From 2d9612b116de812da6b42662c25106720e411951 Mon Sep 17 00:00:00 2001 From: Alexandre Abadie Date: Tue, 5 Nov 2019 10:25:20 +0100 Subject: [PATCH 1/4] tests/sys_crypto: exclude some test for 8 and 16 bit arch The tests doesn't work when length_encoding is above the maximum uint16 value. Also add a set that checks the right error code is returned with too small length_encoding. --- tests/sys_crypto/tests-crypto-modes-ccm.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/sys_crypto/tests-crypto-modes-ccm.c b/tests/sys_crypto/tests-crypto-modes-ccm.c index ac2096dc73..84f15a8f4e 100644 --- a/tests/sys_crypto/tests-crypto-modes-ccm.c +++ b/tests/sys_crypto/tests-crypto-modes-ccm.c @@ -1009,6 +1009,9 @@ static void test_crypto_modes_ccm_check_len(void) { int ret; +/* Using length_encoding above UINT16_MAX doesn't work on 8/16 bit + architectures, SIZE_MAX is equal to UINT16_MAX there */ +#if SIZE_MAX > UINT16_MAX /* Just 1 to big to fit */ ret = _test_ccm_len(cipher_encrypt_ccm, 2, NULL, 1 << 16, 0); TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret); @@ -1020,6 +1023,11 @@ static void test_crypto_modes_ccm_check_len(void) TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret); ret = _test_ccm_len(cipher_decrypt_ccm, 2, NULL, 1 << 16, 65535); TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret); +#endif + + /* Invalid length when length_encoding < 2 */ + ret = _test_ccm_len(cipher_encrypt_ccm, 1, NULL, 8, 0); + TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret); /* Valid length that were wrongly checked */ /* Check should work with len_encoding >= 4, test with 8 */ From 608fee8852b4e19155457fe6569b66884950b696 Mon Sep 17 00:00:00 2001 From: Alexandre Abadie Date: Tue, 5 Nov 2019 10:26:14 +0100 Subject: [PATCH 2/4] tests/crypto: add new 8/16 bit boards to insufficient memory --- tests/sys_crypto/Makefile.ci | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/sys_crypto/Makefile.ci b/tests/sys_crypto/Makefile.ci index 08786ba109..447c6158a4 100644 --- a/tests/sys_crypto/Makefile.ci +++ b/tests/sys_crypto/Makefile.ci @@ -1,6 +1,14 @@ BOARD_INSUFFICIENT_MEMORY := \ + arduino-duemilanove \ + arduino-leonardo \ + arduino-mega2560 \ + arduino-nano \ + arduino-uno \ + atmega328p \ + chronos \ nucleo-f031k6 \ nucleo-f042k6 \ nucleo-l031k6 \ stm32f030f4-demo \ + waspmote-pro \ # From d9ca9f3ef2a427db7a64464a2fc4fe06d9f0b826 Mon Sep 17 00:00:00 2001 From: Alexandre Abadie Date: Tue, 5 Nov 2019 10:26:38 +0100 Subject: [PATCH 3/4] tests/crypto: remove useless BOARD_BLACKLIST --- tests/sys_crypto/Makefile | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/tests/sys_crypto/Makefile b/tests/sys_crypto/Makefile index 5cac356f5a..d8526a0330 100644 --- a/tests/sys_crypto/Makefile +++ b/tests/sys_crypto/Makefile @@ -1,26 +1,5 @@ include ../Makefile.tests_common -# Issue with integer width -BOARD_BLACKLIST += arduino-duemilanove -BOARD_BLACKLIST += arduino-leonardo -BOARD_BLACKLIST += arduino-mega2560 -BOARD_BLACKLIST += arduino-nano -BOARD_BLACKLIST += arduino-uno -BOARD_BLACKLIST += atmega256rfr2-xpro -BOARD_BLACKLIST += avr-rss2 -BOARD_BLACKLIST += atmega328p -BOARD_BLACKLIST += atmega1284p -BOARD_BLACKLIST += chronos -BOARD_BLACKLIST += mega-xplained -BOARD_BLACKLIST += microduino-corerf -BOARD_BLACKLIST += msb-430 -BOARD_BLACKLIST += msb-430h -BOARD_BLACKLIST += telosb -BOARD_BLACKLIST += waspmote-pro -BOARD_BLACKLIST += wsn430-v1_3b -BOARD_BLACKLIST += wsn430-v1_4 -BOARD_BLACKLIST += z1 - USEMODULE += embunit USEMODULE += crypto From 607aa6fbcd6d007dd250bddce4267d3e5e893e06 Mon Sep 17 00:00:00 2001 From: Alexandre Abadie Date: Wed, 6 Nov 2019 12:14:05 +0100 Subject: [PATCH 4/4] sys/crypto/ocb: fix max data condition --- sys/crypto/modes/ocb.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sys/crypto/modes/ocb.c b/sys/crypto/modes/ocb.c index d7d0b6840e..e9dcf26a66 100644 --- a/sys/crypto/modes/ocb.c +++ b/sys/crypto/modes/ocb.c @@ -319,8 +319,7 @@ int32_t cipher_decrypt_ocb(cipher_t *cipher, uint8_t *auth_data, uint8_t tag_len, uint8_t *nonce, size_t nonce_len, uint8_t *input, size_t input_len, uint8_t *output) { - - if (input_len - tag_len > INT32_MAX) { + if (input_len > (uint32_t)(INT32_MAX + tag_len)) { // We would not be able to return the proper output length for data this long return OCB_ERR_INVALID_DATA_LENGTH; }