mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 10:50:53 +02:00
Rust wrapper: add buffer size checks in Rust wrapper for ChaCha20_Poly1305 one-shot encrypt/decrypt wrappers
This commit is contained in:
@@ -74,6 +74,9 @@ impl ChaCha20Poly1305 {
|
||||
if auth_tag.len() != Self::AUTH_TAG_SIZE {
|
||||
return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
if plaintext.len() < ciphertext.len() {
|
||||
return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
let aad_size = crate::buffer_len_to_u32(aad.len())?;
|
||||
let ciphertext_size = crate::buffer_len_to_u32(ciphertext.len())?;
|
||||
let rc = unsafe {
|
||||
@@ -116,6 +119,9 @@ impl ChaCha20Poly1305 {
|
||||
if auth_tag.len() != Self::AUTH_TAG_SIZE {
|
||||
return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
if ciphertext.len() < plaintext.len() {
|
||||
return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
let aad_size = crate::buffer_len_to_u32(aad.len())?;
|
||||
let plaintext_size = crate::buffer_len_to_u32(plaintext.len())?;
|
||||
let rc = unsafe {
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
#![cfg(chacha20_poly1305)]
|
||||
|
||||
use wolfssl_wolfcrypt::chacha20_poly1305::*;
|
||||
use wolfssl_wolfcrypt::sys;
|
||||
|
||||
#[test]
|
||||
fn test_chacha20_poly1305_1() {
|
||||
@@ -274,6 +275,34 @@ fn test_xchacha20_poly1305() {
|
||||
assert_eq!(plaintext_buffer, PLAINTEXT);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_chacha20_poly1305_encrypt_short_ciphertext_buffer() {
|
||||
let key = [0x55u8; ChaCha20Poly1305::KEYSIZE];
|
||||
let iv = [0x66u8; ChaCha20Poly1305::IV_SIZE];
|
||||
let aad = [];
|
||||
let plaintext = [0u8; 32];
|
||||
let mut ciphertext = [0u8; 16]; /* shorter than plaintext */
|
||||
let mut auth_tag = [0u8; ChaCha20Poly1305::AUTH_TAG_SIZE];
|
||||
let rc = ChaCha20Poly1305::encrypt(&key, &iv, &aad, &plaintext,
|
||||
&mut ciphertext, &mut auth_tag)
|
||||
.expect_err("encrypt() should fail with short ciphertext buffer");
|
||||
assert_eq!(rc, sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_chacha20_poly1305_decrypt_short_plaintext_buffer() {
|
||||
let key = [0x55u8; ChaCha20Poly1305::KEYSIZE];
|
||||
let iv = [0x66u8; ChaCha20Poly1305::IV_SIZE];
|
||||
let aad = [];
|
||||
let ciphertext = [0u8; 32];
|
||||
let mut plaintext = [0u8; 16]; /* shorter than ciphertext */
|
||||
let auth_tag = [0u8; ChaCha20Poly1305::AUTH_TAG_SIZE];
|
||||
let rc = ChaCha20Poly1305::decrypt(&key, &iv, &aad, &ciphertext,
|
||||
&auth_tag, &mut plaintext)
|
||||
.expect_err("decrypt() should fail with short plaintext buffer");
|
||||
assert_eq!(rc, sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
// ChaCha20-Poly1305 aead trait implementations
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
Reference in New Issue
Block a user