From dace3acd4dfd75602b58d64ea073478e1045a2e2 Mon Sep 17 00:00:00 2001 From: aidan garske Date: Wed, 24 Jul 2024 16:53:15 -0700 Subject: [PATCH 1/2] api.c and asn.c changes to allow 0 to be passed in and expanded coverage on test cases (cherry picked from commit 8572f67e60d419ddd74d4a2b7051dcaa7d0ca6b4) --- tests/api.c | 26 +++++++++++++++++--------- wolfcrypt/src/asn.c | 15 +++++++++++---- 2 files changed, 28 insertions(+), 13 deletions(-) diff --git a/tests/api.c b/tests/api.c index 61d95ee635..ae8d268cd4 100644 --- a/tests/api.c +++ b/tests/api.c @@ -23340,7 +23340,11 @@ static int test_wc_Ed25519PublicKeyToDer(void) ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); - ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, derBuf, 1024, 1), 0); + /* length only */ + ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, NULL, 0, 0), 0); + ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, NULL, 0, 1), 0); + ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, derBuf, + (word32)sizeof(derBuf), 1), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); @@ -24233,8 +24237,11 @@ static int test_wc_Ed448PublicKeyToDer(void) ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); - - ExpectIntGT(wc_Ed448PublicKeyToDer(&key, derBuf, 1024, 1), 0); + /* length only */ + ExpectIntGT(wc_Ed448PublicKeyToDer(&key, NULL, 0, 0), 0); + ExpectIntGT(wc_Ed448PublicKeyToDer(&key, NULL, 0, 1), 0); + ExpectIntGT(wc_Ed448PublicKeyToDer(&key, derBuf, + (word32)sizeof(derBuf), 1), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); @@ -26863,6 +26870,7 @@ static int test_wc_Ed25519KeyToDer(void) ExpectIntEQ(wc_Ed25519KeyToDer(&ed25519Key, output, 0), BAD_FUNC_ARG); /* Good Cases */ /* length only */ + ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, 0), 0); ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen), 0); ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, output, inLen), 0); @@ -26901,7 +26909,7 @@ static int test_wc_Ed25519PrivateKeyToDer(void) BAD_FUNC_ARG); /* Good Cases */ /* length only */ - ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen), 0); + ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, 0), 0); ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); @@ -26937,7 +26945,7 @@ static int test_wc_Ed448KeyToDer(void) ExpectIntEQ(wc_Ed448KeyToDer(&ed448Key, output, 0), BAD_FUNC_ARG); /* Good Cases */ /* length only */ - ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, NULL, inLen), 0); + ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, NULL, 0), 0); ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, output, inLen), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); @@ -26975,7 +26983,7 @@ static int test_wc_Ed448PrivateKeyToDer(void) BAD_FUNC_ARG); /* Good cases */ /* length only */ - ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen), 0); + ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, 0), 0); ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); @@ -27013,7 +27021,7 @@ static int test_wc_Curve448PrivateKeyToDer(void) BAD_FUNC_ARG); /* Good cases */ /* length only */ - ExpectIntGT(wc_Curve448PrivateKeyToDer(&curve448PrivKey, NULL, inLen), 0); + ExpectIntGT(wc_Curve448PrivateKeyToDer(&curve448PrivKey, NULL, 0), 0); ExpectIntGT(wc_Curve448PrivateKeyToDer(&curve448PrivKey, output, inLen), 0); /* Bad Cases */ @@ -27025,8 +27033,8 @@ static int test_wc_Curve448PrivateKeyToDer(void) BUFFER_E); /* Good cases */ /* length only */ - ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, NULL, inLen, 0), 0); - ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, NULL, inLen, 1), 0); + ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, NULL, 0, 0), 0); + ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, NULL, 0, 1), 0); ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, output, inLen, 0), 0); ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, output, inLen, 1), 0); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 16d773c5e7..5a5465aaea 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -11994,9 +11994,13 @@ int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen, DECL_ASNSETDATA(dataASN, edPubKeyASN_Length); #endif - if (pubKey == NULL) { + /* validate parameters */ + if (pubKey == NULL){ return BAD_FUNC_ARG; } + if (output != NULL && outLen == 0) { + return BUFFER_E; + } #ifndef WOLFSSL_ASN_TEMPLATE /* calculate size */ @@ -35337,8 +35341,11 @@ int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, int sz; #endif - /* Validate parameters. */ - if (privKey == NULL || outLen == 0) { + /* validate parameters */ + if (privKey == NULL) { + return BUFFER_E; + } + if (output != NULL && outLen == 0) { return BAD_FUNC_ARG; } @@ -35498,7 +35505,7 @@ int wc_Curve25519PublicKeyToDer(curve25519_key* key, byte* output, word32 inLen, byte pubKey[CURVE25519_PUB_KEY_SIZE]; word32 pubKeyLen = (word32)sizeof(pubKey); - if (key == NULL || output == NULL) { + if (key == NULL) { return BAD_FUNC_ARG; } From 55540d03e7b1ca9e69ff7a1b0b4dff5dda4a387f Mon Sep 17 00:00:00 2001 From: aidan garske Date: Thu, 25 Jul 2024 09:03:19 -0700 Subject: [PATCH 2/2] fix for PR#7786 BUFFER_E bad case --- tests/api.c | 10 +++++----- wolfcrypt/src/asn.c | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/api.c b/tests/api.c index ae8d268cd4..ef7b785771 100644 --- a/tests/api.c +++ b/tests/api.c @@ -26867,7 +26867,7 @@ static int test_wc_Ed25519KeyToDer(void) /* Bad Cases */ ExpectIntEQ(wc_Ed25519KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed25519KeyToDer(NULL, output, inLen), BAD_FUNC_ARG); - ExpectIntEQ(wc_Ed25519KeyToDer(&ed25519Key, output, 0), BAD_FUNC_ARG); + ExpectIntEQ(wc_Ed25519KeyToDer(&ed25519Key, output, 0), BUFFER_E); /* Good Cases */ /* length only */ ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, 0), 0); @@ -26906,7 +26906,7 @@ static int test_wc_Ed25519PrivateKeyToDer(void) ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0), - BAD_FUNC_ARG); + BUFFER_E); /* Good Cases */ /* length only */ ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, 0), 0); @@ -26942,7 +26942,7 @@ static int test_wc_Ed448KeyToDer(void) /* Bad Cases */ ExpectIntEQ(wc_Ed448KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed448KeyToDer(NULL, output, inLen), BAD_FUNC_ARG); - ExpectIntEQ(wc_Ed448KeyToDer(&ed448Key, output, 0), BAD_FUNC_ARG); + ExpectIntEQ(wc_Ed448KeyToDer(&ed448Key, output, 0), BUFFER_E); /* Good Cases */ /* length only */ ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, NULL, 0), 0); @@ -26980,7 +26980,7 @@ static int test_wc_Ed448PrivateKeyToDer(void) ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0), - BAD_FUNC_ARG); + BUFFER_E); /* Good cases */ /* length only */ ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, 0), 0); @@ -27018,7 +27018,7 @@ static int test_wc_Curve448PrivateKeyToDer(void) ExpectIntEQ(wc_Curve448PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Curve448PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Curve448PrivateKeyToDer(&curve448PrivKey, output, 0), - BAD_FUNC_ARG); + BUFFER_E); /* Good cases */ /* length only */ ExpectIntGT(wc_Curve448PrivateKeyToDer(&curve448PrivKey, NULL, 0), 0); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 5a5465aaea..b3ad9fd675 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -35343,10 +35343,10 @@ int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, /* validate parameters */ if (privKey == NULL) { - return BUFFER_E; + return BAD_FUNC_ARG; } if (output != NULL && outLen == 0) { - return BAD_FUNC_ARG; + return BUFFER_E; } #ifndef WOLFSSL_ASN_TEMPLATE