mirror of
https://github.com/jedisct1/libsodium.git
synced 2024-12-23 20:15:19 -07:00
Handle oversized contexts
This commit is contained in:
parent
c8d604e1f1
commit
89eb497efa
@ -1,5 +1,6 @@
|
||||
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "crypto_core_ed25519.h"
|
||||
@ -88,8 +89,25 @@ _string_to_points(unsigned char * const px, size_t n, const char *suite,
|
||||
size_t ctx_len = ctx != NULL ? strlen(ctx) : 0U;
|
||||
size_t i, j;
|
||||
|
||||
if (n > 2U || suite_len > 0xff || ctx_len > 0xff - suite_len) {
|
||||
return -1;
|
||||
/* LCOV_EXCL_START */
|
||||
if (n > 2U || suite_len > 0xff) {
|
||||
abort();
|
||||
}
|
||||
/* LCOV_EXCL_END */
|
||||
if (ctx_len > 0xff - suite_len) {
|
||||
crypto_hash_sha512_init(&st);
|
||||
crypto_hash_sha512_update(&st, "H2C-OVERSIZE-DST-",
|
||||
sizeof "H2C-OVERSIZE-DST-" - 1U);
|
||||
crypto_hash_sha512_update(&st, (const unsigned char *) suite, suite_len);
|
||||
crypto_hash_sha512_update(&st, (const unsigned char *) ctx, ctx_len);
|
||||
crypto_hash_sha512_final(&st, u0);
|
||||
ctx = (const char *) u0;
|
||||
ctx_len = HASH_BYTES;
|
||||
/* LCOV_EXCL_START */
|
||||
if (ctx_len > 0xff - suite_len) {
|
||||
abort();
|
||||
}
|
||||
/* LCOV_EXCL_END */
|
||||
}
|
||||
crypto_hash_sha512_init(&st);
|
||||
crypto_hash_sha512_update(&st, empty_block, sizeof empty_block);
|
||||
|
@ -50,7 +50,9 @@ main(void)
|
||||
{
|
||||
unsigned char *expected_yr, *expected_y, *y;
|
||||
char * expected_y_hex, *y_hex;
|
||||
char * oversized_ctx;
|
||||
size_t i, j;
|
||||
size_t oversized_ctx_len = 250U;
|
||||
|
||||
expected_yr = (unsigned char *) sodium_malloc(crypto_core_ed25519_BYTES);
|
||||
expected_y = (unsigned char *) sodium_malloc(crypto_core_ed25519_BYTES);
|
||||
@ -97,6 +99,21 @@ main(void)
|
||||
printf("Failed with empty parameters");
|
||||
}
|
||||
|
||||
oversized_ctx = sodium_malloc(oversized_ctx_len);
|
||||
memset(oversized_ctx, 'X', oversized_ctx_len - 1U);
|
||||
oversized_ctx[oversized_ctx_len - 1U] = 0;
|
||||
crypto_core_ed25519_from_string(y, oversized_ctx,
|
||||
(const unsigned char *) "msg", 3U);
|
||||
sodium_bin2hex(y_hex, crypto_core_ed25519_BYTES * 2U + 1U, y,
|
||||
crypto_core_ed25519_BYTES);
|
||||
printf("NU with oversized context: %s\n", y_hex);
|
||||
crypto_core_ed25519_from_string_ro(y, oversized_ctx,
|
||||
(const unsigned char *) "msg", 3U);
|
||||
sodium_bin2hex(y_hex, crypto_core_ed25519_BYTES * 2U + 1U, y,
|
||||
crypto_core_ed25519_BYTES);
|
||||
printf("RO with oversized context: %s\n", y_hex);
|
||||
|
||||
sodium_free(oversized_ctx);
|
||||
sodium_free(y_hex);
|
||||
sodium_free(expected_y_hex);
|
||||
sodium_free(y);
|
||||
|
@ -1 +1,3 @@
|
||||
NU with oversized context: b811f71786d032196a8a07d90393084ac4dbec5506590cd96be0f5a92f084298
|
||||
RO with oversized context: 5948dc10765f78b8f183377a7af622b205ce8bb62de98254c203b512a9ef966b
|
||||
OK
|
||||
|
Loading…
Reference in New Issue
Block a user