If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.
Inspired by test code provided by Nicholas Wilson in PR #351.
The test will fail if someone sets MAX_INTERMEDIATE_CA to a value larger than
18 (default is 8), which is hopefully unlikely and can easily be fixed by
running long.sh again with a larger value if it ever happens.
Current behaviour is suboptimal as flags are not set, but currently the goal
is only to document/test existing behaviour.
The modular inversion function hangs when provided with the modulus
1. This commit refuses this modulus with a BAD_INPUT error code. It
also adds a test for this case.
The test case was generated by modifying our signature code so that it
produces a 7-byte long padding (which also means garbage at the end, so it is
essential to check that the error that is detected first is indeed the
padding rather than the final length check).
Fix a buffer overflow when writting a string representation of an MPI
number to a buffer in hexadecimal. The problem occurs because hex
digits are written in pairs and this is not accounted for in the
calculation of the required buffer size when the number of digits is
odd.
The first three test cases from test_suites_pkparse.data failed because
the key file they read requires DES to be read. However, POLARSSL_DES_C
was missing from the dependency list.
This curve has special arithmetic on 64 bit platforms and an untested
path lead to trying to free a buffer on the stack.
For the sake of completeness, a test case for a point with non-affine
coordinates has been added as well.
Fixes a regression introduced by an earlier commit that modified
x509_crt_verify_top() to ensure that valid certificates that are after past or
future valid in the chain are processed. However the change introduced a change
in behaviour that caused the verification flags MBEDTLS_X509_BADCERT_EXPIRED and
MBEDTLS_BADCERT_FUTURE to always be set whenever there is a failure in the
verification regardless of the cause.
The fix maintains both behaviours:
* Ensure that valid certificates after future and past are verified
* Ensure that the correct verification flags are set.
Modifies the function mbedtls_x509_crl_parse() to ensure that a CRL in PEM
format with trailing characters after the footer does not result in the
execution of an infinite loop.
The tests load certificate chains from files. The CA chains contain a
past or future certificate and an invalid certificate. The test then
checks that the flags set are BADCERT_EXPIRED or BADCERT_FUTURE.
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.
This commit restores this behaviour.
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.
This commit restores this behaviour.
The test suite was not properly backported and it remained unnoticed,
because it was not compile due to the change in the naming of the
compile time requirements.
The main goal with these tests is to test the bug in question and
they are not meant to test the entire PKCS#1 v1.5 behaviour. To
achieve full test coverage, further test cases are needed.