yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377

Browse source 
Fixes "CSR parsing with critical fields fails"
This commit is contained in:
Gilles Peskine 2023-11-08 18:07:04 +00:00 committed by GitHub
commit 4dec9ebdc2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 259 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ChangeLog.d/fix-csr-parsing-with-critical-fields-fails.txt Normal file
View file

@ -0,0 +1,6 @@
Features
* Add new mbedtls_x509_csr_parse_der_with_ext_cb() routine which allows
parsing unsupported certificate extensions via user provided callback.
Bugfix
* Fix parsing of CSRs with critical extensions.

65
include/mbedtls/x509_csr.h
View file

@ -75,7 +75,9 @@ mbedtls_x509write_csr;
/**
* \brief Load a Certificate Signing Request (CSR) in DER format
*
* \note CSR attributes (if any) are currently silently ignored.
* \note Any unsupported requested extensions are silently
* ignored, unless the critical flag is set, in which case
* the CSR is rejected.
*
* \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
* subsystem must have been initialized by calling
@ -90,6 +92,67 @@ mbedtls_x509write_csr;
int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen);
/**
* \brief The type of certificate extension callbacks.
*
* Callbacks of this type are passed to and used by the
* mbedtls_x509_csr_parse_der_with_ext_cb() routine when
* it encounters either an unsupported extension.
* Future versions of the library may invoke the callback
* in other cases, if and when the need arises.
*
* \param p_ctx An opaque context passed to the callback.
* \param csr The CSR being parsed.
* \param oid The OID of the extension.
* \param critical Whether the extension is critical.
* \param p Pointer to the start of the extension value
* (the content of the OCTET STRING).
* \param end End of extension value.
*
* \note The callback must fail and return a negative error code
* if it can not parse or does not support the extension.
* When the callback fails to parse a critical extension
* mbedtls_x509_csr_parse_der_with_ext_cb() also fails.
* When the callback fails to parse a non critical extension
* mbedtls_x509_csr_parse_der_with_ext_cb() simply skips
* the extension and continues parsing.
*
* \return \c 0 on success.
* \return A negative error code on failure.
*/
typedef int (*mbedtls_x509_csr_ext_cb_t)(void *p_ctx,
mbedtls_x509_csr const *csr,
mbedtls_x509_buf const *oid,
int critical,
const unsigned char *p,
const unsigned char *end);
/**
* \brief Load a Certificate Signing Request (CSR) in DER format
*
* \note Any unsupported requested extensions are silently
* ignored, unless the critical flag is set, in which case
* the result of the callback function decides whether
* CSR is rejected.
*
* \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
* subsystem must have been initialized by calling
* psa_crypto_init() before calling this function.
*
* \param csr CSR context to fill
* \param buf buffer holding the CRL data
* \param buflen size of the buffer
* \param cb A callback invoked for every unsupported certificate
* extension.
* \param p_ctx An opaque context passed to the callback.
*
* \return 0 if successful, or a specific X509 error code
*/
int mbedtls_x509_csr_parse_der_with_ext_cb(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen,
mbedtls_x509_csr_ext_cb_t cb,
void *p_ctx);
/**
* \brief Load a Certificate Signing Request (CSR), DER or PEM format
*

152
library/x509_csr.c
View file

@ -61,13 +61,17 @@ static int x509_csr_get_version(unsigned char **p,
* Parse CSR extension requests in DER format
*/
static int x509_csr_parse_extensions(mbedtls_x509_csr *csr,
unsigned char **p, const unsigned char *end)
unsigned char **p, const unsigned char *end,
mbedtls_x509_csr_ext_cb_t cb,
void *p_ctx)
{
int ret;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len;
unsigned char *end_ext_data;
unsigned char *end_ext_data, *end_ext_octet;
while (*p < end) {
mbedtls_x509_buf extn_oid = { 0, 0, NULL };
int is_critical = 0; /* DEFAULT FALSE */
int ext_type = 0;
/* Read sequence tag */
@ -88,13 +92,21 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr,
extn_oid.p = *p;
*p += extn_oid.len;
/* Get optional critical */
if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, &is_critical)) != 0 &&
(ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
}
/* Data should be octet string type */
if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len,
MBEDTLS_ASN1_OCTET_STRING)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
}
if (*p + len != end_ext_data) {
end_ext_octet = *p + len;
if (end_ext_octet != end_ext_data) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
}
@ -104,44 +116,72 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr,
*/
ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type);
if (ret == 0) {
/* Forbid repeated extensions */
if ((csr->ext_types & ext_type) != 0) {
if (ret != 0) {
/* Give the callback (if any) a chance to handle the extension */
if (cb != NULL) {
ret = cb(p_ctx, csr, &extn_oid, is_critical, *p, end_ext_octet);
if (ret != 0 && is_critical) {
return ret;
}
*p = end_ext_octet;
continue;
}
/* No parser found, skip extension */
*p = end_ext_octet;
if (is_critical) {
/* Data is marked as critical: fail */
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
MBEDTLS_ERR_ASN1_INVALID_DATA);
}
csr->ext_types |= ext_type;
switch (ext_type) {
case MBEDTLS_X509_EXT_KEY_USAGE:
/* Parse key usage */
if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data,
&csr->key_usage)) != 0) {
return ret;
}
break;
case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
/* Parse subject alt name */
if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data,
&csr->subject_alt_names)) != 0) {
return ret;
}
break;
case MBEDTLS_X509_EXT_NS_CERT_TYPE:
/* Parse netscape certificate type */
if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data,
&csr->ns_cert_type)) != 0) {
return ret;
}
break;
default:
break;
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
}
continue;
}
/* Forbid repeated extensions */
if ((csr->ext_types & ext_type) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
MBEDTLS_ERR_ASN1_INVALID_DATA);
}
csr->ext_types |= ext_type;
switch (ext_type) {
case MBEDTLS_X509_EXT_KEY_USAGE:
/* Parse key usage */
if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data,
&csr->key_usage)) != 0) {
return ret;
}
break;
case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
/* Parse subject alt name */
if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data,
&csr->subject_alt_names)) != 0) {
return ret;
}
break;
case MBEDTLS_X509_EXT_NS_CERT_TYPE:
/* Parse netscape certificate type */
if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data,
&csr->ns_cert_type)) != 0) {
return ret;
}
break;
default:
/*
* If this is a non-critical extension, which the oid layer
* supports, but there isn't an x509 parser for it,
* skip the extension.
*/
if (is_critical) {
return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
} else {
*p = end_ext_octet;
}
}
*p = end_ext_data;
}
if (*p != end) {
@ -156,7 +196,9 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr,
* Parse CSR attributes in DER format
*/
static int x509_csr_parse_attributes(mbedtls_x509_csr *csr,
const unsigned char *start, const unsigned char *end)
const unsigned char *start, const unsigned char *end,
mbedtls_x509_csr_ext_cb_t cb,
void *p_ctx)
{
int ret;
size_t len;
@ -195,7 +237,7 @@ static int x509_csr_parse_attributes(mbedtls_x509_csr *csr,
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
}
if ((ret = x509_csr_parse_extensions(csr, p, *p + len)) != 0) {
if ((ret = x509_csr_parse_extensions(csr, p, *p + len, cb, p_ctx)) != 0) {
return ret;
}
@ -219,8 +261,10 @@ static int x509_csr_parse_attributes(mbedtls_x509_csr *csr,
/*
* Parse a CSR in DER format
*/
int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen)
static int mbedtls_x509_csr_parse_der_internal(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen,
mbedtls_x509_csr_ext_cb_t cb,
void *p_ctx)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len;
@ -344,7 +388,7 @@ int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
}
if ((ret = x509_csr_parse_attributes(csr, p, p + len)) != 0) {
if ((ret = x509_csr_parse_attributes(csr, p, p + len, cb, p_ctx)) != 0) {
mbedtls_x509_csr_free(csr);
return ret;
}
@ -383,6 +427,26 @@ int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
return 0;
}
/*
* Parse a CSR in DER format
*/
int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen)
{
return mbedtls_x509_csr_parse_der_internal(csr, buf, buflen, NULL, NULL);
}
/*
* Parse a CSR in DER format with callback for unknown extensions
*/
int mbedtls_x509_csr_parse_der_with_ext_cb(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen,
mbedtls_x509_csr_ext_cb_t cb,
void *p_ctx)
{
return mbedtls_x509_csr_parse_der_internal(csr, buf, buflen, cb, p_ctx);
}
/*
* Parse a CSR, allowing for PEM or raw DER encoding
*/

20
tests/suites/test_suite_x509parse.data
View file

@ -2940,6 +2940,26 @@ X509 CSR ASN.1 (OK)
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n":0
X509 CSR ASN.1 (Unsupported critical extension, critical=true)
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_parse:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
X509 CSR ASN.1 (Unsupported non-critical extension, critical=false)
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_parse:"308201243081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004b5e718a7df6b21912733e77c42f266b8283e6cae7adf8afd56b990c1c6232ea0a2a46097c218353bc948444aea3d00423e84802e28c48099641fe9977cdfb505a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101000403010101300a06082a8648ce3d0403020348003045022100f0ba9a0846ad0a7cefd0a61d5fc92194dc06037a44158de2d0c569912c058d430220421f27a9f249c1687e2fa34db3f543c8512fd925dfe5ae00867f13963ffd4f8d":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0
X509 CSR ASN.1 (Unsupported non-critical extension, critical undefined)
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_parse:"308201223081c802010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d030107034200045f94b28d133418833bf10c442d91306459d3925e7cea06ebb9220932e7de116fb671c5d2d6c0a3784a12897217aef8432e7228fcea0ab016bdb67b67ced4c612a025302306092a864886f70d01090e311630143012060b2b0601040183890c8622020403010101300a06082a8648ce3d04030203490030460221009b1e8b25775c18525e96753e1ed55875f8d62f026c5b7f70eb5037ad27dc92de022100ba1dfe14de6af6a603f763563fd046b1cd3714b54d6daf5d8a72076497f11014":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0
X509 CSR ASN.1 (Unsupported critical extension accepted by callback, critical=true)
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_parse_with_ext_cb:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0:1
X509 CSR ASN.1 (Unsupported critical extension rejected by callback, critical=true)
depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_parse_with_ext_cb:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:0
X509 CSR ASN.1 (bad first tag)
mbedtls_x509_csr_parse:"3100":"":MBEDTLS_ERR_X509_INVALID_FORMAT

62
tests/suites/test_suite_x509parse.function
View file

@ -250,7 +250,8 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
ret = mbedtls_oid_get_numeric_string(p,
n,
&san->san.other_name.value.hardware_module_name.oid);
&san->san.other_name.value.hardware_module_name
.oid);
MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf(p, n, ", hardware serial number : ");
@ -413,6 +414,35 @@ int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf
}
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_X509_CSR_PARSE_C)
int parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid,
int critical, const unsigned char *cp, const unsigned char *end)
{
(void) p_ctx;
(void) csr;
(void) oid;
(void) critical;
(void) cp;
(void) end;
return 0;
}
int parse_csr_ext_reject_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid,
int critical, const unsigned char *cp, const unsigned char *end)
{
(void) p_ctx;
(void) csr;
(void) oid;
(void) critical;
(void) cp;
(void) end;
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
}
#endif /* MBEDTLS_X509_CSR_PARSE_C */
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
@ -1247,6 +1277,36 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_x509_csr_parse_with_ext_cb(data_t *csr_der, char *ref_out, int ref_ret, int accept)
{
mbedtls_x509_csr csr;
char my_out[1000];
int my_ret;
mbedtls_x509_csr_init(&csr);
USE_PSA_INIT();
memset(my_out, 0, sizeof(my_out));
my_ret = mbedtls_x509_csr_parse_der_with_ext_cb(&csr, csr_der->x, csr_der->len,
accept ? parse_csr_ext_accept_cb :
parse_csr_ext_reject_cb,
NULL);
TEST_EQUAL(my_ret, ref_ret);
if (ref_ret == 0) {
size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr);
TEST_EQUAL(my_out_len, strlen(ref_out));
TEST_EQUAL(strcmp(my_out, ref_out), 0);
}
exit:
mbedtls_x509_csr_free(&csr);
USE_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_x509_csr_parse_file(char *csr_file, char *ref_out, int ref_ret)
{