manually merge 9f98251 make extKeyUsage accessible
diff --git a/ChangeLog b/ChangeLog
index dc27e50..b6d5adc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -70,6 +70,9 @@
= mbed TLS 1.3 branch
Security
+ * With authmode set to MBEDTLS_SSL_VERIFY_OPTIONAL, verification of keyUsage and
+ extendedKeyUsage on the leaf certificate was lost (results not accessible
+ via ssl_get_verify_results()).
Features
* Add mbedtls_x509_crt_verify_info() to display certificate verification results.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index acc8e28..0cdc537 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2281,7 +2281,8 @@
*/
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
const mbedtls_ssl_ciphersuite_t *ciphersuite,
- int cert_endpoint );
+ int cert_endpoint,
+ int *flags );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_ssl_write_version( int major, int minor, int transport,
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 4eb546d..90d2ef9 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -868,6 +868,7 @@
{
mbedtls_ssl_key_cert *cur, *list, *fallback = NULL;
mbedtls_pk_type_t pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
+ int flags;
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
if( ssl->handshake->sni_key_cert != NULL )
@@ -901,7 +902,7 @@
* and decrypting with the same RSA key.
*/
if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info,
- MBEDTLS_SSL_IS_SERVER ) != 0 )
+ MBEDTLS_SSL_IS_SERVER, &flags ) != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: "
"(extended) key usage extension" ) );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 85a2622..99b41d7 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4059,7 +4059,8 @@
if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert,
ciphersuite_info,
- ! ssl->endpoint ) != 0 )
+ ! ssl->endpoint,
+ &ssl->session_negotiate->verify_result ) != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) );
if( ret == 0 )
@@ -6789,8 +6790,10 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
const mbedtls_ssl_ciphersuite_t *ciphersuite,
- int cert_endpoint )
+ int cert_endpoint,
+ int *flags )
{
+ int ret = 0;
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
int usage = 0;
#endif
@@ -6803,6 +6806,7 @@
!defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
((void) cert);
((void) cert_endpoint);
+ ((void) flags);
#endif
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
@@ -6842,7 +6846,10 @@
}
if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 )
- return( -1 );
+ {
+ *flags |= MBEDTLS_BADCERT_KEY_USAGE;
+ ret = -1;
+ }
#else
((void) ciphersuite);
#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
@@ -6860,10 +6867,13 @@
}
if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 )
- return( -1 );
+ {
+ *flags |= MBEDTLS_BADCERT_EXT_KEY_USAGE;
+ ret = -1;
+ }
#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
- return( 0 );
+ return( ret );
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 2493278..a28f4a0 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2094,6 +2094,17 @@
-c "Processing of the Certificate handshake message failed" \
-C "Ciphersuite is TLS-"
+run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
+ "$O_SRV -key data_files/server2.key \
+ -cert data_files/server2.ku-ke.crt" \
+ "$P_CLI debug_level=1 auth_mode=optional \
+ force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
+ 0 \
+ -c "bad certificate (usage extensions)" \
+ -C "Processing of the Certificate handshake message failed" \
+ -c "Ciphersuite is TLS-" \
+ -c "! Usage does not match the keyUsage extension"
+
run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \
"$O_SRV -key data_files/server2.key \
-cert data_files/server2.ku-ds.crt" \
@@ -2114,6 +2125,17 @@
-c "Processing of the Certificate handshake message failed" \
-C "Ciphersuite is TLS-"
+run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \
+ "$O_SRV -key data_files/server2.key \
+ -cert data_files/server2.ku-ds.crt" \
+ "$P_CLI debug_level=1 auth_mode=optional \
+ force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ 0 \
+ -c "bad certificate (usage extensions)" \
+ -C "Processing of the Certificate handshake message failed" \
+ -c "Ciphersuite is TLS-" \
+ -c "! Usage does not match the keyUsage extension"
+
# Tests for keyUsage in leaf certificates, part 3:
# server-side checking of client cert
