From 16c42cc796b652e8b8c512727132d47ee7eb4480 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Fri, 22 Jan 2021 11:11:47 -0800 Subject: [PATCH] acvp: check that the payloadLen of cipher tests is correct. NIST currently seems to have a bug where they don't respect the regcap for AES-CTR and return fractional-byte tests when not allowed. Previously we didn't notice that the specified payload length didn't match the actual value. Change-Id: I0e48d5246f7250e6047d983cd016b0de290d0f70 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45205 Reviewed-by: David Benjamin --- .../acvp/acvptool/subprocess/block.go | 20 ++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/util/fipstools/acvp/acvptool/subprocess/block.go b/util/fipstools/acvp/acvptool/subprocess/block.go index f0431be41..1b1e93b99 100644 --- a/util/fipstools/acvp/acvptool/subprocess/block.go +++ b/util/fipstools/acvp/acvptool/subprocess/block.go @@ -250,11 +250,12 @@ type blockCipherTestGroup struct { Direction string `json:"direction"` KeyBits int `json:"keylen"` Tests []struct { - ID uint64 `json:"tcId"` - PlaintextHex string `json:"pt"` - CiphertextHex string `json:"ct"` - IVHex string `json:"iv"` - KeyHex string `json:"key"` + ID uint64 `json:"tcId"` + InputBits *uint64 `json:"payloadLen"` + PlaintextHex string `json:"pt"` + CiphertextHex string `json:"ct"` + IVHex string `json:"iv"` + KeyHex string `json:"key"` // 3DES tests serialise the key differently. Key1Hex string `json:"key1"` @@ -366,6 +367,15 @@ func (b *blockCipher) Process(vectorSet []byte, m Transactable) (interface{}, er inputHex = test.CiphertextHex } + if test.InputBits != nil { + if *test.InputBits%8 != 0 { + return nil, fmt.Errorf("input to test case %d/%d is not a whole number of bytes", group.ID, test.ID) + } + if inputBits := 4 * uint64(len(inputHex)); *test.InputBits != inputBits { + return nil, fmt.Errorf("input to test case %d/%d is %q (%d bits), but %d bits is specified", group.ID, test.ID, inputHex, inputBits, *test.InputBits) + } + } + input, err := hex.DecodeString(inputHex) if err != nil { return nil, fmt.Errorf("failed to decode hex in test case %d/%d: %s", group.ID, test.ID, err)