PSA crypto: fuzz MAC and symmetric ciphers #71
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The module can be called with invalid operations (inconsistent key sizes, modes, etc). Do the necessary filtering to skip CMAC operations when the parameters are inconsistent.
Fuzz unauthenticated ciphers and AEAD.
If an AEAD decryption reports a verification failure, treat that as any other error, i.e. have the operation return null.
We were reporting an empty tag when doing unauthenticated decryption.
Currently this only affects HMAC: other algorithms require fixed-size keys anyway.
In cipher_decrypt_oneshot(), don't include the IV in the ciphertext size when calling check_finish_status(). That caused it to erroneously think an empty ciphertext is valid for PSA_ALG_CBC_PKCS7 decryption.
|
can't find any more issues now and code looks good so will merge this now. thank you for your effort. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In the TF-PSA-Crypto module (PSA Crypto API implemented by Mbed TLS), fuzz
HMAC,CMAC,SymmetricEncryptandSymmetricDecrypt(i.e. MAC, cipher and AEAD).This was a journey of discovery as I struggled through the validation philosophy. Also of learning C++. So I don't think the code is very nice and improvements are welcome.
I ran this overnight on my laptop and it didn't find anything. And it's found things (including one functional bug) so I think it isn't ignoring too much.
Note on timing: I'm putting this out there because it's ready, but I'm going to be offline from Friday until April 8. I'm posting this expecting to do rework when I get back.