espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-07-16 23:05:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add constant-flow testing for PKCS7 padding

Browse Source 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit is contained in:
David Horstmann 2025-01-16 16:24:35 +00:00
parent 189bf03056
commit d37e0c4639
4 changed files with 65 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/cipher.c
View File

@ -14,6 +14,7 @@
#if defined(MBEDTLS_CIPHER_C) #if defined(MBEDTLS_CIPHER_C)
#include "mbedtls/cipher.h" #include "mbedtls/cipher.h"
#include "cipher_invasive.h"
#include "cipher_wrap.h" #include "cipher_wrap.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
@ -838,8 +839,9 @@ static void add_pkcs_padding(unsigned char *output, size_t output_len,
} }
} }
static int get_pkcs_padding(unsigned char *input, size_t input_len, MBEDTLS_STATIC_TESTABLE int get_pkcs_padding(unsigned char *input,
size_t *data_len) size_t input_len,
size_t *data_len)
{ {
size_t i, pad_idx; size_t i, pad_idx;
unsigned char padding_len; unsigned char padding_len;

27
library/cipher_invasive.h Normal file
View File

@ -0,0 +1,27 @@
/**
* \file cipher_invasive.h
*
* \brief Cipher module: interfaces for invasive testing only.
*
* The interfaces in this file are intended for testing purposes only.
* They SHOULD NOT be made available in library integrations except when
* building the library for testing.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef MBEDTLS_CIPHER_INVASIVE_H
#define MBEDTLS_CIPHER_INVASIVE_H
#include "common.h"
#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_CIPHER_C)
MBEDTLS_STATIC_TESTABLE int get_pkcs_padding(unsigned char *input,
size_t input_len,
size_t *data_len);
#endif
#endif /* MBEDTLS_CIPHER_INVASIVE_H */

22
tests/suites/test_suite_cipher.function
View File

@ -6,6 +6,10 @@
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#endif #endif
#include "cipher_invasive.h"
#include "test/constant_flow.h"
#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD_VIA_LEGACY_OR_USE_PSA) || defined(MBEDTLS_NIST_KW_C) #if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD_VIA_LEGACY_OR_USE_PSA) || defined(MBEDTLS_NIST_KW_C)
#define MBEDTLS_CIPHER_AUTH_CRYPT #define MBEDTLS_CIPHER_AUTH_CRYPT
#endif #endif
@ -1260,3 +1264,21 @@ exit:
mbedtls_free(key); mbedtls_free(key);
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
void get_pkcs_padding(data_t *decrypted_block, int exp_ret, int exp_len)
{
int ret;
size_t calculated_len;
TEST_CF_SECRET(decrypted_block->x, decrypted_block->len);
ret = get_pkcs_padding(decrypted_block->x, decrypted_block->len,
&calculated_len);
TEST_CF_PUBLIC(decrypted_block->x, decrypted_block->len);
TEST_EQUAL(ret, exp_ret);
if (exp_ret == 0) {
TEST_EQUAL(calculated_len, exp_len);
}
}
/* END_CASE */

12
tests/suites/test_suite_cipher.padding.data
View File

@ -217,3 +217,15 @@ check_padding:MBEDTLS_PADDING_NONE:"DABBAD0001":0:5
Check no padding #3 (correct by definition) Check no padding #3 (correct by definition)
check_padding:MBEDTLS_PADDING_NONE:"":0:0 check_padding:MBEDTLS_PADDING_NONE:"":0:0
Constant-time PKCS7 padding, valid #1
get_pkcs_padding:"00112233445566778899AABBCCDDEE01":0:15
Constant-time PKCS7 padding, valid #2
get_pkcs_padding:"00112233445566778899AA0505050505":0:11
Constant-time PKCS7 padding, invalid zero
get_pkcs_padding:"00112233445566778899AABBCCDDEE00":MBEDTLS_ERR_CIPHER_INVALID_PADDING:0
Constant-time PKCS7 padding, invalid > 16
get_pkcs_padding:"00112233445566778899AABBCCDDEE11":MBEDTLS_ERR_CIPHER_INVALID_PADDING:0