[SSSD] [sssd PR#58][opened] Fix bug in libcrypto version of sss_decrypt

lslebodn Wed, 19 Oct 2016 08:07:44 -0700

   URL: https://github.com/SSSD/sssd/pull/58
Author: lslebodn
 Title: #58: Fix bug in libcrypto version of sss_decrypt
Action: opened


PR body:
"""

"""

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/58/head:pr58
git checkout pr58

From 74442dff9f36c426d41fc282d56e4e03c114affe Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lsleb...@redhat.com>
Date: Wed, 19 Oct 2016 16:46:44 +0200
Subject: [PATCH 1/3] libcrypto: Check right value of CRYPTO_memcmp

sss_decrypt failed even though should pass because
we were checking wrong value of CRYPTO_memcmp.
Nobody noticed that because there was not a unit test :-)
---
 src/util/crypto/libcrypto/crypto_nite.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/util/crypto/libcrypto/crypto_nite.c b/src/util/crypto/libcrypto/crypto_nite.c
index fa267fb..f471bd2 100644
--- a/src/util/crypto/libcrypto/crypto_nite.c
+++ b/src/util/crypto/libcrypto/crypto_nite.c
@@ -222,7 +222,7 @@ int sss_decrypt(TALLOC_CTX *mem_ctx, enum encmethod enctype,
     }
 
     ret = CRYPTO_memcmp(&ciphertext[cipherlen - hmaclen], out, hmaclen);
-    if (ret != 1) {
+    if (ret != 0) {
         ret = EFAULT;
         goto done;
     }

From dcd3815ff41519724417e377425468152f0ff645 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lsleb...@redhat.com>
Date: Wed, 19 Oct 2016 16:38:27 +0200
Subject: [PATCH 2/3] crypto-tests: Add unit test for sss_encrypt + sss_decrypt

---
 src/tests/crypto-tests.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/src/tests/crypto-tests.c b/src/tests/crypto-tests.c
index ee807c6..a4074e4 100644
--- a/src/tests/crypto-tests.c
+++ b/src/tests/crypto-tests.c
@@ -158,6 +158,49 @@ START_TEST(test_base64_decode)
 }
 END_TEST
 
+START_TEST(test_sss_encrypt_decrypt)
+{
+    uint8_t key[] = {
+        0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7,
+        0x8, 0x9, 0xa, 0xb, 0xc, 0xd, 0xe, 0xf,
+        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+    };
+    size_t key_len = sizeof(key); /* need to be 32 */
+    const char input_text[] = "Secret text";
+    const size_t input_text_len = sizeof(input_text) - 1;
+    uint8_t *cipher_text;
+    size_t cipher_text_len;
+    uint8_t *plain_text;
+    size_t plain_text_len;
+    int ret;
+
+    test_ctx = talloc_new(NULL);
+    fail_if(test_ctx == NULL);
+
+    ret = sss_encrypt(test_ctx, AES256CBC_HMAC_SHA256, key, key_len,
+                      (const uint8_t *)input_text, input_text_len,
+                      &cipher_text, &cipher_text_len);
+
+    fail_if(ret != 0);
+    fail_if(cipher_text_len == 0);
+
+    ret = memcmp(input_text, cipher_text, input_text_len);
+    fail_if(ret == 0, "Input and encrypted text has common prefix");
+
+    ret = sss_decrypt(test_ctx, AES256CBC_HMAC_SHA256, key, key_len,
+                      cipher_text, cipher_text_len,
+                      &plain_text, &plain_text_len);
+    fail_if(ret != 0);
+    fail_if(plain_text_len != input_text_len);
+
+    ret = memcmp(plain_text, input_text, input_text_len);
+    fail_if(ret != 0, "input text is not the same as de-encrypted text");
+
+    talloc_free(test_ctx);
+}
+END_TEST
+
 Suite *crypto_suite(void)
 {
     Suite *s = suite_create("sss_crypto");
@@ -172,6 +215,7 @@ Suite *crypto_suite(void)
     tcase_add_test(tc, test_hmac_sha1);
     tcase_add_test(tc, test_base64_encode);
     tcase_add_test(tc, test_base64_decode);
+    tcase_add_test(tc, test_sss_encrypt_decrypt);
     /* Add all test cases to the test suite */
     suite_add_tcase(s, tc);
 

From 8e7dcea36e7d1ce2075adefdd1f96d6d04b4fdd5 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lsleb...@redhat.com>
Date: Wed, 19 Oct 2016 16:55:37 +0200
Subject: [PATCH 3/3] crypto-tests: Rename encrypt decrypt test case

libsss_crypto provide 2 pairs of encrypt + decrypt functions.
sss_password_encrypt + sss_password_decrypt and more generic
sss_encrypt + sss_decrypt.

The name of one test case was a little bit confusing.
It evokes that different pair of functions were tested.

Resolves:
https://fedorahosted.org/sssd/ticket/XXXX
---
 src/tests/crypto-tests.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/tests/crypto-tests.c b/src/tests/crypto-tests.c
index a4074e4..c7f0edb 100644
--- a/src/tests/crypto-tests.c
+++ b/src/tests/crypto-tests.c
@@ -48,7 +48,7 @@ START_TEST(test_nss_init)
 END_TEST
 #endif
 
-START_TEST(test_encrypt_decrypt)
+START_TEST(test_sss_password_encrypt_decrypt)
 {
     const char *password[] = { "test123",             /* general */
                                "12345678901234567",   /* just above blocksize */
@@ -211,7 +211,7 @@ Suite *crypto_suite(void)
 #ifdef HAVE_NSS
     tcase_add_test(tc, test_nss_init);
 #endif
-    tcase_add_test(tc, test_encrypt_decrypt);
+    tcase_add_test(tc, test_sss_password_encrypt_decrypt);
     tcase_add_test(tc, test_hmac_sha1);
     tcase_add_test(tc, test_base64_encode);
     tcase_add_test(tc, test_base64_decode);

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#58][opened] Fix bug in libcrypto version of sss_decrypt

Reply via email to