You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@teaclave.apache.org by GitBox <gi...@apache.org> on 2020/06/26 10:35:01 UTC
[GitHub] [incubator-teaclave-sgx-sdk] NTSC-J opened a new issue #252: sgx_ucrypto::rsgx_rijndael128GCM_decrypt() panics with integer overflow
NTSC-J opened a new issue #252:
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/252
## Symptom
Call to sgx_ucrypto::rsgx_rijndael128GCM_decrypt() panics on debug build with a message like this:
```
thread 'main' panicked at 'attempt to subtract with overflow', /home/fkato/.cargo/git/checkouts/incubator-teaclave-sgx-sdk-c63c8825343e87f0/e0a4f47/sgx_ucrypto/src/util.rs:68:11
```
## Problem
The panic is from an integer overflow.
sgx_ucrypto/src/util.rs:68:
```
(1 & ((res - 1) >> 8)) as i32
```
## How to resolve
Change `res - 1` to `res.wrapping_sub(1)`.
## Minimal example
### Cargo.toml
```toml
[package]
name = "ucrypto-test"
version = "0.1.0"
authors = ["Fuga Kato <fk...@softlab.cs.tsukuba.ac.jp>"]
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
hex = "0.4.2"
rand = "0.7.3"
sgx_types = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk.git" }
sgx_ucrypto = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk.git" }
```
### src/main.rs
```rust
use sgx_types::sgx_aes_gcm_128bit_key_t as key_t;
use sgx_types::sgx_aes_gcm_128bit_tag_t as tag_t;
use sgx_ucrypto::rsgx_rijndael128GCM_encrypt as encrypt;
use sgx_ucrypto::rsgx_rijndael128GCM_decrypt as decrypt;
fn main() {
let key: key_t = rand::random();
let plaintext = "hello";
println!("plaintext string: {}", plaintext);
let plaintext = plaintext.as_bytes();
let iv: [u8; 12] = rand::random();
let aad = [0u8; 0];
let mut ciphertext = vec![0u8; plaintext.len()];
let mut mac = tag_t::default();
println!("key: {}", hex::encode(&key));
println!("plaintext: {}", hex::encode(&plaintext));
println!("iv: {}", hex::encode(&iv));
encrypt(&key, &plaintext, &iv, &aad, &mut ciphertext, &mut mac).expect("encrypt failed");
println!("ciphertext: {}", hex::encode(&ciphertext));
println!("mac: {}", hex::encode(&mac));
let mut decrypted = vec![0u8; ciphertext.len()];
decrypt(&key, &ciphertext, &iv, &aad, &mac, &mut decrypted).expect("decrypt failed");
assert_eq!(plaintext, decrypted.as_slice());
println!("decrypted: {}", hex::encode(&decrypted));
println!("decrypted string: {}", String::from_utf8(decrypted).expect("not UTF-8"));
}
```
### `cargo run --release` output
```
% cargo run --release
Finished release [optimized] target(s) in 0.03s
Running `target/release/ucrypto-test`
plaintext string: hello
key: 3dbdc1ab48159f009609df3f9c62191c
plaintext: 68656c6c6f
iv: bcf54762138d34f231eadb09
ciphertext: e1b0bfd16b
mac: 8b3b14331062dc7986e1edeb68dd9455
decrypted: 68656c6c6f
decrypted string: hello
```
### `cargo run` output with backtrace
```
% RUST_BACKTRACE=1 cargo run
Finished dev [unoptimized + debuginfo] target(s) in 0.03s
Running `target/debug/ucrypto-test`
plaintext string: hello
key: 93b8f9e1ec5f8cfc92b5770983c99060
plaintext: 68656c6c6f
iv: 312dbb35b094b91eeb0d41ad
ciphertext: 408b0c33ea
mac: 502d7099f5471bf57614110b2b6ced67
thread 'main' panicked at 'attempt to subtract with overflow', /home/fkato/.cargo/git/checkouts/incubator-teaclave-sgx-sdk-c63c8825343e87f0/e0a4f47/sgx_ucrypto/src/util.rs:68:11
stack backtrace:
0: backtrace::backtrace::libunwind::trace
at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88
1: backtrace::backtrace::trace_unsynchronized
at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/mod.rs:66
2: std::sys_common::backtrace::_print_fmt
at src/libstd/sys_common/backtrace.rs:84
3: <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt
at src/libstd/sys_common/backtrace.rs:61
4: core::fmt::write
at src/libcore/fmt/mod.rs:1030
5: std::io::Write::write_fmt
at src/libstd/io/mod.rs:1412
6: std::sys_common::backtrace::_print
at src/libstd/sys_common/backtrace.rs:65
7: std::sys_common::backtrace::print
at src/libstd/sys_common/backtrace.rs:50
8: std::panicking::default_hook::{{closure}}
at src/libstd/panicking.rs:188
9: std::panicking::default_hook
at src/libstd/panicking.rs:205
10: std::panicking::rust_panic_with_hook
at src/libstd/panicking.rs:464
11: std::panicking::continue_panic_fmt
at src/libstd/panicking.rs:373
12: rust_begin_unwind
at src/libstd/panicking.rs:302
13: core::panicking::panic_fmt
at src/libcore/panicking.rs:82
14: core::panicking::panic
at src/libcore/panicking.rs:50
15: consttime_memequal
at /home/fkato/.cargo/git/checkouts/incubator-teaclave-sgx-sdk-c63c8825343e87f0/e0a4f47/sgx_ucrypto/src/util.rs:68
16: sgx_rijndael128GCM_decrypt
17: sgx_ucrypto::crypto::rsgx_rijndael128GCM_decrypt
at /home/fkato/.cargo/git/checkouts/incubator-teaclave-sgx-sdk-c63c8825343e87f0/e0a4f47/sgx_ucrypto/src/crypto.rs:844
18: ucrypto_test::main
at src/main.rs:27
19: std::rt::lang_start::{{closure}}
at /rustc/412f43ac5b4ae8c3599e71c6972112e9be4758fa/src/libstd/rt.rs:61
20: std::rt::lang_start_internal::{{closure}}
at src/libstd/rt.rs:48
21: std::panicking::try::do_call
at src/libstd/panicking.rs:287
22: __rust_maybe_catch_panic
at src/libpanic_unwind/lib.rs:81
23: std::panicking::try
at src/libstd/panicking.rs:265
24: std::panic::catch_unwind
at src/libstd/panic.rs:395
25: std::rt::lang_start_internal
at src/libstd/rt.rs:47
26: std::rt::lang_start
at /rustc/412f43ac5b4ae8c3599e71c6972112e9be4758fa/src/libstd/rt.rs:61
27: main
28: __libc_start_main
29: _start
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] NTSC-J closed issue #252: sgx_ucrypto::rsgx_rijndael128GCM_decrypt() panics with integer overflow
Posted by GitBox <gi...@apache.org>.
NTSC-J closed issue #252:
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/252
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] NTSC-J commented on issue #252: sgx_ucrypto::rsgx_rijndael128GCM_decrypt() panics with integer overflow
Posted by GitBox <gi...@apache.org>.
NTSC-J commented on issue #252:
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/252#issuecomment-653828916
Thanks!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] volcano0dr commented on issue #252: sgx_ucrypto::rsgx_rijndael128GCM_decrypt() panics with integer overflow
Posted by GitBox <gi...@apache.org>.
volcano0dr commented on issue #252:
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/252#issuecomment-651515702
@NTSC-J I will fix this problem, thank you for reporting this error.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org