commit 43bf900018e86aa397520ccd59eca416d5a331af
author Hanno Becker <hanno.becker@arm.com> Mon Feb 25 14:46:49 2019 +0000
committer Hanno Becker <hanno.becker@arm.com> Tue Jun 25 09:06:26 2019 +0100
tree a89b1d06502248b53d1b0eb96d0b40d5ce9942cf
parent e449e2d846f6e8ee6262e53e484e662ab7428a03

Make use of CRT acquire/release searching for issuer in CRT verif.

This commit continues rewriting the CRT chain verification to use
the new acquire/release framework for CRTs. Specifically, it replaces
all member accesses of the current _parent_ CRT by accesses to the
respective frame.

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 3a026a2..95cea46 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2222,15 +2222,15 @@
  *
  * top means parent is a locally-trusted certificate
  */
-static int x509_crt_check_parent( const mbedtls_x509_crt_sig_info *child_sig,
-                                  const mbedtls_x509_crt *parent,
+static int x509_crt_check_parent( const mbedtls_x509_crt_sig_info *sig_info,
+                                  const mbedtls_x509_crt_frame *parent,
                                   int top )
 {
     int need_ca_bit;
 
     /* Parent must be the issuer */
-    if( mbedtls_x509_name_cmp_raw( &child_sig->issuer_raw,
-                                   &parent->subject_raw_no_hdr,
+    if( mbedtls_x509_name_cmp_raw( &sig_info->issuer_raw,
+                                   &parent->subject_raw,
                                    NULL, NULL ) != 0 )
     {
         return( -1 );
@@ -2248,7 +2248,8 @@
 
 #if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
     if( need_ca_bit &&
-        mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 )
+        x509_crt_check_key_usage_frame( parent,
+                                        MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 )
     {
         return( -1 );
     }
@@ -2376,7 +2377,7 @@
                         mbedtls_x509_crt_restart_ctx *rs_ctx )
 {
     int ret;
-    mbedtls_x509_crt *parent, *fallback_parent;
+    mbedtls_x509_crt *parent_crt, *fallback_parent;
     int signature_is_good, fallback_signature_is_good;
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
@@ -2384,7 +2385,7 @@
     if( rs_ctx != NULL && rs_ctx->parent != NULL )
     {
         /* restore saved state */
-        parent = rs_ctx->parent;
+        parent_crt = rs_ctx->parent;
         fallback_parent = rs_ctx->fallback_parent;
         fallback_signature_is_good = rs_ctx->fallback_signature_is_good;
 
@@ -2401,7 +2402,8 @@
     fallback_parent = NULL;
     fallback_signature_is_good = 0;
 
-    for( parent = candidates; parent != NULL; parent = parent->next )
+    for( parent_crt = candidates; parent_crt != NULL;
+         parent_crt = parent_crt->next )
     {
         int parent_valid, parent_match, path_len_ok;
 
@@ -2410,35 +2412,45 @@
 #endif
 
         parent_valid = parent_match = path_len_ok = 0;
-
-        if( mbedtls_x509_time_is_past( &parent->valid_from ) &&
-            mbedtls_x509_time_is_future( &parent->valid_to ) )
         {
-            parent_valid = 1;
-        }
+            mbedtls_x509_crt_frame *parent;
 
-        /* basic parenting skills (name, CA bit, key usage) */
-        if( x509_crt_check_parent( child_sig, parent, top ) == 0 )
-            parent_match = 1;
+            ret = x509_crt_frame_acquire( parent_crt, &parent );
+            if( ret != 0 )
+                return( MBEDTLS_ERR_X509_FATAL_ERROR );
 
-        /* +1 because stored max_pathlen is 1 higher that the actual value */
-        if( !( parent->max_pathlen > 0 &&
-               (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt ) )
-        {
-            path_len_ok = 1;
+            if( mbedtls_x509_time_is_past( &parent->valid_from ) &&
+                mbedtls_x509_time_is_future( &parent->valid_to ) )
+            {
+                parent_valid = 1;
+            }
+
+            /* basic parenting skills (name, CA bit, key usage) */
+            if( x509_crt_check_parent( child_sig, parent, top ) == 0 )
+                parent_match = 1;
+
+            /* +1 because the stored max_pathlen is 1 higher
+             * than the actual value */
+            if( !( parent->max_pathlen > 0 &&
+                   (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt ) )
+            {
+                path_len_ok = 1;
+            }
+
+            x509_crt_frame_release( parent_crt, parent );
         }
 
         if( parent_match == 0 || path_len_ok == 0 )
             continue;
 
         /* Signature */
-        ret = x509_crt_check_signature( child_sig, parent, rs_ctx );
+        ret = x509_crt_check_signature( child_sig, parent_crt, rs_ctx );
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
         if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
         {
             /* save state */
-            rs_ctx->parent = parent;
+            rs_ctx->parent = parent_crt;
             rs_ctx->fallback_parent = fallback_parent;
             rs_ctx->fallback_signature_is_good = fallback_signature_is_good;
 
@@ -2457,7 +2469,7 @@
         {
             if( fallback_parent == NULL )
             {
-                fallback_parent = parent;
+                fallback_parent = parent_crt;
                 fallback_signature_is_good = signature_is_good;
             }
 
@@ -2467,9 +2479,9 @@
         break;
     }
 
-    if( parent != NULL )
+    if( parent_crt != NULL )
     {
-        *r_parent = parent;
+        *r_parent = parent_crt;
         *r_signature_is_good = signature_is_good;
     }
     else