lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-09-02 16:01:16 +03:00
Code Activity

Merge pull request #2999 from catenacyber/fuzzrsa

Browse Source 
Checks mbedtls_rsa_export return in fuzz targets
This commit is contained in:
Gilles Peskine
2020-01-31 16:38:43 +01:00
committed by GitHub
parent 512d040963 8b1ed1cf0e
commit 36ce88be1e
2 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
programs/fuzz/fuzz_privkey.c
View File

@@ -1,4 +1,5 @@
#include <stdint.h>
#include <stdlib.h>
#include "mbedtls/pk.h"
//4 Kb should be enough for every bug ;-)
@@ -29,8 +30,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
rsa = mbedtls_pk_rsa( pk );
mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E );
mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP );
if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != 0 ) {
abort();
}
if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != 0 ) {
abort();
}
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );

9
programs/fuzz/fuzz_pubkey.c
View File

@@ -1,4 +1,5 @@
#include <stdint.h>
#include <stdlib.h>
#include "mbedtls/pk.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
@@ -20,8 +21,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
rsa = mbedtls_pk_rsa( pk );
ret = mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E );
ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP );
if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != 0 ) {
abort();
}
if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) {
abort();
}
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );