From 655a96453968e11a6fabac882ae99bc82f81acdc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 23 Jun 2015 10:48:44 +0200
Subject: [PATCH] Adapt check_key_usage to new weird bits

---
 include/mbedtls/x509_crt.h             | 16 +++++++++++-----
 library/x509_crt.c                     | 20 +++++++++++++++++---
 tests/suites/test_suite_x509parse.data |  9 +++++++++
 3 files changed, 37 insertions(+), 8 deletions(-)

diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 9f4160f90..622746045 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -335,19 +335,25 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
  * \brief          Check usage of certificate against keyUsage extension.
  *
  * \param crt      Leaf certificate used.
- * \param usage    Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT before using the
- *                 certificate to perform an RSA key exchange).
+ * \param usage    Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT
+ *                 before using the certificate to perform an RSA key
+ *                 exchange).
+ *
+ * \note           Except for decipherOnly and encipherOnly, a bit set in the
+ *                 usage argument means this bit MUST be set in the
+ *                 certificate. For decipherOnly and encipherOnly, it means
+ *                 that bit MAY be set.
  *
  * \return         0 is these uses of the certificate are allowed,
  *                 MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension
- *                 is present but does not contain all the bits set in the
- *                 usage argument.
+ *                 is present but does not match the usage argument.
  *
  * \note           You should only call this function on leaf certificates, on
  *                 (intermediate) CAs the keyUsage extension is automatically
  *                 checked by \c mbedtls_x509_crt_verify().
  */
-int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, unsigned int usage );
+int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
+                                      unsigned int usage );
 #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */
 
 #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 2285e1db6..051b61a79 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1519,10 +1519,24 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
 }
 
 #if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
-int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, unsigned int usage )
+int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
+                                      unsigned int usage )
 {
-    if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) != 0 &&
-        ( crt->key_usage & usage ) != usage )
+    unsigned int usage_must, usage_may;
+    unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY
+                          | MBEDTLS_X509_KU_DECIPHER_ONLY;
+
+    if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 )
+        return( 0 );
+
+    usage_must = usage & ~may_mask;
+
+    if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    usage_may = usage & may_mask;
+
+    if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may )
         return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
 
     return( 0 );
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 0be6c712a..6ab4b21ad 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1128,6 +1128,15 @@ x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_CERT
 X509 crt keyUsage #8 (extension present, combined KU one absent)
 x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_KEY_AGREEMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA
 
+X509 crt keyUsage #9 (extension present, decOnly allowed absent)
+x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0
+
+X509 crt keyUsage #10 (extension present, decOnly non-allowed present)
+x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA
+
+X509 crt keyUsage #11 (extension present, decOnly allowed present)
+x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0
+
 X509 crt extendedKeyUsage #1 (no extension, serverAuth)
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 x509_check_extended_key_usage:"data_files/server5.crt":"2B06010505070301":0