commit 708d78f80b8b3c3cda9f46977a67625149c30591
author Waleed Elmelegy <waleed.elmelegy@arm.com> Wed Jul 19 14:01:35 2023 +0100
committer Waleed Elmelegy <waleed.elmelegy@arm.com> Wed Jul 19 14:01:35 2023 +0100
tree f77b7eee80b7bf7819658197a9eb0c5063d07cd0
parent caa6a1fd0d132c7329f3f3b072fae0690d136993

Improve & test legacy mbedtls_pkcs5_pbe2

* Prevent pkcs5_pbe2 encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Add tests to check these scenarios. Test data has been
  reused but with changing padding data in last block to
  check for valid/invalid padding.
* Document new behaviour, known limitations and possible
  security concerns.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

tests/suites/test_suite_pkcs5.function

diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index 9f99586..1f1d052 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -27,6 +27,36 @@
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+void pbes2_encrypt(int params_tag, data_t *params_hex, data_t *pw,
+                   data_t *data, int ref_ret, data_t *ref_out)
+{
+    int my_ret;
+    mbedtls_asn1_buf params;
+    unsigned char *my_out = NULL;
+
+    MD_PSA_INIT();
+
+    params.tag = params_tag;
+    params.p = params_hex->x;
+    params.len = params_hex->len;
+
+    ASSERT_ALLOC(my_out, ref_out->len);
+
+    my_ret = mbedtls_pkcs5_pbes2(&params, MBEDTLS_PKCS5_ENCRYPT,
+                                 pw->x, pw->len, data->x, data->len, my_out);
+    TEST_EQUAL(my_ret, ref_ret);
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, ref_out->len,
+                       ref_out->x, ref_out->len);
+    }
+
+exit:
+    mbedtls_free(my_out);
+    MD_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
 void mbedtls_pkcs5_pbes2(int params_tag, data_t *params_hex, data_t *pw,
                          data_t *data, int ref_ret, data_t *ref_out)
 {
@@ -40,14 +70,14 @@
     params.p = params_hex->x;
     params.len = params_hex->len;
 
-    my_out = mbedtls_test_zero_alloc(ref_out->len);
+    ASSERT_ALLOC(my_out, ref_out->len);
 
     my_ret = mbedtls_pkcs5_pbes2(&params, MBEDTLS_PKCS5_DECRYPT,
                                  pw->x, pw->len, data->x, data->len, my_out);
-    TEST_ASSERT(my_ret == ref_ret);
-
+    TEST_EQUAL(my_ret, ref_ret);
     if (ref_ret == 0) {
-        TEST_ASSERT(memcmp(my_out, ref_out->x, ref_out->len) == 0);
+        ASSERT_COMPARE(my_out, ref_out->len,
+                       ref_out->x, ref_out->len);
     }
 
 exit: