X.509: Remove red'n bounds checks and zeroiz'n in OtherName parsing
- ASN.1 parsing functions check that length don't exceed buffer bounds,
so checks `p + len > end` are redundant.
- If `p + len == end`, this is erroneous because we expect further fields,
which is automatically caught by the next ASN.1 parsing call.
Hence, the two branches handling `p + len >= end` in x509_get_other_name()
can be removed.
Further, zeroization of the `other_name` structure isn't necessary
because it's not confidential (and it's also not performed on other
error conditions in this function).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/library/x509_crt.c b/library/x509_crt.c
index c539022..c4bb3ae 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1749,11 +1749,6 @@
return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
}
- if (p + len >= end) {
- mbedtls_platform_zeroize(other_name, sizeof(*other_name));
- return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
- }
p += len;
if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) !=
@@ -1774,11 +1769,6 @@
other_name->value.hardware_module_name.oid.p = p;
other_name->value.hardware_module_name.oid.len = len;
- if (p + len >= end) {
- mbedtls_platform_zeroize(other_name, sizeof(*other_name));
- return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
- }
p += len;
if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_OCTET_STRING)) != 0) {
@@ -1790,8 +1780,6 @@
other_name->value.hardware_module_name.val.len = len;
p += len;
if (p != end) {
- mbedtls_platform_zeroize(other_name,
- sizeof(*other_name));
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
}