!60 合入CVE-2020-36477

Merge pull request !60 from 毛宇锋/cherry-pick-1664263357

!60 合入CVE-2020-36477
Merge pull request !60 from 毛宇锋/cherry-pick-1664263357
6bb53146 · openharmony_ci · Gitee · 3d4d4d93 · 9bac3fdf · 6bb53146
隐藏空白更改
内联并排

Showing with 42 addition and 1 deletion

include/mbedtls/x509.h include/mbedtls/x509.h +22 -0

library/x509_crt.c library/x509_crt.c +20 -1

未找到文件。
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -131,6 +131,28 @@
 #define MBEDTLS_X509_BADCRL_BAD_PK           0x040000  /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
 #define MBEDTLS_X509_BADCRL_BAD_KEY          0x080000  /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */
+/*
+ * X.509 v3 Subject Alternative Name types.
+ *      otherName                       [0]     OtherName,
+ *      rfc822Name                      [1]     IA5String,
+ *      dNSName                         [2]     IA5String,
+ *      x400Address                     [3]     ORAddress,
+ *      directoryName                   [4]     Name,
+ *      ediPartyName                    [5]     EDIPartyName,
+ *      uniformResourceIdentifier       [6]     IA5String,
+ *      iPAddress                       [7]     OCTET STRING,
+ *      registeredID                    [8]     OBJECT IDENTIFIER
+ */
+#define MBEDTLS_X509_SAN_OTHER_NAME                      0
+#define MBEDTLS_X509_SAN_RFC822_NAME                     1
+#define MBEDTLS_X509_SAN_DNS_NAME                        2
+#define MBEDTLS_X509_SAN_X400_ADDRESS_NAME               3
+#define MBEDTLS_X509_SAN_DIRECTORY_NAME                  4
+#define MBEDTLS_X509_SAN_EDI_PARTY_NAME                  5
+#define MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER     6
+#define MBEDTLS_X509_SAN_IP_ADDRESS                      7
+#define MBEDTLS_X509_SAN_REGISTERED_ID                   8
 /* \} name */
 /* \} addtogroup x509_module */

--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2452,6 +2452,25 @@ static int x509_crt_check_cn( const mbedtls_x509_buf *name,
    return( -1 );
 }
+/*
+ * Check for SAN match, see RFC 5280 Section 4.2.1.6
+ */
+static int x509_crt_check_san( const mbedtls_x509_buf *name,
+                               const char *cn, size_t cn_len )
+{
+    const unsigned char san_type = (unsigned char) name->tag &
+                                   MBEDTLS_ASN1_TAG_VALUE_MASK;
+    /* dNSName */
+    if( san_type == MBEDTLS_X509_SAN_DNS_NAME )
+        return( x509_crt_check_cn( name, cn, cn_len ) );
+    /* (We may handle other types here later.) */
+    /* Unrecognized type */
+    return( -1 );
+}
 /*
 * Verify the requested CN - only call this if cn is not NULL!
 */
@@ -2467,7 +2486,7 @@ static void x509_crt_verify_name( const mbedtls_x509_crt *crt,
    {
        for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next )
        {
-            if( x509_crt_check_cn( &cur->buf, cn, cn_len ) == 0 )
+            if( x509_crt_check_san( &cur->buf, cn, cn_len ) == 0 )
                break;
        }