TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7dee12a38c2a2d27573898632a474d8aab5c6adb^! / .
commit7dee12a38c2a2d27573898632a474d8aab5c6adb[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Thu Feb 21 13:58:38 2019 +0000
committerHanno Becker <hanno.becker@arm.com>Tue Jun 25 09:06:26 2019 +0100
tree8e187de6f9fa51aa6735180c175c89701a76f895
parentf8a42862b72206be38b425f1c45a2232184d2def [diff]
Make use of raw comparison function in CRT verification

This commit replaces the previous calls to `mbedtls_x509_name_cmp()`
during CRT verification (to match child and parent, to check whether
a CRT is self-issued, and to match CRLs and CAs) by calls to the new
`mbedtls_x509_name_cmp_raw()` using the raw ASN.1 data; it passes the
raw buffers introduced in the last commits.

The previous name comparison function mbedtls_x509_name_cmp() is now
both unused and unneeded, and is removed.

diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 152e4b6..ba7a174 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h

@@ -312,8 +312,6 @@
                    mbedtls_x509_time *t );
 int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
                      mbedtls_x509_buf *serial );
-int mbedtls_x509_name_cmp( const mbedtls_x509_name *a,
-                           const mbedtls_x509_name *b );
 int mbedtls_x509_name_cmp_raw( const mbedtls_x509_buf_raw *a,
                                const mbedtls_x509_buf_raw *b );
 int mbedtls_x509_memcasecmp( const void *s1, const void *s2, size_t len );

diff --git a/library/x509.c b/library/x509.c
index d27c423..f74d474 100644
--- a/library/x509.c
+++ b/library/x509.c

@@ -541,48 +541,22 @@
 }
 
 /*
- * Compare two X.509 Names (aka rdnSequence).
+ * Compare two X.509 Names (aka rdnSequence) given as raw ASN.1 data.
  *
  * See RFC 5280 section 7.1, though we don't implement the whole algorithm:
- * we sometimes return unequal when the full algorithm would return equal,
+ * We sometimes return unequal when the full algorithm would return equal,
  * but never the other way. (In particular, we don't do Unicode normalisation
  * or space folding.)
  *
- * Return 0 if equal, -1 otherwise.
+ * Returns:
+ * - 0 if both sequences are well-formed and present the same X.509 name.
+ * - 1 if a difference was detected.
+ * - A negative error code if a parsing error occurred in either
+ *   of the two buffers.
+ *
+ * This function can be used to verify that a buffer contains a well-formed
+ * ASN.1 encoded X.509 name by calling it with equal parameters.
  */
-int mbedtls_x509_name_cmp( const mbedtls_x509_name *a,
-                           const mbedtls_x509_name *b )
-{
-    /* Avoid recursion, it might not be optimised by the compiler */
-    while( a != NULL || b != NULL )
-    {
-        if( a == NULL || b == NULL )
-            return( -1 );
-
-        /* type */
-        if( a->oid.tag != b->oid.tag ||
-            a->oid.len != b->oid.len ||
-            memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 )
-        {
-            return( -1 );
-        }
-
-        /* value */
-        if( x509_string_cmp( &a->val, &b->val ) != 0 )
-            return( -1 );
-
-        /* structure of the list of sets */
-        if( a->next_merged != b->next_merged )
-            return( -1 );
-
-        a = a->next;
-        b = b->next;
-    }
-
-    /* a == NULL == b */
-    return( 0 );
-}
-
 int mbedtls_x509_name_cmp_raw( mbedtls_x509_buf_raw const *a,
                                mbedtls_x509_buf_raw const *b )
 {

diff --git a/library/x509_crt.c b/library/x509_crt.c
index a05ea9f..ad70a20 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -1746,7 +1746,8 @@
     while( crl_list != NULL )
     {
         if( crl_list->version == 0 ||
-            mbedtls_x509_name_cmp( &crl_list->issuer, &ca->subject ) != 0 )
+            mbedtls_x509_name_cmp_raw( &crl_list->issuer_raw_no_hdr,
+                                       &ca->subject_raw_no_hdr ) != 0 )
         {
             crl_list = crl_list->next;
             continue;
@@ -1867,8 +1868,11 @@
     int need_ca_bit;
 
     /* Parent must be the issuer */
-    if( mbedtls_x509_name_cmp( &child->issuer, &parent->subject ) != 0 )
+    if( mbedtls_x509_name_cmp_raw( &child->issuer_raw_no_hdr,
+                                   &parent->subject_raw_no_hdr ) != 0 )
+    {
         return( -1 );
+    }
 
     /* Parent must have the basicConstraints CA bit set as a general rule */
     need_ca_bit = 1;
@@ -2133,8 +2137,11 @@
     mbedtls_x509_crt *cur;
 
     /* must be self-issued */
-    if( mbedtls_x509_name_cmp( &crt->issuer, &crt->subject ) != 0 )
+    if( mbedtls_x509_name_cmp_raw( &crt->issuer_raw_no_hdr,
+                                   &crt->subject_raw_no_hdr ) != 0 )
+    {
         return( -1 );
+    }
 
     /* look for an exact match with trusted cert */
     for( cur = trust_ca; cur != NULL; cur = cur->next )
@@ -2298,7 +2305,8 @@
          * These can occur with some strategies for key rollover, see [SIRO],
          * and should be excluded from max_pathlen checks. */
         if( ver_chain->len != 1 &&
-            mbedtls_x509_name_cmp( &child->issuer, &child->subject ) == 0 )
+            mbedtls_x509_name_cmp_raw( &child->issuer_raw_no_hdr,
+                                       &child->subject_raw_no_hdr ) == 0 )
         {
             self_cnt++;
         }