smuellerDD / acvpparser

ACVP Parser for invocation of cryptographic implementations using the ACVP JSON test vectors
https://www.chronox.de/acvpparser
Other
36 stars 27 forks source link

In parsed_flagblock, incorrect flagging occurs when one mode is a prefix of the other #41

Closed DanielOjalvo closed 3 years ago

DanielOjalvo commented 3 years ago

When parsing the "running mode" flags tls13, it was found that in "PSK-DHE" mode, the flags would be set incorrectly. Since "PSK" is a substring of "PSK-DHE" and when the flags were sent during processing of "PSK-DHE" requests, both FLAG_OP_TLS13_RUNNING_MODE_PSK and FLAG_OP_TLS13_RUNNING_MODE_PSKDHE were set when they shouldn't be which causes parsing issues.

We have a fix coming which modifies this check to match sure the strings do an exact case-insensitive match.

Function with bug https://github.com/smuellerDD/acvpparser/blob/master/parser/parser_common.c#L491

"running mode" strings for TLS13 https://github.com/smuellerDD/acvpparser/blob/master/parser/parser_common.c#L693

relevant parser_flags https://github.com/smuellerDD/acvpparser/blob/master/parser/parser_flags.h#L181

smuellerDD commented 3 years ago

Patch upstreamed. Thanks.