projects / platform / core / security / key-manager.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dcfdfe6)
Test proper GCM IV length handling 70/293270/2
authorKrzysztof Jackiewicz <k.jackiewicz@samsung.com>
Tue, 23 May 2023 06:45:16 +0000 (08:45 +0200)
committerKrzysztof Jackiewicz <k.jackiewicz@samsung.com>
Wed, 24 May 2023 10:12:52 +0000 (12:12 +0200)
GCM implementation was using only the first 12B of IV regardless of its
actual length. This modification makes the test check if the remaining
bytes of the IV are ignored.

Change-Id: I94281747bbe9363854484844fa038ae9bcd47a19

src/manager/crypto/generic-backend/crypto-params.h patch | blob | history
unit-tests/test_sw-backend.cpp patch | blob | history

diff --git a/src/manager/crypto/generic-backend/crypto-params.h b/src/manager/crypto/generic-backend/crypto-params.h
index ae23fba0e12fb143e40d37e6ed214ae6c342339d..41a44614d1be7d00be94de2af063841603071ef1 100644 (file)
--- a/src/manager/crypto/generic-backend/crypto-params.h
+++ b/src/manager/crypto/generic-backend/crypto-params.h
@@ -27,6 +27,7 @@ class Params
 {
 public:
        static const size_t DEFAULT_AES_IV_LEN = 16; // max acceptable size of IV
+       static const size_t DEFAULT_AES_GCM_IV_LEN = 12; // default size of IV in GCM mode
        static const int DEFAULT_AES_GCM_TAG_LEN_BYTES = 16; // length of AES GCM tag
        static const int DEFAULT_AES_GCM_TAG_LEN_BITS = DEFAULT_AES_GCM_TAG_LEN_BYTES * 8;
        static const int DERIVED_KEY_LENGTH = 16; // length of AES key derived from password in bytes
diff --git a/unit-tests/test_sw-backend.cpp b/unit-tests/test_sw-backend.cpp
index 19879aeb5b02fed4caebef399b2f8561cb03f412..7c6a7608e2d56ba29c52dceeadf72ea44ba08a8b 100644 (file)
--- a/unit-tests/test_sw-backend.cpp
+++ b/unit-tests/test_sw-backend.cpp
@@ -645,9 +645,17 @@ NEGATIVE_TEST_CASE(symmetricEncryptDecryptGcm)
 
        // wrong iv
        auto wrongIv = iv;
-       wrongIv[0] ^= 0x1;
+       wrongIv[iv.size() - 1] ^= 0x1;
        ca2.setParam(ParamName::ED_IV, wrongIv);
        BOOST_REQUIRE_THROW(key->decrypt(ca2, encrypted), Exc::Crypto::InputParam);
+
+       // shortened iv
+       auto shortenedIv = iv;
+       static_assert(Params::DEFAULT_AES_GCM_IV_LEN < Params::DEFAULT_AES_IV_LEN);
+       shortenedIv.resize(Params::DEFAULT_AES_GCM_IV_LEN);
+       ca2.setParam(ParamName::ED_IV, shortenedIv);
+       BOOST_REQUIRE_THROW(key->decrypt(ca2, encrypted), Exc::Crypto::InputParam);
+
        ca2.setParam(ParamName::ED_IV, iv);
 
        // wrong ciphertext
Domain: Security / Utilities;