Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add missing ret code checks in PEM module #828

Merged
merged 2 commits into from
Nov 28, 2017
Merged

Add missing ret code checks in PEM module #828

merged 2 commits into from
Nov 28, 2017

Conversation

andresag01
Copy link
Contributor

Add missing return code checks in the functions pem_des_decrypt(),
pem_3des_decrypt() and pem_aes_decrypt() so that the calling function
mbedtls_pem_read_buffer() is notified of errors reported by the crypto
primitives AES, DES and 3DES.

NOTES:

@andresag01 andresag01 force-pushed the iotssl-1169-pem-missing-checks branch from 8d37954 to 25a48aa Compare March 1, 2017 13:04
@andresag01
Copy link
Contributor Author

The CI failure is expected, refer to this for more information.

yanesca
yanesca requested changes Mar 7, 2017
View reviewed changes
tests/suites/test_suite_pem.data Outdated

PEM read (malformed PEM)
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that we could achieve full coverage of the changes with minimal effort if we would add a very similar test vector for DES3 and AES as well.

@andresag01 andresag01 force-pushed the iotssl-1169-pem-missing-checks branch from 25a48aa to 56e942e Compare March 9, 2017 13:54
@andresag01
Copy link
Contributor Author

Added tests suggested by @yanesca

Andres AG added 2 commits May 30, 2017 16:40
Add missing ret code checks in PEM module
51a7ae1 
Add missing return code checks in the functions pem_des_decrypt(),
pem_3des_decrypt() and pem_aes_decrypt() so that the calling function
mbedtls_pem_read_buffer() is notified of errors reported by the crypto
primitives AES, DES and 3DES.
Add negative testing for mbedtls_pem_read_buffer()
a3b9adb
@andresag01 andresag01 force-pushed the iotssl-1169-pem-missing-checks branch from 56e942e to a3b9adb Compare May 30, 2017 15:55
@andresag01
Copy link
Contributor Author

Rebased fix on top of development branch

This was referenced May 30, 2017
Merged
Merged
@andresag01 andresag01 requested a review from RonEld September 25, 2017 10:12
@andresag01 andresag01 mentioned this pull request Sep 25, 2017
Closed
4 tasks
@gilles-peskine-arm
Copy link
Contributor

CI failed only due to timing tests (known issue), ok to merge

@gilles-peskine-arm gilles-peskine-arm merged commit a3b9adb into Mbed-TLS:development Nov 28, 2017
@gilles-peskine-arm gilles-peskine-arm mentioned this pull request Nov 28, 2017
Closed
daverodgman pushed a commit that referenced this pull request Jul 7, 2021
@mpg
Merge pull request #828 from mpg/rsa-lookup-restricted
da1eab3 
Use constant-time look-up in modular exponentiation
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yanesca yanesca yanesca approved these changes

@RonEld RonEld RonEld approved these changes

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@andresag01 @gilles-peskine-arm @yanesca @RonEld