root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

test/drbgtest.c: Fix error check test 

The condition in test_error_checks() was inverted, so the test succeeded
as long as error_check() failed. Incidently, error_check() contained
several bugs that assured it always failed, thus giving overall drbg
test success.

Remove the broken explicit zero check.
RAND_DRBG_uninstantiate() cleanses the data via drbg_ctr_uninstantiate(),
but right after that it resets drbg->data.ctr using RAND_DRBG_set(),
so TEST_mem_eq(zero, sizeof(drbg->data)) always failed.

(backport from https://github.com/openssl/openssl/pull/11195)

Signed-off-by: Vitezslav Cizek <vcizek@suse.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12517)
This commit is contained in:
Vitezslav Cizek 2020-07-10 21:33:00 +02:00 committed by Dr. Matthias St. Pierre
parent 48fc6cd59c
commit 72a9868fe5
1 changed files with 20 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
test/drbgtest.c
View File

@ -286,7 +286,6 @@ static int instantiate(RAND_DRBG *drbg, DRBG_SELFTEST_DATA *td,
*/
static int error_check(DRBG_SELFTEST_DATA *td)
{
static char zero[sizeof(RAND_DRBG)];
RAND_DRBG *drbg = NULL;
TEST_CTX t;
unsigned char buff[1024];
@ -302,7 +301,7 @@ static int error_check(DRBG_SELFTEST_DATA *td)
/* Test detection of too large personalisation string */
if (!init(drbg, td, &t)
|| RAND_DRBG_instantiate(drbg, td->pers, drbg->max_perslen + 1) > 0)
|| !TEST_false(RAND_DRBG_instantiate(drbg, td->pers, drbg->max_perslen + 1)))
goto err;
/*
@ -311,7 +310,7 @@ static int error_check(DRBG_SELFTEST_DATA *td)
/* Test entropy source failure detection: i.e. returns no data */
t.entropylen = 0;
if (TEST_int_le(RAND_DRBG_instantiate(drbg, td->pers, td->perslen), 0))
if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen)))
goto err;
/* Try to generate output from uninstantiated DRBG */
@ -321,16 +320,18 @@ static int error_check(DRBG_SELFTEST_DATA *td)
goto err;
/* Test insufficient entropy */
if (!init(drbg, td, &t))
goto err;
t.entropylen = drbg->min_entropylen - 1;
if (!init(drbg, td, &t)
|| RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0
if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
|| !uninstantiate(drbg))
goto err;
/* Test too much entropy */
if (!init(drbg, td, &t))
goto err;
t.entropylen = drbg->max_entropylen + 1;
if (!init(drbg, td, &t)
|| RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0
if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
|| !uninstantiate(drbg))
goto err;
@ -340,18 +341,20 @@ static int error_check(DRBG_SELFTEST_DATA *td)
/* Test too small nonce */
if (drbg->min_noncelen) {
if (!init(drbg, td, &t))
goto err;
t.noncelen = drbg->min_noncelen - 1;
if (!init(drbg, td, &t)
|| RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0
if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
|| !uninstantiate(drbg))
goto err;
}
/* Test too large nonce */
if (drbg->max_noncelen) {
if (!init(drbg, td, &t))
goto err;
t.noncelen = drbg->max_noncelen + 1;
if (!init(drbg, td, &t)
|| RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0
if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
|| !uninstantiate(drbg))
goto err;
}
@ -377,7 +380,7 @@ static int error_check(DRBG_SELFTEST_DATA *td)
* failure.
*/
t.entropylen = 0;
if (TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 1,
if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 1,
td->adin, td->adinlen))
|| !uninstantiate(drbg))
goto err;
@ -428,12 +431,12 @@ static int error_check(DRBG_SELFTEST_DATA *td)
/* Test explicit reseed with too large additional input */
if (!instantiate(drbg, td, &t)
|| RAND_DRBG_reseed(drbg, td->adin, drbg->max_adinlen + 1, 0) > 0)
|| !TEST_false(RAND_DRBG_reseed(drbg, td->adin, drbg->max_adinlen + 1, 0)))
goto err;
/* Test explicit reseed with entropy source failure */
t.entropylen = 0;
if (!TEST_int_le(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0), 0)
if (!TEST_false(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0))
|| !uninstantiate(drbg))
goto err;
@ -441,7 +444,7 @@ static int error_check(DRBG_SELFTEST_DATA *td)
if (!instantiate(drbg, td, &t))
goto err;
t.entropylen = drbg->max_entropylen + 1;
if (!TEST_int_le(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0), 0)
if (!TEST_false(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0))
|| !uninstantiate(drbg))
goto err;
@ -449,14 +452,10 @@ static int error_check(DRBG_SELFTEST_DATA *td)
if (!instantiate(drbg, td, &t))
goto err;
t.entropylen = drbg->min_entropylen - 1;
if (!TEST_int_le(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0), 0)
if (!TEST_false(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0))
|| !uninstantiate(drbg))
goto err;
/* Standard says we have to check uninstantiate really zeroes */
if (!TEST_mem_eq(zero, sizeof(drbg->data), &drbg->data, sizeof(drbg->data)))
goto err;
ret = 1;
err:
@ -483,7 +482,7 @@ static int test_error_checks(int i)
DRBG_SELFTEST_DATA *td = &drbg_test[i];
int rv = 0;
if (error_check(td))
if (!error_check(td))
goto err;
rv = 1;