From 3c1e3c6a7bb16998ad898f02e5488293705d7fb2 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Thu, 23 May 2024 17:57:52 +0200 Subject: [PATCH] Add memory testing for asymmetric crypto keys (#794) Add memory testing for `AsymmetricCryptoKey` --- crates/memory-testing/cases.json | 21 ++++++++++++++++++++- crates/memory-testing/src/lib.rs | 3 +++ crates/memory-testing/src/main.rs | 8 +++++++- 3 files changed, 30 insertions(+), 2 deletions(-) diff --git a/crates/memory-testing/cases.json b/crates/memory-testing/cases.json index c24cb63d6..f001367ff 100644 --- a/crates/memory-testing/cases.json +++ b/crates/memory-testing/cases.json @@ -16,7 +16,26 @@ } ] }, - + { + "name": "Asymmetric Key", + "asymmetric_key": { + "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDiTQVuzhdygFz5\nqv14i+XFDGTnDravzUQT1hPKPGUZOUSZ1gwdNgkWqOIaOnR65BHEnL0sp4bnuiYc\nafeK2JAW5Sc8Z7IxBNSuAwhQmuKx3RochMIiuCkI2/p+JvUQoJu6FBNm8OoJ4Cwm\nqqHGZESMfnpQDCuDrB3JdJEdXhtmnl0C48sGjOk3WaBMcgGqn8LbJDUlyu1zdqyv\nb0waJf0iV4PJm2fkUl7+57D/2TkpbCqURVnZK1FFIEg8mr6FzSN1F2pOfktkNYZw\nP7MSNR7o81CkRSCMr7EkIVa+MZYMBx106BMK7FXgWB7nbSpsWKxBk7ZDHkID2fam\nrEcVtrzDAgMBAAECggEBAKwq9OssGGKgjhvUnyrLJHAZ0dqIMyzk+dotkLjX4gKi\nszJmyqiep6N5sStLNbsZMPtoU/RZMCW0VbJgXFhiEp2YkZU/Py5UAoqw++53J+kx\n0d/IkPphKbb3xUec0+1mg5O6GljDCQuiZXS1dIa/WfeZcezclW6Dz9WovY6ePjJ+\n8vEBR1icbNKzyeINd6MtPtpcgQPHtDwHvhPyUDbKDYGbLvjh9nui8h4+ZUlXKuVR\njB0ChxiKV1xJRjkrEVoulOOicd5r597WfB2ghax3pvRZ4MdXemCXm3gQYqPVKach\nvGU+1cPQR/MBJZpxT+EZA97xwtFS3gqwbxJaNFcoE8ECgYEA9OaeYZhQPDo485tI\n1u/Z7L/3PNape9hBQIXoW7+MgcQ5NiWqYh8Jnj43EIYa0wM/ECQINr1Za8Q5e6KR\nJ30FcU+kfyjuQ0jeXdNELGU/fx5XXNg/vV8GevHwxRlwzqZTCg6UExUZzbYEQqd7\nl+wPyETGeua5xCEywA1nX/D101kCgYEA7I6aMFjhEjO71RmzNhqjKJt6DOghoOfQ\nTjhaaanNEhLYSbenFz1mlb21mW67ulmz162saKdIYLxQNJIP8ZPmxh4ummOJI8w9\nClHfo8WuCI2hCjJ19xbQJocSbTA5aJg6lA1IDVZMDbQwsnAByPRGpaLHBT/Q9Bye\nKvCMB+9amXsCgYEAx65yXSkP4sumPBrVHUub6MntERIGRxBgw/drKcPZEMWp0FiN\nwEuGUBxyUWrG3F69QK/gcqGZE6F/LSu0JvptQaKqgXQiMYJsrRvhbkFvsHpQyUcZ\nUZL1ebFjm5HOxPAgrQaN/bEqxOwwNRjSUWEMzUImg3c06JIZCzbinvudtKECgYEA\nkY3JF/iIPI/yglP27lKDlCfeeHSYxI3+oTKRhzSAxx8rUGidenJAXeDGDauR/T7W\npt3pGNfddBBK9Z3uC4Iq3DqUCFE4f/taj7ADAJ1Q0Vh7/28/IJM77ojr8J1cpZwN\nZy2o6PPxhfkagaDjqEeN9Lrs5LD4nEvDkr5CG1vOjmMCgYEAvIBFKRm31NyF8jLi\nCVuPwC5PzrW5iThDmsWTaXFpB3esUsbICO2pEz872oeQS+Em4GO5vXUlpbbFPzup\nPFhA8iMJ8TAvemhvc7oM0OZqpU6p3K4seHf6BkwLxumoA3vDJfovu9RuXVcJVOnf\nDnqOsltgPomWZ7xVfMkm9niL2OA=\n-----END PRIVATE KEY-----" + }, + "memory_lookups": [ + { + "name": "key", + "string": "-----BEGIN PRIVATE KEY-----\nMIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDiTQVuzhdygFz5\nqv14i+XFDGTnDravzUQT1hPKPGUZOUSZ1gwdNgkWqOIaOnR65BHEnL0sp4bnuiYc\nafeK2JAW5Sc8Z7IxBNSuAwhQmuKx3RochMIiuCkI2/p+JvUQoJu6FBNm8OoJ4Cwm\nqqHGZESMfnpQDCuDrB3JdJEdXhtmnl0C48sGjOk3WaBMcgGqn8LbJDUlyu1zdqyv\nb0waJf0iV4PJm2fkUl7+57D/2TkpbCqURVnZK1FFIEg8mr6FzSN1F2pOfktkNYZw\nP7MSNR7o81CkRSCMr7EkIVa+MZYMBx106BMK7FXgWB7nbSpsWKxBk7ZDHkID2fam\nrEcVtrzDAgMBAAECggEBAKwq9OssGGKgjhvUnyrLJHAZ0dqIMyzk+dotkLjX4gKi\nszJmyqiep6N5sStLNbsZMPtoU/RZMCW0VbJgXFhiEp2YkZU/Py5UAoqw++53J+kx\n0d/IkPphKbb3xUec0+1mg5O6GljDCQuiZXS1dIa/WfeZcezclW6Dz9WovY6ePjJ+\n8vEBR1icbNKzyeINd6MtPtpcgQPHtDwHvhPyUDbKDYGbLvjh9nui8h4+ZUlXKuVR\njB0ChxiKV1xJRjkrEVoulOOicd5r597WfB2ghax3pvRZ4MdXemCXm3gQYqPVKach\nvGU+1cPQR/MBJZpxT+EZA97xwtFS3gqwbxJaNFcoE8ECgYEA9OaeYZhQPDo485tI\n1u/Z7L/3PNape9hBQIXoW7+MgcQ5NiWqYh8Jnj43EIYa0wM/ECQINr1Za8Q5e6KR\nJ30FcU+kfyjuQ0jeXdNELGU/fx5XXNg/vV8GevHwxRlwzqZTCg6UExUZzbYEQqd7\nl+wPyETGeua5xCEywA1nX/D101kCgYEA7I6aMFjhEjO71RmzNhqjKJt6DOghoOfQ\nTjhaaanNEhLYSbenFz1mlb21mW67ulmz162saKdIYLxQNJIP8ZPmxh4ummOJI8w9\nClHfo8WuCI2hCjJ19xbQJocSbTA5aJg6lA1IDVZMDbQwsnAByPRGpaLHBT/Q9Bye\nKvCMB+9amXsCgYEAx65yXSkP4sumPBrVHUub6MntERIGRxBgw/drKcPZEMWp0FiN\nwEuGUBxyUWrG3F69QK/gcqGZE6F/LSu0JvptQaKqgXQiMYJsrRvhbkFvsHpQyUcZ\nUZL1ebFjm5HOxPAgrQaN/bEqxOwwNRjSUWEMzUImg3c06JIZCzbinvudtKECgYEA\nkY3JF/iIPI/yglP27lKDlCfeeHSYxI3+oTKRhzSAxx8rUGidenJAXeDGDauR/T7W\npt3pGNfddBBK9Z3uC4Iq3DqUCFE4f/taj7ADAJ1Q0Vh7/28/IJM77ojr8J1cpZwN\nZy2o6PPxhfkagaDjqEeN9Lrs5LD4nEvDkr5CG1vOjmMCgYEAvIBFKRm31NyF8jLi\nCVuPwC5PzrW5iThDmsWTaXFpB3esUsbICO2pEz872oeQS+Em4GO5vXUlpbbFPzup\nPFhA8iMJ8TAvemhvc7oM0OZqpU6p3K4seHf6BkwLxumoA3vDJfovu9RuXVcJVOnf\nDnqOsltgPomWZ7xVfMkm9niL2OA=\n-----END PRIVATE KEY-----" + }, + { + "name": "prime 1", + "hex": "59D3F5F05F670DC03221C4B9E67AC644" + }, + { + "name": "prime 2", + "hex": "7B995AEF078CF02A9E1CF4D03F05C7A2" + } + ] + }, { "name": "Master Key PBKDF2", "master_key": { diff --git a/crates/memory-testing/src/lib.rs b/crates/memory-testing/src/lib.rs index 0300e287a..d80ba66d9 100644 --- a/crates/memory-testing/src/lib.rs +++ b/crates/memory-testing/src/lib.rs @@ -35,6 +35,9 @@ pub enum CaseCommand { SymmetricKey { key: String, }, + AsymmetricKey { + private_key: String, + }, MasterKey { password: String, email: String, diff --git a/crates/memory-testing/src/main.rs b/crates/memory-testing/src/main.rs index ce120811b..fee8be022 100644 --- a/crates/memory-testing/src/main.rs +++ b/crates/memory-testing/src/main.rs @@ -20,6 +20,7 @@ fn main() { let cases = memory_testing::load_cases(base_dir); let mut symmetric_keys = Vec::new(); + let mut asymmetric_keys = Vec::new(); let mut master_keys = Vec::new(); for case in cases.cases { @@ -29,6 +30,11 @@ fn main() { let key = SymmetricCryptoKey::try_from(key).unwrap(); symmetric_keys.push((key.to_vec(), key)); } + memory_testing::CaseCommand::AsymmetricKey { private_key } => { + let private_key = SensitiveString::new(Box::new(private_key)); + let key = bitwarden_crypto::AsymmetricCryptoKey::from_pem(private_key).unwrap(); + asymmetric_keys.push(key); + } memory_testing::CaseCommand::MasterKey { password, email, @@ -53,7 +59,7 @@ fn main() { // Put all the variables through a black box to prevent them from being optimized out before we // get to this point, and then drop them - let _ = std::hint::black_box((test_string, symmetric_keys, master_keys)); + let _ = std::hint::black_box((test_string, symmetric_keys, asymmetric_keys, master_keys)); // After the variables are dropped, we want to make another dump wait_for_dump();