Merge pull request #3396 from danh-arm/dh/branch-cov-2.16
Backport 2.16: Enable branch coverage in basic_build_test.sh
diff --git a/ChangeLog.d/fix-ecp-mul-memory-leak.txt b/ChangeLog.d/fix-ecp-mul-memory-leak.txt
new file mode 100644
index 0000000..e82cadc
--- /dev/null
+++ b/ChangeLog.d/fix-ecp-mul-memory-leak.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix potential memory leaks in ecp_randomize_jac() and ecp_randomize_mxz()
+ when PRNG function fails. Contributed by Jonas Lejeune in #3318.
diff --git a/library/ecp.c b/library/ecp.c
index 725e176..0357cde 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -1466,7 +1466,10 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
if( count++ > 10 )
- return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+ {
+ ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+ goto cleanup;
+ }
}
while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
@@ -2198,7 +2201,10 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
if( count++ > 10 )
- return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+ {
+ ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+ goto cleanup;
+ }
}
while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index d8d46e9..634dfa8 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -798,7 +798,23 @@
msg "test: no CTR_DRBG"
make test
- # no SSL tests as they all depend on CTR_DRBG so far
+ # no ssl-opt.sh/compat.sh as they all depend on CTR_DRBG so far
+}
+
+component_test_no_hmac_drbg () {
+ msg "build: Full minus HMAC_DRBG"
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_HMAC_DRBG_C
+ scripts/config.pl unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: no HMAC_DRBG"
+ make test
+
+ # No ssl-opt.sh/compat.sh as they never use HMAC_DRBG so far,
+ # so there's little value in running those lengthy tests here.
}
component_test_small_ssl_out_content_len () {
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index 30d5ec6..2c25cd7 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -336,6 +336,14 @@
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE448:"eb7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f98":"a01fc432e5807f17530d1288da125b0cd453d941726436c8bbd9c5222c3da7fa639ce03db8d23b274a0721a1aed5227de6e3b731ccf7089b":"ad997351b6106f36b0d1091b929c4c37213e0d2b97e85ebb20c127691d0dad8f1d8175b0723745e639a3cb7044290b99e0e2a0c27a6a301c":"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":"9d874a5137509a449ad5853040241c5236395435c36424fd560b0cb62b281d285275a740ce32a22dd1740f4aa9161cec95ccc61a18f4ff07"
+ECP point multiplication rng fail secp256r1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_mul_rng:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF"
+
+ECP point multiplication rng fail Curve25519
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_mul_rng:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660"
+
ECP test vectors secp192k1
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
ecp_test_vect:MBEDTLS_ECP_DP_SECP192K1:"D1E13A359F6E0F0698791938E6D60246030AE4B0D8D4E9DE":"281BCA982F187ED30AD5E088461EBE0A5FADBB682546DF79":"3F68A8E9441FB93A4DD48CB70B504FCC9AA01902EF5BE0F3":"BE97C5D2A1A94D081E3FACE53E65A27108B7467BDF58DE43":"5EB35E922CD693F7947124F5920022C4891C04F6A8B8DCB2":"60ECF73D0FC43E0C42E8E155FFE39F9F0B531F87B34B6C3C":"372F5C5D0E18313C82AEF940EC3AFEE26087A46F1EBAE923":"D5A9F9182EC09CEAEA5F57EA10225EC77FA44174511985FD"
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 0b2e029..850b77c 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -675,6 +675,31 @@
/* END_CASE */
/* BEGIN_CASE */
+void ecp_test_mul_rng( int id, data_t * d_hex)
+{
+ mbedtls_ecp_group grp;
+ mbedtls_mpi d;
+ mbedtls_ecp_point Q;
+
+ mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d );
+ mbedtls_ecp_point_init( &Q );
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
+
+ TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
+
+ TEST_ASSERT( mbedtls_mpi_read_binary( &d, d_hex->x, d_hex->len ) == 0 );
+
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &Q, &d, &grp.G, &rnd_zero_rand, NULL )
+ == MBEDTLS_ERR_ECP_RANDOM_FAILED );
+
+exit:
+ mbedtls_ecp_group_free( &grp ); mbedtls_mpi_free( &d );
+ mbedtls_ecp_point_free( &Q );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void ecp_fast_mod( int id, char * N_str )
{
mbedtls_ecp_group grp;