Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSR generation does not return an error when generating an invalid subject #2969

Closed
RonEld opened this issue Dec 25, 2019 · 1 comment · Fixed by #7849
Closed

CSR generation does not return an error when generating an invalid subject #2969

RonEld opened this issue Dec 25, 2019 · 1 comment · Fixed by #7849
Assignees
@davidhorstmann-arm
Labels
bug component-x509 historical-reviewing Currently reviewing (for legacy PR/issues)

Comments

@RonEld
Copy link
Contributor

RonEld commented Dec 25, 2019
edited

Description

  • Type: Bug
  • Priority: Minor

As reported in the forum

Bug

mbed TLS build:
Version: git commit id 252faff

Version:

Expected behavior
CSR generation should return a failure, because the subject is not a valid DN, and the generated CSR is invalid

Actual behavior
CSR generation succeeds. ( later CSR parsing fails)

Steps to reproduce

./cert_req filename=private_key-2.pem subject_name=dannybackx.hopto.org
  . Seeding the random number generator... ok
  . Checking subject name... ok
  . Loading the private key ... ok
  . Writing the certificate request ... ok
acer: {52} ./req_app

  . Loading the CSR ... failed
  !  mbedtls_x509_csr_parse_file returned -9184
@RonEld
Copy link
Contributor Author

RonEld commented Dec 25, 2019

Note that the cert_req help message shows a valid subject_name so I would consider the priority of this issue as Minor, however I would still expect an error being raised in this case

@tom-cosgrove-arm tom-cosgrove-arm added the historical-reviewing Currently reviewing (for legacy PR/issues) label Mar 2, 2023
@davidhorstmann-arm davidhorstmann-arm self-assigned this Jun 27, 2023
@davidhorstmann-arm davidhorstmann-arm mentioned this issue Jun 27, 2023
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidhorstmann-arm davidhorstmann-arm

Labels
bug component-x509 historical-reviewing Currently reviewing (for legacy PR/issues)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix false success return code in mbedtls_x509_string_to_names() davidhorstmann-arm/mbedtls
3 participants
@RonEld @davidhorstmann-arm @tom-cosgrove-arm