Commit graph

9278 commits

Author SHA1 Message Date
Ron Eldor
a9f9a73920 Zeroize secret data in the exit point
Zeroize the secret data in `mbedtls_ssl_derive_keys()`
in the single exit point.
2019-05-15 13:38:39 +03:00
Ron Eldor
e699270908 Add a single exit point in key derivation function
Add a single exit point in `mbedtls_ssl_derive_keys()`.
2019-05-15 13:38:39 +03:00
Ron Eldor
8b0c3c91e6 Fail in case critical crt policy not supported
In case the certificate policy is not of type `AnyPolicy`
set the returned error code to `MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE`
and continue parsing. If the extension is critical, return error anyway,
unless `MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION` is configured.
Fail parsing on any other error.
2019-05-15 12:20:00 +03:00
Ron Eldor
cc45cd177f Update SAN parsing documentation
1) Fix typo in `mbedtls_x509_parse_subject_alt_name()` documentation.
2) Add a not in `mbedtls_x509_parse_subject_alt_name()` documentation,
stating that the lifetime of the target structure is restricted
by the lifetime ofthe parsed certificate.
2019-05-15 10:20:09 +03:00
Ron Eldor
f05f594acb change the type of hardware_module_name member
Change the type of `hardware_module_name` struct from
`mbedtls_x509_name` to a unique struct, to distinguish it from the
named data type.
2019-05-13 19:23:08 +03:00
Ron Eldor
890819a597 Change mbedtls_x509_subject_alternative_name
Make `mbedtls_x509_subject_alternative_name` to be a single item
rather than a list. Adapt the subject alternative name parsing function,
to receive a signle `mbedtls_x509_buf` item from the subject_alt_names
sequence of the certificate.
2019-05-13 19:23:07 +03:00
Ron Eldor
0806379e3e Add length checking in certificate policy parsing
Change the extension parsing to `policy_end` and verify that
the policy and qualifiers length don't exceed the end of the extension.
2019-05-13 16:38:39 +03:00
Ron Eldor
78c3040347 Rephrase x509_crt extension member description
Rephrase doxygen comments for subject alternative name
and certificate policies.
2019-05-13 15:49:53 +03:00
Ron Eldor
26cfd1361d Rephrase changeLog entries
Rephrase the changeLog entries for clarity and capitalize RFC.
2019-05-13 15:48:38 +03:00
k-stachowiak
35d3ec01a8 Update change log 2019-05-13 12:46:18 +02:00
Krzysztof Stachowiak
abdf1c608e Document the default value for the maximum fragment length 2019-05-13 12:45:12 +02:00
k-stachowiak
6d72212d45 Improve clarity of mbedtls_ssl_conf_max_frag_len documentation 2019-05-13 12:45:12 +02:00
k-stachowiak
db850c63b2 Reword ssl_conf_max_frag_len documentation 2019-05-13 12:45:12 +02:00
k-stachowiak
61aa74fb3d Fix typos and miswording in the mbedtls_ssl_conf_max_frag_len documentation comment 2019-05-13 12:45:12 +02:00
k-stachowiak
eb1bb3d2d0 Reword ssl_conf_max_frag_len documentation to clarify its necessity 2019-05-13 12:45:12 +02:00
Janos Follath
293c3dae6d Remove redundant memset()
The preceding calloc() already zeroizes that memory area, therfore the
memset() is not necessary. Compilers are likely to optimize this out,
but it still can be confusing to readers.
2019-05-10 15:53:03 +01:00
Janos Follath
6c379b4b80 Propogate error when parsing SubjectAltNames
The previous behaviour of mbedtls_x509_parse_subject_alternative_name()
was to silently ignore errors coming from x509_get_other_name(). The
current commit fixes it and returns with an error.
2019-05-10 14:17:16 +01:00
Janos Follath
2f0ec1e3bf Tidy up style in x509_info_subject_alt_name 2019-05-10 11:06:31 +01:00
Janos Follath
22f605fbab Print unparseable SubjectAlternativeNames
In x509_info_subject_alt_name() we silently dropped names that we
couldn't parse because they are not supported or are malformed. (Being
malformed might mean damaged file, but can be a sign of incompatibility
between applications.)

This commit adds code notifying the user that there is something, but
we can't parse it.
2019-05-10 10:57:44 +01:00
Janos Follath
ab23cd1eae Remove unneeded checks from x509_get_other_name
Lengths are aleady checked in mbedtls_asn1_get_len() which is called in
mbedtls_asn1_get_tag(), therefore it is not necessary to check
the lengths explicitly afterwards.

Also with the previous flow data was left in the output buffer on some
errors.
2019-05-09 15:05:30 +01:00
Darryl Green
d2dba36f44 Only use submodule if present
Enabling the USE_CRYPTO_SUBMODULE option causes problems if the
crypto submodule isn't present. For example, when building
mbed-crypto as a submodule, it should use error.c from the parent
project if USE_CRYPTO_SUBMODULE is set. However if the parent
project isn't present, then the build will fail. Only enable it
if the submodule actually exists.
2019-05-09 13:17:53 +01:00
Janos Follath
11b41eb12b Fix typos in x509_crt.h 2019-05-08 15:30:33 +01:00
Janos Follath
5091bec3ea Fix doxygen for new x509 structures
The documentation for some new structures and members was only a C style
comment and wasn't picked up by doxygen. This commit adds the missing
asterisks.
2019-05-08 15:23:08 +01:00
Ron Eldor
3c4734a2a5 Add Wisun Fan device certificate
Add certificate with Wisun fan device extended key usage,
support parsing it and add tests.
2019-05-07 17:06:47 +03:00
Ron Eldor
226991e624 Add ChangeLog entry for new extensions change
Add an entry for the new x509 extension parsing support.
2019-05-07 17:05:45 +03:00
Ron Eldor
74d9acc144 Add support for certificate policies extension
Add support for certificate policies, as defined in rfc 5280.
Currently support only `anyPolicy` policy.
2019-05-07 17:05:45 +03:00
Ron Eldor
b2dc3fa72e Suppport otherName of type hardware module name
Add support of parsing of subject alternative name, of type otherName.
Currently supports only hardware module name, as defined in rfc 4108.
2019-05-07 17:04:57 +03:00
Jack Lloyd
3ded1c81b1 Test the return value in the OID->X.509 map functions 2019-05-06 12:16:32 -04:00
Jack Lloyd
5ed7fff8ce Add a test of the OID->MD map functions 2019-05-06 12:16:18 -04:00
Jack Lloyd
5d9c9636fa Add support for RSA PKCSv1.5 signatures using RIPEMD-160 2019-05-06 12:15:17 -04:00
Jaeden Amero
75d9a333ce Merge remote-tracking branch 'origin/pr/1633' into development
* origin/pr/1633: (26 commits)
  Fix uninitialized variable access in debug output of record enc/dec
  Adapt PSA code to ssl_transform changes
  Ensure non-NULL key buffer when building SSL test transforms
  Catch errors while building SSL test transforms
  Use mbedtls_{calloc|free}() in SSL unit test suite
  Improve documentation of mbedtls_record
  Adapt record length value after encryption
  Alternative between send/recv transform in SSL record test suite
  Fix memory leak on failure in test_suite_ssl
  Rename ssl_decrypt_buf() to mbedtls_ssl_decrypt_buf() in comment
  Add record encryption/decryption tests for ARIA to SSL test suite
  Improve documentation of mbedtls_ssl_transform
  Double check that record expansion is as expected during decryption
  Move debugging output after record decryption
  Add encryption/decryption tests for small records
  Add tests for record encryption/decryption
  Reduce size of `ssl_transform` if no MAC ciphersuite is enabled
  Remove code from `ssl_derive_keys` if relevant modes are not enabled
  Provide standalone version of `ssl_decrypt_buf`
  Provide standalone version of `ssl_encrypt_buf`
  ...
2019-05-02 09:08:43 +01:00
Jaeden Amero
0804b1d609 Merge remote-tracking branch 'origin/pr/2617' into development
* origin/pr/2617:
  Regenerate errors.c
  crypto: Update to Mbed Crypto 461fd58fb2
2019-05-01 09:58:07 +01:00
Jaeden Amero
e3435053f5 Merge remote-tracking branch 'origin/pr/2473' into development
* origin/pr/2473:
  Fix CMake build error on Cygwin and minGW platforms
2019-05-01 09:56:42 +01:00
Jaeden Amero
4e952f6ebd Regenerate errors.c
Autogenerate errors.c There are changes in error.c due to updating the
crypto submodule to a version that no longer has the SSL, X.509, or net
modules. The errors are correctly sourced from Mbed TLS and not Mbed
Crypto, but they do move around within the file due to how the error
generator script is written.
2019-04-30 16:47:36 +01:00
Jaeden Amero
af35383b89 crypto: Update to Mbed Crypto 461fd58fb2
Update the Mbed Crypto submodule to revision 461fd58fb2 ("Merge pull
request #71 from Patater/remove-non-crypto"). This includes removing
SSL, NET, and X.509 modules from Mbed Crypto.
2019-04-30 16:46:37 +01:00
Hanno Becker
1f10d7643f Fix uninitialized variable access in debug output of record enc/dec 2019-04-26 13:34:37 +01:00
Hanno Becker
22bf145599 Adapt PSA code to ssl_transform changes 2019-04-25 12:58:21 +01:00
Hanno Becker
78d1f70ab6 Ensure non-NULL key buffer when building SSL test transforms 2019-04-25 12:58:21 +01:00
Hanno Becker
a5780f1993 Catch errors while building SSL test transforms 2019-04-25 12:58:21 +01:00
Hanno Becker
3ee5421f9c Use mbedtls_{calloc|free}() in SSL unit test suite 2019-04-25 12:58:21 +01:00
Hanno Becker
cd430bc099 Improve documentation of mbedtls_record 2019-04-25 12:58:21 +01:00
Hanno Becker
78f839df94 Adapt record length value after encryption 2019-04-25 12:58:21 +01:00
Hanno Becker
907ab20b38 Alternative between send/recv transform in SSL record test suite 2019-04-25 12:58:21 +01:00
Hanno Becker
81e16a34f5 Fix memory leak on failure in test_suite_ssl 2019-04-25 12:58:21 +01:00
Hanno Becker
b2ca87d289 Rename ssl_decrypt_buf() to mbedtls_ssl_decrypt_buf() in comment 2019-04-25 12:58:21 +01:00
Hanno Becker
d0fa2d7563 Add record encryption/decryption tests for ARIA to SSL test suite 2019-04-25 12:58:21 +01:00
Hanno Becker
0db7e0ce68 Improve documentation of mbedtls_ssl_transform 2019-04-25 12:58:21 +01:00
Hanno Becker
29800d2fd1 Double check that record expansion is as expected during decryption 2019-04-25 12:58:21 +01:00
Hanno Becker
1c0c37feed Move debugging output after record decryption
The debugging call printing the decrypted record payload happened
before updating ssl->in_msglen.
2019-04-25 12:58:21 +01:00
Hanno Becker
b3268dac00 Add encryption/decryption tests for small records
This commit adds tests to check the behavior of the record encryption
routine `ssl_encrypt_buf` when the buffer surrounding the plaintext is
too small to hold the expansion in the beginning and end (due to IV's,
padding, and MAC).

Each test starts successively increases the space available at the
beginning, end, or both, of the record buffer, and checks that the
record encryption either fails with a BUFFER_TOO_SMALL error, or
that it succeeds. Moreover, if it succeeds, it is checked that
decryption succeeds, too, and results in the original record.
2019-04-25 12:58:21 +01:00