Return an error for IV lengths other than 12 with ChaCha20
The implementation was silently overwriting the IV length to 12 even though the caller passed a different value. Change the behavior to signal that a different length is not supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
parent
ce8a6173f7
commit
33ca6af8a3
3 changed files with 67 additions and 0 deletions
|
@ -386,6 +386,12 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
|
|||
#if defined(MBEDTLS_CHACHA20_C)
|
||||
if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
|
||||
{
|
||||
/* Even though the actual_iv_size is overwritten with a correct value
|
||||
* of 12 from the cipher info, return an error to indicate that
|
||||
* the input iv_len is wrong. */
|
||||
if( iv_len != 12 )
|
||||
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
||||
|
||||
if ( 0 != mbedtls_chacha20_starts( (mbedtls_chacha20_context*)ctx->cipher_ctx,
|
||||
iv,
|
||||
0U ) ) /* Initial counter value */
|
||||
|
|
|
@ -109,3 +109,23 @@ enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:6:16:-1:6:16:6:16
|
|||
ChaCha20 Encrypt and decrypt 32 bytes in multiple parts
|
||||
depends_on:MBEDTLS_CHACHA20_C
|
||||
enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:16:16:-1:16:16:16:16
|
||||
|
||||
ChaCha20 IV Length 0
|
||||
depends_on:MBEDTLS_CHACHA20_C
|
||||
check_iv:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
|
||||
|
||||
ChaCha20 IV Length 11
|
||||
depends_on:MBEDTLS_CHACHA20_C
|
||||
check_iv:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":11:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
|
||||
|
||||
ChaCha20 IV Length 12
|
||||
depends_on:MBEDTLS_CHACHA20_C
|
||||
check_iv:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":12:0
|
||||
|
||||
ChaCha20 IV Length 13
|
||||
depends_on:MBEDTLS_CHACHA20_C
|
||||
check_iv:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":13:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
|
||||
|
||||
ChaCha20 IV Length 16
|
||||
depends_on:MBEDTLS_CHACHA20_C
|
||||
check_iv:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":16:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
|
||||
|
|
|
@ -442,6 +442,8 @@ void enc_dec_buf( int cipher_id, char * cipher_string, int key_len,
|
|||
if( NULL != strstr( cipher_info->name, "CCM*-NO-TAG") )
|
||||
iv_len = 13; /* For CCM, IV length is expected to be between 7 and 13 bytes.
|
||||
* For CCM*-NO-TAG, IV length must be exactly 13 bytes long. */
|
||||
else if( cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
|
||||
iv_len = 12;
|
||||
else
|
||||
iv_len = sizeof(iv);
|
||||
|
||||
|
@ -689,6 +691,8 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
|
|||
if( NULL != strstr( cipher_info->name, "CCM*-NO-TAG") )
|
||||
iv_len = 13; /* For CCM, IV length is expected to be between 7 and 13 bytes.
|
||||
* For CCM*-NO-TAG, IV length must be exactly 13 bytes long. */
|
||||
else if( cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
|
||||
iv_len = 12;
|
||||
else
|
||||
iv_len = sizeof(iv);
|
||||
|
||||
|
@ -1130,3 +1134,40 @@ void check_padding( int pad_mode, data_t * input, int ret, int dlen_check
|
|||
TEST_ASSERT( dlen == (size_t) dlen_check );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void check_iv( int cipher_id, char * cipher_string,
|
||||
int iv_len_val, int ret )
|
||||
{
|
||||
size_t iv_len = iv_len_val;
|
||||
unsigned char iv[16];
|
||||
|
||||
const mbedtls_cipher_info_t *cipher_info;
|
||||
mbedtls_cipher_context_t ctx_dec;
|
||||
mbedtls_cipher_context_t ctx_enc;
|
||||
|
||||
/*
|
||||
* Prepare contexts
|
||||
*/
|
||||
mbedtls_cipher_init( &ctx_dec );
|
||||
mbedtls_cipher_init( &ctx_enc );
|
||||
|
||||
/* Check and get info structures */
|
||||
cipher_info = mbedtls_cipher_info_from_type( cipher_id );
|
||||
TEST_ASSERT( NULL != cipher_info );
|
||||
TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info );
|
||||
TEST_ASSERT( strcmp( mbedtls_cipher_info_get_name( cipher_info ),
|
||||
cipher_string ) == 0 );
|
||||
|
||||
/* Initialise enc and dec contexts */
|
||||
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
|
||||
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
|
||||
|
||||
TEST_ASSERT( ret == mbedtls_cipher_set_iv( &ctx_dec, iv, iv_len ) );
|
||||
TEST_ASSERT( ret == mbedtls_cipher_set_iv( &ctx_enc, iv, iv_len ) );
|
||||
|
||||
exit:
|
||||
mbedtls_cipher_free( &ctx_dec );
|
||||
mbedtls_cipher_free( &ctx_enc );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
|
Loading…
Reference in a new issue