From a2b1f580c60468f1aeed028eda849faf0e62f876 Mon Sep 17 00:00:00 2001 From: Josh Holtrop Date: Mon, 20 Apr 2026 13:58:36 -0400 Subject: [PATCH] Rust wrapper: add buffer size checks in Rust wrapper for ChaCha20_Poly1305 one-shot encrypt/decrypt wrappers --- .../src/chacha20_poly1305.rs | 6 ++++ .../tests/test_chacha20_poly1305.rs | 29 +++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/wrapper/rust/wolfssl-wolfcrypt/src/chacha20_poly1305.rs b/wrapper/rust/wolfssl-wolfcrypt/src/chacha20_poly1305.rs index ae4e69b8334..f053b8c565f 100644 --- a/wrapper/rust/wolfssl-wolfcrypt/src/chacha20_poly1305.rs +++ b/wrapper/rust/wolfssl-wolfcrypt/src/chacha20_poly1305.rs @@ -74,6 +74,9 @@ impl ChaCha20Poly1305 { if auth_tag.len() != Self::AUTH_TAG_SIZE { return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E); } + if plaintext.len() < ciphertext.len() { + return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E); + } let aad_size = crate::buffer_len_to_u32(aad.len())?; let ciphertext_size = crate::buffer_len_to_u32(ciphertext.len())?; let rc = unsafe { @@ -116,6 +119,9 @@ impl ChaCha20Poly1305 { if auth_tag.len() != Self::AUTH_TAG_SIZE { return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E); } + if ciphertext.len() < plaintext.len() { + return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E); + } let aad_size = crate::buffer_len_to_u32(aad.len())?; let plaintext_size = crate::buffer_len_to_u32(plaintext.len())?; let rc = unsafe { diff --git a/wrapper/rust/wolfssl-wolfcrypt/tests/test_chacha20_poly1305.rs b/wrapper/rust/wolfssl-wolfcrypt/tests/test_chacha20_poly1305.rs index ac18fd21b09..71ae101faba 100644 --- a/wrapper/rust/wolfssl-wolfcrypt/tests/test_chacha20_poly1305.rs +++ b/wrapper/rust/wolfssl-wolfcrypt/tests/test_chacha20_poly1305.rs @@ -1,6 +1,7 @@ #![cfg(chacha20_poly1305)] use wolfssl_wolfcrypt::chacha20_poly1305::*; +use wolfssl_wolfcrypt::sys; #[test] fn test_chacha20_poly1305_1() { @@ -274,6 +275,34 @@ fn test_xchacha20_poly1305() { assert_eq!(plaintext_buffer, PLAINTEXT); } +#[test] +fn test_chacha20_poly1305_encrypt_short_ciphertext_buffer() { + let key = [0x55u8; ChaCha20Poly1305::KEYSIZE]; + let iv = [0x66u8; ChaCha20Poly1305::IV_SIZE]; + let aad = []; + let plaintext = [0u8; 32]; + let mut ciphertext = [0u8; 16]; /* shorter than plaintext */ + let mut auth_tag = [0u8; ChaCha20Poly1305::AUTH_TAG_SIZE]; + let rc = ChaCha20Poly1305::encrypt(&key, &iv, &aad, &plaintext, + &mut ciphertext, &mut auth_tag) + .expect_err("encrypt() should fail with short ciphertext buffer"); + assert_eq!(rc, sys::wolfCrypt_ErrorCodes_BUFFER_E); +} + +#[test] +fn test_chacha20_poly1305_decrypt_short_plaintext_buffer() { + let key = [0x55u8; ChaCha20Poly1305::KEYSIZE]; + let iv = [0x66u8; ChaCha20Poly1305::IV_SIZE]; + let aad = []; + let ciphertext = [0u8; 32]; + let mut plaintext = [0u8; 16]; /* shorter than ciphertext */ + let auth_tag = [0u8; ChaCha20Poly1305::AUTH_TAG_SIZE]; + let rc = ChaCha20Poly1305::decrypt(&key, &iv, &aad, &ciphertext, + &auth_tag, &mut plaintext) + .expect_err("decrypt() should fail with short plaintext buffer"); + assert_eq!(rc, sys::wolfCrypt_ErrorCodes_BUFFER_E); +} + // --------------------------------------------------------------------------- // ChaCha20-Poly1305 aead trait implementations // ---------------------------------------------------------------------------