From: Krzysztof Jackiewicz Date: Wed, 2 Dec 2020 13:55:23 +0000 (+0100) Subject: Fix wrong key decryption test X-Git-Tag: submit/tizen/20210108.104941~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=3492dc19d22e2b83149a6fd36c34d9f03bb20941;p=platform%2Fcore%2Fsecurity%2Fyaca.git Fix wrong key decryption test The test T604 fails from time to time at test_encrypt.cpp:738. The reason is that the wrong key used for decryption can generate a properly padded buffer with quite high probability (more than 1/256). Fix by adding a length check in above case. Also remove an outdated comment related to invalid decryption. Change-Id: I22f7c837dc30c605dadd5c7ba8fa6b025f3396e0 --- diff --git a/tests/test_encrypt.cpp b/tests/test_encrypt.cpp index 92565a6..810c837 100644 --- a/tests/test_encrypt.cpp +++ b/tests/test_encrypt.cpp @@ -735,7 +735,16 @@ BOOST_FIXTURE_TEST_CASE(T604__negative__encrypt_decrypt, InitDebugFixture) decrypted_len = written; ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written); - BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER); + if (ret != YACA_ERROR_INVALID_PARAMETER) { + /* + * There's a quite high (over 1/256) chance that the decryption with key2 will create + * a correctly padded buffer (e.g. last byte equal to 0x01). In such case we expect that + * the length of the decrypted buffer will not match the original one. + */ + + BOOST_REQUIRE(ret == YACA_ERROR_NONE); + BOOST_REQUIRE(decrypted_len + written != INPUT_DATA_SIZE); + } yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -1776,9 +1785,6 @@ BOOST_FIXTURE_TEST_CASE(T610__negative__encrypt_decrypt_ccm, InitDebugFixture) ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len); BOOST_REQUIRE(ret == YACA_ERROR_NONE); - /* In case of AES/CBC wrong key returned INVALID_PASS - * Why this inconsistency? - */ ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written); BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);