Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						19d2c9165a 
					 
					
						
						
							
							Fix undocumented free() in x509_string_to_names()  
						
						... 
						
						
						
						Now programs/x509/cert_write san="DN:CN=#0000;DN:CN=#0000" is no longer
crashing with use-after-free, instead it's now failing cleanly:
 failed
  !  mbedtls_x509_string_to_names returned -0x2800 - X509 - Input invalid
That's better of course but still not great, will be fixed by future
commits.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com > 
						
						
					 
					
						2025-05-05 16:44:18 +02:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
							
						
						25b282ebfe 
					 
					
						
						
							
							x509: move internal functions declarations to a private header  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2024-01-19 09:07:35 +01:00 
						 
				 
			
				
					
						
							
							
								Jonathan Winzig 
							
						 
					 
					
						
						
							
						
						5caf20ea80 
					 
					
						
						
							
							Update fix to be more platform-independent  
						
						... 
						
						
						
						Co-authored-by: David Horstmann <david.horstmann@arm.com >
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com > 
						
						
					 
					
						2024-01-09 16:41:10 +01:00 
						 
				 
			
				
					
						
							
							
								Jonathan Winzig 
							
						 
					 
					
						
						
							
						
						05c722bfd0 
					 
					
						
						
							
							Fix Issue  #8687  
						
						... 
						
						
						
						Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com > 
						
						
					 
					
						2024-01-09 15:20:03 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						e4a6f5a7ec 
					 
					
						
						
							
							Use size_t cast for pointer subtractions  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-11-21 17:09:46 +00:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						16799db69a 
					 
					
						
						
							
							update headers  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-11-02 19:47:20 +00:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						515af1d80d 
					 
					
						
						
							
							Stop IAR warning about goto skipping variable definition  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-10-13 16:03:25 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						391dd7fe87 
					 
					
						
						
							
							Fix propagation of return value from parse_attribute_value_hex_der_encoded  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2023-09-25 19:59:31 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						7f420faf03 
					 
					
						
						
							
							parse_attribute_value_hex_der_encoded: clean up length validation  
						
						... 
						
						
						
						Separate the fits-in-buffer check (*data_length <= data_size) from the
we-think-it's-a-sensible-size check (*data_length <=
MBEDTLS_X509_MAX_DN_NAME_SIZE).
This requires using an intermediate buffer for the DER data, since its
maximum sensible size has to be larger than the maximum sensible size for
the payload, due to the overhead of the ASN.1 tag+length.
Remove test cases focusing on the DER length since the implementation no
longer has a threshold for it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2023-09-25 19:59:31 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						7077781af5 
					 
					
						
						
							
							Fix integer overflow with an input buffer larger than INT_MAX  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2023-09-25 19:59:31 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						25665781f6 
					 
					
						
						
							
							Rewrite parse_attribute_value_hex_der_encoded()  
						
						... 
						
						
						
						Rename the function from parse_attribute_value_der_encoded: the hex aspect
seems important.
There was a buffer overflow due to not validating that the intermediate data
fit in the stack buffer. The rewrite doesn't use this buffer, and takes care
not to overflow the buffer that it does use.
Document all that's going on.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2023-09-25 19:59:31 +02:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						a72ea814d8 
					 
					
						
						
							
							Remove double blank line in x509_create.c  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-09-12 17:57:09 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						706a1c3c3f 
					 
					
						
						
							
							Fix code style  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-09-08 12:04:41 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						c34804dea2 
					 
					
						
						
							
							Fix bug with checking max dn length with hexpairs  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-09-08 11:32:19 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						fca0861e8e 
					 
					
						
						
							
							Add asn1 get tag and len to x509 create config  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-09-04 15:45:37 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						a2423debcc 
					 
					
						
						
							
							Fix code style  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-30 16:24:31 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						de02ee268e 
					 
					
						
						
							
							Refactor parse_attribute_value_string  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-30 16:12:57 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						1aece47e8c 
					 
					
						
						
							
							Make hexpair_to_int take a char pointer  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-30 16:05:24 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						e9d1c8e1eb 
					 
					
						
						
							
							Reword and reformat comments  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-30 15:55:31 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ef6abd4062 
					 
					
						
						
							
							Add blank lines after variable declarations  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-30 15:55:12 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						457ac84f01 
					 
					
						
						
							
							Refactor previous fix  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-23 11:35:26 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						4c7d7bf583 
					 
					
						
						
							
							Add guard for empty AttributeValue  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-23 11:28:30 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						15df01240d 
					 
					
						
						
							
							Fix code style  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 17:50:00 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						4606bf3f38 
					 
					
						
						
							
							Refactor reading AttributeValue in dn gets  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 17:29:18 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						d9d79bb74b 
					 
					
						
						
							
							Rename parse_attribute_value_ber_encoded  
						
						... 
						
						
						
						Now renamed to parse_attribute_value_der_encoded to be consistent with
names elsewhere
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 16:43:58 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ba386ec23e 
					 
					
						
						
							
							Remove magic number for null tag  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						12b9d7040e 
					 
					
						
						
							
							Remove x509_oid_from_numericoid  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						fb94702762 
					 
					
						
						
							
							Add catch for alloc error x509_oid_from_numericoid  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						4294ccc608 
					 
					
						
						
							
							Use mbedtls_calloc instead of calloc  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						55d93192b1 
					 
					
						
						
							
							Fix oid memory leak  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						f826d1113e 
					 
					
						
						
							
							Reject null bytes in DER encoded values in DNs  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						eb55867520 
					 
					
						
						
							
							Fix code style  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						9caaa6d967 
					 
					
						
						
							
							Reject escaped null hexpairs in DNs  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						957ca0595d 
					 
					
						
						
							
							Accept short name/ber encoded data in DNs  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						17984874af 
					 
					
						
						
							
							Change error from unknown oid to invalid name  
						
						... 
						
						
						
						Since the implementation no longer needs to know the oid, it makes more
sense for the error message to be an invalid name.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						f88bd5ac86 
					 
					
						
						
							
							Accept any valid oid in string_to_names  
						
						... 
						
						
						
						Instead of using x509_attrs, use generic oid conversion.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						a7f9630925 
					 
					
						
						
							
							Remove duplicate '+' in comparison string  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						e18a1789fd 
					 
					
						
						
							
							Use MBEDTLS_X509_MAX_DN_NAME_SIZE for buffer size  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ee642d93a8 
					 
					
						
						
							
							Format preprocessor conditionals  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ed88eefe8e 
					 
					
						
						
							
							Rename in_tag to in_attr_type  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						97178f231f 
					 
					
						
						
							
							Fix code style in mbedtls_x509_string_to_names  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						7f639fc7ab 
					 
					
						
						
							
							Fix Windows x64 build errors with type conversions  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						39ba121d3a 
					 
					
						
						
							
							Fix memory leak in alternative code route  
						
						... 
						
						
						
						If no oid is found, and x509_attr_descr_from_numericoid returns NULL,
previously the memory allocated for the oid wasn't freed.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						f818e01edb 
					 
					
						
						
							
							FIx memory leak in x509_attr_descr_from_numericoid;  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						4987c8fcb0 
					 
					
						
						
							
							Fix code style on x509.c and x509_create.c  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						0eb6673a80 
					 
					
						
						
							
							Add preprocessor config guards  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						6cbfae591a 
					 
					
						
						
							
							Parse DER tag mbedtls_x509_string_to_names  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						b73778d8f9 
					 
					
						
						
							
							Implement parse_attribute_value_ber_encoded  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						e119f3c0ea 
					 
					
						
						
							
							Refactor mbedtls_x509_string_to_names  
						
						... 
						
						
						
						This refactor is to accomodate future support of numericoid/hexstring
attributetype value pairs.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ef2decbe4a 
					 
					
						
						
							
							Escape hexpairs characters RFC 4514  
						
						... 
						
						
						
						Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:38:16 +01:00