From 6827d1c588e6285b4781869bb8ed6fdd747d9af4 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 21 Nov 2018 13:44:31 +0200 Subject: [PATCH 1/4] Reduce stack usage of test_suite_pk Reduce the stack usage of the `test_suite_pk` by reducing the size of the buffers used in the tests, to a reasonable big enough size. --- tests/suites/test_suite_pk.function | 40 ++++++++++++++--------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index c0c987d5c..bb3eceead 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -125,18 +125,18 @@ void pk_rsa_verify_test_vec( char *message_hex_string, int digest, int mod, int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char result_str[1000]; + unsigned char message_str[128]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char result_str[128]; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; int msg_len; mbedtls_pk_init( &pk ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( result_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( result_str, 0x00, sizeof(result_str ) ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); rsa = mbedtls_pk_rsa( pk ); @@ -166,9 +166,9 @@ void pk_rsa_verify_ext_test_vec( char *message_hex_string, int digest, int pk_type, int mgf1_hash_id, int salt_len, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char result_str[1000]; + unsigned char message_str[128]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char result_str[128]; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; mbedtls_pk_rsassa_pss_options pss_opts; @@ -178,9 +178,9 @@ void pk_rsa_verify_ext_test_vec( char *message_hex_string, int digest, mbedtls_pk_init( &pk ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( result_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( result_str, 0x00, sizeof( result_str ) ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); rsa = mbedtls_pk_rsa( pk ); @@ -289,9 +289,9 @@ void pk_rsa_encrypt_test_vec( char *message_hex, int mod, int radix_E, char *input_E, char *result_hex, int ret ) { - unsigned char message[1000]; - unsigned char output[1000]; - unsigned char result[1000]; + unsigned char message[16]; + unsigned char output[300]; + unsigned char result[256]; size_t msg_len, olen, res_len; rnd_pseudo_info rnd_info; mbedtls_rsa_context *rsa; @@ -332,9 +332,9 @@ void pk_rsa_decrypt_test_vec( char *cipher_hex, int mod, int radix_E, char *input_E, char *clear_hex, int ret ) { - unsigned char clear[1000]; - unsigned char output[1000]; - unsigned char cipher[1000]; + unsigned char clear[16]; + unsigned char output[256]; + unsigned char cipher[256]; size_t clear_len, olen, cipher_len; rnd_pseudo_info rnd_info; mbedtls_mpi N, P, Q, E; @@ -463,8 +463,8 @@ void pk_rsa_alt( ) mbedtls_rsa_context raw; mbedtls_pk_context rsa, alt; mbedtls_pk_debug_item dbg_items[10]; - unsigned char hash[50], sig[1000]; - unsigned char msg[50], ciph[1000], test[1000]; + unsigned char hash[50], sig[64]; + unsigned char msg[50], ciph[64], test[50]; size_t sig_len, ciph_len, test_len; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; From b3d3973264abc7a57660ebaf7dd26a250458bcdb Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:47:51 +0200 Subject: [PATCH 2/4] Reduce stack usage of test_suite_rsa Reduce the stack usage of the `test_suite_rsa` by reducing the size of the buffers used in the tests, to a reasonable big enough size, and change the data size to decrypt in the data file. --- tests/suites/test_suite_rsa.data | 4 +- tests/suites/test_suite_rsa.function | 154 +++++++++++++-------------- 2 files changed, 78 insertions(+), 80 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index cef6af846..d6ba66d84 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -267,7 +267,7 @@ mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V1 RSA PKCS1 Decrypt #1 (Verify) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 +mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 RSA PKCS1 Encrypt #2 (Data too large) depends_on:MBEDTLS_PKCS1_V15 @@ -275,7 +275,7 @@ mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c RSA PKCS1 Decrypt #2 (Data too small) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA PKCS1 Encrypt #3 (Invalid padding mode) mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":2:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_INVALID_PADDING diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index fd632dad6..d6daa2896 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -23,10 +23,11 @@ void mbedtls_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int dig char *input_Q, int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[128]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[256]; + unsigned char output_str[513]; + mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; int msg_len; @@ -36,10 +37,10 @@ void mbedtls_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int dig mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -80,9 +81,9 @@ void mbedtls_rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int d int mod, int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char result_str[1000]; + unsigned char message_str[128]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char result_str[256]; mbedtls_rsa_context ctx; int msg_len; @@ -90,9 +91,9 @@ void mbedtls_rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int d mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( result_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( result_str, 0x00, sizeof( result_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -122,10 +123,10 @@ void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string, char *input_N, int radix_E, char *input_E, char *result_hex_str ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[128]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[256]; + unsigned char output_str[513]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; int hash_len; @@ -135,10 +136,10 @@ void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -167,8 +168,8 @@ void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string, if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) { int res; - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, @@ -203,10 +204,10 @@ void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string, char *input_N, int radix_E, char *input_E, char *result_hex_str, int correct ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char result_str[1000]; - unsigned char output[1000]; + unsigned char message_str[128]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char result_str[256]; + unsigned char output[256]; mbedtls_rsa_context ctx; size_t hash_len; @@ -214,11 +215,10 @@ void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( result_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( result_str, 0x00, sizeof( result_str ) ); memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -276,9 +276,9 @@ void mbedtls_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[256]; + unsigned char output[256]; + unsigned char output_str[513]; mbedtls_rsa_context ctx; size_t msg_len; rnd_pseudo_info rnd_info; @@ -289,9 +289,9 @@ void mbedtls_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -324,9 +324,9 @@ void rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode, int radix_E, char *input_E, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[16]; + unsigned char output[256]; + unsigned char output_str[513]; mbedtls_rsa_context ctx; size_t msg_len; @@ -334,9 +334,9 @@ void rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -369,9 +369,9 @@ void mbedtls_rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int int radix_N, char *input_N, int radix_E, char *input_E, int max_output, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[256]; + unsigned char output[256]; + unsigned char output_str[513]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -381,10 +381,9 @@ void mbedtls_rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); @@ -420,19 +419,18 @@ exit: void mbedtls_rsa_public( char *message_hex_string, int mod, int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[256]; + unsigned char output[256]; + unsigned char output_str[513]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -458,8 +456,8 @@ void mbedtls_rsa_public( char *message_hex_string, int mod, int radix_N, char *i TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str, output ) == result ); if( result == 0 ) { @@ -480,9 +478,9 @@ void mbedtls_rsa_private( char *message_hex_string, int mod, int radix_P, char * int radix_Q, char *input_Q, int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[256]; + unsigned char output[256]; + unsigned char output_str[513]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, P, Q, E; rnd_pseudo_info rnd_info; @@ -493,7 +491,7 @@ void mbedtls_rsa_private( char *message_hex_string, int mod, int radix_P, char * mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); - memset( message_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -511,8 +509,8 @@ void mbedtls_rsa_private( char *message_hex_string, int mod, int radix_P, char * /* repeat three times to test updating of blinding values */ for( i = 0; i < 3; i++ ) { - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info, message_str, output ) == result ); if( result == 0 ) @@ -531,8 +529,8 @@ void mbedtls_rsa_private( char *message_hex_string, int mod, int radix_P, char * TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info, message_str, output ) == result ); if( result == 0 ) @@ -1197,11 +1195,11 @@ void mbedtls_rsa_export_raw( char *input_N, char *input_P, int successive ) { /* Original raw buffers with which we set up the RSA context */ - unsigned char bufN[1000]; - unsigned char bufP[1000]; - unsigned char bufQ[1000]; - unsigned char bufD[1000]; - unsigned char bufE[1000]; + unsigned char bufN[256]; + unsigned char bufP[128]; + unsigned char bufQ[128]; + unsigned char bufD[256]; + unsigned char bufE[1]; size_t lenN = 0; size_t lenP = 0; @@ -1329,11 +1327,11 @@ void mbedtls_rsa_import_raw( char *input_N, int res_check, int res_complete ) { - unsigned char bufN[1000]; - unsigned char bufP[1000]; - unsigned char bufQ[1000]; - unsigned char bufD[1000]; - unsigned char bufE[1000]; + unsigned char bufN[256]; + unsigned char bufP[128]; + unsigned char bufQ[128]; + unsigned char bufD[256]; + unsigned char bufE[1]; /* Buffers used for encryption-decryption test */ unsigned char *buf_orig = NULL; From dd4277f70de0bccecf10b20568590d95723200df Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:49:49 +0200 Subject: [PATCH 3/4] Reduce stack usage of test_suite_pkcs1_v21 Reduce the stack usage of the `test_suite_pkcs1_v21` by reducing the size of the buffers used in the tests, to a reasonable big enough size, and change the size sent to the API to sizeof output. --- tests/suites/test_suite_pkcs1_v21.function | 74 +++++++++++----------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 50da2ff1b..8a5388133 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -14,10 +14,10 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char *input_N, int radix_E, char *message_hex_string, char *seed, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; - unsigned char rnd_buf[1000]; + unsigned char message_str[87]; + unsigned char output[256]; + unsigned char output_str[513]; + unsigned char rnd_buf[20]; mbedtls_rsa_context ctx; size_t msg_len; rnd_buf_info info; @@ -28,9 +28,9 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char *input_N, int radix_E, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -61,9 +61,9 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char *input_P, int hash, char *result_hex_str, char *seed, char *message_hex_string, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[256]; + unsigned char output[256]; + unsigned char output_str[513]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -75,9 +75,9 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char *input_P, mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -92,11 +92,12 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char *input_P, unhexify( message_str, message_hex_string ); - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, 1000 ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, + MBEDTLS_RSA_PRIVATE, &output_len, + message_str, output, sizeof( output ) ) == result ); if( result == 0 ) { hexify( output_str, output, ctx.len ); - TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 ); } @@ -114,11 +115,11 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char *input_P, int radix_Q, char *message_hex_string, char *salt, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; - unsigned char rnd_buf[1000]; + unsigned char message_str[255]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[256]; + unsigned char output_str[513]; + unsigned char rnd_buf[20]; mbedtls_rsa_context ctx; size_t msg_len; rnd_buf_info info; @@ -131,10 +132,10 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char *input_P, int radix_Q, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); @@ -174,9 +175,9 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char *input_N, int radix_E, char *message_hex_string, char *salt, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char result_str[1000]; + unsigned char message_str[255]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char result_str[256]; mbedtls_rsa_context ctx; size_t msg_len; mbedtls_mpi N, E; @@ -184,9 +185,9 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char *input_N, int radix_E, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( result_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( result_str, 0x00, sizeof( result_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -222,19 +223,18 @@ void pkcs1_rsassa_pss_verify_ext( int mod, int result_simple, int result_full ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char result_str[1000]; + unsigned char message_str[163]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char result_str[256]; mbedtls_rsa_context ctx; size_t msg_len, hash_len; mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( result_str, 0x00, 1000 ); - + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( result_str, 0x00, sizeof( result_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); From 0ab4092e2dcd67f63fa85977473dd490fdaa25bd Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 25 Nov 2018 15:54:52 +0200 Subject: [PATCH 4/4] Reduce stack usage of test_suite_pkcs1_v15 Reduce the stack usage of the `test_suite_pkcs1_v15` by reducing the size of the buffers used in the tests, to a reasonable big enough size. --- tests/suites/test_suite_pkcs1_v15.function | 61 +++++++++++----------- 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 2b9cf297a..28f299964 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -14,10 +14,10 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char *input_N, int radix_E, char *message_hex_string, char *seed, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; - unsigned char rnd_buf[1000]; + unsigned char message_str[125]; + unsigned char output[128]; + unsigned char output_str[257]; + unsigned char rnd_buf[109]; mbedtls_rsa_context ctx; size_t msg_len; rnd_buf_info info; @@ -28,9 +28,9 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char *input_N, int radix_E, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -61,9 +61,9 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char *input_P, int hash, char *result_hex_str, char *seed, char *message_hex_string, int result ) { - unsigned char message_str[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; + unsigned char message_str[128]; + unsigned char output[128]; + unsigned char output_str[257]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -74,9 +74,9 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char *input_P, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( message_str, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -91,7 +91,9 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char *input_P, unhexify( message_str, message_hex_string ); - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, 1000 ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, + MBEDTLS_RSA_PRIVATE, &output_len, + message_str, output, sizeof( output ) ) == result ); if( result == 0 ) { hexify( output_str, output, ctx.len ); @@ -261,11 +263,11 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char *input_P, int radix_Q, char *message_hex_string, char *salt, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char output[1000]; - unsigned char output_str[1000]; - unsigned char rnd_buf[1000]; + unsigned char message_str[114]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[128]; + unsigned char output_str[257]; + unsigned char rnd_buf[20]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; size_t msg_len; @@ -277,11 +279,10 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char *input_P, int radix_Q, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); - memset( output_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); + memset( output_str, 0x00, sizeof( output_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); @@ -319,9 +320,9 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char *input_N, int radix_E, char *message_hex_string, char *salt, char *result_hex_str, int result ) { - unsigned char message_str[1000]; - unsigned char hash_result[1000]; - unsigned char result_str[1000]; + unsigned char message_str[114]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char result_str[128]; mbedtls_rsa_context ctx; size_t msg_len; mbedtls_mpi N, E; @@ -329,9 +330,9 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char *input_N, int radix_E, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( message_str, 0x00, 1000 ); - memset( hash_result, 0x00, 1000 ); - memset( result_str, 0x00, 1000 ); + memset( message_str, 0x00, sizeof( message_str ) ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( result_str, 0x00, sizeof( result_str ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );