From f8ea856296e556c53741c4635d2399bed6a96c3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 15 Jun 2015 15:33:19 +0200 Subject: [PATCH] Change data structure of profiles to bitfields - allows to express 'none' or 'all' more easily than lists - more compact and easier to declare statically - easier to check too Only drawback: if we ever have more than 32 curves, we'll need an ABI change to make that field a uint64_t. --- include/mbedtls/x509_crt.h | 17 +++-- library/x509_crt.c | 132 +++++++++++-------------------------- 2 files changed, 50 insertions(+), 99 deletions(-) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 9a23c06e2..ea0c2cdf5 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -94,18 +94,23 @@ typedef struct mbedtls_x509_crt } mbedtls_x509_crt; +/** + * Build flag from an algorithm/curve identifier (pk, md, ecp) + * Since 0 is always XXX_NONE, ignore it. + */ +#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) ) + /** * Security profile for certificate verification. * - * All lists are terminated by the respective _NONE value. + * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). */ typedef struct { - const mbedtls_md_type_t *allowed_mds; /**< MDs for signatures */ - const mbedtls_pk_type_t *allowed_pks; /**< PK algs for signatures */ - const mbedtls_ecp_group_id *allowed_curves; /**< Elliptic curves */ - size_t rsa_min_bitlen; /**< Minimum size for RSA keys - (must be non-zero) */ + uint32_t allowed_mds; /**< MDs for signatures */ + uint32_t allowed_pks; /**< PK algs for signatures */ + uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ + uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ } mbedtls_x509_crt_profile; diff --git a/library/x509_crt.c b/library/x509_crt.c index 8ed3468c7..8d58b9d44 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -84,117 +84,63 @@ static void mbedtls_zeroize( void *v, size_t n ) { /* * Default profile */ -static const mbedtls_md_type_t x509_prof_default_mds[] = -{ - MBEDTLS_MD_SHA1, - MBEDTLS_MD_RIPEMD160, - MBEDTLS_MD_SHA224, - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA384, - MBEDTLS_MD_SHA512, - MBEDTLS_MD_NONE -}; - -static const mbedtls_pk_type_t x509_prof_default_pks[] = -{ - MBEDTLS_PK_RSA, - MBEDTLS_PK_ECDSA, - MBEDTLS_PK_NONE -}; - -#if defined(MBEDTLS_ECP_C) -static const mbedtls_ecp_group_id x509_prof_default_curves[] = -{ - MBEDTLS_ECP_DP_SECP192R1, - MBEDTLS_ECP_DP_SECP224R1, - MBEDTLS_ECP_DP_SECP256R1, - MBEDTLS_ECP_DP_SECP384R1, - MBEDTLS_ECP_DP_SECP521R1, - MBEDTLS_ECP_DP_BP256R1, - MBEDTLS_ECP_DP_BP384R1, - MBEDTLS_ECP_DP_BP512R1, - MBEDTLS_ECP_DP_SECP192K1, - MBEDTLS_ECP_DP_SECP224K1, - MBEDTLS_ECP_DP_SECP256K1, -}; -#else -static const mbedtls_ecp_group_id *x509_prof_default_curves = NULL; -#endif - const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = { - x509_prof_default_mds, - x509_prof_default_pks, - x509_prof_default_curves, + /* Hashes from SHA-1 and above */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ + 0xFFFFFFF, /* Any curve */ 2048, }; /* * Next-default profile */ -static const mbedtls_md_type_t x509_prof_next_mds[] = -{ - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA384, - MBEDTLS_MD_SHA512, - MBEDTLS_MD_NONE -}; - -#if defined(MBEDTLS_ECP_C) -static const mbedtls_ecp_group_id x509_prof_next_curves[] = -{ - MBEDTLS_ECP_DP_SECP256R1, - MBEDTLS_ECP_DP_SECP384R1, - MBEDTLS_ECP_DP_SECP521R1, - MBEDTLS_ECP_DP_BP256R1, - MBEDTLS_ECP_DP_BP384R1, - MBEDTLS_ECP_DP_BP512R1, - MBEDTLS_ECP_DP_SECP256K1, -}; -#else -static const mbedtls_ecp_group_id *x509_prof_next_curves = NULL; -#endif - const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = { - x509_prof_next_mds, - x509_prof_default_pks, - x509_prof_next_curves, + /* Hashes from SHA-256 and above */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ +#if defined(MBEDTLS_ECP_C) + /* Curves at or above 128-bit security level */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), +#else + 0, +#endif 2048, }; /* * NSA Suite B Profile */ -static const mbedtls_md_type_t x509_prof_suiteb_mds[] = -{ - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA384, - MBEDTLS_MD_NONE -}; - -static const mbedtls_pk_type_t x509_prof_suiteb_pks[] = -{ - MBEDTLS_PK_ECDSA, - MBEDTLS_PK_NONE -}; - -#if defined(MBEDTLS_ECP_C) -static const mbedtls_ecp_group_id x509_prof_suiteb_curves[] = -{ - MBEDTLS_ECP_DP_SECP256R1, - MBEDTLS_ECP_DP_SECP384R1, -}; -#else -static const mbedtls_ecp_group_id *x509_prof_suiteb_curves = NULL; -#endif - const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = { - x509_prof_suiteb_mds, - x509_prof_suiteb_pks, - x509_prof_suiteb_curves, - 2048, + /* Only SHA-256 and 384 */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ), + /* Only ECDSA */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ), +#if defined(MBEDTLS_ECP_C) + /* Only NIST P-256 and P-384 */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ), +#else + 0, +#endif + 0, }; /*