diff options
author | Niels Möller <nisse@lysator.liu.se> | 2021-05-06 21:30:23 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2021-06-08 21:29:50 +0200 |
commit | fd6d9ba7ca92912762c072fcf74490bc5d63d633 (patch) | |
tree | 567f13b9c947355077c8bf02845f651138b6fc98 /testsuite | |
parent | a46a17e9f57c64984d5246aa3475e45f8c562ec7 (diff) | |
download | nettle-fd6d9ba7ca92912762c072fcf74490bc5d63d633.tar.gz |
Add check that message length to _pkcs1_sec_decrypt is valid.
* pkcs1-sec-decrypt.c (_pkcs1_sec_decrypt): Check that message
length is valid, for given key size.
* testsuite/rsa-sec-decrypt-test.c (test_main): Add test cases for
calls to rsa_sec_decrypt specifying a too large message length.
(cherry picked from commit 7616541e6eff73353bf682c62e3a68e4fe696707)
Diffstat (limited to 'testsuite')
-rw-r--r-- | testsuite/rsa-sec-decrypt-test.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/testsuite/rsa-sec-decrypt-test.c b/testsuite/rsa-sec-decrypt-test.c index fb0ed3a1..3419322e 100644 --- a/testsuite/rsa-sec-decrypt-test.c +++ b/testsuite/rsa-sec-decrypt-test.c @@ -55,6 +55,7 @@ rsa_decrypt_for_test(const struct rsa_public_key *pub, #endif #define PAYLOAD_SIZE 50 +#define DECRYPTED_SIZE 256 void test_main(void) { @@ -63,7 +64,7 @@ test_main(void) struct knuth_lfib_ctx random_ctx; uint8_t plaintext[PAYLOAD_SIZE]; - uint8_t decrypted[PAYLOAD_SIZE]; + uint8_t decrypted[DECRYPTED_SIZE]; uint8_t verifybad[PAYLOAD_SIZE]; unsigned n_size = 1024; mpz_t gibberish; @@ -99,6 +100,20 @@ test_main(void) PAYLOAD_SIZE, decrypted, gibberish) == 1); ASSERT (MEMEQ (PAYLOAD_SIZE, plaintext, decrypted)); + ASSERT (pub.size > 10); + ASSERT (pub.size <= DECRYPTED_SIZE); + + /* Check that too large message length is rejected, largest + valid size is pub.size - 11. */ + ASSERT (!rsa_decrypt_for_test (&pub, &key, &random_ctx, + (nettle_random_func *) knuth_lfib_random, + pub.size - 10, decrypted, gibberish)); + + /* This case used to result in arithmetic underflow and a crash. */ + ASSERT (!rsa_decrypt_for_test (&pub, &key, &random_ctx, + (nettle_random_func *) knuth_lfib_random, + pub.size, decrypted, gibberish)); + /* bad one */ memcpy(decrypted, verifybad, PAYLOAD_SIZE); nettle_mpz_random_size(garbage, &random_ctx, |