Change data structure of profiles to bitfields

- allows to express 'none' or 'all' more easily than lists - more compact and easier to declare statically - easier to check too Only drawback: if we ever have more than 32 curves, we'll need an ABI change to make that field a uint64_t.
2025-03-28 19:21:08 +00:00 · 2015-06-15 15:33:19 +02:00 · 2015-06-15 15:33:19 +02:00 · f8ea856296
commit f8ea856296
parent 88db5da117
2 changed files with 50 additions and 99 deletions
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@ -94,18 +94,23 @@ typedef struct mbedtls_x509_crt
 }
 mbedtls_x509_crt;
 /**
 * Build flag from an algorithm/curve identifier (pk, md, ecp)
 * Since 0 is always XXX_NONE, ignore it.
 */
 #define MBEDTLS_X509_ID_FLAG( id )   ( 1 << ( id - 1 ) )
 /**
 * Security profile for certificate verification.
 *
- * All lists are terminated by the respective _NONE value.
+ * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
 */
 typedef struct
 {
-    const mbedtls_md_type_t *allowed_mds;   /**< MDs for signatures         */
+    uint32_t allowed_mds;       /**< MDs for signatures         */
-    const mbedtls_pk_type_t *allowed_pks;   /**< PK algs for signatures     */
+    uint32_t allowed_pks;       /**< PK algs for signatures     */
-    const mbedtls_ecp_group_id *allowed_curves; /**< Elliptic curves        */
+    uint32_t allowed_curves;    /**< Elliptic curves for ECDSA  */
-    size_t rsa_min_bitlen;                  /**< Minimum size for RSA keys
+    uint32_t rsa_min_bitlen;    /**< Minimum size for RSA keys  */
                                                 (must be non-zero)         */
 }
 mbedtls_x509_crt_profile;
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@ -84,117 +84,63 @@ static void mbedtls_zeroize( void *v, size_t n ) {
 /*
 * Default profile
 */
 static const mbedtls_md_type_t x509_prof_default_mds[] =
 {
    MBEDTLS_MD_SHA1,
    MBEDTLS_MD_RIPEMD160,
    MBEDTLS_MD_SHA224,
    MBEDTLS_MD_SHA256,
    MBEDTLS_MD_SHA384,
    MBEDTLS_MD_SHA512,
    MBEDTLS_MD_NONE
 };
 static const mbedtls_pk_type_t x509_prof_default_pks[] =
 {
    MBEDTLS_PK_RSA,
    MBEDTLS_PK_ECDSA,
    MBEDTLS_PK_NONE
 };
 #if defined(MBEDTLS_ECP_C)
 static const mbedtls_ecp_group_id x509_prof_default_curves[] =
 {
    MBEDTLS_ECP_DP_SECP192R1,
    MBEDTLS_ECP_DP_SECP224R1,
    MBEDTLS_ECP_DP_SECP256R1,
    MBEDTLS_ECP_DP_SECP384R1,
    MBEDTLS_ECP_DP_SECP521R1,
    MBEDTLS_ECP_DP_BP256R1,
    MBEDTLS_ECP_DP_BP384R1,
    MBEDTLS_ECP_DP_BP512R1,
    MBEDTLS_ECP_DP_SECP192K1,
    MBEDTLS_ECP_DP_SECP224K1,
    MBEDTLS_ECP_DP_SECP256K1,
 };
 #else
 static const mbedtls_ecp_group_id *x509_prof_default_curves = NULL;
 #endif
 const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
 {
-    x509_prof_default_mds,
+    /* Hashes from SHA-1 and above */
-    x509_prof_default_pks,
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
-    x509_prof_default_curves,
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
    0xFFFFFFF, /* Any PK alg    */
    0xFFFFFFF, /* Any curve     */
    2048,
 };
 /*
 * Next-default profile
 */
 static const mbedtls_md_type_t x509_prof_next_mds[] =
 {
    MBEDTLS_MD_SHA256,
    MBEDTLS_MD_SHA384,
    MBEDTLS_MD_SHA512,
    MBEDTLS_MD_NONE
 };
 #if defined(MBEDTLS_ECP_C)
 static const mbedtls_ecp_group_id x509_prof_next_curves[] =
 {
    MBEDTLS_ECP_DP_SECP256R1,
    MBEDTLS_ECP_DP_SECP384R1,
    MBEDTLS_ECP_DP_SECP521R1,
    MBEDTLS_ECP_DP_BP256R1,
    MBEDTLS_ECP_DP_BP384R1,
    MBEDTLS_ECP_DP_BP512R1,
    MBEDTLS_ECP_DP_SECP256K1,
 };
 #else
 static const mbedtls_ecp_group_id *x509_prof_next_curves = NULL;
 #endif
 const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next =
 {
-    x509_prof_next_mds,
+    /* Hashes from SHA-256 and above */
-    x509_prof_default_pks,
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
-    x509_prof_next_curves,
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
    0xFFFFFFF, /* Any PK alg    */
 #if defined(MBEDTLS_ECP_C)
    /* Curves at or above 128-bit security level */
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ),
 #else
    0,
 #endif
    2048,
 };
 /*
 * NSA Suite B Profile
 */
 static const mbedtls_md_type_t x509_prof_suiteb_mds[] =
 {
    MBEDTLS_MD_SHA256,
    MBEDTLS_MD_SHA384,
    MBEDTLS_MD_NONE
 };
 static const mbedtls_pk_type_t x509_prof_suiteb_pks[] =
 {
    MBEDTLS_PK_ECDSA,
    MBEDTLS_PK_NONE
 };
 #if defined(MBEDTLS_ECP_C)
 static const mbedtls_ecp_group_id x509_prof_suiteb_curves[] =
 {
    MBEDTLS_ECP_DP_SECP256R1,
    MBEDTLS_ECP_DP_SECP384R1,
 };
 #else
 static const mbedtls_ecp_group_id *x509_prof_suiteb_curves = NULL;
 #endif
 const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb =
 {
-    x509_prof_suiteb_mds,
+    /* Only SHA-256 and 384 */
-    x509_prof_suiteb_pks,
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
-    x509_prof_suiteb_curves,
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ),
-    2048,
+    /* Only ECDSA */
    MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ),
 #if defined(MBEDTLS_ECP_C)
    /* Only NIST P-256 and P-384 */
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ),
 #else
    0,
 #endif
    0,
 };
 /*