Fix 1.3 failure to update flags for (ext)KeyUsage
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 8ac6579..651a17b 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -714,6 +714,18 @@
/*
* Secondary checks: always done, but change 'ret' only if it was 0
*/
+ /* keyUsage */
+ if ((mbedtls_x509_crt_check_key_usage(
+ ssl->session_negotiate->peer_cert,
+ MBEDTLS_X509_KU_DIGITAL_SIGNATURE) != 0)) {
+ MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (usage extensions)"));
+ if (ret == 0) {
+ ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE;
+ }
+ verify_result |= MBEDTLS_X509_BADCERT_KEY_USAGE;
+ }
+
+ /* extKeyUsage */
if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
ext_oid = MBEDTLS_OID_SERVER_AUTH;
ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH);
@@ -722,16 +734,14 @@
ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_CLIENT_AUTH);
}
- if ((mbedtls_x509_crt_check_key_usage(
- ssl->session_negotiate->peer_cert,
- MBEDTLS_X509_KU_DIGITAL_SIGNATURE) != 0) ||
- (mbedtls_x509_crt_check_extended_key_usage(
+ if ((mbedtls_x509_crt_check_extended_key_usage(
ssl->session_negotiate->peer_cert,
ext_oid, ext_len) != 0)) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (usage extensions)"));
if (ret == 0) {
ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE;
}
+ verify_result |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE;
}
/* mbedtls_x509_crt_verify_with_profile is supposed to report a
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index b37747e..895d8fc 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -7816,13 +7816,13 @@
run_test "keyUsage cli 1.3: KeyEncipherment, RSA: fail" \
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server2.key \
-cert $DATA_FILES_PATH/server2-sha256.ku-ke.crt" \
- "$P_CLI debug_level=1" \
+ "$P_CLI debug_level=3" \
1 \
-c "bad certificate (usage extensions)" \
-c "Processing of the Certificate handshake message failed" \
- -C "Ciphersuite is"
- #-c "send alert level=2 message=43" \
- #-C "! Usage does not match the keyUsage extension"
+ -C "Ciphersuite is" \
+ -c "send alert level=2 message=43" \
+ -C "! Usage does not match the keyUsage extension"
# MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
requires_openssl_tls1_3_with_compatible_ephemeral
@@ -7831,13 +7831,13 @@
run_test "keyUsage cli 1.3: KeyAgreement, RSA: fail" \
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server2.key \
-cert $DATA_FILES_PATH/server2-sha256.ku-ka.crt" \
- "$P_CLI debug_level=1" \
+ "$P_CLI debug_level=3" \
1 \
-c "bad certificate (usage extensions)" \
-c "Processing of the Certificate handshake message failed" \
- -C "Ciphersuite is"
- #-c "send alert level=2 message=43" \
- #-C "! Usage does not match the keyUsage extension"
+ -C "Ciphersuite is" \
+ -c "send alert level=2 message=43" \
+ -C "! Usage does not match the keyUsage extension"
# MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
requires_openssl_tls1_3_with_compatible_ephemeral
@@ -7858,13 +7858,13 @@
run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: fail" \
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \
-cert $DATA_FILES_PATH/server5.ku-ke.crt" \
- "$P_CLI debug_level=1" \
+ "$P_CLI debug_level=3" \
1 \
-c "bad certificate (usage extensions)" \
-c "Processing of the Certificate handshake message failed" \
- -C "Ciphersuite is"
- #-c "send alert level=2 message=43" \
- #-C "! Usage does not match the keyUsage extension"
+ -C "Ciphersuite is" \
+ -c "send alert level=2 message=43" \
+ -C "! Usage does not match the keyUsage extension"
# MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
requires_openssl_tls1_3_with_compatible_ephemeral
@@ -7873,13 +7873,13 @@
run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: fail" \
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \
-cert $DATA_FILES_PATH/server5.ku-ka.crt" \
- "$P_CLI debug_level=1" \
+ "$P_CLI debug_level=3" \
1 \
-c "bad certificate (usage extensions)" \
-c "Processing of the Certificate handshake message failed" \
- -C "Ciphersuite is"
- #-c "send alert level=2 message=43" \
- #-C "! Usage does not match the keyUsage extension"
+ -C "Ciphersuite is" \
+ -c "send alert level=2 message=43" \
+ -C "! Usage does not match the keyUsage extension"
# MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
# Tests for keyUsage in leaf certificates, part 3:
@@ -7985,8 +7985,8 @@
0 \
-s "bad certificate (usage extensions)" \
-S "send alert level=2 message=43" \
+ -s "! Usage does not match the keyUsage extension" \
-S "Processing of the Certificate handshake message failed"
- #-s "! Usage does not match the keyUsage extension" \
requires_openssl_tls1_3_with_compatible_ephemeral
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
@@ -7998,10 +7998,9 @@
0 \
-s "bad certificate (usage extensions)" \
-s "Processing of the Certificate handshake message failed" \
- -s "! mbedtls_ssl_handshake returned" \
- #-s "send alert level=2 message=43" \
+ -s "send alert level=2 message=43" \
+ -s "! mbedtls_ssl_handshake returned"
# MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
- # (not working now, getting alert 46 instead)
#
# OpenSSL client does not seem to mind that the server aborts the
# handshake with a fatal alert and still exits 0...
@@ -8027,8 +8026,8 @@
-cert $DATA_FILES_PATH/server5.ku-ka.crt" \
0 \
-s "bad certificate (usage extensions)" \
+ -s "! Usage does not match the keyUsage extension" \
-S "Processing of the Certificate handshake message failed"
- #-s "! Usage does not match the keyUsage extension" \
requires_openssl_tls1_3_with_compatible_ephemeral
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
@@ -8040,10 +8039,9 @@
0 \
-s "bad certificate (usage extensions)" \
-s "Processing of the Certificate handshake message failed" \
+ -s "send alert level=2 message=43" \
-s "! mbedtls_ssl_handshake returned"
- #-s "send alert level=2 message=43" \
# MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
- # (not working now, getting alert 46 instead)
#
# OpenSSL client does not seem to mind that the server aborts the
# handshake with a fatal alert and still exits 0...