Niels Möller writes:
> I noticed that there are two failures in the ci builds. See
> https://gitlab.com/gnutls/nettle/-/pipelines/1178451395.
>
> One failure is the new side-channel test failing with mini-gmp. Which is
> expected, the test should just be skipped in mini-gmp builds (similar to
> several other sc tests).
Yes, I'm attaching the patch for this.
> The other is a complaint from ubsan. I guess it's related to the label
> == NULL case. I don't know what's the proper place for a fix, maybe it's
> not in the new code. I think the Nettle APIs should generally allow size
> == 0, ptr == NULL more or less everywhere, even where libc functions we
> use formally require ptr != NULL.
This is similar to this issue:
https://gitlab.com/gnutls/gnutls/-/issues/1306
where we passed NULL to sha*_update in the GnuTLS code, though it turned
to be a non-issue.
In the RSA-OAEP case, I'm not exactly sure whether we should be able to
safely special case label == NULL as its hash is part of plaintext data
block. Therefore I'm adding label = "" at the API entry points.
Regards,
--
Daiki Ueno
>From 9ffbac0aa6807231a6842a1ee67f6999c9c2c97a Mon Sep 17 00:00:00 2001
From: Daiki Ueno
Date: Sat, 17 Feb 2024 08:58:47 +0900
Subject: [PATCH] Fix a couple of CI failures in rsa-oaep-encrypt-test
- Skip sc-rsa-oaep-encrypt-test when compiled with mini-gmp
- Pass in "" as label if it was NULL, to pacify __nonnull nature of
memcpy
Signed-off-by: Daiki Ueno
---
rsa-oaep-decrypt.c| 7 +++
rsa-oaep-encrypt.c| 7 +++
testsuite/rsa-oaep-encrypt-test.c | 4
3 files changed, 18 insertions(+)
diff --git a/rsa-oaep-decrypt.c b/rsa-oaep-decrypt.c
index 4006a021..2c00422c 100644
--- a/rsa-oaep-decrypt.c
+++ b/rsa-oaep-decrypt.c
@@ -55,6 +55,13 @@ _rsa_oaep_decrypt (const struct rsa_public_key *pub,
TMP_GMP_DECL (m, mp_limb_t);
TMP_GMP_DECL (em, uint8_t);
int res;
+ const uint8_t empty = 0;
+
+ if (label == NULL)
+{
+ assert (label_length == 0);
+ label =
+}
TMP_GMP_ALLOC (m, mpz_size (pub->n));
TMP_GMP_ALLOC (em, key->size);
diff --git a/rsa-oaep-encrypt.c b/rsa-oaep-encrypt.c
index 488821f0..7e6bb1e5 100644
--- a/rsa-oaep-encrypt.c
+++ b/rsa-oaep-encrypt.c
@@ -51,9 +51,16 @@ _rsa_oaep_encrypt (const struct rsa_public_key *key,
uint8_t *ciphertext)
{
mpz_t gibberish;
+ const uint8_t empty = 0;
mpz_init (gibberish);
+ if (label == NULL)
+{
+ assert (label_length == 0);
+ label =
+}
+
if (_oaep_encode_mgf1 (gibberish, key->size,
random_ctx, random,
hash_ctx, hash,
diff --git a/testsuite/rsa-oaep-encrypt-test.c b/testsuite/rsa-oaep-encrypt-test.c
index 3d9808a5..511c2744 100644
--- a/testsuite/rsa-oaep-encrypt-test.c
+++ b/testsuite/rsa-oaep-encrypt-test.c
@@ -530,6 +530,10 @@ test_encrypt (void)
void
test_main (void)
{
+#if NETTLE_USE_MINI_GMP || WITH_EXTRA_ASSERTS
+ if (test_side_channel)
+SKIP();
+#endif
test_encrypt_decrypt ();
test_encrypt ();
}
--
2.43.0
___
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se
