2021-12-30 19:43:52 +01:00
|
|
|
#coding:utf-8
|
|
|
|
|
|
2022-01-27 20:08:36 +01:00
|
|
|
"""
|
|
|
|
|
ID: issue-6930
|
|
|
|
|
ISSUE: 6930
|
|
|
|
|
TITLE: Segfault when calling crypto functions
|
|
|
|
|
DESCRIPTION:
|
|
|
|
|
Using NULL or empty string as a KEY parameter in RSA-functions leads to segfault.
|
2022-02-02 15:46:19 +01:00
|
|
|
FBTEST: bugs.gh_6930
|
2022-01-27 20:08:36 +01:00
|
|
|
"""
|
2021-12-30 19:43:52 +01:00
|
|
|
|
2022-01-27 20:08:36 +01:00
|
|
|
import pytest
|
|
|
|
|
from firebird.qa import *
|
2021-12-30 19:43:52 +01:00
|
|
|
|
2022-01-27 20:08:36 +01:00
|
|
|
db = db_factory()
|
2021-12-30 19:43:52 +01:00
|
|
|
|
2022-01-27 20:08:36 +01:00
|
|
|
test_script = """
|
2021-12-30 19:43:52 +01:00
|
|
|
set list on;
|
|
|
|
|
|
|
|
|
|
recreate table rsa(
|
|
|
|
|
text_unencrypted varchar(256)
|
|
|
|
|
,k_prv varbinary(16384)
|
|
|
|
|
,k_pub varbinary(8192)
|
|
|
|
|
,test_encrypted varbinary(16384)
|
|
|
|
|
,text_rsa_sign varchar(8192)
|
|
|
|
|
,text_rsa_vrfy boolean
|
|
|
|
|
,text_encrypted varchar(256)
|
|
|
|
|
,text_decrypted varchar(256)
|
|
|
|
|
);
|
|
|
|
|
commit;
|
|
|
|
|
|
|
|
|
|
insert into rsa(text_unencrypted) values('lorem ipsum');
|
|
|
|
|
|
|
|
|
|
update rsa set k_prv = rsa_private(256);
|
|
|
|
|
update rsa set k_pub = rsa_public(k_prv);
|
|
|
|
|
|
|
|
|
|
update rsa set test_encrypted = crypt_hash(text_unencrypted using sha256);
|
|
|
|
|
|
|
|
|
|
set term ^;
|
|
|
|
|
|
|
|
|
|
----------------------------------- r s a _ s i g n _ h a s h ------------------------------
|
|
|
|
|
|
|
|
|
|
execute block returns( rsa_sign_sqlstate_list varchar(255), rsa_sign_gdscode_list varchar(255), rsa_sign_octet_length int ) as
|
|
|
|
|
begin
|
|
|
|
|
|
|
|
|
|
rsa_sign_sqlstate_list = '';
|
|
|
|
|
rsa_sign_gdscode_list = '';
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_rsa_sign = rsa_sign_hash( crypt_hash(text_unencrypted using sha256) key null hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_sign_sqlstate_list = rsa_sign_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_sign_gdscode_list = rsa_sign_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_rsa_sign = rsa_sign_hash( crypt_hash(text_unencrypted using sha256) key '' hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_sign_sqlstate_list = rsa_sign_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_sign_gdscode_list = rsa_sign_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
-- This must execute normally:
|
2022-01-27 20:08:36 +01:00
|
|
|
update rsa set text_rsa_sign = rsa_sign_hash( crypt_hash(text_unencrypted using sha256) key k_prv hash sha256)
|
2021-12-30 19:43:52 +01:00
|
|
|
returning octet_length(text_rsa_sign) into rsa_sign_octet_length
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
suspend;
|
|
|
|
|
end
|
|
|
|
|
^
|
|
|
|
|
|
|
|
|
|
------------------------------------- r s a _ v e r i f y ------------------------------
|
|
|
|
|
|
|
|
|
|
execute block returns( rsa_verify_sqlstate_list varchar(255), rsa_verify_gdscode_list varchar(255), text_rsa_vrfy boolean ) as
|
|
|
|
|
begin
|
|
|
|
|
|
|
|
|
|
rsa_verify_sqlstate_list = '';
|
|
|
|
|
rsa_verify_gdscode_list = '';
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_rsa_vrfy = rsa_verify_hash( crypt_hash(text_unencrypted using sha256) signature text_rsa_sign key null hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_verify_sqlstate_list = rsa_verify_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_verify_gdscode_list = rsa_verify_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_rsa_vrfy = rsa_verify_hash( crypt_hash(text_unencrypted using sha256) signature text_rsa_sign key '' hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_verify_sqlstate_list = rsa_verify_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_verify_gdscode_list = rsa_verify_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
-- This must execute normally:
|
|
|
|
|
update rsa set text_rsa_vrfy = rsa_verify_hash( crypt_hash(text_unencrypted using sha256) signature text_rsa_sign key k_pub hash sha256)
|
|
|
|
|
returning text_rsa_vrfy into text_rsa_vrfy
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
suspend;
|
|
|
|
|
end
|
|
|
|
|
^
|
|
|
|
|
|
|
|
|
|
------------------------------------- r s a _ e n c r y p t ----------------------------
|
|
|
|
|
|
|
|
|
|
execute block returns( rsa_encrypt_sqlstate_list varchar(255), rsa_encrypt_gdscode_list varchar(255), rsa_encrypted_octet_length int ) as
|
|
|
|
|
begin
|
|
|
|
|
|
|
|
|
|
rsa_encrypt_sqlstate_list = '';
|
|
|
|
|
rsa_encrypt_gdscode_list = '';
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_encrypted = rsa_encrypt(text_unencrypted key null hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_encrypt_sqlstate_list = rsa_encrypt_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_encrypt_gdscode_list = rsa_encrypt_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_encrypted = rsa_encrypt(text_unencrypted key '' hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_encrypt_sqlstate_list = rsa_encrypt_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_encrypt_gdscode_list = rsa_encrypt_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
-- This must execute normally:
|
|
|
|
|
update rsa set text_encrypted = rsa_encrypt(text_unencrypted key k_pub hash sha256)
|
|
|
|
|
returning octet_length(text_encrypted) into rsa_encrypted_octet_length
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
suspend;
|
|
|
|
|
end
|
|
|
|
|
^
|
|
|
|
|
|
|
|
|
|
------------------------------------- r s a _ d e c r y p t ----------------------------
|
|
|
|
|
|
|
|
|
|
execute block returns( rsa_decrypt_sqlstate_list varchar(255), rsa_decrypt_gdscode_list varchar(255), rsa_text_decrypted type of column rsa.text_unencrypted ) as
|
|
|
|
|
begin
|
|
|
|
|
|
|
|
|
|
rsa_decrypt_sqlstate_list = '';
|
|
|
|
|
rsa_decrypt_gdscode_list = '';
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_decrypted = rsa_decrypt(text_encrypted key null hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_decrypt_sqlstate_list = rsa_decrypt_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_decrypt_gdscode_list = rsa_decrypt_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
-- Following statement caused FB crash; expected: "SQLSTATE = 22023 / Empty or NULL ... is not accepted"
|
|
|
|
|
update rsa set text_decrypted = rsa_decrypt(text_encrypted key '' hash sha256);
|
|
|
|
|
when any do
|
|
|
|
|
begin
|
|
|
|
|
rsa_decrypt_sqlstate_list = rsa_decrypt_sqlstate_list || sqlstate || ',';
|
|
|
|
|
rsa_decrypt_gdscode_list = rsa_decrypt_gdscode_list || gdscode || ',' ;
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
-- This must execute normally:
|
|
|
|
|
update rsa set text_decrypted = rsa_decrypt(text_encrypted key k_prv hash sha256)
|
|
|
|
|
returning text_decrypted into rsa_text_decrypted
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
suspend;
|
|
|
|
|
end
|
|
|
|
|
^
|
|
|
|
|
set term ;^
|
|
|
|
|
|
|
|
|
|
select text_unencrypted, text_decrypted from rsa;
|
2022-01-27 20:08:36 +01:00
|
|
|
|
2021-12-30 19:43:52 +01:00
|
|
|
"""
|
|
|
|
|
|
2022-01-27 20:08:36 +01:00
|
|
|
act = isql_act('db', test_script)
|
2021-12-30 19:43:52 +01:00
|
|
|
|
2022-01-27 20:08:36 +01:00
|
|
|
expected_stdout = """
|
2021-12-30 19:43:52 +01:00
|
|
|
RSA_SIGN_SQLSTATE_LIST 22023,22023,
|
|
|
|
|
RSA_SIGN_GDSCODE_LIST 335545276,335545276,
|
|
|
|
|
RSA_SIGN_OCTET_LENGTH 256
|
2022-01-27 20:08:36 +01:00
|
|
|
|
2021-12-30 19:43:52 +01:00
|
|
|
RSA_VERIFY_SQLSTATE_LIST 22023,22023,
|
|
|
|
|
RSA_VERIFY_GDSCODE_LIST 335545276,335545276,
|
|
|
|
|
TEXT_RSA_VRFY <true>
|
2022-01-27 20:08:36 +01:00
|
|
|
|
2021-12-30 19:43:52 +01:00
|
|
|
RSA_ENCRYPT_SQLSTATE_LIST 22023,22023,
|
|
|
|
|
RSA_ENCRYPT_GDSCODE_LIST 335545276,335545276,
|
|
|
|
|
RSA_ENCRYPTED_OCTET_LENGTH 256
|
2022-01-27 20:08:36 +01:00
|
|
|
|
2021-12-30 19:43:52 +01:00
|
|
|
RSA_DECRYPT_SQLSTATE_LIST 22023,22023,
|
|
|
|
|
RSA_DECRYPT_GDSCODE_LIST 335545276,335545276,
|
|
|
|
|
RSA_TEXT_DECRYPTED lorem ipsum
|
2022-01-27 20:08:36 +01:00
|
|
|
|
2021-12-30 19:43:52 +01:00
|
|
|
TEXT_UNENCRYPTED lorem ipsum
|
2022-01-27 20:08:36 +01:00
|
|
|
TEXT_DECRYPTED lorem ipsum
|
2021-12-30 19:43:52 +01:00
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
@pytest.mark.version('>=4.0')
|
2022-01-27 20:08:36 +01:00
|
|
|
def test_1(act: Action):
|
|
|
|
|
act.expected_stdout = expected_stdout
|
|
|
|
|
act.execute()
|
|
|
|
|
assert act.clean_stdout == act.clean_expected_stdout
|
