From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 1/3] package/mbedtls: add BR2_PACKAGE_MBEDTLS_X509_UNSUPPORTED_CRITICAL_EXTENSION
Date: Thu, 23 Apr 2020 22:27:26 +0200 [thread overview]
Message-ID: <20200423202726.GR5035@scaer> (raw)
In-Reply-To: <20200423220905.06d9dc59@windsurf.home>
Thomas, All,
On 2020-04-23 22:09 +0200, Thomas Petazzoni spake thusly:
> On Wed, 22 Apr 2020 21:20:57 +0200
> Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:
>
> > Add an option to enable
> > MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
> >
> > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> > ---
> > package/mbedtls/Config.in | 10 ++++++++++
> > package/mbedtls/mbedtls.mk | 8 ++++++++
> > 2 files changed, 18 insertions(+)
> >
> > diff --git a/package/mbedtls/Config.in b/package/mbedtls/Config.in
> > index a39ba65d98..e48f0473b0 100644
> > --- a/package/mbedtls/Config.in
> > +++ b/package/mbedtls/Config.in
> > @@ -29,4 +29,14 @@ config BR2_PACKAGE_MBEDTLS_COMPRESSION
> > sure CRIME and similar attacks are not applicable to your
> > particular situation.
> >
> > +config BR2_PACKAGE_MBEDTLS_X509_UNSUPPORTED_CRITICAL_EXTENSION
> > + bool "allow X509 unsupported critical extension"
> > + help
> > + If set, the X509 parser will not break-off when parsing an
> > + X509 certificate and encountering an unknown critical
> > + extension.
> > +
> > + Warning: Depending on your PKI use, enabling this can be a
> > + security risk!
> > +
> > endif
>
> This whole series is pretty awkward. Shouldn't we instead simply not
> allow the use of uacme mbedtls crypto backend ?
>
> What is this X509_UNSUPPORTED_CRITICAL_EXTENSION functionality that is
> so weird that it requires patching the mbedtls config.h file ? Why is
> uacme absolutely requiring this functionality that no other user of
> mbedtls requires ?
Patching mbedtls is the way to configure it; we already do it to enable
threaads or use of zlib, or to disable asm.
That being said, I also have some concerns about this stuff.
For example, uacme is currently broken with mbedtls, so it was not
runtime tested.
Second, patch 2 does not fix the problem, which is only fixed with patch
3. Semantically, the last two patches should be reversed: first fix the
problem (use of X.509 extension), then add a feature (choice of
backend).
Third, uacme should not depend on the X.509 option, but should select
it.
Regards,
Yann E. MORIN.
> Until these questions are answered, I'd prefer to drop support for
> mbedtls as a crypto backend for uacme.
>
> Best regards,
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
next prev parent reply other threads:[~2020-04-23 20:27 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-22 19:20 [Buildroot] [PATCH 1/3] package/mbedtls: add BR2_PACKAGE_MBEDTLS_X509_UNSUPPORTED_CRITICAL_EXTENSION Fabrice Fontaine
2020-04-22 19:20 ` [Buildroot] [PATCH 2/3] package/uacme: allow selection of crypto backend Fabrice Fontaine
2020-04-22 19:20 ` [Buildroot] [PATCH 3/3] package/uacme: ualpn needs X509 unsupported critical extension support Fabrice Fontaine
2020-04-23 20:09 ` [Buildroot] [PATCH 1/3] package/mbedtls: add BR2_PACKAGE_MBEDTLS_X509_UNSUPPORTED_CRITICAL_EXTENSION Thomas Petazzoni
2020-04-23 20:27 ` Yann E. MORIN [this message]
2020-04-23 20:49 ` Thomas Petazzoni
2020-04-23 23:27 ` Nicola Di Lieto
2020-04-24 9:07 ` Yann E. MORIN
2020-04-24 11:26 ` Nicola Di Lieto
2020-04-24 11:32 ` Nicola Di Lieto
2020-04-24 11:48 ` Yann E. MORIN
2020-04-24 13:11 ` Nicola Di Lieto
2020-04-24 13:20 ` Fabrice Fontaine
2020-04-24 13:21 ` Thomas Petazzoni
2020-04-24 14:01 ` Fabrice Fontaine
2020-04-24 11:45 ` Yann E. MORIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200423202726.GR5035@scaer \
--to=yann.morin.1998@free.fr \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.