From fe724fe618946772c3a7906de945d46dc9354c83 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 11 Nov 2021 19:00:38 +0000 Subject: [PATCH 01/15] Fix for pkcs12 with NULL or zero length password Previously passing a NULL or zero length password into either mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate loop, and it was also possible to pass a NULL password, with a non-zero length, which would cause memory corruption. I have fixed these errors, and improved the documentation to reflect the changes and further explain what is expected of the inputs. Signed-off-by: Paul Elliott --- ChangeLog.d/fix-pkcs12-null-password.txt | 2 ++ include/mbedtls/pkcs12.h | 22 +++++++++++++--------- library/pkcs12.c | 21 ++++++++++++++++----- 3 files changed, 31 insertions(+), 14 deletions(-) create mode 100644 ChangeLog.d/fix-pkcs12-null-password.txt diff --git a/ChangeLog.d/fix-pkcs12-null-password.txt b/ChangeLog.d/fix-pkcs12-null-password.txt new file mode 100644 index 000000000..699575f53 --- /dev/null +++ b/ChangeLog.d/fix-pkcs12-null-password.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix issues in pkcs12 when a NULL and/or zero length password was supplied. diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index ba9180b3c..fbf237868 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -79,11 +79,13 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * \brief PKCS12 Password Based function (encryption / decryption) * for cipher-based and mbedtls_md-based PBE's * - * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure - * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT + * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure + * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or + * MBEDTLS_PKCS12_PBE_DECRYPT * \param cipher_type the cipher used - * \param md_type the mbedtls_md used - * \param pwd the password used (may be NULL if no password is used) + * \param md_type the mbedtls_md used + * \param pwd Latin1-encoded password used (may be NULL if no password is + * used, but not if pwdlen is non-zero) * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -108,14 +110,16 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * integrity key. * * \param data buffer to store the derived data in - * \param datalen length to fill - * \param pwd password to use (may be NULL if no password is used) + * \param datalen length of buffer to fill + * \param pwd Null terminated BMPString password to use (may be NULL if + * no password is used, but not if pwdlen is non-zero) * \param pwdlen length of the password (may be 0) * \param salt salt buffer to use * \param saltlen length of the salt - * \param mbedtls_md mbedtls_md type to use during the derivation - * \param id id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY, - * MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY) + * \param mbedtls_md mbedtls_md type to use during the derivation + * \param id id that describes the purpose (can be + * MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or + * MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param iterations number of iterations * * \return 0 if successful, or a MD, BIGNUM type error. diff --git a/library/pkcs12.c b/library/pkcs12.c index 3699dd5c6..80eb9dbe8 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -179,6 +179,9 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_context_t cipher_ctx; size_t olen = 0; + if( pwd == NULL && pwdlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_type( cipher_type ); if( cipher_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); @@ -231,13 +234,18 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, unsigned char *p = data; size_t use_len; - while( data_len > 0 ) + if( filler != NULL && fill_len != 0 ) { - use_len = ( data_len > fill_len ) ? fill_len : data_len; - memcpy( p, filler, use_len ); - p += use_len; - data_len -= use_len; + while( data_len > 0 ) + { + use_len = ( data_len > fill_len ) ? fill_len : data_len; + memcpy( p, filler, use_len ); + p += use_len; + data_len -= use_len; + } } + else + memset( data, 0, data_len ); } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, @@ -263,6 +271,9 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if( pwd == NULL && pwdlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); From f294ff5d879838ebe3f8263dacf68148f47764e3 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 17 Nov 2021 17:47:23 +0000 Subject: [PATCH 02/15] Make changelog more specific Signed-off-by: Paul Elliott --- ChangeLog.d/fix-pkcs12-null-password.txt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-pkcs12-null-password.txt b/ChangeLog.d/fix-pkcs12-null-password.txt index 699575f53..fae819553 100644 --- a/ChangeLog.d/fix-pkcs12-null-password.txt +++ b/ChangeLog.d/fix-pkcs12-null-password.txt @@ -1,2 +1,5 @@ Bugfix - * Fix issues in pkcs12 when a NULL and/or zero length password was supplied. + * Fix a potential invalid pointer dereference and infinite loop bugs in + pkcs12 functions when the password is empty. Fix the documentation to + better describe the inputs to these functions and their possible values. + Fixes #5136. From a59cc3dbc7980404b6c13d74975563a6ed5f9b85 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 12:39:10 +0000 Subject: [PATCH 03/15] Further documentation improvements Signed-off-by: Paul Elliott --- include/mbedtls/pkcs12.h | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index fbf237868..784e8d6f8 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -80,12 +80,12 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * for cipher-based and mbedtls_md-based PBE's * * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure - * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or - * MBEDTLS_PKCS12_PBE_DECRYPT + * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or + * #MBEDTLS_PKCS12_PBE_DECRYPT * \param cipher_type the cipher used * \param md_type the mbedtls_md used - * \param pwd Latin1-encoded password used (may be NULL if no password is - * used, but not if pwdlen is non-zero) + * \param pwd Latin1-encoded password used. This may only be \c NULL when + * pwdlen is 0. No \c NULL terminator should be used. * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -106,20 +106,24 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * to produce pseudo-random bits for a particular "purpose". * * Depending on the given id, this function can produce an - * encryption/decryption key, an nitialization vector or an + * encryption/decryption key, an initialization vector or an * integrity key. * * \param data buffer to store the derived data in * \param datalen length of buffer to fill - * \param pwd Null terminated BMPString password to use (may be NULL if - * no password is used, but not if pwdlen is non-zero) - * \param pwdlen length of the password (may be 0) - * \param salt salt buffer to use - * \param saltlen length of the salt + * \param pwd The password to use. For compliance with PKCS#12 §B.1, this + * should be a BMPString, i.e. a Unicode string where each + * character is encoded as 2 bytes in big-endian order, with + * no byte order mark and with a null terminator (i.e. the + * last two bytes should be 0x00 0x00). + * \param pwdlen length of the password (may be 0). + * \param salt Salt buffer to use This may only be \c NULL when + * saltlen is 0. + * \param saltlen length of the salt (may be zero) * \param mbedtls_md mbedtls_md type to use during the derivation * \param id id that describes the purpose (can be - * MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or - * MBEDTLS_PKCS12_DERIVE_MAC_KEY) + * #MBEDTLS_PKCS12_DERIVE_KEY, #MBEDTLS_PKCS12_DERIVE_IV or + * #MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param iterations number of iterations * * \return 0 if successful, or a MD, BIGNUM type error. From 7412eb4bc23ff069254c1f3f7d14c2c058157e94 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 14:02:21 +0000 Subject: [PATCH 04/15] Better fix for empty password / salt Signed-off-by: Paul Elliott --- library/pkcs12.c | 78 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 20 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 80eb9dbe8..310381306 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -244,8 +244,6 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, data_len -= use_len; } } - else - memset( data, 0, data_len ); } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, @@ -258,9 +256,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128]; + unsigned char empty_string[2] = { 0, 0 }; unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; + int use_password = 0; + int use_salt = 0; size_t hlen, use_len, v, i; @@ -274,6 +275,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( pwd == NULL && pwdlen != 0 ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if( salt == NULL && saltlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + + use_password = ( pwd && pwdlen != 0 ); + use_salt = ( salt && saltlen != 0 ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); @@ -291,8 +298,15 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, memset( diversifier, (unsigned char) id, v ); - pkcs12_fill_buffer( salt_block, v, salt, saltlen ); - pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + if( use_salt != 0 ) + { + pkcs12_fill_buffer( salt_block, v, salt, saltlen ); + } + + if( use_password != 0 ) + { + pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + } p = data; while( datalen > 0 ) @@ -304,11 +318,29 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 ) - goto exit; + if( use_salt != 0 ) + { + if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) + goto exit; + } + else + { + if( ( ret = mbedtls_md_update( &md_ctx, empty_string, + sizeof( empty_string ) )) != 0 ) + goto exit; + } - if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 ) - goto exit; + if( use_password != 0) + { + if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) + goto exit; + } + else + { + if( ( ret = mbedtls_md_update( &md_ctx, empty_string, + sizeof( empty_string ) )) != 0 ) + goto exit; + } if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; @@ -336,22 +368,28 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ++hash_block[i - 1] != 0 ) break; - // salt_block += B - c = 0; - for( i = v; i > 0; i-- ) + if( use_salt != 0 ) { - j = salt_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + // salt_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = salt_block[i - 1] + hash_block[i - 1] + c; + c = MBEDTLS_BYTE_1( j ); + salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + } } - // pwd_block += B - c = 0; - for( i = v; i > 0; i-- ) + if( use_password != 0 ) { - j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + // pwd_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = pwd_block[i - 1] + hash_block[i - 1] + c; + c = MBEDTLS_BYTE_1( j ); + pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + } } } From 13d5a3429a56f5158266517cfd58f3c724795f78 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 22:35:48 +0000 Subject: [PATCH 05/15] Add PKCS12 tests Only regression tests for the empty password bugs for now. Further tests will follow later. Signed-off-by: Paul Elliott --- tests/CMakeLists.txt | 1 + tests/suites/test_suite_pkcs12.data | 33 +++++++++++ tests/suites/test_suite_pkcs12.function | 73 +++++++++++++++++++++++++ 3 files changed, 107 insertions(+) create mode 100644 tests/suites/test_suite_pkcs12.data create mode 100644 tests/suites/test_suite_pkcs12.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 75ef44ebe..f86127245 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -143,6 +143,7 @@ add_test_suite(pk) add_test_suite(pkcs1_v15) add_test_suite(pkcs1_v21) add_test_suite(pkcs5) +add_test_suite(pkcs12) add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data new file mode 100644 index 000000000..e9e7339dc --- /dev/null +++ b/tests/suites/test_suite_pkcs12.data @@ -0,0 +1,33 @@ +Pkcs12 derive key : Zero length password and hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 + +Pkcs12 derive key: NULL password and hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 + +Pkcs12 derive key: Zero length password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 + +Pkcs12 derive key: NULL password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 + +Pkcs12 derive key: Invalid length NULL password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA + +Pkcs12 derive key: Zero length hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 + +Pkcs12 derive key: NULL hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 + +Pkcs12 derive key: Invalid length NULL hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA + + diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function new file mode 100644 index 000000000..8771c2b36 --- /dev/null +++ b/tests/suites/test_suite_pkcs12.function @@ -0,0 +1,73 @@ +/* BEGIN_HEADER */ +#include "mbedtls/pkcs12.h" +#include "mbedtls/error.h" + +typedef enum +{ + USE_NULL_INPUT = 0, + USE_GIVEN_INPUT = 1, + USE_NULL_INPUT_WITH_SIZE = 2, +} input_usage_method_t; + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_ASN1_PARSE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void pkcs12_derive_key_test( int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, int expected_status ) + +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char *output_data = NULL; + + unsigned char *password = NULL; + size_t password_len = 0; + unsigned char *salt = NULL; + size_t salt_len = 0; + size_t key_size = key_size_arg; + + if( password_usage == USE_GIVEN_INPUT ) + { + password = password_arg->x; + password_len = password_arg->len; + } + else if( password_usage == USE_NULL_INPUT_WITH_SIZE ) + { + password_len = password_arg->len; + } + + if( salt_usage == USE_GIVEN_INPUT ) + { + salt = salt_arg->x; + salt_len = salt_arg->len; + } + else if( salt_usage == USE_NULL_INPUT_WITH_SIZE ) + { + salt_len = salt_arg->len; + } + + ASSERT_ALLOC( output_data, key_size ); + + ret = mbedtls_pkcs12_derivation( output_data, + key_size, + password, + password_len, + salt, + salt_len, + md_type, + MBEDTLS_PKCS12_DERIVE_KEY, + iterations ); + + TEST_EQUAL( ret, expected_status ); + +exit: + mbedtls_free( output_data ); + +} +/* END_CASE */ From 1a3540afbe4400165bf492b23e8af16272dc4779 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 22 Nov 2021 17:50:26 +0000 Subject: [PATCH 06/15] Fix missing test dependancies Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 16 ++++++++-------- tests/suites/test_suite_pkcs12.function | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index e9e7339dc..98f1c0d59 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ Pkcs12 derive key : Zero length password and hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 Pkcs12 derive key: NULL password and hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 Pkcs12 derive key: Zero length password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 Pkcs12 derive key: NULL password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 Pkcs12 derive key: Invalid length NULL password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA Pkcs12 derive key: Zero length hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 Pkcs12 derive key: NULL hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 Pkcs12 derive key: Invalid length NULL hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 8771c2b36..27393d06a 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -12,7 +12,7 @@ typedef enum /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ASN1_PARSE_C + * depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_PKCS12_C * END_DEPENDENCIES */ From 2ab9a7a57a37e40f7814c57985001ffca668a101 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 25 Nov 2021 17:29:40 +0000 Subject: [PATCH 07/15] Stop CMake out of source tests running on 16.04 Running the out of source CMake test on Ubuntu 16.04 using more than one processor (as the CI does) can create a race condition whereby the build fails to see a generated file, despite that file actually having been generated. This problem appears to go away with 18.04 or newer, so make the out of source tests not supported on Ubuntu 16.04 Signed-off-by: Paul Elliott --- ...op_cmake_out_of_build_running_on_16.04.txt | 4 +++ tests/scripts/all.sh | 30 +++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt diff --git a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt new file mode 100644 index 000000000..000b4e7b4 --- /dev/null +++ b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt @@ -0,0 +1,4 @@ +Bugfix + * Prevent CMake out of source tests from running on Ubuntu 16.04, as this can + cause failures due to race conditions with generated files. + diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2d6538552..c07ef34f5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2940,6 +2940,36 @@ component_test_valgrind () { fi } +support_test_cmake_out_of_source () { + distrib_id="" + distrib_ver="" + distrib_ver_minor="" + distrib_ver_major="" + + # Attempt to parse lsb-release to find out distribution and version. If not + # found this should fail safe (test is supported). + if [[ -f /etc/lsb-release ]]; then + + while read -r lsb_line; do + case "$lsb_line" in + "DISTRIB_ID"*) distrib_id=${lsb_line/#DISTRIB_ID=};; + "DISTRIB_RELEASE"*) distrib_ver=${lsb_line/#DISTRIB_RELEASE=};; + esac + done < /etc/lsb-release + + distrib_ver_major="${distrib_ver%%.*}" + distrib_ver="${distrib_ver#*.}" + distrib_ver_minor="${distrib_ver%%.*}" + fi + + # Running the out of source CMake test on Ubuntu 16.04 using more than one + # processor (as the CI does) can create a race condition whereby the build + # fails to see a generated file, despite that file actually having been + # generated. This problem appears to go away with 18.04 or newer, so make + # the out of source tests unsupported on Ubuntu 16.04. + [ "$distrib_id" != "Ubuntu" ] || [ "$distrib_ver_major" -gt 16 ] +} + component_test_cmake_out_of_source () { msg "build: cmake 'out-of-source' build" MBEDTLS_ROOT_DIR="$PWD" From ce22008c63235837f07c654d62f1bd1acaa3af9e Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 15:37:49 +0000 Subject: [PATCH 08/15] Documentation fixes Signed-off-by: Paul Elliott --- include/mbedtls/pkcs12.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 784e8d6f8..d9e85b1d1 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -85,7 +85,7 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * \param cipher_type the cipher used * \param md_type the mbedtls_md used * \param pwd Latin1-encoded password used. This may only be \c NULL when - * pwdlen is 0. No \c NULL terminator should be used. + * \p pwdlen is 0. No null terminator should be used. * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -118,7 +118,7 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * last two bytes should be 0x00 0x00). * \param pwdlen length of the password (may be 0). * \param salt Salt buffer to use This may only be \c NULL when - * saltlen is 0. + * \p saltlen is 0. * \param saltlen length of the salt (may be zero) * \param mbedtls_md mbedtls_md type to use during the derivation * \param id id that describes the purpose (can be From 8ca8f2d163b8009e1e1f90d483ed4d0d56dd53e0 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:21:27 +0000 Subject: [PATCH 09/15] Remove incorrect test dependency Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 27393d06a..e4f026b1b 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -12,7 +12,7 @@ typedef enum /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_PKCS12_C + * depends_on:MBEDTLS_PKCS12_C * END_DEPENDENCIES */ From 73051b4176ff806d6af3077463a5994dfcfb1bab Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:31:10 +0000 Subject: [PATCH 10/15] Rename (and relabel) pkcs12 test case Remove surplus _test suffix. Change labeling from Pcks12 to PCKS#12 as it should be. Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 32 ++++++++++++------------- tests/suites/test_suite_pkcs12.function | 8 +++---- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index 98f1c0d59..c8bfe4694 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ -Pkcs12 derive key : Zero length password and hash +PKCS#12 derive key : Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 -Pkcs12 derive key: NULL password and hash +PKCS#12 derive key: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 -Pkcs12 derive key: Zero length password +PKCS#12 derive key: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 -Pkcs12 derive key: NULL password +PKCS#12 derive key: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 -Pkcs12 derive key: Invalid length NULL password +PKCS#12 derive key: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -Pkcs12 derive key: Zero length hash +PKCS#12 derive key: Zero length hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 -Pkcs12 derive key: NULL hash +PKCS#12 derive key: NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 -Pkcs12 derive key: Invalid length NULL hash +PKCS#12 derive key: Invalid length NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index e4f026b1b..4c3f321b3 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -17,10 +17,10 @@ typedef enum */ /* BEGIN_CASE */ -void pkcs12_derive_key_test( int md_type, int key_size_arg, - data_t *password_arg, int password_usage, - data_t *salt_arg, int salt_usage, - int iterations, int expected_status ) +void pkcs12_derive_key( int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, int expected_status ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; From 270a264b7825008d0de6e344b36b1c345ee2a4ca Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:39:51 +0000 Subject: [PATCH 11/15] Simplify Input usage macros Also ensure they are used in test data rather than values Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 16 ++++++++-------- tests/suites/test_suite_pkcs12.function | 19 ++++--------------- 2 files changed, 12 insertions(+), 23 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index c8bfe4694..ec04f4a65 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ PKCS#12 derive key : Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:0 PKCS#12 derive key: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA PKCS#12 derive key: Zero length hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:0 PKCS#12 derive key: Invalid length NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 4c3f321b3..2ed43693c 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -6,7 +6,6 @@ typedef enum { USE_NULL_INPUT = 0, USE_GIVEN_INPUT = 1, - USE_NULL_INPUT_WITH_SIZE = 2, } input_usage_method_t; /* END_HEADER */ @@ -33,24 +32,14 @@ void pkcs12_derive_key( int md_type, int key_size_arg, size_t key_size = key_size_arg; if( password_usage == USE_GIVEN_INPUT ) - { password = password_arg->x; - password_len = password_arg->len; - } - else if( password_usage == USE_NULL_INPUT_WITH_SIZE ) - { - password_len = password_arg->len; - } + + password_len = password_arg->len; if( salt_usage == USE_GIVEN_INPUT ) - { salt = salt_arg->x; - salt_len = salt_arg->len; - } - else if( salt_usage == USE_NULL_INPUT_WITH_SIZE ) - { - salt_len = salt_arg->len; - } + + salt_len = salt_arg->len; ASSERT_ALLOC( output_data, key_size ); From 7a342a24ffd1996c44e5528af408301622a8d115 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 1 Dec 2021 17:18:12 +0000 Subject: [PATCH 12/15] Delete unneccesary changelog entry Signed-off-by: Paul Elliott --- ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt diff --git a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt deleted file mode 100644 index 000b4e7b4..000000000 --- a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Prevent CMake out of source tests from running on Ubuntu 16.04, as this can - cause failures due to race conditions with generated files. - From 8d7eef470ba41015e2713d533b5946d0111dc95d Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 2 Dec 2021 17:51:34 +0000 Subject: [PATCH 13/15] Add explanation for safety in function Signed-off-by: Paul Elliott --- library/pkcs12.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/pkcs12.c b/library/pkcs12.c index 310381306..eadc9a092 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -244,6 +244,14 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, data_len -= use_len; } } + else + { + /* If either of the above are not true then clearly there is nothing + * that this function can do. The function should *not* be called + * under either of those circumstances, as you could end up with an + * incorrect output but for safety's sake, leaving the check in as + * otherwise we could end up with memory corruption.*/ + } } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, From c89e209dedbc6abd629791b36882d30918c00690 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 2 Dec 2021 18:03:12 +0000 Subject: [PATCH 14/15] Remove incorrect hashing Incorrect interpretation of 'empty' Signed-off-by: Paul Elliott --- library/pkcs12.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index eadc9a092..cacf7dba2 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -264,7 +264,6 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128]; - unsigned char empty_string[2] = { 0, 0 }; unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; @@ -331,24 +330,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) goto exit; } - else - { - if( ( ret = mbedtls_md_update( &md_ctx, empty_string, - sizeof( empty_string ) )) != 0 ) - goto exit; - } if( use_password != 0) { if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) goto exit; } - else - { - if( ( ret = mbedtls_md_update( &md_ctx, empty_string, - sizeof( empty_string ) )) != 0 ) - goto exit; - } if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; From 5752b4b7d0111a428018da0954ad06908d88072a Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 3 Dec 2021 18:55:31 +0000 Subject: [PATCH 15/15] Add expected output for tests Expected output generated by OpenSSL (see below) apart from the case where both password and salt are either NULL or zero length, as OpenSSL does not support this. For these test cases we have had to use our own output as that which is expected. Code to generate test cases is as follows: #include #include #include int Keygen_Uni( const char * test_name, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type ) { size_t index; printf( "%s\n", test_name ); int ret = PKCS12_key_gen_uni( pass, passlen, salt, saltlen, id, iter, n, out, md_type ); if( ret != 1 ) { printf( "Key generation returned %d\n", ret ); } else { for( index = 0; index < n; ++index ) { printf( "%02x", out[index] ); } printf( "\n" ); } printf( "\n" ); } int main(void) { unsigned char out_buf[48]; unsigned char pass[64]; int pass_len; unsigned char salt[64]; int salt_len; /* If ID=1, then the pseudorandom bits being produced are to be used as key material for performing encryption or decryption. If ID=2, then the pseudorandom bits being produced are to be used as an IV (Initial Value) for encryption or decryption. If ID=3, then the pseudorandom bits being produced are to be used as an integrity key for MACing. */ int id = 1; int iter = 3; memset( out_buf, 0, sizeof( out_buf ) ); memset( pass, 0, sizeof( pass ) ); memset( salt, 0, sizeof( salt ) ); Keygen_Uni( "Zero length pass and salt", pass, 0, salt, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL pass and salt", NULL, 0, NULL, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); salt[0] = 0x01; salt[1] = 0x23; salt[2] = 0x45; salt[3] = 0x67; salt[4] = 0x89; salt[5] = 0xab; salt[6] = 0xcd; salt[7] = 0xef; Keygen_Uni( "Zero length pass", pass, 0, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL pass", NULL, 0, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); memset( salt, 0, sizeof( salt ) ); pass[0] = 0x01; pass[1] = 0x23; pass[2] = 0x45; pass[3] = 0x67; pass[4] = 0x89; pass[5] = 0xab; pass[6] = 0xcd; pass[7] = 0xef; Keygen_Uni( "Zero length salt", pass, 8, salt, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL salt", pass, 8, NULL, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); salt[0] = 0x01; salt[1] = 0x23; salt[2] = 0x45; salt[3] = 0x67; salt[4] = 0x89; salt[5] = 0xab; salt[6] = 0xcd; salt[7] = 0xef; Keygen_Uni( "Valid pass and salt", pass, 8, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); return 0; } Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 36 +++++++++++++------------ tests/suites/test_suite_pkcs12.function | 9 ++++++- 2 files changed, 27 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index ec04f4a65..a8c4bab35 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,35 @@ -PKCS#12 derive key : Zero length password and hash +PKCS#12 derive key : MD5: Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 -PKCS#12 derive key: NULL password and hash +PKCS#12 derive key: MD5: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 -PKCS#12 derive key: Zero length password +PKCS#12 derive key: MD5: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: NULL password +PKCS#12 derive key: MD5: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: Invalid length NULL password +PKCS#12 derive key: MD5: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -PKCS#12 derive key: Zero length hash +PKCS#12 derive key: MD5: Zero length salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: NULL hash +PKCS#12 derive key: MD5: NULL salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: Invalid length NULL hash +PKCS#12 derive key: MD5: Invalid length NULL salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA - +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +PKCS#12 derive key: MD5: Valid password and salt +depends_on:MBEDTLS_MD5_C +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"46559deeee036836ab1b633ec620178d4c70eacf42f72a2ad7360c812efa09ca3d7567b489a109050345c2dc6a262995":0 diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 2ed43693c..a7b01f6df 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -19,7 +19,8 @@ typedef enum void pkcs12_derive_key( int md_type, int key_size_arg, data_t *password_arg, int password_usage, data_t *salt_arg, int salt_usage, - int iterations, int expected_status ) + int iterations, + data_t* expected_output, int expected_status ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -55,6 +56,12 @@ void pkcs12_derive_key( int md_type, int key_size_arg, TEST_EQUAL( ret, expected_status ); + if( expected_status == 0 ) + { + ASSERT_COMPARE( expected_output->x, expected_output->len, + output_data, key_size ); + } + exit: mbedtls_free( output_data );