diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2021-06-07 14:07:01 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-06-07 20:05:15 +0200 |
commit | f980bd2364745aecdca2ebd0d6db97401f047d49 (patch) | |
tree | 672e6a0f73c47da5476221a76c0f18961d02d3c1 /openpgp/src/packet/pkesk.rs | |
parent | ea6720251f9f5b536ea723075c21fd3b7fcdb6fc (diff) |
openpgp: Add tests for crashes in Nettle, see CVE-2021-3580.
Diffstat (limited to 'openpgp/src/packet/pkesk.rs')
-rw-r--r-- | openpgp/src/packet/pkesk.rs | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/openpgp/src/packet/pkesk.rs b/openpgp/src/packet/pkesk.rs index 0c5e567f..7f21639c 100644 --- a/openpgp/src/packet/pkesk.rs +++ b/openpgp/src/packet/pkesk.rs @@ -393,4 +393,68 @@ mod tests { let mut keypair = key.into_keypair().unwrap(); pkesk.decrypt(&mut keypair, None).unwrap(); } + + /// Insufficient validation of RSA ciphertexts crash Nettle. + /// + /// See CVE-2021-3580. + #[test] + fn cve_2021_3580_ciphertext_too_long() -> Result<()> { + // Get (any) 2k RSA key. + let cert = Cert::from_bytes( + crate::tests::key("testy-private.pgp"))?; + let mut keypair = cert.primary_key().key().clone() + .parts_into_secret()?.into_keypair()?; + + let pile = PacketPile::from_bytes(b"-----BEGIN PGP ARMORED FILE----- + +wcDNAwAAAAAAAAAAAQwGI5SkpcRMjkiOKx332kxv+2Xh4y1QTefPilKOPOlHYFa0 +rnnLaQVEACKJNQ38YuCFUvtpK4IN2grjlj71IP24+KDp3ZuVWnVTS6JcyE10Y9iq +uGvKdS0C17XCze2LD4ouVOrUZHGXpeDT47w6DsHb/0UE85h56wpk2CzO1XFQzHxX +HR2DDLqqeFVzTv0peYiQfLHl7kWXijTNEqmYhFCzxuICXzuClAAJM+fVIRfcm2tm +2R4AxOQGv9DlWfZwbkpKfj/uuo0CAe21n4NT+NzdVgPlff/hna3yGgPe1B+vjq4e +jfxHg+pvo/HTLkV+c2HAGbM1bCb/5TedGd1nAMSAIOu/J/WQp/l3HtEv63HaVPZJ +JInJ6L/KyPwjm/ieZx5EWOLJgFRWGCrBGnb8T81lkFey7uZR5Xiq+9KoUhHQFw8N +joc0YUVyhUBVFf4B0zVZRUfqZyJtJ07Sl5xppI12U1HQCTjn7Fp8BHMPKuBotYzv +1Q4f00k6Txctw+LDRM17/w== +=VtwB +-----END PGP ARMORED FILE----- +")?; + let pkg = pile.descendants().next(); + if let Some(Packet::PKESK(ref pkesk)) = pkg { + // Boom goes the assertion. + let _ = pkesk.decrypt(&mut keypair, None); + } else { + panic!("message is not a PKESK packet"); + } + + Ok(()) + } + + /// Insufficient validation of RSA ciphertexts crash Nettle. + /// + /// See CVE-2021-3580. + #[test] + fn cve_2021_3580_zero_ciphertext() -> Result<()> { + // Get (any) 2k RSA key. + let cert = Cert::from_bytes( + crate::tests::key("testy-private.pgp"))?; + let mut keypair = cert.primary_key().key().clone() + .parts_into_secret()?.into_keypair()?; + + let pile = PacketPile::from_bytes(b"-----BEGIN PGP ARMORED FILE----- + +wQwDAAAAAAAAAAABAAA= +=H/1T +-----END PGP ARMORED FILE----- +")?; + let pkg = pile.descendants().next(); + if let Some(Packet::PKESK(ref pkesk)) = pkg { + // Boom goes the memory safety. + let _ = pkesk.decrypt(&mut keypair, None); + } else { + panic!("message is not a PKESK packet"); + } + + Ok(()) + } } |