From ee46fe7b9b147ec419ff66c89f5a7d2347844d47 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 19:05:33 +0100 Subject: [PATCH] Fix output size calculations in cipher tests Some calls to psa_cipher_finish or psa_cipher_update append to a buffer. Several of these calls were not calculating the offset into the buffer or the remaining buffer size correctly. This did not lead to buffer overflows before because the buffer sizes were sufficiently large for our test inputs. This did not lead to incorrect output when the test was designed to append but actually wrote too early because all the existing test cases either have no output from finish (stream cipher) or have no output from update (CBC, with less than one block of input). --- tests/suites/test_suite_psa_crypto.function | 27 ++++++++++++--------- 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cccc87033..9c5dae94a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2415,8 +2415,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, &function_output_length ) ); total_output_length += function_output_length; status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ); total_output_length += function_output_length; @@ -2483,12 +2483,13 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, input->len - first_part_size, - output, output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); @@ -2554,12 +2555,13 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, input->len - first_part_size, - output, output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); @@ -2622,8 +2624,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, &function_output_length ) ); total_output_length += function_output_length; status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ); total_output_length += function_output_length; TEST_EQUAL( status, expected_status ); @@ -2689,7 +2691,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg, output1, output1_size, &output1_length ) ); PSA_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, output1_size, + output1 + output1_length, + output1_size - output1_length, &function_output_length ) ); output1_length += function_output_length; @@ -2707,7 +2710,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, function_output_length = 0; PSA_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size, + output2_size - output2_length, &function_output_length ) ); output2_length += function_output_length;