From 1c7223bda2f7e734088eb81e031f1e05b348c850 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 14:02:05 +0200 Subject: [PATCH 1/9] Use modern test macros for ease of debugging Signed-off-by: Gilles Peskine --- tests/suites/test_suite_x509write.function | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 26988ce69e..727afeec86 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -704,21 +704,21 @@ void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result c = buf + sizeof(buf); ret = mbedtls_x509_string_to_names(&names, name); - TEST_ASSERT(ret == result); + TEST_EQUAL(ret, result); if (ret != 0) { goto exit; } ret = mbedtls_x509_write_names(&c, buf, names); - TEST_ASSERT(ret > 0); + TEST_LE_S(1, ret); - TEST_ASSERT(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0); - TEST_ASSERT(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed) == 0); + TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); + TEST_EQUAL(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed), 0); ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); - TEST_ASSERT(ret > 0); + TEST_LE_S(1, ret); TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); From 70a93407ceca6f3246f3f9649c877035b93c9e95 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 14:02:53 +0200 Subject: [PATCH 2/9] More test cases for parse_attribute_value_der_encoded In particular, "X509 String to Names: long hexstring (DER=258 bytes, too long)" causes a buffer overflow in parse_attribute_value_der_encoded(). Signed-off-by: Gilles Peskine --- tests/suites/test_suite_x509write.data | 39 ++++++++++++++++++++++++-- 1 file changed, 37 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 37679c1539..5ac7200c0e 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -208,18 +208,53 @@ mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X X509 String to Names #14 (Accept numercoid/hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +# TODO: Should the trailing garbage be ignored? +X509 String to Names (hexstring: trailing garbage after DER is ignored) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726Baa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 + +# TODO: this passes mbedtls_x509_string_to_names() but fails the +# round-trip test: mbedtls_x509_dn_gets() returns MBEDTLS_ERR_X509_INVALID_NAME. +# X509 String to Names: long hexstring (DER=256 bytes, too long) +# mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fdaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 + +X509 String to Names: long hexstring (DER=257 bytes, too long) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81feaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names: long hexstring (DER=258 bytes, too long) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81ffaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME + X509 String to Names #15 (Odd length DER hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #16 (Length mismatch DER hexstring) +X509 String to Names (empty DER hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names (empty DER hexstring at end) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names (1-byte DER hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names (1-byte DER hexstring at end) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #16 (hexstring: DER length exceeds available data) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C0B4F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #17 (Invalid OID) +X509 String to Names #17 (hexstring: Invalid OID) mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME X509 String to Names #18 (short name and hexstring) mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +X509 String to Names #18 (null byte in hexstring with string type) +mbedtls_x509_string_to_names:"C=NL, O=#0C0100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME + +# TODO: this passes mbedtls_x509_string_to_names() but fails the +# round-trip test: mbedtls_x509_get_name() returns MBEDTLS_ERR_X509_INVALID_NAME. +# X509 String to Names #18 (null byte in hexstring with non-string type) +# mbedtls_x509_string_to_names:"C=NL, O=#040100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 + X509 String to Names #19 (Accept non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0 From 25665781f6a9de2cdc33b79b537188901a6f6a73 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 14:03:52 +0200 Subject: [PATCH 3/9] Rewrite parse_attribute_value_hex_der_encoded() Rename the function from parse_attribute_value_der_encoded: the hex aspect seems important. There was a buffer overflow due to not validating that the intermediate data fit in the stack buffer. The rewrite doesn't use this buffer, and takes care not to overflow the buffer that it does use. Document all that's going on. Signed-off-by: Gilles Peskine --- library/x509_create.c | 100 ++++++++++++++++++++++++++++-------------- 1 file changed, 68 insertions(+), 32 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 1c489a3ca5..b6895bf0a2 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -185,48 +185,83 @@ static int parse_attribute_value_string(const char *s, return 0; } -static int parse_attribute_value_der_encoded(const char *s, - int len, - unsigned char *data, - size_t *data_len, - int *tag) +/** Parse a hexstring containing a DER-encoded string. + * + * \param s A string of \p len bytes hexadecimal digits. + * \param len Number of bytes to read from \p s. + * \param data Output buffer of size #MBEDTLS_X509_MAX_DN_NAME_SIZE. + * On success, it contains the payload that's DER-encoded + * in the input (content without the tag and length). + * If the DER tag is a string tag, the payload is guaranteed + * not to contain null bytes. + * \param data_len On success, the length of the parsed string. + * It is guaranteed to be less than + * #MBEDTLS_X509_MAX_DN_NAME_SIZE. + * \param tag The ASN.1 tag that the payload in \p data is encoded in. + * + * \retval 0 on success. + * \retval #MBEDTLS_ERR_X509_INVALID_NAME if \p s does not contain + * a valid hexstring, + * or if the decoded hexstring is not valid DER, + * or if the decoded hexstring does not fit in \p data, + * of if \p *tag is an ASN.1 string tag and the payload + * contains a null byte. + */ +static int parse_attribute_value_hex_der_encoded(const char *s, + int len, + unsigned char *data, + size_t *data_len, + int *tag) { - const char *c = s; - const char *end = c + len; - unsigned char asn1_der_buf[MBEDTLS_X509_MAX_DN_NAME_SIZE]; - unsigned char *asn1_der_end; - unsigned char *p; - unsigned char *d = data; - int n; - - /* Converting from hexstring to raw binary so we can use asn1parse.c */ - if ((len < 5) || (*c != '#')) { + /* Step 1: Decode the hex string. + * We use data as an intermediate buffer. This limits the ultimate payload + * to slightly less than MBEDTLS_X509_MAX_DN_NAME_SIZE bytes due to the + * overhead of the DER tag+length. */ + /* Each byte is encoded by exactly two hexadecimal digits. */ + if (len % 2 != 0) { + /* Odd number of hex digits */ return MBEDTLS_ERR_X509_INVALID_NAME; } - c++; - if ((*tag = hexpair_to_int(c)) == -1) { + size_t const der_length = len / 2; + /* Here we treat MBEDTLS_X509_MAX_DN_NAME_SIZE as the maximum length of + * the DER encoding. This is convenient, but seems wrong: should it + * be the length of the payload (which would require a few more bytes + * in the intermediate buffer)? In practice the hex-encoded data is + * expected to be much shorter anyway. */ + if (der_length > MBEDTLS_X509_MAX_DN_NAME_SIZE) { + /* Not enough room in data */ return MBEDTLS_ERR_X509_INVALID_NAME; } - c += 2; - p = asn1_der_buf; - for (p = asn1_der_buf; c < end; c += 2) { - if ((c + 1 >= end) || (n = hexpair_to_int(c)) == -1) { + for (size_t i = 0; i < der_length; i++) { + int c = hexpair_to_int(s + 2 * i); + if (c < 0) { return MBEDTLS_ERR_X509_INVALID_NAME; } - if (MBEDTLS_ASN1_IS_STRING_TAG(*tag) && n == 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; - } - *(p++) = n; + data[i] = c; } - asn1_der_end = p; - p = asn1_der_buf; - if (mbedtls_asn1_get_len(&p, asn1_der_end, data_len) != 0) { + /* Step 2: decode the DER. */ + if (der_length < 1) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + *tag = data[0]; + unsigned char *p = data + 1; + if (mbedtls_asn1_get_len(&p, data + der_length, data_len) != 0) { return MBEDTLS_ERR_X509_INVALID_NAME; } - while (p < asn1_der_end) { - *(d++) = *(p++); + /* Step 3: extract the payload. */ + /* Now p points to the first byte of the payload inside data. + * Shift the content of data to move the payload to the beginning. */ + memmove(data, p, *data_len); + + /* Step 4: payload validation */ + if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { + for (size_t i = 0; i < *data_len; i++) { + if (data[i] == 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + } } return 0; @@ -274,8 +309,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam return MBEDTLS_ERR_X509_INVALID_NAME; } else if (*s == '#') { if ((parse_ret = - parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, - &tag)) != 0) { + parse_attribute_value_hex_der_encoded(s + 1, (int) (c - s - 1), + data, &data_len, + &tag)) != 0) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; } From aa01a038b521931382951036a5cd49bddcc40b51 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 15:57:30 +0200 Subject: [PATCH 4/9] Fix indentation Signed-off-by: Gilles Peskine --- tests/suites/test_suite_x509write.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 727afeec86..6ce7f5447b 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -714,7 +714,7 @@ void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result TEST_LE_S(1, ret); TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); TEST_EQUAL(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed), 0); ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); From 7077781af53ebfc114b3a6b3c1ef7edce78a89c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 16:50:40 +0200 Subject: [PATCH 5/9] Fix integer overflow with an input buffer larger than INT_MAX Signed-off-by: Gilles Peskine --- library/x509_create.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index b6895bf0a2..2bea28ee9f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -208,7 +208,7 @@ static int parse_attribute_value_string(const char *s, * contains a null byte. */ static int parse_attribute_value_hex_der_encoded(const char *s, - int len, + size_t len, unsigned char *data, size_t *data_len, int *tag) @@ -308,10 +308,12 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; } else if (*s == '#') { - if ((parse_ret = - parse_attribute_value_hex_der_encoded(s + 1, (int) (c - s - 1), - data, &data_len, - &tag)) != 0) { + /* We know that c >= s (loop invariant) and c != s (in this + * else branch), hence c - s - 1 >= 0. */ + parse_ret = parse_attribute_value_hex_der_encoded( + s + 1, c - s - 1, + data, &data_len, &tag); + if (parse_ret != 0) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; } From c94500b56b21e8e42a6138811897a797f70fa65d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 18:01:05 +0200 Subject: [PATCH 6/9] Add may-fail mode to mbedtls_x509_string_to_names output tests Due to differing validations amongst X.509 library functions, there are inputs that mbedtls_x509_string_to_names() accepts, but it produces output that some library functions can't parse. Accept this for now. Do call the functions, even when we don't care about their return code: we're ok with returning errors, but not with e.g. a buffer overflow. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_x509write.data | 74 ++++++++++------------ tests/suites/test_suite_x509write.function | 24 +++++-- 2 files changed, 55 insertions(+), 43 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 5ac7200c0e..1aca306730 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -167,108 +167,104 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.allSubjectAltNames.crt":0:0:"data_files/test-ca.crt":1 X509 String to Names #1 -mbedtls_x509_string_to_names:"C=NL,O=Offspark\\, Inc., OU=PolarSSL":"C=NL, O=Offspark\\, Inc., OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL,O=Offspark\\, Inc., OU=PolarSSL":"C=NL, O=Offspark\\, Inc., OU=PolarSSL":0:0 X509 String to Names #2 -mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #3 (Name precisely 255 bytes) -mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0:0 X509 String to Names #4 (Name larger than 255 bytes) -mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #5 (Escape non-allowed characters) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #6 (Escape at end) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\\":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #7 (Invalid, no '=' or ',') -mbedtls_x509_string_to_names:"ABC123":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"ABC123":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #8 (Escaped valid characters) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":0:0 X509 String to Names #9 (Escaped ascii hexpairs uppercase encoded) -mbedtls_x509_string_to_names:"C=NL, O=\\4F\\66\\66\\73\\70\\61\\72\\6B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, O=\\4F\\66\\66\\73\\70\\61\\72\\6B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 X509 String to Names #10 (Escaped ascii hexpairs lowercase encoded) -mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6b, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6b, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 X509 String to Names #11 (Invalid hexpair escape at end of string) -mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #12 (Reject escaped null hexpair) -mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #13 (Invalid hexpairs) -mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #14 (Accept numercoid/hexstring) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 # TODO: Should the trailing garbage be ignored? X509 String to Names (hexstring: trailing garbage after DER is ignored) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726Baa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726Baa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 -# TODO: this passes mbedtls_x509_string_to_names() but fails the -# round-trip test: mbedtls_x509_dn_gets() returns MBEDTLS_ERR_X509_INVALID_NAME. -# X509 String to Names: long hexstring (DER=256 bytes, too long) -# mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fdaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +X509 String to Names: long hexstring (DER=256 bytes, too long) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fdaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:MAY_FAIL_DN_GETS X509 String to Names: long hexstring (DER=257 bytes, too long) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81feaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81feaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names: long hexstring (DER=258 bytes, too long) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81ffaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81ffaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #15 (Odd length DER hexstring) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names (empty DER hexstring) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names (empty DER hexstring at end) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names (1-byte DER hexstring) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names (1-byte DER hexstring at end) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #16 (hexstring: DER length exceeds available data) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C0B4F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C0B4F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #17 (hexstring: Invalid OID) -mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #18 (short name and hexstring) -mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 X509 String to Names #18 (null byte in hexstring with string type) -mbedtls_x509_string_to_names:"C=NL, O=#0C0100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=#0C0100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 -# TODO: this passes mbedtls_x509_string_to_names() but fails the -# round-trip test: mbedtls_x509_get_name() returns MBEDTLS_ERR_X509_INVALID_NAME. -# X509 String to Names #18 (null byte in hexstring with non-string type) -# mbedtls_x509_string_to_names:"C=NL, O=#040100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +X509 String to Names #18 (null byte in hexstring with non-string type) +mbedtls_x509_string_to_names:"C=NL, O=#040100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:MAY_FAIL_GET_NAME X509 String to Names #19 (Accept non-ascii hexpairs) -mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0:0 X509 String to Names #20 (Reject empty AttributeValue) -mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 Round trip test (Escaped characters) -mbedtls_x509_string_to_names:"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":0:0 X509 Round trip test (hexstring output for non string input) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0:0 X509 Round trip test (numercoid hexstring output for unknown OID) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":0:0 Check max serial length x509_set_serial_check: diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 6ce7f5447b..a7ed26295e 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -125,6 +125,12 @@ static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx, return ret; } #endif /* MBEDTLS_X509_CSR_WRITE_C */ + +/* Due to inconsistencies in the input size limits applied by different + * library functions, some write-parse tests may fail. */ +#define MAY_FAIL_GET_NAME 0x0001 +#define MAY_FAIL_DN_GETS 0x0002 + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -687,8 +693,8 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ -void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result - ) +void mbedtls_x509_string_to_names(char *name, char *parsed_name, + int result, int may_fail) { int ret; size_t len = 0; @@ -715,11 +721,21 @@ void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); - TEST_EQUAL(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed), 0); + ret = mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed); + if ((may_fail & MAY_FAIL_GET_NAME) && ret < 0) { + /* Validation inconsistency between mbedtls_x509_string_to_names() and + * mbedtls_x509_get_name(). Accept it for now. */ + goto exit; + } + TEST_EQUAL(ret, 0); ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); + if ((may_fail & MAY_FAIL_DN_GETS) && ret < 0) { + /* Validation inconsistency between mbedtls_x509_string_to_names() and + * mbedtls_x509_dn_gets(). Accept it for now. */ + goto exit; + } TEST_LE_S(1, ret); - TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); exit: From 26dd764dc3e0727911ae0e710be7bd8a46839e35 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 18:10:23 +0200 Subject: [PATCH 7/9] parse_attribute_value_hex_der_encoded test case fixups Fix the expected output in some test cases. Add a few more test cases to exercise both a payload length around 256 bytes and a DER length around 256 bytes, since both are placed in a 256-byte buffer (value of MBEDTLS_X509_MAX_DN_NAME_SIZE). Signed-off-by: Gilles Peskine --- tests/suites/test_suite_x509write.data | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 1aca306730..137b38b9bd 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -212,14 +212,17 @@ mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL" X509 String to Names (hexstring: trailing garbage after DER is ignored) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726Baa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 -X509 String to Names: long hexstring (DER=256 bytes, too long) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fdaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:MAY_FAIL_DN_GETS +X509 String to Names: long hexstring (DER=256 bytes) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fd41414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":0:0 -X509 String to Names: long hexstring (DER=257 bytes, too long) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81feaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 +X509 String to Names: long hexstring (DER=257 bytes) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fe4141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 -X509 String to Names: long hexstring (DER=258 bytes, too long) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81ffaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 +X509 String to Names: long hexstring (payload=256 bytes) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C82010041414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names: long hexstring (payload=257 bytes) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C820101aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #15 (Odd length DER hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 @@ -245,11 +248,11 @@ mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL X509 String to Names #18 (short name and hexstring) mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 -X509 String to Names #18 (null byte in hexstring with string type) +X509 String to Names (null byte in hexstring with string type) mbedtls_x509_string_to_names:"C=NL, O=#0C0100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 -X509 String to Names #18 (null byte in hexstring with non-string type) -mbedtls_x509_string_to_names:"C=NL, O=#040100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:MAY_FAIL_GET_NAME +X509 String to Names (null byte in hexstring with non-string type) +mbedtls_x509_string_to_names:"C=NL, O=#040100, OU=PolarSSL":"C=NL, O=\\x00, OU=PolarSSL":0:MAY_FAIL_GET_NAME X509 String to Names #19 (Accept non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0:0 From 7f420faf030f27707fb651dd872cd65135d0fb6a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 18:13:17 +0200 Subject: [PATCH 8/9] parse_attribute_value_hex_der_encoded: clean up length validation Separate the fits-in-buffer check (*data_length <= data_size) from the we-think-it's-a-sensible-size check (*data_length <= MBEDTLS_X509_MAX_DN_NAME_SIZE). This requires using an intermediate buffer for the DER data, since its maximum sensible size has to be larger than the maximum sensible size for the payload, due to the overhead of the ASN.1 tag+length. Remove test cases focusing on the DER length since the implementation no longer has a threshold for it. Signed-off-by: Gilles Peskine --- library/x509_create.c | 83 ++++++++++++++++---------- tests/suites/test_suite_x509write.data | 8 +-- 2 files changed, 53 insertions(+), 38 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 2bea28ee9f..296836943f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -189,11 +189,12 @@ static int parse_attribute_value_string(const char *s, * * \param s A string of \p len bytes hexadecimal digits. * \param len Number of bytes to read from \p s. - * \param data Output buffer of size #MBEDTLS_X509_MAX_DN_NAME_SIZE. + * \param data Output buffer of size \p data_size. * On success, it contains the payload that's DER-encoded * in the input (content without the tag and length). * If the DER tag is a string tag, the payload is guaranteed * not to contain null bytes. + * \param data_size Length of the \p data buffer. * \param data_len On success, the length of the parsed string. * It is guaranteed to be less than * #MBEDTLS_X509_MAX_DN_NAME_SIZE. @@ -203,68 +204,88 @@ static int parse_attribute_value_string(const char *s, * \retval #MBEDTLS_ERR_X509_INVALID_NAME if \p s does not contain * a valid hexstring, * or if the decoded hexstring is not valid DER, - * or if the decoded hexstring does not fit in \p data, + * or if the payload does not fit in \p data, + * or if the payload is more than + * #MBEDTLS_X509_MAX_DN_NAME_SIZE bytes, * of if \p *tag is an ASN.1 string tag and the payload * contains a null byte. + * \retval #MBEDTLS_ERR_X509_ALLOC_FAILED on low memory. */ static int parse_attribute_value_hex_der_encoded(const char *s, size_t len, unsigned char *data, + size_t data_size, size_t *data_len, int *tag) { - /* Step 1: Decode the hex string. - * We use data as an intermediate buffer. This limits the ultimate payload - * to slightly less than MBEDTLS_X509_MAX_DN_NAME_SIZE bytes due to the - * overhead of the DER tag+length. */ + /* Step 1: preliminary length checks. */ /* Each byte is encoded by exactly two hexadecimal digits. */ if (len % 2 != 0) { /* Odd number of hex digits */ return MBEDTLS_ERR_X509_INVALID_NAME; } size_t const der_length = len / 2; - /* Here we treat MBEDTLS_X509_MAX_DN_NAME_SIZE as the maximum length of - * the DER encoding. This is convenient, but seems wrong: should it - * be the length of the payload (which would require a few more bytes - * in the intermediate buffer)? In practice the hex-encoded data is - * expected to be much shorter anyway. */ - if (der_length > MBEDTLS_X509_MAX_DN_NAME_SIZE) { - /* Not enough room in data */ + if (der_length > MBEDTLS_X509_MAX_DN_NAME_SIZE + 4) { + /* The payload would be more than MBEDTLS_X509_MAX_DN_NAME_SIZE + * (after subtracting the ASN.1 tag and length). Reject this early + * to avoid allocating a large intermediate buffer. */ return MBEDTLS_ERR_X509_INVALID_NAME; } + if (der_length < 1) { + /* Avoid empty-buffer shenanigans. A valid DER encoding is never + * empty. */ + return MBEDTLS_ERR_X509_INVALID_NAME; + } + + /* Step 2: Decode the hex string into an intermediate buffer. */ + unsigned char *der = mbedtls_calloc(1, der_length); + if (der == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } + /* Beyond this point, der needs to be freed on exit. */ for (size_t i = 0; i < der_length; i++) { int c = hexpair_to_int(s + 2 * i); if (c < 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; + goto error; } - data[i] = c; + der[i] = c; } - /* Step 2: decode the DER. */ - if (der_length < 1) { - return MBEDTLS_ERR_X509_INVALID_NAME; + /* Step 3: decode the DER. */ + /* We've checked that der_length >= 1 above. */ + *tag = der[0]; + unsigned char *p = der + 1; + if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { + goto error; } - *tag = data[0]; - unsigned char *p = data + 1; - if (mbedtls_asn1_get_len(&p, data + der_length, data_len) != 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; - } - - /* Step 3: extract the payload. */ - /* Now p points to the first byte of the payload inside data. - * Shift the content of data to move the payload to the beginning. */ - memmove(data, p, *data_len); + /* Now p points to the first byte of the payload inside der, + * and *data_len is the length of the payload. */ /* Step 4: payload validation */ + if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { + goto error; + } + /* Strings must not contain null bytes. */ if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { for (size_t i = 0; i < *data_len; i++) { - if (data[i] == 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; + if (p[i] == 0) { + goto error; } } } + /* Step 5: output the payload. */ + if (*data_len > data_size) { + goto error; + } + memcpy(data, p, *data_len); + mbedtls_free(der); + return 0; + +error: + mbedtls_free(der); + return MBEDTLS_ERR_X509_INVALID_NAME; } int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) @@ -312,7 +333,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam * else branch), hence c - s - 1 >= 0. */ parse_ret = parse_attribute_value_hex_der_encoded( s + 1, c - s - 1, - data, &data_len, &tag); + data, sizeof(data), &data_len, &tag); if (parse_ret != 0) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 137b38b9bd..cff25ff25e 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -212,14 +212,8 @@ mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL" X509 String to Names (hexstring: trailing garbage after DER is ignored) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726Baa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 -X509 String to Names: long hexstring (DER=256 bytes) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fd41414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":0:0 - -X509 String to Names: long hexstring (DER=257 bytes) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C81fe4141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 - X509 String to Names: long hexstring (payload=256 bytes) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C82010041414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C82010041414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":0:MAY_FAIL_DN_GETS X509 String to Names: long hexstring (payload=257 bytes) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C820101aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 From 391dd7fe87856123d90a17a740713e902fe4087c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Sep 2023 18:51:35 +0200 Subject: [PATCH 9/9] Fix propagation of return value from parse_attribute_value_hex_der_encoded Signed-off-by: Gilles Peskine --- library/x509_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index 296836943f..2583cdd0fd 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -336,7 +336,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam data, sizeof(data), &data_len, &tag); if (parse_ret != 0) { mbedtls_free(oid.p); - return MBEDTLS_ERR_X509_INVALID_NAME; + return parse_ret; } } else { if (numericoid) {