mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-07 19:38:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
1ee04b791b
openssl/test/recipes
History
Shane Lontis 1ee04b791b Fix buffer overflow when generating large RSA keys in FIPS mode. 
A pairwise test runs only in FIPS mode.
An assumption about the size of the 'to' buffer passed to
RSA_private_decrypt() was incorrect. It needs to be up to RSA_size()
bytes long - so a fixed buffer of 256 bytes was not large enough.
An exiting malloc has increased in size to allocate buffer space for
both the encrypt and decrypt buffer.

The existing test used 2080 bits which was not quite large enough to
trigger the issue. A test using 3072 bits has been added.

Reported by Mark Powers from Acumen.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15447)
2021-05-26 17:57:37 +10:00
..
04-test_conf_data
04-test_params_conversion_data
04-test_pem_read_depr_data Test various deprecated PEM_read_bio_* APIs 2020-11-25 10:02:59 +00:00
04-test_pem_reading_data TEST: Cleanup test recipes 2021-03-27 09:03:55 +01:00
10-test_bn_data
15-test_dsaparam_data dsa_check: Perform simple parameter check if seed is not available 2021-02-18 11:02:26 +01:00
15-test_ecparam_data Check that the ecparam and pkeyparam do not mangle the parameters 2021-01-26 15:26:49 +01:00
15-test_mp_rsa_data
15-test_rsaoaep_data
20-test_dhparam_check_data Fixes related to separation of DH and DHX types 2021-04-26 19:52:11 +02:00
20-test_dhparam_data Add a test for the dhparam CLI application 2020-11-23 09:01:07 +00:00
25-test_eai_data
25-test_rusext_data
30-test_evp_data test: add evp_tests for the MAC size and block size 2021-05-25 17:23:50 +10:00
30-test_evp_pkey_provided
61-test_bio_prefix_data
65-test_cmp_client_data
65-test_cmp_msg_data
65-test_cmp_protect_data
65-test_cmp_server_data
65-test_cmp_vfy_data
66-test_ossl_store_data Test that OSSL_STORE can load various types of params 2020-11-25 10:02:59 +00:00
80-test_ca_data
80-test_cmp_http_data TEST: Avoid using just 'example.com' - test_cmp_http 2021-05-24 14:38:40 +02:00
80-test_cms_data
80-test_ocsp_data
80-test_ssl_old_data Re-enable testing of ciphersuites 2020-11-25 10:14:43 +00:00
80-test_tsa_data TS ESS: Invert the search logic of ts_check_signing_certs() to correctly cover cert ID list 2021-03-18 07:03:52 +01:00
90-test_gost_data
90-test_includes_data Add .includedir pragma 2021-05-05 13:11:35 +02:00
90-test_sslapi_data
90-test_store_data
90-test_threads_data Add a multi-thread test for shared EVP_PKEYs 2021-02-02 12:21:21 +00:00
91-test_pkey_check_data [test][pkey_check] Add more invalid SM2 key tests 2021-01-08 23:59:02 +02:00
95-test_external_gost_engine_data Update copyright year 2021-03-11 13:27:36 +00:00
95-test_external_krb5_data Update copyright year 2021-04-22 14:38:44 +01:00
95-test_external_pyca_data Update copyright year 2021-05-06 13:03:23 +01:00
01-test_abort.t
01-test_fipsmodule_cnf.t Add a new test recipe to verify the generated test fipsmodule.cnf 2021-03-03 14:47:43 +01:00
01-test_sanity.t
01-test_symbol_presence.t
01-test_test.t
02-test_errstr.t Update copyright year 2021-04-08 13:04:41 +01:00
02-test_internal_context.t
02-test_internal_ctype.t
02-test_internal_keymgmt.t Update copyright year 2021-04-08 13:04:41 +01:00
02-test_internal_provider.t
02-test_lhash.t
02-test_ordinals.t
02-test_sparse_array.t
02-test_stack.t
03-test_exdata.t
03-test_fipsinstall.t Add fipsinstall option to run self test KATS on module load 2021-05-25 14:57:48 +10:00
03-test_internal_asn1_dsa.t
03-test_internal_asn1.t
03-test_internal_bn.t
03-test_internal_chacha.t
03-test_internal_curve448.t
03-test_internal_ec.t
03-test_internal_ffc.t
03-test_internal_mdc2.t
03-test_internal_modes.t
03-test_internal_namemap.t
03-test_internal_poly1305.t
03-test_internal_rsa_sp800_56b.t
03-test_internal_siphash.t
03-test_internal_sm2.t
03-test_internal_sm4.t
03-test_internal_ssl_cert_table.t
03-test_internal_x509.t
03-test_params_api.t
03-test_property.t property: add test case for setting default user properties before fetching 2021-05-12 18:20:03 +10:00
03-test_ui.t
04-test_asn1_decode.t
04-test_asn1_encode.t
04-test_asn1_string_table.t
04-test_bio_callback.t
04-test_bio_core.t Update copyright year 2021-05-06 13:03:23 +01:00
04-test_bioprint.t
04-test_conf.t
04-test_encoder_decoder_legacy.t Don't load the legacy provider in endecoder_legacy_test 2020-12-11 10:56:22 +00:00
04-test_encoder_decoder.t
04-test_err.t
04-test_hexstring.t
04-test_param_build.t
04-test_params_conversion.t
04-test_params.t
04-test_pem_read_depr.t Update copyright year 2020-11-26 14:18:57 +00:00
04-test_pem_reading.t Update copyright year 2021-04-08 13:04:41 +01:00
04-test_provider_fallback.t
04-test_provider.t Update copyright year 2021-05-20 14:22:33 +01:00
05-test_bf.t
05-test_cast.t
05-test_cmac.t
05-test_des.t
05-test_hmac.t
05-test_idea.t
05-test_pbe.t Add a test for PKCS5_PBE_keyivgen() 2021-05-24 15:23:37 +10:00
05-test_rand.t
05-test_rc2.t
05-test_rc4.t
05-test_rc5.t
06-test_algorithmid.t Update copyright year 2021-02-18 15:05:17 +00:00
06-test_rdrand_sanity.t Update copyright year 2021-04-08 13:04:41 +01:00
10-test_bn.t
10-test_exp.t
15-test_dh.t
15-test_dsa.t
15-test_dsaparam.t Update copyright year 2021-03-11 13:27:36 +00:00
15-test_ec.t Disable the test-ec completely when building with no-ec 2021-01-26 15:26:49 +01:00
15-test_ecdsa.t
15-test_ecparam.t Update copyright year 2021-01-28 13:54:57 +01:00
15-test_gendh.t Update copyright year 2021-05-06 13:03:23 +01:00
15-test_gendhparam.t Fixes related to separation of DH and DHX types 2021-04-26 19:52:11 +02:00
15-test_gendsa.t TEST: Remove the build of fipsmodule.cnf from test recipes 2021-03-03 14:47:43 +01:00
15-test_genec.t
15-test_genrsa.t Fix buffer overflow when generating large RSA keys in FIPS mode. 2021-05-26 17:57:37 +10:00
15-test_mp_rsa.t
15-test_out_option.t
15-test_rsa.t TEST: Fix test/recipes/15-test_rsa.t 2020-12-15 14:27:23 +01:00
15-test_rsaoaep.t Update copyright year 2021-03-11 13:27:36 +00:00
15-test_rsapss.t
20-test_app.t Update copyright year 2021-01-28 13:54:57 +01:00
20-test_cli_fips.t Update copyright year 2021-03-11 13:27:36 +00:00
20-test_dgst.t HMAC doesn't work with a default digest 2021-05-21 13:07:28 +02:00
20-test_dhparam_check.t Fixes related to separation of DH and DHX types 2021-04-26 19:52:11 +02:00
20-test_dhparam.t Use BIO_f_readbuffer() in the decoder to support stdin. 2021-03-11 07:57:36 +10:00
20-test_enc_more.t Don't load the legacy provider if not available in test_enc_more 2020-12-11 10:56:22 +00:00
20-test_enc.t Skip tests depending on deprecated list -*-commands options 2020-12-15 04:39:58 +01:00
20-test_kdf.t Update copyright year 2021-05-20 14:22:33 +01:00
20-test_mac.t apps/mac: Add digest and cipher command line options 2021-05-08 22:15:56 +10:00
20-test_passwd.t apps/passwd: remove the -crypt option. 2020-11-12 08:35:47 +10:00
20-test_pkeyutl.t Add some tests for -inform/keyform enforcement 2021-05-06 11:43:32 +01:00
20-test_rand_config.t
25-test_crl.t Update copyright year 2021-05-06 13:03:23 +01:00
25-test_d2i.t
25-test_eai_data.t Update copyright year 2021-04-08 13:04:41 +01:00
25-test_pkcs7.t Update copyright year 2020-11-05 13:37:26 +00:00
25-test_req.t Tests for creating req from PKCS8 keys with extra attrs 2021-05-11 12:12:32 +02:00
25-test_rusext.t
25-test_sid.t Update copyright year 2020-11-05 13:37:26 +00:00
25-test_verify_store.t
25-test_verify.t cleanup where purpose is not needed in 25-test_verify.t 2021-05-05 09:51:39 +02:00
25-test_x509.t Add some tests for -inform/keyform enforcement 2021-05-06 11:43:32 +01:00
30-test_acvp.t acvp: fix the no-acvp_test build 2021-04-30 17:51:44 +10:00
30-test_aesgcm.t
30-test_afalg.t
30-test_defltfips.t Update copyright year 2021-03-11 13:27:36 +00:00
30-test_engine.t
30-test_evp_extra.t Update copyright year 2021-04-08 13:04:41 +01:00
30-test_evp_fetch_prov.t Update copyright year 2021-03-11 13:27:36 +00:00
30-test_evp_kdf.t
30-test_evp_libctx.t Add an evp_libctx_test test run for legacy provider 2021-05-26 07:27:25 +10:00
30-test_evp_pkey_dparam.t
30-test_evp_pkey_provided.t
30-test_evp.t Add PBKDF1 to the legacy provider 2021-05-24 15:21:25 +10:00
30-test_pbelu.t
30-test_pkey_meth_kdf.t
30-test_pkey_meth.t
30-test_provider_status.t Update copyright year 2021-03-11 13:27:36 +00:00
40-test_rehash.t
60-test_x509_check_cert_pkey.t Update copyright year 2021-04-22 14:38:44 +01:00
60-test_x509_dup_cert.t
60-test_x509_store.t
60-test_x509_time.t
61-test_bio_prefix.t
61-test_bio_readbuffer.t Fix DER reading from stdin for BIO_f_readbuffer 2021-03-22 09:07:36 +10:00
65-test_cmp_asn.t
65-test_cmp_client.t Update copyright year 2021-03-11 13:27:36 +00:00
65-test_cmp_ctx.t
65-test_cmp_hdr.t Update copyright year 2021-04-08 13:04:41 +01:00
65-test_cmp_msg.t Update copyright year 2021-03-11 13:27:36 +00:00
65-test_cmp_protect.t Update copyright year 2021-03-11 13:27:36 +00:00
65-test_cmp_server.t Update copyright year 2021-03-11 13:27:36 +00:00
65-test_cmp_status.t Update copyright year 2021-04-08 13:04:41 +01:00
65-test_cmp_vfy.t Update copyright year 2021-03-11 13:27:36 +00:00
66-test_ossl_store.t Update copyright year 2021-03-11 13:27:36 +00:00
70-test_asyncio.t
70-test_bad_dtls.t
70-test_clienthello.t
70-test_comp.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_key_share.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_packet.t
70-test_recordlen.t
70-test_renegotiation.t Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION 2021-05-17 10:53:30 +02:00
70-test_servername.t
70-test_sslcbcpadding.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_sslcertstatus.t
70-test_sslextension.t test_sslextension: skip tests that cannot work with no-tls1_2 2021-04-22 17:48:07 +02:00
70-test_sslmessages.t Update copyright year 2021-05-20 14:22:33 +01:00
70-test_sslrecords.t adapt tests to SSL_OP_LEGACY_SERVER_CONNECT change 2021-05-05 08:13:51 -07:00
70-test_sslsessiontick.t
70-test_sslsigalgs.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_sslsignature.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_sslskewith0p.t
70-test_sslversions.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_sslvertol.t Update copyright year 2021-04-08 13:04:41 +01:00
70-test_tls13alerts.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_tls13cookie.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_tls13downgrade.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_tls13hrr.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_tls13kexmodes.t Update expected results for tls13kexmodes tests 2021-05-12 09:11:48 -07:00
70-test_tls13messages.t
70-test_tls13psk.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_tlsextms.t Update copyright year 2021-02-18 15:05:17 +00:00
70-test_verify_extra.t
70-test_wpacket.t
71-test_ssl_ctx.t Update copyright year 2021-04-08 13:04:41 +01:00
80-test_ca.t Fix test/recipes/80-test_ca.t to skip_all properly in a subtest 2020-11-07 12:24:49 +01:00
80-test_cipherbytes.t
80-test_cipherlist.t
80-test_ciphername.t
80-test_cmp_http.t 80-test_cmp_http: Invert and correct the logic of success vs. failure exit 2021-05-22 14:31:36 +02:00
80-test_cms.t apps/cms.c: Correct -sign output and -verify input with -binary 2021-05-22 14:28:51 +02:00
80-test_cmsapi.t
80-test_ct.t
80-test_dane.t
80-test_dtls_mtu.t
80-test_dtls.t
80-test_dtlsv1listen.t
80-test_http.t
80-test_ocsp.t
80-test_pkcs12.t Update copyright year 2021-05-06 13:03:23 +01:00
80-test_ssl_new.t Runchecker: fix TLS curves test failure with no-tls1_3 option 2021-04-23 11:13:30 +02:00
80-test_ssl_old.t TEST: Remove the build of fipsmodule.cnf from test recipes 2021-03-03 14:47:43 +01:00
80-test_ssl_test_ctx.t
80-test_sslcorrupt.t
80-test_tsa.t TS ESS: Invert the search logic of ts_check_signing_certs() to correctly cover cert ID list 2021-03-18 07:03:52 +01:00
80-test_x509aux.t Update copyright year 2021-01-28 13:54:57 +01:00
81-test_cmp_cli.t TEST: Remove the build of fipsmodule.cnf from test recipes 2021-03-03 14:47:43 +01:00
90-test_asn1_time.t
90-test_async.t
90-test_bio_enc.t
90-test_bio_memleak.t
90-test_constant_time.t
90-test_fatalerr.t
90-test_fipsload.t Skip test_fipsload when fips is disabled. 2021-04-28 12:06:08 +02:00
90-test_gmdiff.t
90-test_gost.t
90-test_ige.t
90-test_includes.t Add .includedir pragma 2021-05-05 13:11:35 +02:00
90-test_memleak.t
90-test_overhead.t
90-test_secmem.t
90-test_shlibload.t test/recipes/90-test_shlibload.t: Skip when address sanitizer enabled 2020-11-01 06:01:09 +01:00
90-test_srp.t
90-test_sslapi.t Update copyright year 2021-03-11 13:27:36 +00:00
90-test_sslbuffers.t
90-test_store.t Don't use the legacy provider in test_store if its not available 2020-12-11 10:56:34 +00:00
90-test_sysdefault.t
90-test_threads.t test: add test case to reliably reproduce RAND leak during POST 2021-05-24 09:39:15 +10:00
90-test_time_offset.t
90-test_tls13ccs.t Update copyright year 2021-02-18 15:05:17 +00:00
90-test_tls13encryption.t TEST: Cleanup test recipes 2021-03-27 09:03:55 +01:00
90-test_tls13secrets.t TEST: Cleanup test recipes 2021-03-27 09:03:55 +01:00
90-test_v3name.t
91-test_pkey_check.t Update copyright year 2021-01-28 13:54:57 +01:00
95-test_external_gost_engine.t Skip GOST engine tests in out of tree builds 2021-04-28 09:38:31 +02:00
95-test_external_krb5.t Update krb5 module to latest release 2021-04-19 11:46:39 -07:00
95-test_external_pyca.t Update copyright year 2021-04-08 13:04:41 +01:00
99-test_ecstress.t
99-test_fuzz_asn1.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_asn1parse.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_bignum.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_bndiv.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_client.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_cmp.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_cms.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_conf.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_crl.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_ct.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_server.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
99-test_fuzz_x509.t [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
fuzz.pl [test/recipes] Split test_fuzz into separate recipes 2020-11-12 16:27:17 +02:00
ocsp-response.der
tconversion.pl Update copyright year 2021-01-28 13:54:57 +01:00