Skip to content

Commit fb19b79

Browse files
aidangarskeaidangarske
committed
F-2376 - https://fenrir.wolfssl.com/finding/2376 - Fix C_Digest single-shot NULL size query checking wrong parameter
1 parent 758c669 commit fb19b79

2 files changed

Lines changed: 46 additions & 1 deletion

File tree

src/internal.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14233,7 +14233,7 @@ int WP11_Digest_Single(unsigned char* data, word32 dataLen,
1423314233

1423414234
blockLen = wc_HashGetDigestSize(digest->hashType);
1423514235

14236-
if (data == NULL) {
14236+
if (dataOut == NULL) {
1423714237
*dataOutLen = (word32)blockLen;
1423814238
return CKR_OK;
1423914239
}

tests/pkcs11test.c

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5289,6 +5289,48 @@ static CK_RV test_digest_fail(void* args)
52895289
return ret;
52905290
}
52915291

5292+
#ifndef NO_SHA256
5293+
static CK_RV test_digest_single_size_query(void* args)
5294+
{
5295+
CK_SESSION_HANDLE session = *(CK_SESSION_HANDLE*)args;
5296+
CK_RV ret;
5297+
CK_MECHANISM mech;
5298+
byte data[32], hash[32];
5299+
CK_ULONG dataSz = sizeof(data);
5300+
CK_ULONG hashSz = 0;
5301+
5302+
XMEMSET(data, 0x42, sizeof(data));
5303+
mech.mechanism = CKM_SHA256;
5304+
mech.ulParameterLen = 0;
5305+
mech.pParameter = NULL;
5306+
5307+
/* C_Digest with pDigest=NULL should return size without computing */
5308+
ret = funcList->C_DigestInit(session, &mech);
5309+
CHECK_CKR(ret, "Digest Init for size query");
5310+
if (ret == CKR_OK) {
5311+
hashSz = 0;
5312+
ret = funcList->C_Digest(session, data, dataSz, NULL, &hashSz);
5313+
CHECK_CKR(ret, "C_Digest size query with pDigest=NULL");
5314+
}
5315+
if (ret == CKR_OK && hashSz != 32) {
5316+
ret = -1;
5317+
CHECK_CKR(ret, "C_Digest size query should return 32 for SHA-256");
5318+
}
5319+
/* Now actually compute with properly sized buffer */
5320+
if (ret == CKR_OK) {
5321+
hashSz = sizeof(hash);
5322+
ret = funcList->C_Digest(session, data, dataSz, hash, &hashSz);
5323+
CHECK_CKR(ret, "C_Digest compute");
5324+
}
5325+
if (ret == CKR_OK && hashSz != 32) {
5326+
ret = -1;
5327+
CHECK_CKR(ret, "C_Digest output should be 32 for SHA-256");
5328+
}
5329+
5330+
return ret;
5331+
}
5332+
#endif
5333+
52925334
static CK_RV test_sign_verify(void* args)
52935335
{
52945336
CK_SESSION_HANDLE session = *(CK_SESSION_HANDLE*)args;
@@ -17233,6 +17275,9 @@ static TEST_FUNC testFunc[] = {
1723317275
PKCS11TEST_FUNC_SESS_DECL(test_encrypt_decrypt_op_not_supported),
1723417276
#endif
1723517277
PKCS11TEST_FUNC_SESS_DECL(test_digest_fail),
17278+
#ifndef NO_SHA256
17279+
PKCS11TEST_FUNC_SESS_DECL(test_digest_single_size_query),
17280+
#endif
1723617281
PKCS11TEST_FUNC_SESS_DECL(test_sign_verify),
1723717282
PKCS11TEST_FUNC_SESS_DECL(test_sign_verify_op_not_supported),
1723817283
PKCS11TEST_FUNC_SESS_DECL(test_recover),

0 commit comments

Comments
 (0)