commit ba8a0652309f012b594fecf4a0b5efe91fa17cec
author Gilles Peskine <gilles.peskine@arm.com> Wed Mar 04 19:01:29 2020 +0100
committer GitHub <noreply@github.com> Wed Mar 04 19:01:29 2020 +0100
tree 3423397e9bedd7042903fa68d17f90c5e2158e39
parent 59e584949d2fb827c3862964b2d6d913abe072c1
parent 68192fcd3a162948178b83cbecdf19efb1430e73

Merge pull request #3082 from mpg/all-sh-config-py-dev

Fix remaining occurrences of config.pl in all.sh

programs/fuzz/fuzz_privkey.c

diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c
index 178d17b..6c968fd 100644
--- a/programs/fuzz/fuzz_privkey.c
+++ b/programs/fuzz/fuzz_privkey.c
@@ -44,20 +44,26 @@
         else
 #endif
 #if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
+        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ||
+            mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH )
         {
-            mbedtls_ecp_keypair *ecp;
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
+            mbedtls_ecp_group_id grp_id = ecp->grp.id;
+            const mbedtls_ecp_curve_info *curve_info =
+                mbedtls_ecp_curve_info_from_grp_id( grp_id );
 
-            ecp = mbedtls_pk_ec( pk );
-            if (ecp) {
-                ret = 0;
-            }
+            /* If the curve is not supported, the key should not have been
+             * accepted. */
+            if( curve_info == NULL )
+                abort( );
         }
         else
 #endif
-            {
-                ret = 0;
-            }
+        {
+            /* The key is valid but is not of a supported type.
+             * This should not happen. */
+            abort( );
+        }
     }
     mbedtls_pk_free( &pk );
 #else

programs/fuzz/fuzz_pubkey.c

diff --git a/programs/fuzz/fuzz_pubkey.c b/programs/fuzz/fuzz_pubkey.c
index 38eacfb..9e80350 100644
--- a/programs/fuzz/fuzz_pubkey.c
+++ b/programs/fuzz/fuzz_pubkey.c
@@ -21,7 +21,10 @@
             mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
 
             rsa = mbedtls_pk_rsa( pk );
-            if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != 0 ) {
+            if ( mbedtls_rsa_export( rsa, &N, NULL, NULL, NULL, &E ) != 0 ) {
+                abort();
+            }
+            if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) {
                 abort();
             }
             if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) {
@@ -36,20 +39,30 @@
         else
 #endif
 #if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
+        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ||
+            mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH )
         {
-            mbedtls_ecp_keypair *ecp;
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
+            mbedtls_ecp_group_id grp_id = ecp->grp.id;
+            const mbedtls_ecp_curve_info *curve_info =
+                mbedtls_ecp_curve_info_from_grp_id( grp_id );
 
-            ecp = mbedtls_pk_ec( pk );
-            //dummy use of value
-            if (ecp) {
-                ret = 0;
-            }
+            /* If the curve is not supported, the key should not have been
+             * accepted. */
+            if( curve_info == NULL )
+                abort( );
+
+            /* It's a public key, so the private value should not have
+             * been changed from its initialization to 0. */
+            if( mbedtls_mpi_cmp_int( &ecp->d, 0 ) != 0 )
+                abort( );
         }
         else
 #endif
         {
-            ret = 0;
+            /* The key is valid but is not of a supported type.
+             * This should not happen. */
+            abort( );
         }
     }
     mbedtls_pk_free( &pk );