash_file_4
hash_file_5
keyUsage.decipherOnly.crt	Add parsing/printing for new X.509 keyUsage flags	2015-06-23 13:09:10 +02:00
Makefile
mpi_10
mpi_too_big
passwd.psk
print_c.pl	Document test data makefile	2017-06-06 18:44:14 +02:00
Readme-x509.txt	Update X.509 test certs' Readme	2017-08-17 10:13:00 +02:00
rsa512.key
rsa521.key
rsa522.key
rsa528.key
rsa4096_prv.pem
rsa4096_pub.pem	Fix buffer size in pk_write_*_pem()	2014-08-14 11:34:35 +02:00
rsa_pkcs1_1024_3des.pem
rsa_pkcs1_1024_aes128.pem
rsa_pkcs1_1024_aes192.pem
rsa_pkcs1_1024_aes256.pem	Unify naming schemes for RSA keys	2017-09-29 20:05:23 +01:00
rsa_pkcs1_1024_clear.pem
rsa_pkcs1_1024_des.pem
rsa_pkcs1_2048_3des.pem
rsa_pkcs1_2048_aes128.pem
rsa_pkcs1_2048_aes192.pem
rsa_pkcs1_2048_aes256.pem
rsa_pkcs1_2048_clear.pem
rsa_pkcs1_2048_des.pem
rsa_pkcs1_2048_public.der
rsa_pkcs1_2048_public.pem
rsa_pkcs1_4096_3des.pem
rsa_pkcs1_4096_aes128.pem
rsa_pkcs1_4096_aes192.pem
rsa_pkcs1_4096_aes256.pem
rsa_pkcs1_4096_clear.pem
rsa_pkcs1_4096_des.pem
rsa_pkcs8_1024_public.der	Resolve PR review comments	2017-10-16 12:40:27 +03:00
rsa_pkcs8_2048_public.der	Resolve PR review comments	2017-10-17 15:53:32 +03:00
rsa_pkcs8_2048_public.pem
rsa_pkcs8_pbe_sha1_1024_2des.der
rsa_pkcs8_pbe_sha1_1024_2des.pem
rsa_pkcs8_pbe_sha1_1024_3des.der
rsa_pkcs8_pbe_sha1_1024_3des.pem
rsa_pkcs8_pbe_sha1_1024_rc4_128.der
rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
rsa_pkcs8_pbe_sha1_2048_2des.der
rsa_pkcs8_pbe_sha1_2048_2des.pem
rsa_pkcs8_pbe_sha1_2048_3des.der
rsa_pkcs8_pbe_sha1_2048_3des.pem
rsa_pkcs8_pbe_sha1_2048_rc4_128.der
rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
rsa_pkcs8_pbe_sha1_4096_2des.der
rsa_pkcs8_pbe_sha1_4096_2des.pem
rsa_pkcs8_pbe_sha1_4096_3des.der
rsa_pkcs8_pbe_sha1_4096_3des.pem
rsa_pkcs8_pbe_sha1_4096_rc4_128.der
rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem	data_files/pkcs8-v2: add keys generated with PRF != SHA1	2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
rsa_pkcs8_pbes2_pbkdf2_1024_des.der
rsa_pkcs8_pbes2_pbkdf2_1024_des.pem	Unify naming schemes for RSA keys	2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
rsa_pkcs8_pbes2_pbkdf2_2048_des.der
rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
rsa_pkcs8_pbes2_pbkdf2_4096_des.der
rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem	data_files/pkcs8-v2: add keys generated with PRF != SHA1	2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem	data_files/pkcs8-v2: add keys generated with PRF != SHA1	2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der	data_files/pkcs8-v2: add keys generated with PRF != SHA1	2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem	data_files/pkcs8-v2: add keys generated with PRF != SHA1	2018-02-08 17:18:19 +08:00
secp521r1_prv.der
server1-ms.req.sha256	Add additional test case for alternative CSR headers	2018-10-06 17:19:31 +01:00
server1-nospace.crt
server1-v1.crt
server1.cert_type.crt
server1.cert_type.crt.openssl.v3_ext
server1.cert_type_noauthid.crt
server1.crt
server1.crt.der
server1.crt.openssl.v3_ext
server1.csr	Extend tests/data_files/Makefile to include CRT's for CRT write test	2017-09-14 07:51:28 +01:00
server1.der	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
server1.ext_ku.crt
server1.key
server1.key_usage.crt
server1.key_usage.crt.openssl.v3_ext
server1.key_usage_noauthid.crt
server1.noauthid.crt
server1.pubkey
server1.req.cert_type	Add tests for (named) bitstring to suite_asn1write	2019-02-11 21:23:49 +00:00
server1.req.cert_type_empty	Add tests for (named) bitstring to suite_asn1write	2019-02-11 21:23:49 +00:00
server1.req.key_usage
server1.req.key_usage_empty
server1.req.ku-ct
server1.req.md4
server1.req.md5	Regenerate test files	2018-11-02 10:52:38 +00:00
server1.req.sha1
server1.req.sha224
server1.req.sha256
server1.req.sha384
server1.req.sha512
server1.v1.crt	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
server1_ca.crt
server1_csr.opensslconf
server1_pathlen_int_max-1.crt
server1_pathlen_int_max.crt
server2-badsign.crt	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
server2-sha256.crt
server2-sha256.crt.der
server2-v1-chain.crt	Restore ability to use v1 CA if trusted locally	2014-06-25 11:26:12 +02:00
server2-v1.crt
server2.crt
server2.crt.der	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
server2.der	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
server2.key	- Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20 )	2011-07-13 11:26:43 +00:00
server2.key.der
server2.ku-ds.crt
server2.ku-ds_ke.crt
server2.ku-ka.crt
server2.ku-ke.crt
server3.crt
server3.key
server4.crt
server4.key
server5-badsign.crt
server5-der0.crt	x509: trailing bytes in DER: add integration tests	2016-02-17 10:11:21 +00:00
server5-der1a.crt
server5-der1b.crt
server5-der2.crt
server5-der4.crt
server5-der8.crt	x509: trailing bytes in DER: add integration tests	2016-02-17 10:11:21 +00:00
server5-der9.crt
server5-expired.crt
server5-future.crt
server5-selfsigned.crt
server5-sha1.crt
server5-sha224.crt
server5-sha384.crt
server5-sha512.crt
server5-ss-expired.crt
server5-ss-forgeca.crt	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
server5.crt
server5.crt.der
server5.eku-cli.crt
server5.eku-cs.crt	Add x509_crt_check_extended_key_usage()	2014-04-11 11:09:00 +02:00
server5.eku-cs_any.crt
server5.eku-srv.crt
server5.eku-srv_cli.crt	Add x509_crt_check_extended_key_usage()	2014-04-11 11:09:00 +02:00
server5.key
server5.key.der
server5.ku-ds.crt
server5.ku-ka.crt
server5.ku-ke.crt
server5.req.ku.sha1
server5.req.sha1
server5.req.sha224
server5.req.sha256
server5.req.sha384
server5.req.sha512
server6-ss-child.crt
server6.crt
server6.key
server7-badsign.crt
server7-expired.crt
server7-future.crt
server7.crt
server7.key
server7_all_space.crt
server7_int-ca-exp.crt
server7_int-ca.crt
server7_int-ca_ca2.crt
server7_pem_space.crt
server7_spurious_int-ca.crt
server7_trailing_space.crt
server8.crt
server8.key
server8_int-ca2.crt
server9-bad-mgfhash.crt	Add pathological RSASSA-PSS test certificates	2014-06-07 11:21:52 +02:00
server9-bad-saltlen.crt
server9-badsign.crt
server9-defaults.crt
server9-sha224.crt
server9-sha256.crt
server9-sha384.crt	Finish parsing RSASSA-PSS parameters	2014-06-02 16:10:29 +02:00
server9-sha512.crt
server9-with-ca.crt	Add basic PSS cert verification	2014-06-04 12:09:08 +02:00
server9.crt
server9.key
server9.req.sha1
server9.req.sha224
server9.req.sha256
server9.req.sha384
server9.req.sha512	Parse CSRs signed with RSASSA-PSS	2014-06-02 16:10:30 +02:00
server10-badsign.crt	Add tests for verify_restartable()	2017-08-15 10:44:08 +02:00
server10-bs_int3.pem
server10.crt	Add tests for verify_restartable()	2017-08-15 10:44:08 +02:00
server10.key
server10_int3-bs.pem
server10_int3_int-ca2.crt
server10_int3_int-ca2_ca.crt
server10_int3_spurious_int-ca2.crt
test-ca-alt-good.crt
test-ca-alt.crt
test-ca-alt.csr
test-ca-alt.key
test-ca-good-alt.crt
test-ca-sha1.crt	Update certificates to expire in 2029	2019-07-10 18:35:10 +03:00
test-ca-sha1.crt.der
test-ca-sha256.crt
test-ca-sha256.crt.der
test-ca-v1.crt
test-ca.crt
test-ca.crt.der
test-ca.der
test-ca.key
test-ca.key.der
test-ca.opensslconf
test-ca.server1.db	Update soon to be expired crl	2019-07-10 17:26:39 +03:00
test-ca.server1.opensslconf
test-ca2-expired.crt
test-ca2.crt
test-ca2.crt.der
test-ca2.key
test-ca2.key.der	Add build instructions to generate DER versions of CRTs and keys	2019-05-30 10:27:14 +01:00
test-ca2.key.enc
test-ca2.ku-crl.crt
test-ca2.ku-crt.crt
test-ca2.ku-crt_crl.crt
test-ca2.ku-ds.crt
test-ca2_cat-future-invalid.crt
test-ca2_cat-future-present.crt
test-ca2_cat-past-invalid.crt
test-ca2_cat-past-present.crt
test-ca2_cat-present-future.crt
test-ca2_cat-present-past.crt
test-ca_cat12.crt
test-ca_cat21.crt
test-ca_printable.crt
test-ca_uppercase.crt
test-ca_utf8.crt
test-int-ca-exp.crt
test-int-ca.crt
test-int-ca.key
test-int-ca2.crt
test-int-ca2.key
test-int-ca3-badsign.crt
test-int-ca3.crt
test-int-ca3.key