Reuse time when verifying certificate chain

Replace mbedtls_x509_time_is_past(), mbedtls_x509_time_is_future()

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This commit is contained in:
Glenn Strauss 2022-06-30 12:17:58 -04:00 committed by David Horstmann
parent 811eeb21d8
commit 4b2a6e8df3
2 changed files with 34 additions and 12 deletions

View file

@ -1,2 +1,3 @@
Features
* Improve mbedtls_x509_time performance and reduce memory use.
* Reduce syscalls to time() during certificate verification.

View file

@ -2021,7 +2021,8 @@ int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_
*/
static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
mbedtls_x509_crl *crl_list,
const mbedtls_x509_crt_profile *profile)
const mbedtls_x509_crt_profile *profile,
const mbedtls_x509_time *now)
{
int flags = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
@ -2099,16 +2100,20 @@ static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
break;
}
#if defined(MBEDTLS_HAVE_TIME_DATE)
/*
* Check for validity of CRL (Do not drop out)
*/
if (mbedtls_x509_time_is_past(&crl_list->next_update)) {
if (mbedtls_x509_time_cmp(&crl_list->next_update, now) < 0) {
flags |= MBEDTLS_X509_BADCRL_EXPIRED;
}
if (mbedtls_x509_time_is_future(&crl_list->this_update)) {
if (mbedtls_x509_time_cmp(&crl_list->this_update, now) > 0) {
flags |= MBEDTLS_X509_BADCRL_FUTURE;
}
#else
((void) now);
#endif
/*
* Check if certificate is revoked
@ -2266,7 +2271,8 @@ static int x509_crt_find_parent_in(
int top,
unsigned path_cnt,
unsigned self_cnt,
mbedtls_x509_crt_restart_ctx *rs_ctx)
mbedtls_x509_crt_restart_ctx *rs_ctx,
const mbedtls_x509_time *now)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_x509_crt *parent, *fallback_parent;
@ -2329,9 +2335,10 @@ check_signature:
continue;
}
#if defined(MBEDTLS_HAVE_TIME_DATE)
/* optional time check */
if (mbedtls_x509_time_is_past(&parent->valid_to) ||
mbedtls_x509_time_is_future(&parent->valid_from)) {
if (mbedtls_x509_time_cmp(&parent->valid_to, now) < 0 || /* past */
mbedtls_x509_time_cmp(&parent->valid_from, now) > 0) { /* future */
if (fallback_parent == NULL) {
fallback_parent = parent;
fallback_signature_is_good = signature_is_good;
@ -2339,6 +2346,9 @@ check_signature:
continue;
}
#else
((void) now);
#endif
*r_parent = parent;
*r_signature_is_good = signature_is_good;
@ -2384,7 +2394,8 @@ static int x509_crt_find_parent(
int *signature_is_good,
unsigned path_cnt,
unsigned self_cnt,
mbedtls_x509_crt_restart_ctx *rs_ctx)
mbedtls_x509_crt_restart_ctx *rs_ctx,
const mbedtls_x509_time *now)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_x509_crt *search_list;
@ -2405,7 +2416,7 @@ static int x509_crt_find_parent(
ret = x509_crt_find_parent_in(child, search_list,
parent, signature_is_good,
*parent_is_trusted,
path_cnt, self_cnt, rs_ctx);
path_cnt, self_cnt, rs_ctx, now);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
@ -2526,6 +2537,13 @@ static int x509_crt_verify_chain(
int signature_is_good;
unsigned self_cnt;
mbedtls_x509_crt *cur_trust_ca = NULL;
mbedtls_x509_time now;
#if defined(MBEDTLS_HAVE_TIME_DATE)
if (mbedtls_x509_time_gmtime(mbedtls_time(NULL), &now) != 0) {
return MBEDTLS_ERR_X509_FATAL_ERROR;
}
#endif
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/* resume if we had an operation in progress */
@ -2556,14 +2574,16 @@ static int x509_crt_verify_chain(
ver_chain->len++;
flags = &cur->flags;
#if defined(MBEDTLS_HAVE_TIME_DATE)
/* Check time-validity (all certificates) */
if (mbedtls_x509_time_is_past(&child->valid_to)) {
if (mbedtls_x509_time_cmp(&child->valid_to, &now) < 0) {
*flags |= MBEDTLS_X509_BADCERT_EXPIRED;
}
if (mbedtls_x509_time_is_future(&child->valid_from)) {
if (mbedtls_x509_time_cmp(&child->valid_from, &now) > 0) {
*flags |= MBEDTLS_X509_BADCERT_FUTURE;
}
#endif
/* Stop here for trusted roots (but not for trusted EE certs) */
if (child_is_trusted) {
@ -2614,7 +2634,8 @@ find_parent:
/* Look for a parent in trusted CAs or up the chain */
ret = x509_crt_find_parent(child, cur_trust_ca, &parent,
&parent_is_trusted, &signature_is_good,
ver_chain->len - 1, self_cnt, rs_ctx);
ver_chain->len - 1, self_cnt, rs_ctx,
&now);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
@ -2663,7 +2684,7 @@ find_parent:
#if defined(MBEDTLS_X509_CRL_PARSE_C)
/* Check trusted CA's CRL for the given crt */
*flags |= x509_crt_verifycrl(child, parent, ca_crl, profile);
*flags |= x509_crt_verifycrl(child, parent, ca_crl, profile, &now);
#else
(void) ca_crl;
#endif