summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-05-11 03:17:44 +0000
committerwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-05-11 03:17:44 +0000
commit4eac15eaf7aae48e6147dbb87eb1bbd91ded4b12 (patch)
treeb4db7052daac0aab13c14d5bb33f83a5160541df /crypto
parent73bbc7729363694d2e7ccdd3e00b2d17bee6b689 (diff)
downloadchromium_src-4eac15eaf7aae48e6147dbb87eb1bbd91ded4b12.zip
chromium_src-4eac15eaf7aae48e6147dbb87eb1bbd91ded4b12.tar.gz
chromium_src-4eac15eaf7aae48e6147dbb87eb1bbd91ded4b12.tar.bz2
Add a wrong key that should be detected by all implementations.
R=rsleevi@chromium.org BUG=127586 TEST=EncryptorTest.DecryptWrongKey Review URL: https://chromiumcodereview.appspot.com/10378095 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@136493 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto')
-rw-r--r--crypto/encryptor_unittest.cc29
1 files changed, 24 insertions, 5 deletions
diff --git a/crypto/encryptor_unittest.cc b/crypto/encryptor_unittest.cc
index ac60672..ac78b96 100644
--- a/crypto/encryptor_unittest.cc
+++ b/crypto/encryptor_unittest.cc
@@ -41,18 +41,26 @@ TEST(EncryptorTest, DecryptWrongKey) {
crypto::SymmetricKey::AES, "password", "saltiest", 1000, 256));
EXPECT_TRUE(NULL != key.get());
+ // A wrong key that can be detected by implementations that validate every
+ // byte in the padding.
scoped_ptr<crypto::SymmetricKey> wrong_key(
crypto::SymmetricKey::DeriveKeyFromPassword(
crypto::SymmetricKey::AES, "wrongword", "sweetest", 1000, 256));
EXPECT_TRUE(NULL != wrong_key.get());
- // A wrong key that can't be detected by padding error. The password
+ // A wrong key that can't be detected by any implementation. The password
// "wrongword;" would also work.
scoped_ptr<crypto::SymmetricKey> wrong_key2(
crypto::SymmetricKey::DeriveKeyFromPassword(
crypto::SymmetricKey::AES, "wrongword+", "sweetest", 1000, 256));
EXPECT_TRUE(NULL != wrong_key2.get());
+ // A wrong key that can be detected by all implementations.
+ scoped_ptr<crypto::SymmetricKey> wrong_key3(
+ crypto::SymmetricKey::DeriveKeyFromPassword(
+ crypto::SymmetricKey::AES, "wrongwordx", "sweetest", 1000, 256));
+ EXPECT_TRUE(NULL != wrong_key3.get());
+
crypto::Encryptor encryptor;
// The IV must be exactly as long as the cipher block size.
std::string iv("the iv: 16 bytes");
@@ -76,12 +84,17 @@ TEST(EncryptorTest, DecryptWrongKey) {
static_cast<unsigned char>(ciphertext[i]));
}
- crypto::Encryptor decryptor;
- EXPECT_TRUE(decryptor.Init(wrong_key.get(), crypto::Encryptor::CBC, iv));
std::string decypted;
- // TODO(wtc): On Linux, Encryptor::Decrypt() doesn't always return false when
- // wrong key is provided. See crbug.com/124434. Remove #if when bug is fixed.
+
+ // This wrong key causes the last padding byte to be 5, which is a valid
+ // padding length, and the second to last padding byte to be 137, which is
+ // invalid. If an implementation simply uses the last padding byte to
+ // determine the padding length without checking every padding byte,
+ // Encryptor::Decrypt() will still return true. This is the case for NSS
+ // (crbug.com/124434) and Mac OS X 10.7 (crbug.com/127586).
#if !defined(USE_NSS)
+ crypto::Encryptor decryptor;
+ EXPECT_TRUE(decryptor.Init(wrong_key.get(), crypto::Encryptor::CBC, iv));
EXPECT_FALSE(decryptor.Decrypt(ciphertext, &decypted));
#endif
@@ -91,6 +104,12 @@ TEST(EncryptorTest, DecryptWrongKey) {
crypto::Encryptor decryptor2;
EXPECT_TRUE(decryptor2.Init(wrong_key2.get(), crypto::Encryptor::CBC, iv));
EXPECT_TRUE(decryptor2.Decrypt(ciphertext, &decypted));
+
+ // This wrong key causes the last padding byte to be 253, which should be
+ // rejected by all implementations.
+ crypto::Encryptor decryptor3;
+ EXPECT_TRUE(decryptor3.Init(wrong_key3.get(), crypto::Encryptor::CBC, iv));
+ EXPECT_FALSE(decryptor3.Decrypt(ciphertext, &decypted));
}
// CTR mode encryption is only implemented using NSS.