From ca22451cb5187161dd7f10bbb90d8021da487188 Mon Sep 17 00:00:00 2001 From: TheVice Date: Wed, 7 Jun 2023 00:34:16 +0300 Subject: [PATCH] [sha3] added test that check behavior of implementation on specific issue. There is an issue in reference implementation https://cve.report/CVE-2022-37454 Added test that show how work own implementation on code that detect issue at the reference implementation. [Makefile] updated Makefile according to the current state of the repository: added missed file, made single style in access environment variable, made lines shorter by using possibility of Makefile syntax. --- Makefile | 149 ++++++++++++++++++++++++++++++++++++++++++++++++- tests_hash.cpp | 63 ++++++++++++++++++++- 2 files changed, 206 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index 51eb927..39c9c65 100644 --- a/Makefile +++ b/Makefile @@ -162,10 +162,16 @@ interpreter.c: xml.h interpreter.conversion.c: interpreter.h interpreter.date_time.c: interpreter.h +interpreter.echo.c: interpreter.h interpreter.environment.c: interpreter.h +interpreter.exec.c: interpreter.h interpreter.file_system.c: interpreter.h +interpreter.hash.c: interpreter.h +interpreter.load_file.c: interpreter.h +interpreter.math_unit.c: interpreter.h interpreter.operating_system.c: interpreter.h interpreter.path.c: interpreter.h +interpreter.property.c: interpreter.h interpreter.sleep_unit.c: interpreter.h interpreter.string_unit.c: interpreter.h interpreter.target.c: interpreter.h @@ -356,7 +362,7 @@ date_time.obj: date_time.c $(CC) $(CFLAGS) -c date_time.c -o $@ default_listener.obj: default_listener.c - ${CC} ${CFLAGS} -c -fPIC default_listener.c -o $@ + $(CC) $(CFLAGS) -c -fPIC default_listener.c -o $@ echo.obj: echo.c $(CC) $(CFLAGS) -c echo.c -o $@ @@ -409,18 +415,36 @@ interpreter.conversion.obj: interpreter.conversion.c interpreter.date_time.obj: interpreter.date_time.c $(CC) $(CFLAGS) -c interpreter.date_time.c -o $@ +interpreter.echo.obj: interpreter.echo.c + $(CC) $(CFLAGS) -c interpreter.echo.c -o $@ + interpreter.environment.obj: interpreter.environment.c $(CC) $(CFLAGS) -c interpreter.environment.c -o $@ +interpreter.exec.obj: interpreter.exec.c + $(CC) $(CFLAGS) -c interpreter.exec.c -o $@ + interpreter.file_system.obj: interpreter.file_system.c $(CC) $(CFLAGS) -c interpreter.file_system.c -o $@ +interpreter.hash.obj: interpreter.hash.c + $(CC) $(CFLAGS) -c interpreter.hash.c -o $@ + +interpreter.load_file.obj: interpreter.load_file.c + $(CC) $(CFLAGS) -c interpreter.load_file.c -o $@ + +interpreter.math_unit.obj: interpreter.math_unit.c + $(CC) $(CFLAGS) -c interpreter.math_unit.c -o $@ + interpreter.operating_system.obj: interpreter.operating_system.c $(CC) $(CFLAGS) -c interpreter.operating_system.c -o $@ interpreter.path.obj: interpreter.path.c $(CC) $(CFLAGS) -c interpreter.path.c -o $@ +interpreter.property.obj: interpreter.property.c + $(CC) $(CFLAGS) -c interpreter.property.c -o $@ + interpreter.sleep_unit.obj: interpreter.sleep_unit.c $(CC) $(CFLAGS) -c interpreter.sleep_unit.c -o $@ @@ -513,10 +537,16 @@ libant4c.a: if_task.obj libant4c.a: interpreter.obj libant4c.a: interpreter.conversion.obj libant4c.a: interpreter.date_time.obj +libant4c.a: interpreter.echo.obj libant4c.a: interpreter.environment.obj +libant4c.a: interpreter.exec.obj libant4c.a: interpreter.file_system.obj +libant4c.a: interpreter.hash.obj +libant4c.a: interpreter.load_file.obj +libant4c.a: interpreter.math_unit.obj libant4c.a: interpreter.operating_system.obj libant4c.a: interpreter.path.obj +libant4c.a: interpreter.property.obj libant4c.a: interpreter.sleep_unit.obj libant4c.a: interpreter.string_unit.obj libant4c.a: interpreter.target.obj @@ -539,7 +569,62 @@ libant4c.a: text_encoding.obj libant4c.a: try_catch.obj libant4c.a: version.obj libant4c.a: xml.obj - ar qc $@ argument_parser.obj buffer.obj choose_task.obj common.obj conversion.obj copy_move.obj date_time.obj echo.obj environment.obj exec.obj fail_task.obj file_system.obj for_each.obj hash.blake2.obj hash.blake3.obj hash.obj hash.crc32.obj hash.sha3.obj hash.xxhash.obj if_task.obj interpreter.obj interpreter.conversion.obj interpreter.date_time.obj interpreter.environment.obj interpreter.file_system.obj interpreter.operating_system.obj interpreter.path.obj interpreter.sleep_unit.obj interpreter.string_unit.obj interpreter.target.obj interpreter.version.obj listener.obj load_file.obj load_tasks.obj math_unit.obj operating_system.obj path.obj project.obj property.obj range.obj shared_object.obj sleep_unit.obj string_unit.obj target.obj task.obj text_encoding.obj try_catch.obj version.obj xml.obj + ar qc $@ \ + argument_parser.obj \ + buffer.obj \ + choose_task.obj \ + common.obj \ + conversion.obj \ + copy_move.obj \ + date_time.obj \ + echo.obj \ + environment.obj \ + exec.obj \ + fail_task.obj \ + file_system.obj \ + for_each.obj \ + hash.blake2.obj \ + hash.blake3.obj \ + hash.crc32.obj \ + hash.obj \ + hash.sha3.obj \ + hash.xxhash.obj \ + if_task.obj \ + interpreter.obj \ + interpreter.conversion.obj \ + interpreter.date_time.obj \ + interpreter.echo.obj \ + interpreter.environment.obj \ + interpreter.exec.obj \ + interpreter.file_system.obj \ + interpreter.hash.obj \ + interpreter.load_file.obj \ + interpreter.math_unit.obj \ + interpreter.operating_system.obj \ + interpreter.path.obj \ + interpreter.property.obj \ + interpreter.sleep_unit.obj \ + interpreter.string_unit.obj \ + interpreter.target.obj \ + interpreter.version.obj \ + listener.obj \ + load_file.obj \ + load_tasks.obj \ + math_unit.obj \ + operating_system.obj \ + path.obj \ + project.obj \ + property.obj \ + range.obj \ + shared_object.obj \ + sleep_unit.obj \ + string_unit.obj \ + target.obj \ + task.obj \ + text_encoding.obj \ + try_catch.obj \ + version.obj \ + xml.obj ant4c: libant4c.a ant4c: main.obj @@ -552,5 +637,63 @@ libdefault_listener.so: default_listener.obj install: ant4c clean: - -rm ant4c libant4c.a main.obj libdefault_listener.so argument_parser.obj buffer.obj choose_task.obj common.obj conversion.obj copy_move.obj date_time.obj default_listener.obj echo.obj environment.obj exec.obj fail_task.obj file_system.obj for_each.obj hash.blake2.obj hash.blake3.obj hash.obj hash.crc32.obj hash.sha3.obj hash.xxhash.obj if_task.obj interpreter.obj interpreter.conversion.obj interpreter.date_time.obj interpreter.environment.obj interpreter.file_system.obj interpreter.operating_system.obj interpreter.path.obj interpreter.sleep_unit.obj interpreter.string_unit.obj interpreter.target.obj interpreter.version.obj listener.obj load_file.obj load_tasks.obj math_unit.obj operating_system.obj path.obj project.obj property.obj range.obj shared_object.obj sleep_unit.obj string_unit.obj target.obj task.obj text_encoding.obj try_catch.obj version.obj xml.obj + -rm ant4c \ + libant4c.a \ + main.obj \ + libdefault_listener.so \ + argument_parser.obj \ + buffer.obj \ + choose_task.obj \ + common.obj \ + conversion.obj \ + copy_move.obj \ + date_time.obj \ + echo.obj \ + environment.obj \ + exec.obj \ + fail_task.obj \ + file_system.obj \ + for_each.obj \ + hash.blake2.obj \ + hash.blake3.obj \ + hash.crc32.obj \ + hash.obj \ + hash.sha3.obj \ + hash.xxhash.obj \ + if_task.obj \ + interpreter.obj \ + interpreter.conversion.obj \ + interpreter.date_time.obj \ + interpreter.echo.obj \ + interpreter.environment.obj \ + interpreter.exec.obj \ + interpreter.file_system.obj \ + interpreter.hash.obj \ + interpreter.load_file.obj \ + interpreter.math_unit.obj \ + interpreter.operating_system.obj \ + interpreter.path.obj \ + interpreter.property.obj \ + interpreter.sleep_unit.obj \ + interpreter.string_unit.obj \ + interpreter.target.obj \ + interpreter.version.obj \ + listener.obj \ + load_file.obj \ + load_tasks.obj \ + math_unit.obj \ + operating_system.obj \ + path.obj \ + project.obj \ + property.obj \ + range.obj \ + shared_object.obj \ + sleep_unit.obj \ + string_unit.obj \ + target.obj \ + task.obj \ + text_encoding.obj \ + try_catch.obj \ + version.obj \ + xml.obj .PHONY: ant4c clean diff --git a/tests_hash.cpp b/tests_hash.cpp index 5d7a99e..3085383 100644 --- a/tests_hash.cpp +++ b/tests_hash.cpp @@ -1,7 +1,7 @@ /* * The MIT License (MIT) * - * Copyright (c) 2019 - 2022 TheVice + * Copyright (c) 2019 - 2023 TheVice * */ @@ -134,7 +134,64 @@ TEST(TestHashAlgorithm_, hash_algorithm_bytes_to_string) buffer_release(output); ASSERT_EQ(expected_output, returned_output); } - +#if defined(SHA3_CVE_2022_37454) +TEST(TestHashAlgorithm_, SHA3_CVE_2022_37454) +{ + static const uint16_t hash_length = 224; + uint8_t rate_on_w; + uint8_t maximum_delta; + // + ASSERT_TRUE(hash_algorithm_sha3_init(hash_length, &rate_on_w, &maximum_delta)); + // + uint64_t size = 1; + std::unique_ptr m1(new uint8_t[size]); + auto start = m1.get(); + memset(start, 0, size * sizeof(uint8_t)); + auto finish = start + size; + // + uint8_t queue[192]; + uint8_t queue_size = 0; + uint64_t S[] = + { + 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0 + }; + // + ASSERT_TRUE(hash_algorithm_sha3_core(start, finish, queue, &queue_size, maximum_delta, S, rate_on_w)); + m1.reset(nullptr); + // + size = 4294967295;//UINT32_MAX + std::unique_ptr m2(new uint8_t[size]); + start = m2.get(); + memset(start, 0, size * sizeof(uint8_t)); + finish = start + size; + // + ASSERT_TRUE(hash_algorithm_sha3_core(start, finish, queue, &queue_size, maximum_delta, S, rate_on_w)); + m2.reset(nullptr); + // + std::string output_s(UINT8_MAX, '\0'); + auto output = reinterpret_cast(&output_s[0]); + static const uint8_t is_sha3 = 1; + ASSERT_TRUE(hash_algorithm_sha3_final( + is_sha3, queue, queue_size, maximum_delta, S, + rate_on_w, maximum_delta, output)); + // + std::string output_buffer(buffer_size_of(), 0); + auto output_b = reinterpret_cast(&output_buffer[0]); + ASSERT_TRUE(buffer_init(output_b, buffer_size_of())); + // + ASSERT_TRUE(hash_algorithm_bytes_to_string(output, output + UINT8_MAX, output_b)) + << buffer_free(output_b); + // + const auto returned_output(buffer_to_string(output_b)); + buffer_release(output_b); + // + ASSERT_EQ(0, returned_output.find("c5bcc3bc73b5ef45e91d2d7c70b64f196fac08eee4e4acf6e6571ebe", 0)); +} +#endif TEST_F(TestHashAlgorithm, BLAKE2) { static const uint8_t hash_sizes[] = @@ -366,7 +423,7 @@ TEST_F(TestHashAlgorithm, crc32) // input_in_a_range = string_to_range(input); null_range_to_empty(input_in_a_range); - ASSERT_TRUE(buffer_append(output, NULL, UINT8_MAX)) << buffer_free(output); + ASSERT_TRUE(buffer_append(output, nullptr, UINT8_MAX)) << buffer_free(output); auto digit_output = buffer_uint8_t_data(output, UINT8_MAX - sizeof(uint32_t)); // auto returned = hash_algorithm_crc32(input_in_a_range.start, input_in_a_range.finish, digit_output, i);