Fix: ECB and CBC with padding always needs yaca_decrypt_update()

In case of empty message encryption we can skip yaca_encrypt_update(),
then yaca_encrypt_finalize() returns encrypted block at the output.
During decryption, we can't skip yaca_decrypt_update().

Change-Id: Ib4a5d06f03560ea8b26f6bec674721a62fe1f72b

diff --git a/src/debug.c b/src/debug.c
index b6a113d..13a3fd4 100644 (file)
--- a/src/debug.c
+++ b/src/debug.c
@@ -137,6 +137,7 @@ int error_handle(const char *file, int line, const char *function)
        case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA):
        case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH):
        case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH):
+       case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH):
        case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS):
                ret = YACA_ERROR_INVALID_PARAMETER;
                break;