DHM: Add negative tests for parameter checking

A bug in the dhm_check_range() function makes it pass even when the
parameters are not in the range. This commit adds tests for signalling
this problem as well as a couple of other negative tests.
This commit is contained in:
Janos Follath 2017-09-20 13:46:37 +01:00
parent a75a459143
commit 5f9df9b2ad
2 changed files with 20 additions and 5 deletions

View file

@ -1,11 +1,23 @@
Diffie-Hellman full exchange #1 Diffie-Hellman full exchange #1
dhm_do_dhm:10:"23":10:"5" dhm_do_dhm:10:"23":10:"5":0
Diffie-Hellman full exchange #2 Diffie-Hellman full exchange #2
dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622" dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0
Diffie-Hellman full exchange #3 Diffie-Hellman full exchange #3
dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":10:"9345098309485093845098340962223981329819812792137312973297123912791271" dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":10:"9345098309485093845098340962223981329819812792137312973297123912791271":0
Diffie-Hellman trivial subgroup #1
dhm_do_dhm:10:"23":10:"1":POLARSSL_ERR_DHM_BAD_INPUT_DATA
Diffie-Hellman trivial subgroup #2
dhm_do_dhm:10:"23":10:"-1":POLARSSL_ERR_DHM_BAD_INPUT_DATA
Diffie-Hellman small modulus
dhm_do_dhm:10:"3":10:"5":POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED
Diffie-Hellman zero modulus
dhm_do_dhm:10:"0":10:"5":POLARSSL_ERR_DHM_BAD_INPUT_DATA
Diffie-Hallman load parameters from file Diffie-Hallman load parameters from file
dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128 dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128

View file

@ -9,7 +9,7 @@
/* BEGIN_CASE */ /* BEGIN_CASE */
void dhm_do_dhm( int radix_P, char *input_P, void dhm_do_dhm( int radix_P, char *input_P,
int radix_G, char *input_G ) int radix_G, char *input_G, int result )
{ {
dhm_context ctx_srv; dhm_context ctx_srv;
dhm_context ctx_cli; dhm_context ctx_cli;
@ -44,7 +44,10 @@ void dhm_do_dhm( int radix_P, char *input_P,
/* /*
* First key exchange * First key exchange
*/ */
TEST_ASSERT( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == result );
if ( result != 0 )
goto exit;
ske[ske_len++] = 0; ske[ske_len++] = 0;
ske[ske_len++] = 0; ske[ske_len++] = 0;
TEST_ASSERT( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); TEST_ASSERT( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );