TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 11:11:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clarify CRL security guarantees

Browse Source 
Signed-off-by: Janos Follath <janos.follath@arm.com>
This commit is contained in:
Janos Follath
2026-01-19 14:42:11 +00:00
parent ec4044008d
commit b712065a2e
1 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
SECURITY.md
View File

@@ -110,19 +110,20 @@ considered a vulnerability.
#### Formatting of X.509 certificates and certificate signing requests
When parsing X.509 certificates and certificate signing requests (CSRs),
Mbed TLS does not check that they are strictly compliant with X.509 and other
relevant standards. In the case of signed certificates, the signing party is
assumed to have performed this validation (and the certificate is trusted to
be correctly formatted as long as the signature is correct).
Similarly, CSRs are implicitly trusted by Mbed TLS to be standards-compliant.
When parsing X.509 certificates, certificate signing requests (CSRs) or
certificate revocation lists (CRLs) Mbed TLS does not check that they are
strictly compliant with X.509 and other relevant standards. In the case of
signed certificates and signed CRLs, the signing party is assumed to have
performed this validation (and the certificate or CRL is trusted to be correctly
formatted as long as the signature is correct). Similarly, CSRs are implicitly
trusted by Mbed TLS to be standards-compliant.
**Warning!** Mbed TLS must not be used to sign untrusted CSRs unless extra
validation is performed separately to ensure that they are compliant to the
relevant specifications. This makes Mbed TLS on its own unsuitable for use in
a Certificate Authority (CA).
**Warning!** Mbed TLS must not be used to sign untrusted CSRs or CRLs unless
extra validation is performed separately to ensure that they are compliant to
the relevant specifications. This makes Mbed TLS on its own unsuitable for use
in a Certificate Authority (CA).
However, Mbed TLS aims to protect against memory corruption and other
undefined behavior when parsing certificates and CSRs. If a CSR or signed
undefined behavior when parsing certificates, CSRs and CRLs. If a CSR or signed
certificate causes undefined behavior when it is parsed by Mbed TLS, that
is considered a security vulnerability.