From 3b73c6e3ae2fd6444d1b9ea17c46bd26a7286acf Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Tue, 19 Oct 2021 16:52:08 -0600
Subject: [PATCH] handle multiple permitted name constraints

---
 certs/test/cert-ext-mnc.der | Bin 0 -> 1086 bytes
 certs/test/gen-ext-certs.sh |  29 +++++++
 tests/api.c                 | 161 +++++++++++++++++++++++++++++++++++-
 wolfcrypt/src/asn.c         |  13 +++
 4 files changed, 202 insertions(+), 1 deletion(-)
 create mode 100644 certs/test/cert-ext-mnc.der

diff --git a/certs/test/cert-ext-mnc.der b/certs/test/cert-ext-mnc.der
new file mode 100644
index 0000000000000000000000000000000000000000..b7df09abb97d680921cdbd83b8612f117ef4a6b1
GIT binary patch
literal 1086
zcmXqLVzDx4Vpdwf%*4pV#K|xvNJoCQSb~HBFB_*;n@8JsUPeZ4RtAG=Lv903Hs(+k
zHen{mP(xt@K@f+7hbyo&H8rm|CowO@P|$!MB*@Og;Z&4aoRpZCYA9kL1QO!n;V#e5
zNed44QSi)5hKX|XaJ%NEXXd4*7G>t88%h|6fz&ed@RygD>w(l47w70D=jR&8iSrs6
z8X6c{8W|Z|8d*k(^BS2Lm>ZfxxdZFCCPpRXz+z-&U~XdMXE11D<YH=KWMnunmE&Q!
z<EO&h?U!5~)frQdxvu-PN5x>r)N}fN*S^Vg?5UamdqsNvznD3JrQf?wu|GG}?|-<r
z`hb4T>Xa4Ye@?|#?|Pv4v`8;sukFUv;#+H^gLlT;Uzg-n^?#V09N5jBV!zgT$5NRX
zlg;ZG79=12R?i)oQBl0CM`9&Y?)t-$jCwl+9v?g7uqAV`n{j4)-jUtn%RaxjyS8{w
zwZ7ukziELydqXxq%#D}Xqg;HEletsmlEBWC!&(;>PV?IH@QPIQ@dXDCCRgygm>U>P
zYcNuty0Cng@TKX+k789%X7L`jOjxpIL#C4x=gS)$dyEw}M<^{{_4>%eXNk>6FHO6D
z^Me1{>rBjy42+8#4;VD=HIQXv4wdC&5n~bAENFCc(u|fzCx2Y9&SQ2uCC}GqV;~Qb
zR%Vef5Np7$0F;<yg&7(Dvv3%&F*5#VVq`Gj18L$1iLo#<F}4}#f%tMDzKVg;0tExU
zMjn*J1mdSwB<2?6q=FNdIvZy~n+Idt4<|-m7AY}_kksOm%)E4kyu{p8h2;Fa;*z4o
z%)F9f<VfZQM=~Qr>&&|N-kWEe{_For^io~8K=x<UIk~G>8C;e%E;Z*C(yod-a&NM%
z)r7R=L3{7ji0Ds>i(4yOwbP^O@`t%S7g`jB<wQSy>)CgsP<+eX?=IJ+Mb9@rJfG@U
zb6G#Iv0`(Az})l7UnZ+M1b%*@sQo3>-;DYC19fXNrH@9e>}{Sx1>27s?Kq_IVx@*<
z;p6w-m(<m_{CdB+)%$3s3sZSUQUuE^cGK#+&IfA#@OU&vrqA#c7vG)`HT|4?uSi8N
zhm85hTyeLcB{mPve-ShgI`KDAJukk$>TglT3KQqf(i=7GBB8&&24-;w7Wu0PB=Ir`
Y?Vr)*di+mtOY_I-U2H5R&;OhP0C8o4c>n+a

literal 0
HcmV?d00001

diff --git a/certs/test/gen-ext-certs.sh b/certs/test/gen-ext-certs.sh
index 045942d71..f63e86e84 100755
--- a/certs/test/gen-ext-certs.sh
+++ b/certs/test/gen-ext-certs.sh
@@ -46,6 +46,35 @@ nsComment       = "Testing name constraints"
 EOF
 gen_cert
 
+
+OUT=certs/test/cert-ext-mnc.der
+KEYFILE=certs/test/cert-ext-mnc-key.der
+CONFIG=certs/test/cert-ext-mnc.cfg
+tee >$CONFIG <<EOF
+[ req ]
+distinguished_name = req_distinguished_name
+prompt             = no
+x509_extensions    = v3_ca
+
+[ req_distinguished_name ]
+C             = AU
+ST            = Queensland
+L             = Brisbane
+O             = wolfSSL Inc
+OU            = Engineering
+CN            = www.wolfssl.com
+
+[ v3_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true, pathlen:0
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+nameConstraints = critical,permitted;email:.wolfssl.com, permitted;email:.example.com
+nsComment       = "Testing name constraints"
+
+EOF
+gen_cert
+
 OUT=certs/test/cert-ext-ia.der
 KEYFILE=certs/test/cert-ext-ia-key.der
 CONFIG=certs/test/cert-ext-ia.cfg
diff --git a/tests/api.c b/tests/api.c
index a3d658a47..6847ac556 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -1571,7 +1571,6 @@ static void test_wolfSSL_CertManagerNameConstraint(void)
     X509_NAME_free(name);
 
     wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE);
-    (void)altEmail;
 
     AssertIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
     #if 0
@@ -1808,6 +1807,165 @@ static void test_wolfSSL_CertManagerNameConstraint2(void)
 #endif
 }
 
+static void test_wolfSSL_CertManagerNameConstraint3(void)
+{
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
+    !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
+    defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
+    defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
+    !defined(NO_SHA256)
+    WOLFSSL_CERT_MANAGER* cm;
+    WOLFSSL_EVP_PKEY *priv;
+    WOLFSSL_X509_NAME* name;
+    const char* ca_cert = "./certs/test/cert-ext-mnc.der";
+    const char* server_cert = "./certs/test/server-goodcn.pem";
+
+    byte    *der;
+    int     derSz;
+    byte    *pt;
+    WOLFSSL_X509 *x509, *ca;
+
+    pt = (byte*)server_key_der_2048;
+    AssertNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
+                (const unsigned char**)&pt, sizeof_server_key_der_2048));
+
+    AssertNotNull(cm = wolfSSL_CertManagerNew());
+    AssertNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert,
+                WOLFSSL_FILETYPE_ASN1));
+    AssertNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz)));
+#if 0
+    {
+        //write out x509 for test
+        BIO* out = BIO_new(wolfSSL_BIO_s_file());
+        if (out != NULL) {
+            FILE* f= fopen("ca.der", "wb");
+            BIO_set_fp(out, f, BIO_CLOSE);
+            BIO_write(out, der, derSz);
+            BIO_free(out);
+        }
+    }
+#endif
+    AssertIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
+                WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
+
+    /* check satisfying .wolfssl.com constraint passes */
+    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
+                WOLFSSL_FILETYPE_PEM));
+    AssertNotNull(name = wolfSSL_X509_get_subject_name(ca));
+    AssertIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
+
+    AssertNotNull(name = X509_NAME_new());
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
+                                       (byte*)"US", 2, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
+                             (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
+                     (byte*)"support@info.wolfssl.com", 24, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
+    X509_NAME_free(name);
+
+    wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE);
+
+    AssertIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
+    #if 0
+    {
+        //write out good x509 for test
+        BIO* out = BIO_new(wolfSSL_BIO_s_file());
+        if (out != NULL) {
+            FILE* f= fopen("good-1st-constraint-cert.pem", "wb");
+            BIO_set_fp(out, f, BIO_CLOSE);
+            PEM_write_bio_X509(out, x509);
+            BIO_free(out);
+        }
+    }
+    #endif
+
+    AssertNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
+    AssertIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
+                WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
+    wolfSSL_X509_free(x509);
+
+    /* check satisfying .random.com constraint passes */
+    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
+                WOLFSSL_FILETYPE_PEM));
+    AssertNotNull(name = wolfSSL_X509_get_subject_name(ca));
+    AssertIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
+
+    AssertNotNull(name = X509_NAME_new());
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
+                                       (byte*)"US", 2, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
+                             (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
+                     (byte*)"support@info.example.com", 24, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
+    X509_NAME_free(name);
+
+    wolfSSL_X509_add_altname(x509, "wolfssl@info.example.com", ASN_RFC822_TYPE);
+
+    AssertIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
+    #if 0
+    {
+        //write out good x509 for test
+        BIO* out = BIO_new(wolfSSL_BIO_s_file());
+        if (out != NULL) {
+            FILE* f= fopen("good-2nd-constraint-cert.pem", "wb");
+            BIO_set_fp(out, f, BIO_CLOSE);
+            PEM_write_bio_X509(out, x509);
+            BIO_free(out);
+        }
+    }
+    #endif
+
+    AssertNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
+    AssertIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
+                WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
+    wolfSSL_X509_free(x509);
+
+    /* check fail case when neither constraint is matched */
+    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
+                WOLFSSL_FILETYPE_PEM));
+    AssertNotNull(name = wolfSSL_X509_get_subject_name(ca));
+    AssertIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
+
+    AssertNotNull(name = X509_NAME_new());
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
+                                       (byte*)"US", 2, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
+                             (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
+                     (byte*)"support@info.com", 24, -1, 0), SSL_SUCCESS);
+    AssertIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
+    X509_NAME_free(name);
+
+    wolfSSL_X509_add_altname(x509, "wolfssl@info.com", ASN_RFC822_TYPE);
+
+    AssertIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
+    #if 0
+    {
+        //write out good x509 for test
+        BIO* out = BIO_new(wolfSSL_BIO_s_file());
+        if (out != NULL) {
+            FILE* f= fopen("bad-cert.pem", "wb");
+            BIO_set_fp(out, f, BIO_CLOSE);
+            PEM_write_bio_X509(out, x509);
+            BIO_free(out);
+        }
+    }
+    #endif
+
+    AssertNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
+    AssertIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
+                WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
+    wolfSSL_X509_free(x509);
+
+    wolfSSL_CertManagerFree(cm);
+    wolfSSL_X509_free(x509);
+    wolfSSL_X509_free(ca);
+    wolfSSL_EVP_PKEY_free(priv);
+#endif
+}
+
 static void test_wolfSSL_CertManagerCRL(void)
 {
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(HAVE_CRL) && \
@@ -50397,6 +50555,7 @@ void ApiTest(void)
     test_wolfSSL_CertManagerSetVerify();
     test_wolfSSL_CertManagerNameConstraint();
     test_wolfSSL_CertManagerNameConstraint2();
+    test_wolfSSL_CertManagerNameConstraint3();
     test_wolfSSL_CertManagerCRL();
     test_wolfSSL_CTX_load_verify_locations_ex();
     test_wolfSSL_CTX_load_verify_buffer_ex();
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 32a0817b5..8b37a33cb 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -13501,6 +13501,10 @@ static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
                     if (name != NULL)
                         needDns = 1;
 
+                    /* check if already found a matching permitted subtree */
+                    if (matchDns == 1)
+                        break;
+
                     while (name != NULL) {
                         matchDns = MatchBaseName(ASN_DNS_TYPE,
                                           name->name, name->len,
@@ -13522,6 +13526,10 @@ static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
                     if (name != NULL)
                         needEmail = 1;
 
+                    /* check if already found a matching permitted subtree */
+                    if (matchEmail == 1)
+                        break;
+
                     while (name != NULL) {
                         matchEmail = MatchBaseName(ASN_DNS_TYPE,
                                           name->name, name->len,
@@ -13540,6 +13548,11 @@ static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
                 {
                     /* allow permitted dirName smaller than actual subject */
                     needDir = 1;
+
+                    /* check if already found a matching permitted subtree */
+                    if (matchDir == 1)
+                        break;
+
                     if (cert->subjectRaw != NULL &&
                         cert->subjectRawLen >= base->nameSz &&
                         XMEMCMP(cert->subjectRaw, base->name,