Merge #309

bors[bot] · Taowyoo · web-flow · commit e0d28366b758 · 2023-08-30T19:18:41.000Z
309: [back-port][v0.9] fix: return error when verify empty cert chain r=xinyufort a=Taowyoo back-port #308 to 0.9.X Co-authored-by: Yuxiang Cao <yuxiang.cao@fortanix.com>
diff --git a/.travis.yml b/.travis.yml
@@ -18,20 +18,30 @@ addons:
     - clang-11
     - cmake
     - qemu-user
+before_script:
+  - printenv
+  - whereis clang && clang --version
+  # remove clang-16 path from PATH
+  - export PATH=$(echo $PATH | sed -e 's|:/usr/local/clang-16.0.0/bin||')
+  # setup clang-11 as default clang
+  - sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-11 100
+  - whereis clang && clang --version
 rust:
    - stable
 env:
-  jobs:
-    # Matrix build of 3 targets against Rust stable
-    - TARGET=x86_64-unknown-linux-gnu ZLIB_INSTALLED=true AES_NI_SUPPORT=true
-    - TARGET=aarch64-unknown-linux-musl
-    - TARGET=x86_64-fortanix-unknown-sgx
   global:
     - RUST_BACKTRACE=1
 jobs:
   include:
-    # Test additional Rust toolchains on x86_64
-    - rust: beta
-    - rust: nightly
+    - env: TARGET=x86_64-fortanix-unknown-sgx
+      rust: stable
+    - env: TARGET=aarch64-unknown-linux-musl
+      rust: stable
+    - env: TARGET=x86_64-unknown-linux-gnu ZLIB_INSTALLED=true AES_NI_SUPPORT=true
+      rust: nightly
+    - env: TARGET=x86_64-unknown-linux-gnu ZLIB_INSTALLED=true AES_NI_SUPPORT=true
+      rust: beta
+    - env: TARGET=x86_64-unknown-linux-gnu ZLIB_INSTALLED=true AES_NI_SUPPORT=true
+      rust: stable
 script:
   - ./ct.sh
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/mbedtls/Cargo.toml b/mbedtls/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "mbedtls"
-version = "0.9.1"
+version = "0.9.2"
 authors = ["Jethro Beekman <jethro@fortanix.com>"]
 build = "build.rs"
 edition = "2018"
diff --git a/mbedtls/src/ssl/config.rs b/mbedtls/src/ssl/config.rs
@@ -306,6 +306,9 @@ impl Config {
     }
 
     pub fn push_cert(&mut self, own_cert: Arc<MbedtlsList<Certificate>>, own_pk: Arc<Pk>) -> Result<()> {
+        if own_cert.is_empty() {
+            return Err(Error::SslBadInputData);
+        }
         // Need to ensure own_cert/pk_key outlive the config.
         self.own_cert.push(own_cert.clone());
         self.own_pk.push(own_pk.clone());
diff --git a/mbedtls/src/ssl/context.rs b/mbedtls/src/ssl/context.rs
@@ -583,7 +583,7 @@ impl HandshakeContext {
         key: Arc<Pk>,
     ) -> Result<()> {
         // mbedtls_ssl_set_hs_own_cert does not check for NULL handshake.
-        if self.inner.handshake as *const _ == ::core::ptr::null() {
+        if self.inner.handshake as *const _ == ::core::ptr::null() || chain.is_empty() {
             return Err(Error::SslBadInputData);
         }
 
diff --git a/mbedtls/src/x509/certificate.rs b/mbedtls/src/x509/certificate.rs
@@ -229,6 +229,9 @@ impl Certificate {
     where
         F: VerifyCallback + 'static,
     {
+        if chain.is_empty() {
+            return Err(Error::X509BadInputData);
+        }
         let (f_vrfy, p_vrfy): (Option<unsafe extern "C" fn(_, _, _, _) -> _>, _) = if let Some(cb) = cb.as_ref() {
             (Some(x509::verify_callback::<F>),
             cb as *const _ as *mut c_void)
@@ -1420,6 +1423,34 @@ cYp0bH/RcPTC0Z+ZaqSWMtfxRrk63MJQF9EXpDCdvQRcTMD9D85DJrMKn8aumq0M
         assert!(crate::tests::TestTrait::<dyn Sync, MbedtlsList<Certificate>>::new().impls_trait(), "MbedtlsList<Certificate> should be Sync");
     }
 
+    #[test]
+    fn empty_cert_chain_test() {
+        const C_CERT: &'static str = concat!(include_str!("../../tests/data/certificate.crt"), "\0");
+        const C_ROOT: &'static str = concat!(include_str!("../../tests/data/root.crt"), "\0");
+
+        let mut certs = MbedtlsList::new();
+        certs.push(Certificate::from_pem(&C_CERT.as_bytes()).unwrap());
+        let mut roots = MbedtlsList::new();
+        roots.push(Certificate::from_pem(&C_ROOT.as_bytes()).unwrap());
+
+        assert!(Certificate::verify(&certs, &roots, None, None).is_ok());
+
+        let empty_certs = MbedtlsList::new();
+
+        assert_eq!(
+            Certificate::verify(&certs, &empty_certs, None, None).unwrap_err(),
+            Error::X509CertVerifyFailed
+        );
+        assert_eq!(
+            Certificate::verify(&empty_certs, &empty_certs, None, None).unwrap_err(),
+            Error::X509BadInputData
+        );
+        assert_eq!(
+            Certificate::verify(&empty_certs, &roots, None, None).unwrap_err(),
+            Error::X509BadInputData
+        );
+    }
+
     #[test]
     fn empty_crl_test() {
         const C_CERT: &'static str = concat!(include_str!("../../tests/data/certificate.crt"), "\0");

Original file line number	Diff line number	Diff line change
`@@ -306,6 +306,9 @@ impl Config {`
`306`	`306`	`}`
`307`	`307`
`308`	`308`	`pub fn push_cert(&mut self, own_cert: Arc<MbedtlsList<Certificate>>, own_pk: Arc<Pk>) -> Result<()> {`
	`309`	`+ if own_cert.is_empty() {`
	`310`	`+ return Err(Error::SslBadInputData);`
	`311`	`+ }`
`309`	`312`	`// Need to ensure own_cert/pk_key outlive the config.`
`310`	`313`	`self.own_cert.push(own_cert.clone());`
`311`	`314`	`self.own_pk.push(own_pk.clone());`
Original file line number	Diff line number	Diff line change
`@@ -583,7 +583,7 @@ impl HandshakeContext {`
`583`	`583`	`key: Arc<Pk>,`
`584`	`584`	`) -> Result<()> {`
`585`	`585`	`// mbedtls_ssl_set_hs_own_cert does not check for NULL handshake.`
`586`		`- if self.inner.handshake as *const _ == ::core::ptr::null() {`
	`586`	`+ if self.inner.handshake as *const _ == ::core::ptr::null() \|\| chain.is_empty() {`
`587`	`587`	`return Err(Error::SslBadInputData);`
`588`	`588`	`}`
`589`	`589`