summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortb <>2022-09-07 21:17:32 +0000
committertb <>2022-09-07 21:17:32 +0000
commitfd8dae1a3a5bcad2b4c3b2a1f80b345b01f8fc4d (patch)
tree83a9ecf76c2909e9fa4d809b2f28b56e242636db /src
parente916b1facff9b2e5fd1cb3ad206495a6edf5b9be (diff)
downloadopenbsd-fd8dae1a3a5bcad2b4c3b2a1f80b345b01f8fc4d.tar.gz
openbsd-fd8dae1a3a5bcad2b4c3b2a1f80b345b01f8fc4d.tar.bz2
openbsd-fd8dae1a3a5bcad2b4c3b2a1f80b345b01f8fc4d.zip
Add output length validation for EVP
From Joshua Sing
Diffstat (limited to 'src')
-rw-r--r--src/regress/lib/libcrypto/rc4/rc4_test.c30
1 files changed, 24 insertions, 6 deletions
diff --git a/src/regress/lib/libcrypto/rc4/rc4_test.c b/src/regress/lib/libcrypto/rc4/rc4_test.c
index a4094854a0..49da63540f 100644
--- a/src/regress/lib/libcrypto/rc4/rc4_test.c
+++ b/src/regress/lib/libcrypto/rc4/rc4_test.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rc4_test.c,v 1.3 2022/09/05 21:36:46 tb Exp $ */ 1/* $OpenBSD: rc4_test.c,v 1.4 2022/09/07 21:17:32 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2022 Joshua Sing <joshua@hypera.dev> 3 * Copyright (c) 2022 Joshua Sing <joshua@hypera.dev>
4 * 4 *
@@ -323,7 +323,7 @@ rc4_test(void)
323 EVP_CIPHER_CTX *ctx = NULL; 323 EVP_CIPHER_CTX *ctx = NULL;
324 const EVP_CIPHER *cipher; 324 const EVP_CIPHER *cipher;
325 uint8_t out[512]; 325 uint8_t out[512];
326 int in_len, out_len; 326 int in_len, out_len, total_len;
327 size_t i; 327 size_t i;
328 int j; 328 int j;
329 int failed = 1; 329 int failed = 1;
@@ -369,6 +369,7 @@ rc4_test(void)
369 } 369 }
370 370
371 /* EVP encryption */ 371 /* EVP encryption */
372 total_len = 0;
372 memset(out, 0, sizeof(out)); 373 memset(out, 0, sizeof(out));
373 if (!EVP_EncryptInit(ctx, cipher, rt->key, NULL)) { 374 if (!EVP_EncryptInit(ctx, cipher, rt->key, NULL)) {
374 fprintf(stderr, "FAIL: EVP_EncryptInit failed\n"); 375 fprintf(stderr, "FAIL: EVP_EncryptInit failed\n");
@@ -380,7 +381,7 @@ rc4_test(void)
380 if (in_len > rt->len - j) 381 if (in_len > rt->len - j)
381 in_len = rt->len - j; 382 in_len = rt->len - j;
382 383
383 if (!EVP_EncryptUpdate(ctx, out + j, &out_len, 384 if (!EVP_EncryptUpdate(ctx, out + total_len, &out_len,
384 rt->in + j, in_len)) { 385 rt->in + j, in_len)) {
385 fprintf(stderr, 386 fprintf(stderr,
386 "FAIL: EVP_EncryptUpdate failed\n"); 387 "FAIL: EVP_EncryptUpdate failed\n");
@@ -388,24 +389,33 @@ rc4_test(void)
388 } 389 }
389 390
390 j += in_len; 391 j += in_len;
392 total_len += out_len;
391 } 393 }
392 394
393 if (!EVP_EncryptFinal_ex(ctx, out, &out_len)) { 395 if (!EVP_EncryptFinal_ex(ctx, out + total_len, &out_len)) {
394 fprintf(stderr, "FAIL: EVP_EncryptFinal_ex failed\n"); 396 fprintf(stderr, "FAIL: EVP_EncryptFinal_ex failed\n");
395 goto failed; 397 goto failed;
396 } 398 }
399 total_len += out_len;
397 400
398 if (!EVP_CIPHER_CTX_reset(ctx)) { 401 if (!EVP_CIPHER_CTX_reset(ctx)) {
399 fprintf(stderr, "FAIL: EVP_CIPHER_CTX_reset failed\n"); 402 fprintf(stderr, "FAIL: EVP_CIPHER_CTX_reset failed\n");
400 goto failed; 403 goto failed;
401 } 404 }
402 405
406 if (total_len != rt->len) {
407 fprintf(stderr,
408 "FAIL: EVP encryption length mismatch\n");
409 goto failed;
410 }
411
403 if (memcmp(rt->out, out, rt->len) != 0) { 412 if (memcmp(rt->out, out, rt->len) != 0) {
404 fprintf(stderr, "FAIL: EVP encryption mismatch\n"); 413 fprintf(stderr, "FAIL: EVP encryption mismatch\n");
405 goto failed; 414 goto failed;
406 } 415 }
407 416
408 /* EVP decryption */ 417 /* EVP decryption */
418 total_len = 0;
409 memset(out, 0, sizeof(out)); 419 memset(out, 0, sizeof(out));
410 if (!EVP_DecryptInit(ctx, cipher, rt->key, NULL)) { 420 if (!EVP_DecryptInit(ctx, cipher, rt->key, NULL)) {
411 fprintf(stderr, "FAIL: EVP_DecryptInit failed\n"); 421 fprintf(stderr, "FAIL: EVP_DecryptInit failed\n");
@@ -417,7 +427,7 @@ rc4_test(void)
417 if (in_len > rt->len - j) 427 if (in_len > rt->len - j)
418 in_len = rt->len - j; 428 in_len = rt->len - j;
419 429
420 if (!EVP_DecryptUpdate(ctx, out + j, &out_len, 430 if (!EVP_DecryptUpdate(ctx, out + total_len, &out_len,
421 rt->in + j, in_len)) { 431 rt->in + j, in_len)) {
422 fprintf(stderr, 432 fprintf(stderr,
423 "FAIL: EVP_DecryptUpdate failed\n"); 433 "FAIL: EVP_DecryptUpdate failed\n");
@@ -425,18 +435,26 @@ rc4_test(void)
425 } 435 }
426 436
427 j += in_len; 437 j += in_len;
438 total_len += out_len;
428 } 439 }
429 440
430 if (!EVP_DecryptFinal_ex(ctx, out, &out_len)) { 441 if (!EVP_DecryptFinal_ex(ctx, out + total_len, &out_len)) {
431 fprintf(stderr, "FAIL: EVP_DecryptFinal_ex failed\n"); 442 fprintf(stderr, "FAIL: EVP_DecryptFinal_ex failed\n");
432 goto failed; 443 goto failed;
433 } 444 }
445 total_len += out_len;
434 446
435 if (!EVP_CIPHER_CTX_reset(ctx)) { 447 if (!EVP_CIPHER_CTX_reset(ctx)) {
436 fprintf(stderr, "FAIL: EVP_CIPHER_CTX_reset failed\n"); 448 fprintf(stderr, "FAIL: EVP_CIPHER_CTX_reset failed\n");
437 goto failed; 449 goto failed;
438 } 450 }
439 451
452 if (total_len != rt->len) {
453 fprintf(stderr,
454 "FAIL: EVP decryption length mismatch\n");
455 goto failed;
456 }
457
440 if (memcmp(rt->out, out, rt->len) != 0) { 458 if (memcmp(rt->out, out, rt->len) != 0) {
441 fprintf(stderr, "FAIL: EVP decryption mismatch\n"); 459 fprintf(stderr, "FAIL: EVP decryption mismatch\n");
442 goto failed; 460 goto failed;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 05:25:33 +0000