From: Igor Ustinov Date: Sun, 11 Jan 2026 10:35:15 +0000 (+0100) Subject: Test for handling of AEAD-encrypted CMS with inadmissibly long IV X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6297ac45d72ded9b45cad9a4fb2af6c29846d86c;p=thirdparty%2Fopenssl.git Test for handling of AEAD-encrypted CMS with inadmissibly long IV Reviewed-by: Saša Nedvědický Reviewed-by: Norbert Pocs Reviewed-by: Eugene Syromiatnikov Reviewed-by: Tomas Mraz MergeDate: Mon Jan 26 19:31:49 2026 --- diff --git a/test/cmsapitest.c b/test/cmsapitest.c index 88d519fd148..472d30c9e5d 100644 --- a/test/cmsapitest.c +++ b/test/cmsapitest.c @@ -9,10 +9,10 @@ #include +#include #include #include #include -#include #include "../crypto/cms/cms_local.h" /* for d.signedData and d.envelopedData */ #include "testutil.h" @@ -20,6 +20,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; +static char *too_long_iv_cms_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -479,6 +480,38 @@ end: return ret; } +static int test_cms_aesgcm_iv_too_long(void) +{ + int ret = 0; + BIO *cmsbio = NULL, *out = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + + if (!TEST_ptr(cmsbio = BIO_new_file(too_long_iv_cms_in, "r"))) + goto end; + + if (!TEST_ptr(cms = PEM_read_bio_CMS(cmsbio, NULL, NULL, NULL))) + goto end; + + /* Must fail cleanly (no crash) */ + if (!TEST_false(CMS_decrypt(cms, privkey, cert, NULL, out, 0))) + goto end; + err = ERR_peek_last_error(); + if (!TEST_ulong_ne(err, 0)) + goto end; + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS)) + goto end; + if (!TEST_int_eq(ERR_GET_REASON(err), CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR)) + goto end; + + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(cmsbio); + BIO_free(out); + return ret; +} + OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") int setup_tests(void) @@ -493,7 +526,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) - || !TEST_ptr(derin = test_get_argument(2))) + || !TEST_ptr(derin = test_get_argument(2)) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) return 0; certbio = BIO_new_file(certin, "r"); @@ -529,6 +563,7 @@ int setup_tests(void) ADD_TEST(test_encrypted_data); ADD_TEST(test_encrypted_data_aead); ADD_ALL_TESTS(test_d2i_CMS_decode, 2); + ADD_TEST(test_cms_aesgcm_iv_too_long); return 1; } diff --git a/test/recipes/80-test_cmsapi.t b/test/recipes/80-test_cmsapi.t index af00355a9d6..182629e71a0 100644 --- a/test/recipes/80-test_cmsapi.t +++ b/test/recipes/80-test_cmsapi.t @@ -18,5 +18,6 @@ plan tests => 1; ok(run(test(["cmsapitest", srctop_file("test", "certs", "servercert.pem"), srctop_file("test", "certs", "serverkey.pem"), - srctop_file("test", "recipes", "80-test_cmsapi_data", "encryptedData.der")])), + srctop_file("test", "recipes", "80-test_cmsapi_data", "encryptedData.der"), + srctop_file("test", "recipes", "80-test_cmsapi_data", "encDataWithTooLongIV.pem")])), "running cmsapitest"); diff --git a/test/recipes/80-test_cmsapi_data/encDataWithTooLongIV.pem b/test/recipes/80-test_cmsapi_data/encDataWithTooLongIV.pem new file mode 100644 index 00000000000..4323cd2fb0c --- /dev/null +++ b/test/recipes/80-test_cmsapi_data/encDataWithTooLongIV.pem @@ -0,0 +1,11 @@ +-----BEGIN CMS----- +MIIBmgYLKoZIhvcNAQkQARegggGJMIIBhQIBADGCATMwggEvAgEAMBcwEjEQMA4G +A1UEAwwHUm9vdCBDQQIBAjANBgkqhkiG9w0BAQEFAASCAQC8ZqP1OqbletcUre1V +b4XOobZzQr6wKMSsdjtGzVbZowUVv5DkOn9VOefrpg4HxMq/oi8IpzVYj8ZiKRMV +NTJ+/d8FwwBwUUNNP/IDnfEpX+rT1+pGS5zAa7NenLoZgGBNjPy5I2OHP23fPnEd +sm8YkFjzubkhAD1lod9pEOEqB3V2kTrTTiwzSNtMHggna1zPox6TkdZwFmMnp8d2 +CVa6lIPGx26gFwCuIDSaavmQ2URJ615L8gAvpYUlpsDqjFsabWsbaOFbMz3bIGJu +GkrX2ezX7CpuC1wjix26ojlTySJHv+L0IrpcaIzLlC5lB1rqtuija8dGm3rBNm/P +AAUNMDcGCSqGSIb3DQEHATAjBglghkgBZQMEAQYwFgQRzxwoRQzOHVooVn3CpaWl +paUCARCABUNdolo6BBA55E9hYaYO2S8C/ZnD8dRO +-----END CMS-----