Skip to content

Commit f8f17d0

Browse files
holtrop-wolfsslholtrop-wolfssl
committed
Rust wrapper: test for null-terminated C-style strings in ECC import_raw APIs
1 parent 8d3492a commit f8f17d0

2 files changed

Lines changed: 36 additions & 0 deletions

File tree

wrapper/rust/wolfssl-wolfcrypt/src/ecc.rs

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -858,6 +858,10 @@ impl ECC {
858858
/// ```
859859
#[cfg(ecc_import)]
860860
pub fn import_raw(qx: &[u8], qy: &[u8], d: &[u8], curve_name: &[u8], heap: Option<*mut core::ffi::c_void>, dev_id: Option<i32>) -> Result<Self, i32> {
861+
if qx.is_empty() || qy.is_empty() || d.is_empty() || curve_name.is_empty() ||
862+
qx[qx.len() - 1] != 0 || qy[qy.len() - 1] != 0 || d[d.len() - 1] != 0 || curve_name[curve_name.len() - 1] != 0 {
863+
return Err(sys::wolfCrypt_ErrorCodes_BAD_FUNC_ARG);
864+
}
861865
let heap = heap.unwrap_or(core::ptr::null_mut());
862866
let dev_id = dev_id.unwrap_or(sys::INVALID_DEVID);
863867
let wc_ecc_key = Self::new_ecc_key(heap, dev_id)?;
@@ -911,6 +915,10 @@ impl ECC {
911915
/// ```
912916
#[cfg(ecc_import)]
913917
pub fn import_raw_ex(qx: &[u8], qy: &[u8], d: &[u8], curve_id: i32, heap: Option<*mut core::ffi::c_void>, dev_id: Option<i32>) -> Result<Self, i32> {
918+
if qx.is_empty() || qy.is_empty() || d.is_empty() ||
919+
qx[qx.len() - 1] != 0 || qy[qy.len() - 1] != 0 || d[d.len() - 1] != 0 {
920+
return Err(sys::wolfCrypt_ErrorCodes_BAD_FUNC_ARG);
921+
}
914922
let heap = heap.unwrap_or(core::ptr::null_mut());
915923
let dev_id = dev_id.unwrap_or(sys::INVALID_DEVID);
916924
let wc_ecc_key = Self::new_ecc_key(heap, dev_id)?;

wrapper/rust/wolfssl-wolfcrypt/tests/test_ecc.rs

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -367,6 +367,34 @@ fn test_ecc_import() {
367367
ECC::import_raw_ex(qx, qy, d, ECC::SECP256R1, None, None).expect("Error with import_raw_ex()");
368368
}
369369

370+
#[test]
371+
#[cfg(ecc_import)]
372+
fn test_ecc_import_raw_not_null_terminated() {
373+
common::setup();
374+
375+
let qx = b"7a4e287890a1a47ad3457e52f2f76a83ce46cbc947616d0cbaa82323818a793d\0";
376+
let qy = b"eec4084f5b29ebf29c44cce3b3059610922f8b30ea6e8811742ac7238fe87308\0";
377+
let d = b"8c14b793cb19137e323a6d2e2a870bca2e7a493ec1153b3a95feb8a4873f8d08\0";
378+
let qx_no_nul: &[u8] = &qx[..qx.len() - 1];
379+
let qy_no_nul: &[u8] = &qy[..qy.len() - 1];
380+
let d_no_nul: &[u8] = &d[..d.len() - 1];
381+
let curve_name = b"SECP256R1\0";
382+
let curve_name_no_nul: &[u8] = b"SECP256R1";
383+
let empty: &[u8] = b"";
384+
385+
assert!(ECC::import_raw(qx_no_nul, qy, d, curve_name, None, None).is_err());
386+
assert!(ECC::import_raw(qx, qy_no_nul, d, curve_name, None, None).is_err());
387+
assert!(ECC::import_raw(qx, qy, d_no_nul, curve_name, None, None).is_err());
388+
assert!(ECC::import_raw(qx, qy, d, curve_name_no_nul, None, None).is_err());
389+
assert!(ECC::import_raw(empty, qy, d, curve_name, None, None).is_err());
390+
assert!(ECC::import_raw(qx, qy, d, empty, None, None).is_err());
391+
392+
assert!(ECC::import_raw_ex(qx_no_nul, qy, d, ECC::SECP256R1, None, None).is_err());
393+
assert!(ECC::import_raw_ex(qx, qy_no_nul, d, ECC::SECP256R1, None, None).is_err());
394+
assert!(ECC::import_raw_ex(qx, qy, d_no_nul, ECC::SECP256R1, None, None).is_err());
395+
assert!(ECC::import_raw_ex(qx, qy, empty, ECC::SECP256R1, None, None).is_err());
396+
}
397+
370398
#[test]
371399
fn test_ecc_rs_hex_to_sig_not_null_terminated() {
372400
common::setup();

0 commit comments

Comments
 (0)