mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 19:21:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve validation in mpi_exp_mod_min_RR

Browse Source 
Check that the test case is hitting what it's supposed to hit, and that the
library takes the expected defensive measure.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2024-02-21 16:03:04 +01:00 committed by Janos Follath
parent fdab786852
commit 673461c389
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
tests/suites/test_suite_bignum.function
View File

@ -982,8 +982,16 @@ void mpi_exp_mod_min_RR(char *input_A, char *input_E,
TEST_EQUAL(mbedtls_mpi_core_get_mont_r2_unsafe(&RR, &N), 0);
TEST_EQUAL(mbedtls_mpi_shrink(&RR, 0), 0);
/* The objective of this test is to check that exp_mod defends
* against a smaller RR. */
TEST_LE_U(RR.n, N.n - 1);
res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR);
/* We know that exp_mod internally needs RR to be as large as N.
* Validate that it is the case now, otherwise there was probably
* a buffer overread. */
TEST_EQUAL(RR.n, N.n);
TEST_EQUAL(res, exp_result);
if (res == 0) {
TEST_EQUAL(sign_is_valid(&Z), 1);

2
tests/suites/test_suite_bignum.misc.data
View File

@ -1395,9 +1395,11 @@ depends_on:MPI_MAX_BITS_LARGER_THAN_792
mpi_exp_mod:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
Test mbedtls_mpi_exp_mod (N.n=3, RR.n=1 on 32 bit)
depends_on:MBEDTLS_HAVE_INT32
mpi_exp_mod_min_RR:"10":"2":"10000000100000001":"100":0
Test mbedtls_mpi_exp_mod (N.n=3, RR.n=1 on 64 bit)
depends_on:MBEDTLS_HAVE_INT64
mpi_exp_mod_min_RR:"10":"2":"100000000000000010000000000000001":"100":0
Base test GCD #1