Fix heap overflow issue in pkcs5_pbes2 testing functions
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data
index 8cbecb9..5bb826d 100644
--- a/tests/suites/test_suite_pkcs5.data
+++ b/tests/suites/test_suite_pkcs5.data
@@ -236,11 +236,11 @@
PBES2 Decrypt (bad password)
depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606":0
+mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606":144
PBES2 Decrypt (bad iter value)
depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606":0
+mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606":144
PKCS#5 Selftest
pkcs5_selftest:
diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index 86c6a05..05ce1db 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -29,7 +29,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
void pbes2_encrypt(int params_tag, data_t *params_hex, data_t *pw,
- data_t *data, int datalen, int ref_ret,
+ data_t *data, int outsize, int ref_ret,
data_t *ref_out, int ref_out_len)
{
int my_ret;
@@ -46,7 +46,7 @@
params.p = params_hex->x;
params.len = params_hex->len;
- ASSERT_ALLOC(my_out, datalen);
+ ASSERT_ALLOC(my_out, ref_out->len);
my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_ENCRYPT,
pw->x, pw->len, data->x, data->len, my_out);
@@ -61,12 +61,11 @@
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
my_ret = mbedtls_pkcs5_pbes2_ext(¶ms, MBEDTLS_PKCS5_ENCRYPT,
pw->x, pw->len, data->x, data->len, my_out,
- datalen, &my_out_len);
+ outsize, &my_out_len);
TEST_EQUAL(my_ret, ref_ret);
if (ref_ret == 0) {
- ASSERT_COMPARE(my_out, ref_out->len,
- ref_out->x, ref_out->len);
- TEST_EQUAL(my_out_len, (size_t) ref_out_len);
+ ASSERT_COMPARE(my_out, my_out_len,
+ ref_out->x, ref_out_len);
}
#endif
@@ -78,7 +77,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
void mbedtls_pkcs5_pbes2(int params_tag, data_t *params_hex, data_t *pw,
- data_t *data, int datalen, int ref_ret,
+ data_t *data, int outsize, int ref_ret,
data_t *ref_out, int ref_out_len)
{
int my_ret;
@@ -97,7 +96,7 @@
params.p = params_hex->x;
params.len = params_hex->len;
- ASSERT_ALLOC(my_out, datalen);
+ ASSERT_ALLOC(my_out, ref_out->len);
my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_DECRYPT,
pw->x, pw->len, data->x, data->len, my_out);
@@ -111,12 +110,11 @@
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
my_ret = mbedtls_pkcs5_pbes2_ext(¶ms, MBEDTLS_PKCS5_DECRYPT,
pw->x, pw->len, data->x, data->len, my_out,
- datalen, &my_out_len);
+ outsize, &my_out_len);
TEST_EQUAL(my_ret, ref_ret);
if (ref_ret == 0) {
- ASSERT_COMPARE(my_out, ref_out->len,
- ref_out->x, ref_out->len);
- TEST_EQUAL(my_out_len, (size_t) ref_out_len);
+ ASSERT_COMPARE(my_out, my_out_len,
+ ref_out->x, ref_out_len);
}
#endif