testcrypt: fix the rsa_ssh1_encrypt wrapper.

It wasn't expanding the output strbuf to the full size of the key modulus, so the output delivered to Python was only a part of the mpint it should have been. (Also, that was logically speaking a buffer overrun - we were writing to the strbuf buffer beyond its length - although in practice I think the _physical_ size of the buffer was large enough not to show it up even under ASan. In any case, a buffer overrun only in the test suite, and in a function I hadn't even got round to testing, is about the best place to have one.) While I'm here, I've also changed the way that the testcrypt wrapper on rsa_ssh1_encrypt indicates failure: now we have the 'opt_' mechanism, it can do that by returning None rather than "".
2025-01-09 17:38:00 +00:00 · 2020-01-09 19:16:58 +00:00 · 2020-01-09 19:16:58 +00:00 · a6021a2f29
commit a6021a2f29
parent 9cf2db5f94
2 changed files with 8 additions and 4 deletions
--- a/testcrypt.c
+++ b/testcrypt.c
@ -512,6 +512,7 @@ static void return_val_string_asciz(strbuf *out, char *s)
            return_##type_name(out, ptr);                               \
    }

+NULLABLE_RETURN_WRAPPER(val_string, strbuf *)
 NULLABLE_RETURN_WRAPPER(val_string_asciz, char *)
 NULLABLE_RETURN_WRAPPER(val_cipher, ssh_cipher *)
 NULLABLE_RETURN_WRAPPER(val_hash, ssh_hash *)
@ -751,11 +752,14 @@ static RSAKey *rsa_new(void)
 strbuf *rsa_ssh1_encrypt_wrapper(ptrlen input, RSAKey *key)
 {
    /* Fold the boolean return value in C into the string return value
-     * for this purpose, by returning the empty string on failure */
+     * for this purpose, by returning NULL on failure */
    strbuf *sb = strbuf_new();
    put_datapl(sb, input);
-    if (!rsa_ssh1_encrypt(sb->u, sb->len, key))
-        sb->len = 0;
+    put_padding(sb, key->bytes - input.len, 0);
+    if (!rsa_ssh1_encrypt(sb->u, input.len, key)) {
+        strbuf_free(sb);
+        return NULL;
+    }
    return sb;
 }
 #define rsa_ssh1_encrypt rsa_ssh1_encrypt_wrapper
--- a/testcrypt.h
+++ b/testcrypt.h
@ -207,7 +207,7 @@ FUNC1(val_rsakex, get_rsa_ssh1_priv_agent, val_string_binarysource)
 FUNC0(val_rsa, rsa_new)
 FUNC3(void, get_rsa_ssh1_pub, val_string_binarysource, val_rsa, rsaorder)
 FUNC2(void, get_rsa_ssh1_priv, val_string_binarysource, val_rsa)
-FUNC2(val_string, rsa_ssh1_encrypt, val_string_ptrlen, val_rsa)
+FUNC2(opt_val_string, rsa_ssh1_encrypt, val_string_ptrlen, val_rsa)
 FUNC2(val_mpint, rsa_ssh1_decrypt, val_mpint, val_rsa)
 FUNC2(val_string, rsa_ssh1_decrypt_pkcs1, val_mpint, val_rsa)
 FUNC1(val_string_asciz, rsastr_fmt, val_rsa)