CVS commit: src

Fri, 15 Mar 2024 08:32:17 -0700 

Module Name:    src
Committed By:   riastradh
Date:           Fri Mar 15 15:32:07 UTC 2024

Modified Files:
        src/distrib/sets/lists/debug: mi
        src/distrib/sets/lists/tests: mi
        src/tests/crypto/libcrypto: Makefile
Added Files:
        src/tests/crypto/libcrypto: t_sha512trunc.c

Log Message:
libcrypto: Add some trivial tests for truncated SHA-512 variants.

These should use more of the test vectors from

https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing

but this will do for now to detect the buffer overrun rake we left
lying around for ourselves.

PR lib/58039


To generate a diff of this commit:
cvs rdiff -u -r1.429 -r1.430 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.1310 -r1.1311 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.15 -r1.16 src/tests/crypto/libcrypto/Makefile
cvs rdiff -u -r0 -r1.1 src/tests/crypto/libcrypto/t_sha512trunc.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/distrib/sets/lists/debug/mi
diff -u src/distrib/sets/lists/debug/mi:1.429 src/distrib/sets/lists/debug/mi:1.430
--- src/distrib/sets/lists/debug/mi:1.429	Thu Feb 22 01:13:43 2024
+++ src/distrib/sets/lists/debug/mi	Fri Mar 15 15:32:07 2024
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.429 2024/02/22 01:13:43 christos Exp $
+# $NetBSD: mi,v 1.430 2024/03/15 15:32:07 riastradh Exp $
 ./etc/mtree/set.debug                           comp-sys-root
 ./usr/lib					comp-sys-usr		compatdir
 ./usr/lib/i18n/libBIG5_g.a			comp-c-debuglib		debuglib,compatfile
@@ -1650,6 +1650,7 @@
 ./usr/libdata/debug/usr/tests/crypto/libcrypto/h_srptest.debug		tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/libcrypto/h_threadstest.debug	tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/libcrypto/h_x509v3test.debug	tests-crypto-debug	debug,atf,compattestfile,openssl=10
+./usr/libdata/debug/usr/tests/crypto/libcrypto/t_sha512trunc.debug	tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_aescbc.debug		tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_aesctr1.debug		tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_aesctr2.debug		tests-crypto-debug	debug,atf,compattestfile

Index: src/distrib/sets/lists/tests/mi
diff -u src/distrib/sets/lists/tests/mi:1.1310 src/distrib/sets/lists/tests/mi:1.1311
--- src/distrib/sets/lists/tests/mi:1.1310	Thu Mar 14 21:00:33 2024
+++ src/distrib/sets/lists/tests/mi	Fri Mar 15 15:32:07 2024
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.1310 2024/03/14 21:00:33 rillig Exp $
+# $NetBSD: mi,v 1.1311 2024/03/15 15:32:07 riastradh Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -1476,6 +1476,7 @@
 ./usr/tests/crypto/libcrypto/t_hashes			tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/libcrypto/t_libcrypto		tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/libcrypto/t_pubkey			tests-crypto-tests	compattestfile,atf
+./usr/tests/crypto/libcrypto/t_sha512trunc		tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/opencrypto				tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/opencrypto/Atffile			tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/opencrypto/Kyuafile			tests-crypto-tests	compattestfile,atf,kyua

Index: src/tests/crypto/libcrypto/Makefile
diff -u src/tests/crypto/libcrypto/Makefile:1.15 src/tests/crypto/libcrypto/Makefile:1.16
--- src/tests/crypto/libcrypto/Makefile:1.15	Mon May  8 17:46:06 2023
+++ src/tests/crypto/libcrypto/Makefile	Fri Mar 15 15:32:07 2024
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.15 2023/05/08 17:46:06 christos Exp $
+# $NetBSD: Makefile,v 1.16 2024/03/15 15:32:07 riastradh Exp $
 
 .include <bsd.own.mk>
 
@@ -18,6 +18,10 @@ SUBDIR += lhash sha x509v3
 
 TESTSDIR=	${TESTSBASE}/crypto/libcrypto
 
+TESTS_C+=		t_sha512trunc
+DPADD.t_sha512trunc+=	${LIBCRYPTO}
+LDADD.t_sha512trunc+=	-lcrypto
+
 .if ${HAVE_OPENSSL} == 10
 TESTS_SH=	t_certs
 .endif

Added files:

Index: src/tests/crypto/libcrypto/t_sha512trunc.c
diff -u /dev/null src/tests/crypto/libcrypto/t_sha512trunc.c:1.1
--- /dev/null	Fri Mar 15 15:32:08 2024
+++ src/tests/crypto/libcrypto/t_sha512trunc.c	Fri Mar 15 15:32:07 2024
@@ -0,0 +1,174 @@
+/*	$NetBSD: t_sha512trunc.c,v 1.1 2024/03/15 15:32:07 riastradh Exp $	*/
+
+/*-
+ * Copyright (c) 2024 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: t_sha512trunc.c,v 1.1 2024/03/15 15:32:07 riastradh Exp $");
+
+#include <stddef.h>
+
+#include <atf-c.h>
+
+#include <openssl/evp.h>
+
+#include "h_macros.h"
+
+struct testcase {
+	const unsigned char in[128];
+	size_t inlen;
+	const unsigned char out[32];
+};
+
+static void
+check(const struct testcase *C, size_t n, size_t digestlen, const EVP_MD *md)
+{
+	enum { C0 = 0xc0, C1 = 0xc1 };
+	unsigned char *buf, *digest, *p0, *p1;
+	size_t i;
+
+	ATF_REQUIRE_MSG(digestlen <= INT_MAX, "digestlen=%zu", digestlen);
+	ATF_REQUIRE_EQ_MSG((int)digestlen, EVP_MD_size(md),
+	    "expected %d, got %d", (int)digestlen, EVP_MD_size(md));
+
+	ATF_REQUIRE_MSG(digestlen < SIZE_MAX - 2048,
+	    "digestlen=%zu", digestlen);
+	REQUIRE_LIBC(buf = malloc(digestlen + 2048), NULL);
+	p0 = buf;
+	digest = buf + 1;
+	p1 = buf + 1 + digestlen;
+
+	for (i = 0; i < n; i++) {
+		EVP_MD_CTX *ctx;
+		unsigned digestlen1;
+
+		*p0 = C0;
+		*p1 = C1;
+
+#define	REQUIRE(x)	ATF_REQUIRE_MSG((x), "i=%zu", i)
+		REQUIRE(ctx = EVP_MD_CTX_new());
+		REQUIRE(EVP_DigestInit_ex(ctx, md, NULL));
+		REQUIRE(EVP_DigestUpdate(ctx, C->in, C->inlen));
+		REQUIRE(EVP_DigestFinal_ex(ctx, digest, &digestlen1));
+#undef	REQUIRE
+		ATF_CHECK_MSG(digestlen == digestlen1,
+		    "i=%zu: expected %zu got %u", i, digestlen, digestlen1);
+		EVP_MD_CTX_free(ctx);
+
+		ATF_CHECK_MSG(memcmp(digest, C->out, digestlen) == 0,
+		    "i=%zu", i);
+
+		ATF_CHECK_EQ_MSG(*p0, C0, "expected 0x%x got 0x%hhx", C0, *p0);
+		ATF_CHECK_EQ_MSG(*p1, C1, "expected 0x%x got 0x%hhx", C1, *p1);
+	}
+}
+
+/*
+ * Test vectors from:
+ *
+ * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing
+ */
+
+ATF_TC(sha512_224);
+ATF_TC_HEAD(sha512_224, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Test SHA512-224");
+}
+ATF_TC_BODY(sha512_224, tc)
+{
+	static const struct testcase C[] = {
+		[0] = {
+			.inlen = 0,
+			.out = {
+				0x6e,0xd0,0xdd,0x02, 0x80,0x6f,0xa8,0x9e,
+				0x25,0xde,0x06,0x0c, 0x19,0xd3,0xac,0x86,
+				0xca,0xbb,0x87,0xd6, 0xa0,0xdd,0xd0,0x5c,
+				0x33,0x3b,0x84,0xf4,
+			},
+		},
+		[1] = {
+			.inlen = 1,
+			.in = {
+				0xcf,
+			},
+			.out = {
+				0x41,0x99,0x23,0x9e, 0x87,0xd4,0x7b,0x6f,
+				0xed,0xa0,0x16,0x80, 0x2b,0xf3,0x67,0xfb,
+				0x6e,0x8b,0x56,0x55, 0xef,0xf6,0x22,0x5c,
+				0xb2,0x66,0x8f,0x4a,
+			},
+		},
+	};
+
+	atf_tc_expect_fail("PR lib/58039:"
+	    " Buffer overflow when writing a SHA512_224 or SHA512_256 digest");
+	check(C, __arraycount(C), 28, EVP_sha512_224());
+}
+
+ATF_TC(sha512_256);
+ATF_TC_HEAD(sha512_256, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Test SHA512-256");
+}
+ATF_TC_BODY(sha512_256, tc)
+{
+	static const struct testcase C[] = {
+		[0] = {
+			.inlen = 0,
+			.out = {
+				0xc6,0x72,0xb8,0xd1, 0xef,0x56,0xed,0x28,
+				0xab,0x87,0xc3,0x62, 0x2c,0x51,0x14,0x06,
+				0x9b,0xdd,0x3a,0xd7, 0xb8,0xf9,0x73,0x74,
+				0x98,0xd0,0xc0,0x1e, 0xce,0xf0,0x96,0x7a,
+			},
+		},
+		[1] = {
+			.inlen = 1,
+			.in = {
+				0xfa,
+			},
+			.out = {
+				0xc4,0xef,0x36,0x92, 0x3c,0x64,0xe5,0x1e,
+				0x87,0x57,0x20,0xe5, 0x50,0x29,0x8a,0x5a,
+				0xb8,0xa3,0xf2,0xf8, 0x75,0xb1,0xe1,0xa4,
+				0xc9,0xb9,0x5b,0xab, 0xf7,0x34,0x4f,0xef,
+			},
+		},
+	};
+
+	atf_tc_expect_fail("PR lib/58039:"
+	    " Buffer overflow when writing a SHA512_224 or SHA512_256 digest");
+	check(C, __arraycount(C), 32, EVP_sha512_256());
+}
+
+ATF_TP_ADD_TCS(tp)
+{
+
+	ATF_TP_ADD_TC(tp, sha512_224);
+	ATF_TP_ADD_TC(tp, sha512_256);
+
+	return atf_no_error();
+}

Reply via email to