Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add verification of missing cases related to length output. #13

Merged
merged 4 commits into from
Sep 24, 2020
Merged

Add verification of missing cases related to length output. #13

merged 4 commits into from
Sep 24, 2020

Conversation

apetcher-amazon
Copy link
Contributor

The SHA-512 proof does not verify the case where an int pointer is provided and the output length should be written to the int. The HMAC proof does not cover the case where this int pointer is null. This PR addresses both issues in the same way: a parameter is added to the spec indicating whether the length output pointer is non-null. Then the both cases are verified in separate crucible_llvm_verify statements. It doesn't appear to be possible to verify both cases symbolically in a single verify statement.

Also as part of this change, I renamed the verify-HMAC-SHA384.saw script to make it clear that this script only checks some input lengths (not all lengths up to the bound).

Resolves #4

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@apetcher-amazon
1) Added verification of missing cases related to length output.
140d246 
2) Renamed HMAC proof script to make it clear that it is only checking some cases.
andrewhop
andrewhop reviewed Sep 11, 2020
View reviewed changes
SAW/proof/HMAC/HMAC.saw Outdated Show resolved Hide resolved
jldodds-aws
jldodds-aws approved these changes Sep 17, 2020
View reviewed changes
SAW/proof/SHA512/evp-function-specs.saw
let EVP_DigestFinal_spec num = do {
// Precondition: The function uses the AVX+shrd code path
global_alloc_init "OPENSSL_ia32cap_P" {{ ia32cap }};
let digestOut_pre withLength = do {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommend making this name consistent with digestOut_length_post by changing one or the other

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made both the names and the behavior consistent by moving the crucible_points_to into the postcondition and renaming it to digestOut_post.

@apetcher-amazon apetcher-amazon merged commit 20e5d85 into awslabs:master Sep 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jldodds-aws jldodds-aws jldodds-aws approved these changes

@andrewhop andrewhop andrewhop approved these changes

@tomkt-29 tomkt-29 Awaiting requested review from tomkt-29

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Verify DigestFinal with length output
3 participants
@apetcher-amazon @andrewhop @jldodds-aws