From 5533f4aff1032cf2a40ea45032199ab1bccacd70 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 21 Nov 2018 13:44:31 +0200 Subject: [PATCH 1/8] Reduce stack usage of test_suite_pk Reduce the stack usage of the `test_suite_pk` by reducing the size of the buffers used in the tests, to a reasonable big enough size. --- tests/suites/test_suite_pk.function | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 4e6ab172c..342405e5d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -548,7 +548,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, char * input_E, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; mbedtls_pk_restart_ctx *rs_ctx = NULL; @@ -563,7 +563,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, mbedtls_pk_init( &pk ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, MBEDTLS_MD_MAX_SIZE ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); rsa = mbedtls_pk_rsa( pk ); @@ -597,7 +597,7 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, data_t * result_str, int pk_type, int mgf1_hash_id, int salt_len, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; mbedtls_pk_rsassa_pss_options pss_opts; @@ -606,7 +606,7 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, mbedtls_pk_init( &pk ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); rsa = mbedtls_pk_rsa( pk ); @@ -856,7 +856,7 @@ void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N, char * input_N, int radix_E, char * input_E, data_t * result, int ret ) { - unsigned char output[1000]; + unsigned char output[300]; rnd_pseudo_info rnd_info; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; @@ -891,7 +891,7 @@ void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P, int radix_N, char * input_N, int radix_E, char * input_E, data_t * clear, int ret ) { - unsigned char output[1000]; + unsigned char output[256]; rnd_pseudo_info rnd_info; mbedtls_mpi N, P, Q, E; mbedtls_rsa_context *rsa; @@ -1016,8 +1016,8 @@ void pk_rsa_alt( ) mbedtls_rsa_context raw; mbedtls_pk_context rsa, alt; mbedtls_pk_debug_item dbg_items[10]; - unsigned char hash[50], sig[1000]; - unsigned char msg[50], ciph[1000], test[1000]; + unsigned char hash[50], sig[64]; + unsigned char msg[50], ciph[64], test[50]; size_t sig_len, ciph_len, test_len; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; From e4c5fa74b81d16f686760c8169d25876382eb9bd Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:47:51 +0200 Subject: [PATCH 2/8] Reduce stack usage of test_suite_rsa Reduce the stack usage of the `test_suite_rsa` by reducing the size of the buffers used in the tests, to a reasonable big enough size, and change the data size to decrypt in the data file. --- tests/suites/test_suite_rsa.data | 4 +-- tests/suites/test_suite_rsa.function | 54 ++++++++++++++-------------- 2 files changed, 29 insertions(+), 29 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 953b1ff92..5e4de17e2 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -264,7 +264,7 @@ mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V1 RSA PKCS1 Decrypt #1 (Verify) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 +mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 RSA PKCS1 Encrypt #2 (Data too large) depends_on:MBEDTLS_PKCS1_V15 @@ -272,7 +272,7 @@ mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c RSA PKCS1 Decrypt #2 (Data too small) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA PKCS1 Decrypt #4 (Output buffer too small) depends_on:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 89c84e8ca..d4acc2de2 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -472,8 +472,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, char * input_N, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char hash_result[1000]; - unsigned char output[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; rnd_pseudo_info rnd_info; @@ -482,8 +482,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -522,14 +522,14 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, char * input_N, int radix_E, char * input_E, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -557,7 +557,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, int radix_N, char * input_N, int radix_E, char * input_E, data_t * result_hex_str ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; rnd_pseudo_info rnd_info; @@ -566,7 +566,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -593,7 +593,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) { int res; - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output) ); res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, @@ -627,7 +627,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, char * input_N, int radix_E, char * input_E, data_t * result_str, int correct ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; @@ -688,7 +688,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; rnd_pseudo_info rnd_info; @@ -698,7 +698,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -729,14 +729,14 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -769,7 +769,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, int max_output, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[32]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -780,7 +780,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); @@ -815,7 +815,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, char * input_N, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, E; @@ -823,7 +823,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -847,7 +847,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result ); if( result == 0 ) { @@ -869,7 +869,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, P, Q, E; rnd_pseudo_info rnd_info; @@ -896,7 +896,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, /* repeat three times to test updating of blinding values */ for( i = 0; i < 3; i++ ) { - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info, message_str->x, output ) == result ); if( result == 0 ) @@ -913,7 +913,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info, message_str->x, output ) == result ); if( result == 0 ) @@ -1577,11 +1577,11 @@ void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P, int successive ) { /* Exported buffers */ - unsigned char bufNe[1000]; - unsigned char bufPe[1000]; - unsigned char bufQe[1000]; - unsigned char bufDe[1000]; - unsigned char bufEe[1000]; + unsigned char bufNe[256]; + unsigned char bufPe[128]; + unsigned char bufQe[128]; + unsigned char bufDe[256]; + unsigned char bufEe[1]; mbedtls_rsa_context ctx; From 5d7254a091c407d9b95580f7e65340a9a9cd3ab3 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:49:49 +0200 Subject: [PATCH 3/8] Reduce stack usage of test_suite_pkcs1_v21 Reduce the stack usage of the `test_suite_pkcs1_v21` by reducing the size of the buffers used in the tests, to a reasonable big enough size, and change the size sent to the API to sizeof output. --- tests/suites/test_suite_pkcs1_v21.function | 31 +++++++++++----------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 99be08ac0..3cd3903c3 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -14,7 +14,7 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; rnd_buf_info info; mbedtls_mpi N, E; @@ -24,7 +24,7 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -54,7 +54,7 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P, char * seed, data_t * message_str, int result ) { - unsigned char output[1000]; + unsigned char output[64]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -66,7 +66,7 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P, mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -79,11 +79,12 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P, TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, 1000 ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, + MBEDTLS_RSA_PRIVATE, &output_len, + message_str->x, output, + sizeof( output ) ) == result ); if( result == 0 ) { - TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 ); } @@ -101,8 +102,8 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char hash_result[1000]; - unsigned char output[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[256]; mbedtls_rsa_context ctx; rnd_buf_info info; mbedtls_mpi N, P, Q, E; @@ -114,8 +115,8 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); @@ -152,14 +153,14 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N, int hash, data_t * message_str, char * salt, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -189,14 +190,14 @@ void pkcs1_rsassa_pss_verify_ext( int mod, int radix_N, char * input_N, data_t * result_str, int result_simple, int result_full ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; size_t hash_len; mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); From 3adb98138387a91ffb06102af7a64d85176c929b Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 25 Nov 2018 15:54:52 +0200 Subject: [PATCH 4/8] Reduce stack usage of test_suite_pkcs1_v15 Reduce the stack usage of the `test_suite_pkcs1_v15` by reducing the size of the buffers used in the tests, to a reasonable big enough size. --- tests/suites/test_suite_pkcs1_v15.function | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 0723623a5..08f590bc7 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -14,7 +14,7 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[128]; mbedtls_rsa_context ctx; rnd_buf_info info; mbedtls_mpi N, E; @@ -24,7 +24,7 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -54,7 +54,7 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, char * seed, data_t * message_str, int result ) { - unsigned char output[1000]; + unsigned char output[128]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -65,7 +65,7 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -248,8 +248,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char hash_result[1000]; - unsigned char output[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[128]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; rnd_buf_info info; @@ -261,8 +261,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); @@ -298,14 +298,14 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, int hash, data_t * message_str, char * salt, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); From 2ad73aa38864de5ade2a1e8417597b4affc566db Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:56:06 +0200 Subject: [PATCH 5/8] Increase test suite timeout Increase the test suite timeouit from 180 seconds, to 800 seconds, since some tests consume more time, even if all tests are skipped. --- tests/suites/target_test.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index d430d9d5d..a0d66532b 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -368,7 +368,7 @@ int execute_tests( int args, const char ** argv ) void ** params = NULL; uint8_t * data = NULL, * p = NULL; - GREENTEA_SETUP( 180, "mbedtls_test" ); + GREENTEA_SETUP( 800, "mbedtls_test" ); greentea_send_kv( "GO", " " ); while ( 1 ) From 6e76108e15e06467a89542deb0dfc3c921ec9f9a Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 9 Sep 2019 14:52:50 +0300 Subject: [PATCH 6/8] Fix endianity issue when reading uint32 The uint32 is given as a bigendian stream, in the tests, however, the char buffer that collected the stream read it as is, without converting it. Add a temporary buffer, to call `greentea_getc()` 8 times, and then put it in the correct endianity for input to `unhexify()`. --- tests/suites/target_test.function | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index a0d66532b..e30297f28 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -75,7 +75,7 @@ uint8_t receive_byte() c[1] = greentea_getc(); c[2] = '\0'; - assert( unhexify( &byte, c ) != 2 ); + TEST_HELPER_ASSERT( unhexify( &byte, c ) != 2 ); return( byte ); } @@ -90,18 +90,19 @@ uint8_t receive_byte() uint32_t receive_uint32() { uint32_t value; - const uint8_t c[9] = { greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - '\0' - }; - assert( unhexify( &value, c ) != 8 ); - return( (uint32_t)value ); + uint8_t c_be[8] = { greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc() + }; + const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2], + c_be[3], c_be[0], c_be[1], '\0' }; + TEST_HELPER_ASSERT( unhexify( (uint8_t*)&value, c ) != 8 ); + return( value ); } /** From 39512b4b8aebf83582611e780b481466669d6190 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 25 Sep 2019 14:06:15 +0300 Subject: [PATCH 7/8] Add const to variable Add const type that was accidently removed. --- tests/suites/target_test.function | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index e30297f28..efee8793a 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -90,15 +90,15 @@ uint8_t receive_byte() uint32_t receive_uint32() { uint32_t value; - uint8_t c_be[8] = { greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc() - }; + const uint8_t c_be[8] = { greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc() + }; const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2], c_be[3], c_be[0], c_be[1], '\0' }; TEST_HELPER_ASSERT( unhexify( (uint8_t*)&value, c ) != 8 ); From ae9f2a2accee345b52f24903be0e53ae3445b1e1 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 25 Sep 2019 15:04:21 +0300 Subject: [PATCH 8/8] Fix compilation error Change test_info.failed to test_info.result, as it was previously changed. --- tests/suites/target_test.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index efee8793a..89835d2bf 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -375,7 +375,7 @@ int execute_tests( int args, const char ** argv ) while ( 1 ) { ret = 0; - test_info.failed = 0; + test_info.result = TEST_RESULT_SUCCESS; data_len = 0; data = receive_data( &data_len ); @@ -433,7 +433,7 @@ int execute_tests( int args, const char ** argv ) if ( ret ) send_failure( ret ); else - send_status( test_info.failed ); + send_status( test_info.result ); } return( 0 ); }