Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[backport 2.16] Fix pk_parse_key()'s use of rsa_complete() #3048

Merged
merged 6 commits into from
Feb 19, 2020
Merged

[backport 2.16] Fix pk_parse_key()'s use of rsa_complete() #3048

merged 6 commits into from
Feb 19, 2020

Conversation

mpg
Copy link
Contributor

@mpg mpg commented Feb 18, 2020

This is the 2.16 backport of ARMmbed/mbed-crypto#367

mpg added 5 commits February 18, 2020 10:49
@mpg
Don't pass zero to rsa_complete() as a param
9ab0305 
When parsing a PKCS#1 RSAPrivateKey structure, all parameters are always
present. After importing them, we need to call rsa_complete() for the sake of
alternative implementations. That function interprets zero as a signal for
"this parameter was not provided". As that's never the case, we mustn't pass
any zero value to that function, so we need to explicitly check for it.
@mpg
Check public part when parsing private RSA key
25bb8dc
@mpg
Clean up test function pk_parse_key
12fb9c3 
- remove incorrect compile-time dependency (the individual cases already have
  correct run-time dependency information)
- remove unused argument
- remove unused stack buffer
- remove useless code block
@mpg
Test each failure mode of pk_parse_key_pkcs1_der()
96ed13e 
(Only the top-level ones, ie, for each call to eg asn1_get_mpi(), ensure
there's at least one test case that makes this call fail in one way, but don't
test the various ways to make asn1_get_mpi fail - that should be covered
elsewhere.)

- the new checks added by the previous commits needed exercising
- existing tests sometimes had wrong descriptions or where passing for the
  wrong reason (eg with the "length mismatch" test, the function actually
failed before reaching the length check)
- while at it, add tests for the rest as well

The valid minimal-size key was generated with:

openssl genrsa 128 2>/dev/null | openssl rsa -outform der 2>/dev/null | xxd -p
@mpg
Fix pkparse bug wrt MBEDTLS_RSA_ALT
d09fcde 
Some code paths want to access members of the mbedtls_rsa_context structure.
We can only do that when using our own implementation, as otherwise we don't
know anything about that structure.
@mpg mpg added bug mbed TLS team needs-review Every commit must be reviewed by at least two team members, component-crypto Crypto primitives and low-level interfaces needs-ci Needs to pass CI tests labels Feb 18, 2020
@mpg mpg mentioned this pull request Feb 18, 2020
Merged
2 tasks
yanesca
yanesca approved these changes Feb 18, 2020
View reviewed changes
Copy link
Contributor

@yanesca yanesca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a faithful backport of the original.

@yanesca yanesca added approved Design and code approved - may be waiting for CI or backports and removed needs-ci Needs to pass CI tests needs-review Every commit must be reviewed by at least two team members, labels Feb 18, 2020
yanesca
yanesca requested changes Feb 18, 2020
View reviewed changes
Copy link
Contributor

@yanesca yanesca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should add a ChangeLog entry about fixing the bug in mbedtls_pk_parse_key() that caused it to accept some noncompliant/incorrect keys.

@gilles-peskine-arm gilles-peskine-arm added needs-work and removed approved Design and code approved - may be waiting for CI or backports labels Feb 18, 2020
@mpg mpg added needs-review Every commit must be reviewed by at least two team members, and removed needs-work labels Feb 19, 2020
@mpg
Copy link
Contributor Author

mpg commented Feb 19, 2020

Thanks @yanesca for noticing the missing ChangeLog entry! I fixed that, please review - cc @gilles-peskine-arm as well.

yanesca
yanesca approved these changes Feb 19, 2020
View reviewed changes
Copy link
Contributor

@yanesca yanesca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@gilles-peskine-arm gilles-peskine-arm added approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members, labels Feb 19, 2020
@gilles-peskine-arm gilles-peskine-arm merged commit 0b59b6d into Mbed-TLS:mbedtls-2.16 Feb 19, 2020
@mpg mpg deleted the fix-rsa-complete-2.16 branch August 14, 2020 08:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm approved these changes

@yanesca yanesca yanesca approved these changes

Assignees
No one assigned
Labels
approved Design and code approved - may be waiting for CI or backports bug component-crypto Crypto primitives and low-level interfaces
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mpg @yanesca @gilles-peskine-arm