Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 2.28] Add X.509 formatting validation to SECURITY.md #9920

Open
wants to merge 2 commits into
base: mbedtls-2.28
Choose a base branch
from
Open

[Backport 2.28] Add X.509 formatting validation to SECURITY.md #9920

wants to merge 2 commits into from
+19 −0

Conversation

davidhorstmann-arm
Copy link
Contributor

@davidhorstmann-arm davidhorstmann-arm commented Jan 22, 2025
edited
Loading

Clarify that strict formatting of X.509 certificates is not checked by Mbed TLS and that it therefore should not be used to construct a CA.

PR checklist

Please remove the segment/s on either side of the | symbol as appropriate, and add any relevant link/s to the end of the line.
If the provided content is part of the present PR remove the # symbol.

@davidhorstmann-arm
Add X.509 formatting validation to SECURITY.md
110e534 
Clarify that strict formatting of X.509 certificates is not checked by
Mbed TLS and that it therefore should not be used to construct a CA.

Signed-off-by: David Horstmann <[email protected]>
This was referenced Jan 22, 2025
Open
Open
@davidhorstmann-arm davidhorstmann-arm added needs-review Every commit must be reviewed by at least two team members, needs-ci Needs to pass CI tests needs-reviewer This PR needs someone to pick it up for review labels Jan 22, 2025
@davidhorstmann-arm
Add paragraph on undefined behaviour
2c400fc 
Add a note that we do aim to protect against undefined behaviour and
undefined behaviour in certificate parsing is in scope.

Signed-off-by: David Horstmann <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
needs-ci Needs to pass CI tests needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@davidhorstmann-arm