From c10afdb3229b7cd8cc52a23cf8d539a4b54743aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 29 Jun 2017 09:48:08 +0200 Subject: [PATCH] Add test for CA forgery attempt As we accept EE certs that are explicitly trusted (in the list of trusted roots) and usually look for parent by subject, and in the future we might want to avoid checking the self-signature on trusted certs, there could a risk that we incorrectly accept a cert that looks like a trusted root except it doesn't have the same key. This test ensures this will never happen. --- tests/data_files/Makefile | 7 +++++++ tests/data_files/server5-ss-forgeca.crt | 11 +++++++++++ tests/data_files/test-ca.opensslconf | 3 +++ tests/suites/test_suite_x509parse.data | 4 ++++ 4 files changed, 25 insertions(+) create mode 100644 tests/data_files/server5-ss-forgeca.crt diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 7476bf784..e0f7b9d2a 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -97,6 +97,13 @@ server5-ss-expired.crt: server5.key $(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@ all_final += server5-ss-expired.crt +# try to forge a copy of test-int-ca3 with different key +server5-ss-forgeca.crt: server5.key + $(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@ +all_final += server5-ss-forgeca.crt + + + ################################################################ #### Meta targets diff --git a/tests/data_files/server5-ss-forgeca.crt b/tests/data_files/server5-ss-forgeca.crt new file mode 100644 index 000000000..bfd7b706a --- /dev/null +++ b/tests/data_files/server5-ss-forgeca.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBlDCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTIwODQzWhcNMjUwODI5MTIwODQzWjBKMQswCQYD +VQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRl +c3QgaW50ZXJtZWRpYXRlIENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3 +zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI +wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0kA +MEYCIQDF5pY54AUMNbhy3jk+8sdgsZS6bmeH/QI4D0I6UiIhXQIhAO7Y8V7Z8bx2 +gZyyk/wZpswb53ZaIP2XsJiJ/CPMCCVq +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca.opensslconf b/tests/data_files/test-ca.opensslconf index 12835dfa5..343d75eca 100644 --- a/tests/data_files/test-ca.opensslconf +++ b/tests/data_files/test-ca.opensslconf @@ -11,3 +11,6 @@ commonName = PolarSSL Test CA subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = CA:true + +[noext_ca] +basicConstraints = CA:true diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 8f4daa999..3bc4cc2b5 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -755,6 +755,10 @@ X509 Certificate verification #89 (Spurious cert later in the chain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server10_int3_spurious_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" +X509 Certificate verification #90 (EE with same name as trusted root) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server5-ss-forgeca.crt":"data_files/test-int-ca3.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"default":"NULL" + X509 Certificate verification callback: trusted EE cert depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED x509_verify_callback:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:"depth 0 - serial 53\:A2\:CB\:4B\:12\:4E\:AD\:83\:7D\:A8\:94\:B2 - subject CN=selfsigned, OU=testing, O=PolarSSL, C=NL - flags 0x0000\n"