projects / platform / core / security / yaca.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bbd1d8e)
Fix wrong key decryption test 34/248834/1
authorKrzysztof Jackiewicz <k.jackiewicz@samsung.com>
Wed, 2 Dec 2020 13:55:23 +0000 (14:55 +0100)
committerKrzysztof Jackiewicz <k.jackiewicz@samsung.com>
Wed, 2 Dec 2020 13:55:23 +0000 (14:55 +0100)
The test T604 fails from time to time at test_encrypt.cpp:738. The
reason is that the wrong key used for decryption can generate a properly
padded buffer with quite high probability (more than 1/256).

Fix by adding a length check in above case.

Also remove an outdated comment related to invalid decryption.

Change-Id: I22f7c837dc30c605dadd5c7ba8fa6b025f3396e0

tests/test_encrypt.cpp patch | blob | history

diff --git a/tests/test_encrypt.cpp b/tests/test_encrypt.cpp
index 92565a686fee1931712fe1d98aad700deed7d297..810c8370826d770b0d8f90f46b2ab05fc2c7fc4e 100644 (file)
--- a/tests/test_encrypt.cpp
+++ b/tests/test_encrypt.cpp
@@ -735,7 +735,16 @@ BOOST_FIXTURE_TEST_CASE(T604__negative__encrypt_decrypt, InitDebugFixture)
                decrypted_len = written;
 
                ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written);
-               BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
+               if (ret != YACA_ERROR_INVALID_PARAMETER) {
+                       /*
+                        * There's a quite high (over 1/256) chance that the decryption with key2 will create
+                        * a correctly padded buffer (e.g. last byte equal to 0x01). In such case we expect that
+                        * the length of the decrypted buffer will not match the original one.
+                        */
+
+                       BOOST_REQUIRE(ret == YACA_ERROR_NONE);
+                       BOOST_REQUIRE(decrypted_len + written != INPUT_DATA_SIZE);
+               }
 
                yaca_context_destroy(ctx);
                ctx = YACA_CONTEXT_NULL;
@@ -1776,9 +1785,6 @@ BOOST_FIXTURE_TEST_CASE(T610__negative__encrypt_decrypt_ccm, InitDebugFixture)
                ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len);
                BOOST_REQUIRE(ret == YACA_ERROR_NONE);
 
-               /* In case of AES/CBC wrong key returned INVALID_PASS
-                * Why this inconsistency?
-                */
                ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written);
                BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
 
Domain: Security / Utilities;