Do multiple padding add/check iterations.

This increases the chance of triggering bugs due to input and/or randomised padding.
author: jsing <> 2024-03-30 02:20:39 +0000
committer: jsing <> 2024-03-30 02:20:39 +0000
commit: b5ce249dbbfcfe685b5a70cfe75b5e46cc457942 (patch)
tree: 9b513e0364f0b4fc513731bedff54e40f41c63d0 /src
parent: d74bf6147b673f5bfd98fac825f4777666666a99 (diff)
download: openbsd-b5ce249dbbfcfe685b5a70cfe75b5e46cc457942.tar.gz
openbsd-b5ce249dbbfcfe685b5a70cfe75b5e46cc457942.tar.bz2
openbsd-b5ce249dbbfcfe685b5a70cfe75b5e46cc457942.zip
1 files changed, 34 insertions, 24 deletions
diff --git a/src/regress/lib/libcrypto/rsa/rsa_padding_test.c b/src/regress/lib/libcrypto/rsa/rsa_padding_test.c
index 64357bf405..1b3a0ba1e5 100644
--- a/src/regress/lib/libcrypto/rsa/rsa_padding_test.c
+++ b/src/regress/lib/libcrypto/rsa/rsa_padding_test.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: rsa_padding_test.c,v 1.1 2024/03/30 00:36:14 jsing Exp $      */
+/*      $OpenBSD: rsa_padding_test.c,v 1.2 2024/03/30 02:20:39 jsing Exp $      */
 /*
 * Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
 *
@@ -135,19 +135,24 @@ test_pkcs1_type1(void)
        size_t i;
        int failed = 1;
-        memset(in, 0x6f, sizeof(in));
+        for (i = 0; i < 1000; i++) {
+                arc4random_buf(in, sizeof(in));
-        if (!RSA_padding_add_PKCS1_type_1(buf, sizeof(buf), in, sizeof(in))) {
+                if (!RSA_padding_add_PKCS1_type_1(buf, sizeof(buf), in,
-                fprintf(stderr, "FAIL: failed to add PKCS1 type 1 padding\n");
+                    sizeof(in))) {
-                goto failed;
+                        fprintf(stderr, "FAIL: failed to add PKCS1 type 1 "
-        }
+                            "padding\n");
+                        goto failed;
+                }
-        pad_len = RSA_padding_check_PKCS1_type_1(out, sizeof(out) - 1,
+                pad_len = RSA_padding_check_PKCS1_type_1(out, sizeof(out) - 1,
-            buf + 1, sizeof(buf) - 1, sizeof(buf));
+                    buf + 1, sizeof(buf) - 1, sizeof(buf));
-        if (pad_len != sizeof(in)) {
+                if (pad_len != sizeof(in)) {
-                fprintf(stderr, "FAIL: failed to check PKCS1 type 1 padding\n");
+                        fprintf(stderr, "FAIL: failed to check PKCS1 type 1 "
-                ERR_print_errors_fp(stderr);
+                            "padding\n");
-                goto failed;
+                        ERR_print_errors_fp(stderr);
+                        goto failed;
+                }
        }
        for (i = 0; i < N_PKCS1_TYPE1_TESTS; i++) {
@@ -260,25 +265,30 @@ static int
 test_pkcs1_type2(void)
 {
        const struct pkcs1_test *pt;
-        uint8_t buf[32], in[19], out[32];
+        uint8_t buf[32], in[19], out[512];
        int pad_len;
        long err;
        size_t i;
        int failed = 1;
-        memset(in, 0x6f, sizeof(in));
+        for (i = 0; i < 1000; i++) {
+                arc4random_buf(in, sizeof(in));
-        if (!RSA_padding_add_PKCS1_type_2(buf, sizeof(buf), in, sizeof(in))) {
+                if (!RSA_padding_add_PKCS1_type_2(buf, sizeof(buf), in,
-                fprintf(stderr, "FAIL: failed to add PKCS1 type 2 padding\n");
+                    sizeof(in))) {
-                goto failed;
+                        fprintf(stderr, "FAIL: failed to add PKCS1 type 2 "
-        }
+                            "padding\n");
+                        goto failed;
+                }
-        pad_len = RSA_padding_check_PKCS1_type_2(out, sizeof(out) - 1,
+                pad_len = RSA_padding_check_PKCS1_type_2(out, sizeof(out) - 1,
-            buf + 1, sizeof(buf) - 1, sizeof(out));
+                    buf + 1, sizeof(buf) - 1, sizeof(buf));
-        if (pad_len != sizeof(in)) {
+                if (pad_len != sizeof(in)) {
-                fprintf(stderr, "FAIL: failed to check PKCS1 type 2 padding\n");
+                        fprintf(stderr, "FAIL: failed to check PKCS1 type 2 "
-                ERR_print_errors_fp(stderr);
+                            "padding\n");
-                goto failed;
+                        ERR_print_errors_fp(stderr);
+                        goto failed;
+                }
        }
        for (i = 0; i < N_PKCS1_TYPE2_TESTS; i++) {
author	jsing <>	2024-03-30 02:20:39 +0000
committer	jsing <>	2024-03-30 02:20:39 +0000
commit	b5ce249dbbfcfe685b5a70cfe75b5e46cc457942 (patch)
tree	9b513e0364f0b4fc513731bedff54e40f41c63d0 /src
parent	d74bf6147b673f5bfd98fac825f4777666666a99 (diff)
download	openbsd-b5ce249dbbfcfe685b5a70cfe75b5e46cc457942.tar.gz openbsd-b5ce249dbbfcfe685b5a70cfe75b5e46cc457942.tar.bz2 openbsd-b5ce249dbbfcfe685b5a70cfe75b5e46cc457942.zip

diff --git a/src/regress/lib/libcrypto/rsa/rsa_padding_test.c b/src/regress/lib/libcrypto/rsa/rsa_padding_test.c index 64357bf405..1b3a0ba1e5 100644 --- a/src/regress/lib/libcrypto/rsa/rsa_padding_test.c +++ b/src/regress/lib/libcrypto/rsa/rsa_padding_test.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_padding_test.c,v 1.1 2024/03/30 00:36:14 jsing Exp $ */	1	/* $OpenBSD: rsa_padding_test.c,v 1.2 2024/03/30 02:20:39 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2024 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -135,19 +135,24 @@ test_pkcs1_type1(void)
135	size_t i;	135	size_t i;
136	int failed = 1;	136	int failed = 1;
137		137
138	memset(in, 0x6f, sizeof(in));	138	for (i = 0; i < 1000; i++) {
		139	arc4random_buf(in, sizeof(in));
139		140
140	if (!RSA_padding_add_PKCS1_type_1(buf, sizeof(buf), in, sizeof(in))) {	141	if (!RSA_padding_add_PKCS1_type_1(buf, sizeof(buf), in,
141	fprintf(stderr, "FAIL: failed to add PKCS1 type 1 padding\n");	142	sizeof(in))) {
142	goto failed;	143	fprintf(stderr, "FAIL: failed to add PKCS1 type 1 "
143	}	144	"padding\n");
		145	goto failed;
		146	}
144		147
145	pad_len = RSA_padding_check_PKCS1_type_1(out, sizeof(out) - 1,	148	pad_len = RSA_padding_check_PKCS1_type_1(out, sizeof(out) - 1,
146	buf + 1, sizeof(buf) - 1, sizeof(buf));	149	buf + 1, sizeof(buf) - 1, sizeof(buf));
147	if (pad_len != sizeof(in)) {	150	if (pad_len != sizeof(in)) {
148	fprintf(stderr, "FAIL: failed to check PKCS1 type 1 padding\n");	151	fprintf(stderr, "FAIL: failed to check PKCS1 type 1 "
149	ERR_print_errors_fp(stderr);	152	"padding\n");
150	goto failed;	153	ERR_print_errors_fp(stderr);
		154	goto failed;
		155	}
151	}	156	}
152		157
153	for (i = 0; i < N_PKCS1_TYPE1_TESTS; i++) {	158	for (i = 0; i < N_PKCS1_TYPE1_TESTS; i++) {
@@ -260,25 +265,30 @@ static int
260	test_pkcs1_type2(void)	265	test_pkcs1_type2(void)
261	{	266	{
262	const struct pkcs1_test *pt;	267	const struct pkcs1_test *pt;
263	uint8_t buf[32], in[19], out[32];	268	uint8_t buf[32], in[19], out[512];
264	int pad_len;	269	int pad_len;
265	long err;	270	long err;
266	size_t i;	271	size_t i;
267	int failed = 1;	272	int failed = 1;
268		273
269	memset(in, 0x6f, sizeof(in));	274	for (i = 0; i < 1000; i++) {
		275	arc4random_buf(in, sizeof(in));
270		276
271	if (!RSA_padding_add_PKCS1_type_2(buf, sizeof(buf), in, sizeof(in))) {	277	if (!RSA_padding_add_PKCS1_type_2(buf, sizeof(buf), in,
272	fprintf(stderr, "FAIL: failed to add PKCS1 type 2 padding\n");	278	sizeof(in))) {
273	goto failed;	279	fprintf(stderr, "FAIL: failed to add PKCS1 type 2 "
274	}	280	"padding\n");
		281	goto failed;
		282	}
275		283
276	pad_len = RSA_padding_check_PKCS1_type_2(out, sizeof(out) - 1,	284	pad_len = RSA_padding_check_PKCS1_type_2(out, sizeof(out) - 1,
277	buf + 1, sizeof(buf) - 1, sizeof(out));	285	buf + 1, sizeof(buf) - 1, sizeof(buf));
278	if (pad_len != sizeof(in)) {	286	if (pad_len != sizeof(in)) {
279	fprintf(stderr, "FAIL: failed to check PKCS1 type 2 padding\n");	287	fprintf(stderr, "FAIL: failed to check PKCS1 type 2 "
280	ERR_print_errors_fp(stderr);	288	"padding\n");
281	goto failed;	289	ERR_print_errors_fp(stderr);
		290	goto failed;
		291	}
282	}	292	}
283		293
284	for (i = 0; i < N_PKCS1_TYPE2_TESTS; i++) {	294	for (i = 0; i < N_PKCS1_TYPE2_TESTS; i++) {