Turn a few calls with an insane message length into a sodium_misuse()

7 years ago · c15173de1e
8 changed files with 16 additions and 18 deletions
--- a/src/libsodium/crypto_box/crypto_box_easy.c
+++ b/src/libsodium/crypto_box/crypto_box_easy.c
@ -41,7 +41,7 @@ crypto_box_easy_afternm(unsigned char *c, const unsigned char *m,
                        const unsigned char *k)
 {
    if (mlen > crypto_box_MESSAGEBYTES_MAX) {
-        return -1;
+        sodium_misuse();
    }
    return crypto_box_detached_afternm(c + crypto_box_MACBYTES, c, m, mlen, n,
                                       k);
@ -53,7 +53,7 @@ crypto_box_easy(unsigned char *c, const unsigned char *m,
                const unsigned char *pk, const unsigned char *sk)
 {
    if (mlen > crypto_box_MESSAGEBYTES_MAX) {
-        return -1;
+        sodium_misuse();
    }
    return crypto_box_detached(c + crypto_box_MACBYTES, c, m, mlen, n,
                               pk, sk);
--- a/src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305.c
@ -87,7 +87,7 @@ crypto_box_curve25519xchacha20poly1305_easy_afternm(unsigned char *c,
                                                    const unsigned char *k)
 {
    if (mlen > crypto_box_curve25519xchacha20poly1305_MESSAGEBYTES_MAX) {
-        return -1;
+        sodium_misuse();
    }
    return crypto_box_curve25519xchacha20poly1305_detached_afternm(
        c + crypto_box_curve25519xchacha20poly1305_MACBYTES, c, m, mlen, n, k);
@ -99,7 +99,7 @@ crypto_box_curve25519xchacha20poly1305_easy(
    const unsigned char *n, const unsigned char *pk, const unsigned char *sk)
 {
    if (mlen > crypto_box_curve25519xchacha20poly1305_MESSAGEBYTES_MAX) {
-        return -1;
+        sodium_misuse();
    }
    return crypto_box_curve25519xchacha20poly1305_detached(
        c + crypto_box_curve25519xchacha20poly1305_MACBYTES, c, m, mlen, n, pk,
--- a/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c
+++ b/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c
@ -5,6 +5,7 @@
 #include <stdlib.h>
 #include <string.h>

+#include "core.h"
 #include "crypto_core_hsalsa20.h"
 #include "crypto_onetimeauth_poly1305.h"
 #include "crypto_secretbox.h"
@ -72,7 +73,7 @@ crypto_secretbox_easy(unsigned char *c, const unsigned char *m,
                      const unsigned char *k)
 {
    if (mlen > crypto_secretbox_MESSAGEBYTES_MAX) {
-        return -1;
+        sodium_misuse();
    }
    return crypto_secretbox_detached(c + crypto_secretbox_MACBYTES,
                                     c, m, mlen, n, k);
--- a/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c
+++ b/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c
@ -78,7 +78,7 @@ crypto_secretbox_xchacha20poly1305_easy(unsigned char *c,
                                        const unsigned char *k)
 {
    if (mlen > crypto_secretbox_xchacha20poly1305_MESSAGEBYTES_MAX) {
-        return -1;
+        sodium_misuse();
    }
    return crypto_secretbox_xchacha20poly1305_detached
        (c + crypto_secretbox_xchacha20poly1305_MACBYTES, c, m, mlen, n, k);
--- a/test/default/box_easy.c
+++ b/test/default/box_easy.c
@ -64,11 +64,8 @@ main(void)
    }
    printf("\n");
    c[randombytes_uniform(crypto_box_MACBYTES)]++;
-    ret =
-        crypto_box_open_easy(c, c, crypto_box_MACBYTES, nonce, bobpk, alicesk);
+    ret = crypto_box_open_easy(c, c, crypto_box_MACBYTES, nonce, bobpk, alicesk);
    assert(ret == -1);

-    assert(crypto_box_easy(c, m, SIZE_MAX - 1U, nonce, bobpk, alicesk) == -1);
-
    return 0;
 }
--- a/test/default/box_easy2.c
+++ b/test/default/box_easy2.c
@ -88,10 +88,10 @@ main(void)

    memset(m2, 0, m2_size);

-    if (crypto_box_easy_afternm(c, m, SIZE_MAX - 1U, nonce, k1) == 0) {
+    if (crypto_box_easy_afternm(c, m, 0, nonce, k1) != 0) {
        printf(
-            "crypto_box_easy_afternm() with a short ciphertext should have "
-            "failed\n");
+            "crypto_box_easy_afternm() with a null ciphertext should have "
+            "worked\n");
    }
    crypto_box_easy_afternm(c, m, (unsigned long long) mlen, nonce, k1);
    if (crypto_box_open_easy_afternm(
--- a/test/default/secretbox_easy.c
+++ b/test/default/secretbox_easy.c
@ -76,7 +76,7 @@ main(void)
    }
    printf("\n");

-    assert(crypto_secretbox_easy(c, m, SIZE_MAX - 1U, nonce, firstkey) == -1);
+    assert(crypto_secretbox_easy(c, m, 0, nonce, firstkey) == 0);

    /* Null message */

--- a/test/default/xchacha20.c
+++ b/test/default/xchacha20.c
@ -234,8 +234,8 @@ tv_secretbox_xchacha20poly1305(void)
            (crypto_secretbox_xchacha20poly1305_MACBYTES + m_len);
        sodium_hex2bin(out, crypto_secretbox_xchacha20poly1305_MACBYTES + m_len,
                       tv->out, strlen(tv->out), NULL, NULL, NULL);
+        assert(crypto_secretbox_xchacha20poly1305_easy(out2, m, 0, nonce, key) == 0);
        assert(crypto_secretbox_xchacha20poly1305_easy(out2, m, m_len, nonce, key) == 0);
-        assert(crypto_secretbox_xchacha20poly1305_easy(out2, m, SIZE_MAX, nonce, key) == -1);
        assert(memcmp(out, out2,
                      crypto_secretbox_xchacha20poly1305_MACBYTES + m_len) == 0);
        n = randombytes_uniform(crypto_secretbox_xchacha20poly1305_MACBYTES + m_len);
@ -320,10 +320,10 @@ tv_box_xchacha20poly1305(void)
        randombytes_buf(nonce, crypto_box_curve25519xchacha20poly1305_NONCEBYTES);
        randombytes_buf(m, m_len);
        assert(crypto_box_curve25519xchacha20poly1305_keypair(pk, sk) == 0);
+        assert(crypto_box_curve25519xchacha20poly1305_easy(out, m, 0, nonce,
+                                                           pk, sk) == 0);
        assert(crypto_box_curve25519xchacha20poly1305_easy(out, m, m_len, nonce,
                                                           pk, sk) == 0);
-        assert(crypto_box_curve25519xchacha20poly1305_easy(out, m, SIZE_MAX, nonce,
-                                                           pk, sk) == -1);
        assert(crypto_box_curve25519xchacha20poly1305_open_easy
               (m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len,
                nonce, pk, sk) == 0);
@ -334,7 +334,7 @@ tv_box_xchacha20poly1305(void)
            (crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len);
        assert(crypto_box_curve25519xchacha20poly1305_beforenm(pc, pk, sk) == 0);
        assert(crypto_box_curve25519xchacha20poly1305_easy_afternm
-               (out, m, SIZE_MAX, nonce, pc) == -1);
+               (out, m, 0, nonce, pc) == 0);
        assert(crypto_box_curve25519xchacha20poly1305_easy_afternm
               (out, m, m_len, nonce, pc) == 0);
        assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm