Add DoS test case for ecp_check_pub

A test case for which the loop would take practically forever if it was reached. The point would be to validate that the loop is not reached. The test case should cause the CI to time out if starting with the current code, ecp_check_pubkey_mx() was changed to call ecp_check_pubkey_x25519() first and run the mbedtls_mpi_size(() test afterwards, which would make no semantic difference in terms of memory contents when the function returns, but would open the way for a DoS. Signed-off-by: Janos Follath <[email protected]>
Mbed-TLS · Jun 25, 2021 · 7017425 · 7017425
1 parent 1c6a439
commit 7017425
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
@@ -36,13 +36,17 @@ ECP curve info #8
 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP192R1:19:192:"secp192r1"
 
-ECP check pubkey Montgomery #1 (too big)
+ECP check pubkey Montgomery #1 (biggest)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
+
+ECP check pubkey Montgomery #2 (too big)
 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
 ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"010000000000000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
 
-ECP check pubkey Montgomery #2 (biggest)
+ECP check pubkey Montgomery #3 (DoS big)
 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
 
 ECP check pubkey Montgomery y ignored
 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED