From 853c0da8de599bc5bb5785635e3837768e7e034e Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 11 Nov 2021 19:00:38 +0000 Subject: [PATCH 01/15] Fix for pkcs12 with NULL or zero length password Previously passing a NULL or zero length password into either mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate loop, and it was also possible to pass a NULL password, with a non-zero length, which would cause memory corruption. I have fixed these errors, and improved the documentation to reflect the changes and further explain what is expected of the inputs. Signed-off-by: Paul Elliott --- ChangeLog.d/fix-pkcs12-null-password.txt | 2 ++ include/mbedtls/pkcs12.h | 22 +++++++++++++--------- library/pkcs12.c | 21 ++++++++++++++++----- 3 files changed, 31 insertions(+), 14 deletions(-) create mode 100644 ChangeLog.d/fix-pkcs12-null-password.txt diff --git a/ChangeLog.d/fix-pkcs12-null-password.txt b/ChangeLog.d/fix-pkcs12-null-password.txt new file mode 100644 index 000000000000..699575f530f8 --- /dev/null +++ b/ChangeLog.d/fix-pkcs12-null-password.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix issues in pkcs12 when a NULL and/or zero length password was supplied. diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index cded903f4e45..a6808c56e871 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -56,11 +56,13 @@ extern "C" { * \brief PKCS12 Password Based function (encryption / decryption) * for cipher-based and mbedtls_md-based PBE's * - * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure - * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT + * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure + * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or + * MBEDTLS_PKCS12_PBE_DECRYPT * \param cipher_type the cipher used - * \param md_type the mbedtls_md used - * \param pwd the password used (may be NULL if no password is used) + * \param md_type the mbedtls_md used + * \param pwd Latin1-encoded password used (may be NULL if no password is + * used, but not if pwdlen is non-zero) * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -85,14 +87,16 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * integrity key. * * \param data buffer to store the derived data in - * \param datalen length to fill - * \param pwd password to use (may be NULL if no password is used) + * \param datalen length of buffer to fill + * \param pwd Null terminated BMPString password to use (may be NULL if + * no password is used, but not if pwdlen is non-zero) * \param pwdlen length of the password (may be 0) * \param salt salt buffer to use * \param saltlen length of the salt - * \param mbedtls_md mbedtls_md type to use during the derivation - * \param id id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY, - * MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY) + * \param mbedtls_md mbedtls_md type to use during the derivation + * \param id id that describes the purpose (can be + * MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or + * MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param iterations number of iterations * * \return 0 if successful, or a MD, BIGNUM type error. diff --git a/library/pkcs12.c b/library/pkcs12.c index 8f64bc6395f6..15be70234469 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -134,6 +134,9 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_context_t cipher_ctx; size_t olen = 0; + if( pwd == NULL && pwdlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_type( cipher_type ); if( cipher_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); @@ -186,13 +189,18 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, unsigned char *p = data; size_t use_len; - while( data_len > 0 ) + if( filler != NULL && fill_len != 0 ) { - use_len = ( data_len > fill_len ) ? fill_len : data_len; - memcpy( p, filler, use_len ); - p += use_len; - data_len -= use_len; + while( data_len > 0 ) + { + use_len = ( data_len > fill_len ) ? fill_len : data_len; + memcpy( p, filler, use_len ); + p += use_len; + data_len -= use_len; + } } + else + memset( data, 0, data_len ); } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, @@ -218,6 +226,9 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if( pwd == NULL && pwdlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); From 0b7d5a88d96d0d69fe8881073bdd11995afa0197 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 17 Nov 2021 17:47:23 +0000 Subject: [PATCH 02/15] Make changelog more specific Signed-off-by: Paul Elliott --- ChangeLog.d/fix-pkcs12-null-password.txt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-pkcs12-null-password.txt b/ChangeLog.d/fix-pkcs12-null-password.txt index 699575f530f8..fae81955359e 100644 --- a/ChangeLog.d/fix-pkcs12-null-password.txt +++ b/ChangeLog.d/fix-pkcs12-null-password.txt @@ -1,2 +1,5 @@ Bugfix - * Fix issues in pkcs12 when a NULL and/or zero length password was supplied. + * Fix a potential invalid pointer dereference and infinite loop bugs in + pkcs12 functions when the password is empty. Fix the documentation to + better describe the inputs to these functions and their possible values. + Fixes #5136. From fb5fdb500738ffd816102dc6908de42577f96022 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 12:39:10 +0000 Subject: [PATCH 03/15] Further documentation improvements Signed-off-by: Paul Elliott --- include/mbedtls/pkcs12.h | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index a6808c56e871..dc7e05cbea62 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -57,12 +57,12 @@ extern "C" { * for cipher-based and mbedtls_md-based PBE's * * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure - * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or - * MBEDTLS_PKCS12_PBE_DECRYPT + * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or + * #MBEDTLS_PKCS12_PBE_DECRYPT * \param cipher_type the cipher used * \param md_type the mbedtls_md used - * \param pwd Latin1-encoded password used (may be NULL if no password is - * used, but not if pwdlen is non-zero) + * \param pwd Latin1-encoded password used. This may only be \c NULL when + * pwdlen is 0. No \c NULL terminator should be used. * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -83,20 +83,24 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * to produce pseudo-random bits for a particular "purpose". * * Depending on the given id, this function can produce an - * encryption/decryption key, an nitialization vector or an + * encryption/decryption key, an initialization vector or an * integrity key. * * \param data buffer to store the derived data in * \param datalen length of buffer to fill - * \param pwd Null terminated BMPString password to use (may be NULL if - * no password is used, but not if pwdlen is non-zero) - * \param pwdlen length of the password (may be 0) - * \param salt salt buffer to use - * \param saltlen length of the salt + * \param pwd The password to use. For compliance with PKCS#12 §B.1, this + * should be a BMPString, i.e. a Unicode string where each + * character is encoded as 2 bytes in big-endian order, with + * no byte order mark and with a null terminator (i.e. the + * last two bytes should be 0x00 0x00). + * \param pwdlen length of the password (may be 0). + * \param salt Salt buffer to use This may only be \c NULL when + * saltlen is 0. + * \param saltlen length of the salt (may be zero) * \param mbedtls_md mbedtls_md type to use during the derivation * \param id id that describes the purpose (can be - * MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or - * MBEDTLS_PKCS12_DERIVE_MAC_KEY) + * #MBEDTLS_PKCS12_DERIVE_KEY, #MBEDTLS_PKCS12_DERIVE_IV or + * #MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param iterations number of iterations * * \return 0 if successful, or a MD, BIGNUM type error. From 4086bdbe37839e8be594ff5b6e42cad74f60e272 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 14:02:21 +0000 Subject: [PATCH 04/15] Better fix for empty password / salt Signed-off-by: Paul Elliott --- library/pkcs12.c | 78 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 20 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 15be70234469..f44ac82583b9 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -199,8 +199,6 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, data_len -= use_len; } } - else - memset( data, 0, data_len ); } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, @@ -213,9 +211,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128]; + unsigned char empty_string[2] = { 0, 0 }; unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; + int use_password = 0; + int use_salt = 0; size_t hlen, use_len, v, i; @@ -229,6 +230,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( pwd == NULL && pwdlen != 0 ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if( salt == NULL && saltlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + + use_password = ( pwd && pwdlen != 0 ); + use_salt = ( salt && saltlen != 0 ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); @@ -246,8 +253,15 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, memset( diversifier, (unsigned char) id, v ); - pkcs12_fill_buffer( salt_block, v, salt, saltlen ); - pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + if( use_salt != 0 ) + { + pkcs12_fill_buffer( salt_block, v, salt, saltlen ); + } + + if( use_password != 0 ) + { + pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + } p = data; while( datalen > 0 ) @@ -259,11 +273,29 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 ) - goto exit; + if( use_salt != 0 ) + { + if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) + goto exit; + } + else + { + if( ( ret = mbedtls_md_update( &md_ctx, empty_string, + sizeof( empty_string ) )) != 0 ) + goto exit; + } - if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 ) - goto exit; + if( use_password != 0) + { + if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) + goto exit; + } + else + { + if( ( ret = mbedtls_md_update( &md_ctx, empty_string, + sizeof( empty_string ) )) != 0 ) + goto exit; + } if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; @@ -291,22 +323,28 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ++hash_block[i - 1] != 0 ) break; - // salt_block += B - c = 0; - for( i = v; i > 0; i-- ) + if( use_salt != 0 ) { - j = salt_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + // salt_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = salt_block[i - 1] + hash_block[i - 1] + c; + c = MBEDTLS_BYTE_1( j ); + salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + } } - // pwd_block += B - c = 0; - for( i = v; i > 0; i-- ) + if( use_password != 0 ) { - j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + // pwd_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = pwd_block[i - 1] + hash_block[i - 1] + c; + c = MBEDTLS_BYTE_1( j ); + pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + } } } From d663543004e5bdd74e98585807c78b060f5140e8 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 22:35:48 +0000 Subject: [PATCH 05/15] Add PKCS12 tests Only regression tests for the empty password bugs for now. Further tests will follow later. Signed-off-by: Paul Elliott --- tests/CMakeLists.txt | 1 + tests/suites/test_suite_pkcs12.data | 33 ++++++++++++ tests/suites/test_suite_pkcs12.function | 72 +++++++++++++++++++++++++ 3 files changed, 106 insertions(+) create mode 100644 tests/suites/test_suite_pkcs12.data create mode 100644 tests/suites/test_suite_pkcs12.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 41dceed939bb..909046d3785e 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -216,6 +216,7 @@ add_test_suite(pk) add_test_suite(pkcs1_v15) add_test_suite(pkcs1_v21) add_test_suite(pkcs5) +add_test_suite(pkcs12) add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data new file mode 100644 index 000000000000..e9e7339dcaae --- /dev/null +++ b/tests/suites/test_suite_pkcs12.data @@ -0,0 +1,33 @@ +Pkcs12 derive key : Zero length password and hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 + +Pkcs12 derive key: NULL password and hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 + +Pkcs12 derive key: Zero length password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 + +Pkcs12 derive key: NULL password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 + +Pkcs12 derive key: Invalid length NULL password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA + +Pkcs12 derive key: Zero length hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 + +Pkcs12 derive key: NULL hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 + +Pkcs12 derive key: Invalid length NULL hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA + + diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function new file mode 100644 index 000000000000..e49e5805d332 --- /dev/null +++ b/tests/suites/test_suite_pkcs12.function @@ -0,0 +1,72 @@ +/* BEGIN_HEADER */ +#include "mbedtls/pkcs12.h" + +typedef enum +{ + USE_NULL_INPUT = 0, + USE_GIVEN_INPUT = 1, + USE_NULL_INPUT_WITH_SIZE = 2, +} input_usage_method_t; + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_ASN1_PARSE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void pkcs12_derive_key_test( int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, int expected_status ) + +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char *output_data = NULL; + + unsigned char *password = NULL; + size_t password_len = 0; + unsigned char *salt = NULL; + size_t salt_len = 0; + size_t key_size = key_size_arg; + + if( password_usage == USE_GIVEN_INPUT ) + { + password = password_arg->x; + password_len = password_arg->len; + } + else if( password_usage == USE_NULL_INPUT_WITH_SIZE ) + { + password_len = password_arg->len; + } + + if( salt_usage == USE_GIVEN_INPUT ) + { + salt = salt_arg->x; + salt_len = salt_arg->len; + } + else if( salt_usage == USE_NULL_INPUT_WITH_SIZE ) + { + salt_len = salt_arg->len; + } + + ASSERT_ALLOC( output_data, key_size ); + + ret = mbedtls_pkcs12_derivation( output_data, + key_size, + password, + password_len, + salt, + salt_len, + md_type, + MBEDTLS_PKCS12_DERIVE_KEY, + iterations ); + + TEST_EQUAL( ret, expected_status ); + +exit: + mbedtls_free( output_data ); + +} +/* END_CASE */ From bfa273e507ae28a883635c979cb1925cb08db773 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 22 Nov 2021 17:50:26 +0000 Subject: [PATCH 06/15] Fix missing test dependancies Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 16 ++++++++-------- tests/suites/test_suite_pkcs12.function | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index e9e7339dcaae..98f1c0d596c6 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ Pkcs12 derive key : Zero length password and hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 Pkcs12 derive key: NULL password and hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 Pkcs12 derive key: Zero length password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 Pkcs12 derive key: NULL password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 Pkcs12 derive key: Invalid length NULL password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA Pkcs12 derive key: Zero length hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 Pkcs12 derive key: NULL hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 Pkcs12 derive key: Invalid length NULL hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index e49e5805d332..b0cfe5b53f47 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -11,7 +11,7 @@ typedef enum /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ASN1_PARSE_C + * depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_PKCS12_C * END_DEPENDENCIES */ From 62dc392ef8d0ca283b9a41b7cf0f49eaf314aa93 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 25 Nov 2021 17:29:40 +0000 Subject: [PATCH 07/15] Stop CMake out of source tests running on 16.04 Running the out of source CMake test on Ubuntu 16.04 using more than one processor (as the CI does) can create a race condition whereby the build fails to see a generated file, despite that file actually having been generated. This problem appears to go away with 18.04 or newer, so make the out of source tests not supported on Ubuntu 16.04 Signed-off-by: Paul Elliott --- ...op_cmake_out_of_build_running_on_16.04.txt | 4 +++ tests/scripts/all.sh | 30 +++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt diff --git a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt new file mode 100644 index 000000000000..000b4e7b46bd --- /dev/null +++ b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt @@ -0,0 +1,4 @@ +Bugfix + * Prevent CMake out of source tests from running on Ubuntu 16.04, as this can + cause failures due to race conditions with generated files. + diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c148cf1ef7d8..de1a7ab35773 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2676,6 +2676,36 @@ component_test_valgrind () { fi } +support_test_cmake_out_of_source () { + distrib_id="" + distrib_ver="" + distrib_ver_minor="" + distrib_ver_major="" + + # Attempt to parse lsb-release to find out distribution and version. If not + # found this should fail safe (test is supported). + if [[ -f /etc/lsb-release ]]; then + + while read -r lsb_line; do + case "$lsb_line" in + "DISTRIB_ID"*) distrib_id=${lsb_line/#DISTRIB_ID=};; + "DISTRIB_RELEASE"*) distrib_ver=${lsb_line/#DISTRIB_RELEASE=};; + esac + done < /etc/lsb-release + + distrib_ver_major="${distrib_ver%%.*}" + distrib_ver="${distrib_ver#*.}" + distrib_ver_minor="${distrib_ver%%.*}" + fi + + # Running the out of source CMake test on Ubuntu 16.04 using more than one + # processor (as the CI does) can create a race condition whereby the build + # fails to see a generated file, despite that file actually having been + # generated. This problem appears to go away with 18.04 or newer, so make + # the out of source tests unsupported on Ubuntu 16.04. + [ "$distrib_id" != "Ubuntu" ] || [ "$distrib_ver_major" -gt 16 ] +} + component_test_cmake_out_of_source () { msg "build: cmake 'out-of-source' build" MBEDTLS_ROOT_DIR="$PWD" From ad7e8a7092487142b93b8f284db19250afa227ed Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 15:37:49 +0000 Subject: [PATCH 08/15] Documentation fixes Signed-off-by: Paul Elliott --- include/mbedtls/pkcs12.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index dc7e05cbea62..1b87aea925e1 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -62,7 +62,7 @@ extern "C" { * \param cipher_type the cipher used * \param md_type the mbedtls_md used * \param pwd Latin1-encoded password used. This may only be \c NULL when - * pwdlen is 0. No \c NULL terminator should be used. + * \p pwdlen is 0. No null terminator should be used. * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -95,7 +95,7 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * last two bytes should be 0x00 0x00). * \param pwdlen length of the password (may be 0). * \param salt Salt buffer to use This may only be \c NULL when - * saltlen is 0. + * \p saltlen is 0. * \param saltlen length of the salt (may be zero) * \param mbedtls_md mbedtls_md type to use during the derivation * \param id id that describes the purpose (can be From 3584ae4d5fffb366988c3875e599c51677d9777c Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:21:27 +0000 Subject: [PATCH 09/15] Remove incorrect test dependency Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index b0cfe5b53f47..6f49faff7d05 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -11,7 +11,7 @@ typedef enum /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_PKCS12_C + * depends_on:MBEDTLS_PKCS12_C * END_DEPENDENCIES */ From df00695bfc2f5c4ce9b0f180fccd8b0bba1af8ef Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:31:10 +0000 Subject: [PATCH 10/15] Rename (and relabel) pkcs12 test case Remove surplus _test suffix. Change labeling from Pcks12 to PCKS#12 as it should be. Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 32 ++++++++++++------------- tests/suites/test_suite_pkcs12.function | 8 +++---- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index 98f1c0d596c6..c8bfe46945b1 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ -Pkcs12 derive key : Zero length password and hash +PKCS#12 derive key : Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 -Pkcs12 derive key: NULL password and hash +PKCS#12 derive key: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 -Pkcs12 derive key: Zero length password +PKCS#12 derive key: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 -Pkcs12 derive key: NULL password +PKCS#12 derive key: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 -Pkcs12 derive key: Invalid length NULL password +PKCS#12 derive key: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -Pkcs12 derive key: Zero length hash +PKCS#12 derive key: Zero length hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 -Pkcs12 derive key: NULL hash +PKCS#12 derive key: NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 -Pkcs12 derive key: Invalid length NULL hash +PKCS#12 derive key: Invalid length NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 6f49faff7d05..3d402d7f0a01 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -16,10 +16,10 @@ typedef enum */ /* BEGIN_CASE */ -void pkcs12_derive_key_test( int md_type, int key_size_arg, - data_t *password_arg, int password_usage, - data_t *salt_arg, int salt_usage, - int iterations, int expected_status ) +void pkcs12_derive_key( int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, int expected_status ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; From 4768a30d9b64204f6b7d0deb42ed7681ae184975 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:39:51 +0000 Subject: [PATCH 11/15] Simplify Input usage macros Also ensure they are used in test data rather than values Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 16 ++++++++-------- tests/suites/test_suite_pkcs12.function | 19 ++++--------------- 2 files changed, 12 insertions(+), 23 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index c8bfe46945b1..ec04f4a65edd 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ PKCS#12 derive key : Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:0 PKCS#12 derive key: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA PKCS#12 derive key: Zero length hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:0 PKCS#12 derive key: Invalid length NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 3d402d7f0a01..81324ed61c09 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -5,7 +5,6 @@ typedef enum { USE_NULL_INPUT = 0, USE_GIVEN_INPUT = 1, - USE_NULL_INPUT_WITH_SIZE = 2, } input_usage_method_t; /* END_HEADER */ @@ -32,24 +31,14 @@ void pkcs12_derive_key( int md_type, int key_size_arg, size_t key_size = key_size_arg; if( password_usage == USE_GIVEN_INPUT ) - { password = password_arg->x; - password_len = password_arg->len; - } - else if( password_usage == USE_NULL_INPUT_WITH_SIZE ) - { - password_len = password_arg->len; - } + + password_len = password_arg->len; if( salt_usage == USE_GIVEN_INPUT ) - { salt = salt_arg->x; - salt_len = salt_arg->len; - } - else if( salt_usage == USE_NULL_INPUT_WITH_SIZE ) - { - salt_len = salt_arg->len; - } + + salt_len = salt_arg->len; ASSERT_ALLOC( output_data, key_size ); From 117282f25e2c3a5639ae78a532c48d23bbde59ce Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 1 Dec 2021 17:18:12 +0000 Subject: [PATCH 12/15] Delete unneccesary changelog entry Signed-off-by: Paul Elliott --- ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt diff --git a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt deleted file mode 100644 index 000b4e7b46bd..000000000000 --- a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Prevent CMake out of source tests from running on Ubuntu 16.04, as this can - cause failures due to race conditions with generated files. - From 7298bef693abaf4cf9375f5aa1f779c89b784cd7 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 2 Dec 2021 17:51:34 +0000 Subject: [PATCH 13/15] Add explanation for safety in function Signed-off-by: Paul Elliott --- library/pkcs12.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/pkcs12.c b/library/pkcs12.c index f44ac82583b9..80a3eab804b7 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -199,6 +199,14 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, data_len -= use_len; } } + else + { + /* If either of the above are not true then clearly there is nothing + * that this function can do. The function should *not* be called + * under either of those circumstances, as you could end up with an + * incorrect output but for safety's sake, leaving the check in as + * otherwise we could end up with memory corruption.*/ + } } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, From 2fd6b61420f89bbddbad79aff593d279335deabd Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 2 Dec 2021 18:03:12 +0000 Subject: [PATCH 14/15] Remove incorrect hashing Incorrect interpretation of 'empty' Signed-off-by: Paul Elliott --- library/pkcs12.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 80a3eab804b7..a90d1f90ce5c 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -219,7 +219,6 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128]; - unsigned char empty_string[2] = { 0, 0 }; unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; @@ -286,24 +285,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) goto exit; } - else - { - if( ( ret = mbedtls_md_update( &md_ctx, empty_string, - sizeof( empty_string ) )) != 0 ) - goto exit; - } if( use_password != 0) { if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) goto exit; } - else - { - if( ( ret = mbedtls_md_update( &md_ctx, empty_string, - sizeof( empty_string ) )) != 0 ) - goto exit; - } if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; From 6e7deb1d55ce7ca30f230b13ebf6baac8ab893ac Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 3 Dec 2021 18:55:31 +0000 Subject: [PATCH 15/15] Add expected output for tests Expected output generated by OpenSSL (see below) apart from the case where both password and salt are either NULL or zero length, as OpenSSL does not support this. For these test cases we have had to use our own output as that which is expected. Code to generate test cases is as follows: #include #include #include int Keygen_Uni( const char * test_name, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type ) { size_t index; printf( "%s\n", test_name ); int ret = PKCS12_key_gen_uni( pass, passlen, salt, saltlen, id, iter, n, out, md_type ); if( ret != 1 ) { printf( "Key generation returned %d\n", ret ); } else { for( index = 0; index < n; ++index ) { printf( "%02x", out[index] ); } printf( "\n" ); } printf( "\n" ); } int main(void) { unsigned char out_buf[48]; unsigned char pass[64]; int pass_len; unsigned char salt[64]; int salt_len; /* If ID=1, then the pseudorandom bits being produced are to be used as key material for performing encryption or decryption. If ID=2, then the pseudorandom bits being produced are to be used as an IV (Initial Value) for encryption or decryption. If ID=3, then the pseudorandom bits being produced are to be used as an integrity key for MACing. */ int id = 1; int iter = 3; memset( out_buf, 0, sizeof( out_buf ) ); memset( pass, 0, sizeof( pass ) ); memset( salt, 0, sizeof( salt ) ); Keygen_Uni( "Zero length pass and salt", pass, 0, salt, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL pass and salt", NULL, 0, NULL, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); salt[0] = 0x01; salt[1] = 0x23; salt[2] = 0x45; salt[3] = 0x67; salt[4] = 0x89; salt[5] = 0xab; salt[6] = 0xcd; salt[7] = 0xef; Keygen_Uni( "Zero length pass", pass, 0, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL pass", NULL, 0, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); memset( salt, 0, sizeof( salt ) ); pass[0] = 0x01; pass[1] = 0x23; pass[2] = 0x45; pass[3] = 0x67; pass[4] = 0x89; pass[5] = 0xab; pass[6] = 0xcd; pass[7] = 0xef; Keygen_Uni( "Zero length salt", pass, 8, salt, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL salt", pass, 8, NULL, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); salt[0] = 0x01; salt[1] = 0x23; salt[2] = 0x45; salt[3] = 0x67; salt[4] = 0x89; salt[5] = 0xab; salt[6] = 0xcd; salt[7] = 0xef; Keygen_Uni( "Valid pass and salt", pass, 8, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); return 0; } Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 36 +++++++++++++------------ tests/suites/test_suite_pkcs12.function | 10 ++++++- 2 files changed, 28 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index ec04f4a65edd..a8c4bab35aed 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,35 @@ -PKCS#12 derive key : Zero length password and hash +PKCS#12 derive key : MD5: Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 -PKCS#12 derive key: NULL password and hash +PKCS#12 derive key: MD5: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 -PKCS#12 derive key: Zero length password +PKCS#12 derive key: MD5: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: NULL password +PKCS#12 derive key: MD5: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: Invalid length NULL password +PKCS#12 derive key: MD5: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -PKCS#12 derive key: Zero length hash +PKCS#12 derive key: MD5: Zero length salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: NULL hash +PKCS#12 derive key: MD5: NULL salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: Invalid length NULL hash +PKCS#12 derive key: MD5: Invalid length NULL salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA - +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +PKCS#12 derive key: MD5: Valid password and salt +depends_on:MBEDTLS_MD5_C +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"46559deeee036836ab1b633ec620178d4c70eacf42f72a2ad7360c812efa09ca3d7567b489a109050345c2dc6a262995":0 diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 81324ed61c09..54dc042c3d3a 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -1,5 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/pkcs12.h" +#include "common.h" typedef enum { @@ -18,7 +19,8 @@ typedef enum void pkcs12_derive_key( int md_type, int key_size_arg, data_t *password_arg, int password_usage, data_t *salt_arg, int salt_usage, - int iterations, int expected_status ) + int iterations, + data_t* expected_output, int expected_status ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -54,6 +56,12 @@ void pkcs12_derive_key( int md_type, int key_size_arg, TEST_EQUAL( ret, expected_status ); + if( expected_status == 0 ) + { + ASSERT_COMPARE( expected_output->x, expected_output->len, + output_data, key_size ); + } + exit: mbedtls_free( output_data );