OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/encryptor.h" | 5 #include "crypto/encryptor.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <memory> | 9 #include <memory> |
10 #include <string> | 10 #include <string> |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
88 } | 88 } |
89 | 89 |
90 std::string decrypted; | 90 std::string decrypted; |
91 | 91 |
92 // This wrong key causes the last padding byte to be 5, which is a valid | 92 // This wrong key causes the last padding byte to be 5, which is a valid |
93 // padding length, and the second to last padding byte to be 137, which is | 93 // padding length, and the second to last padding byte to be 137, which is |
94 // invalid. If an implementation simply uses the last padding byte to | 94 // invalid. If an implementation simply uses the last padding byte to |
95 // determine the padding length without checking every padding byte, | 95 // determine the padding length without checking every padding byte, |
96 // Encryptor::Decrypt() will still return true. This is the case for NSS | 96 // Encryptor::Decrypt() will still return true. This is the case for NSS |
97 // (crbug.com/124434). | 97 // (crbug.com/124434). |
98 #if !defined(USE_NSS_CERTS) && !defined(OS_WIN) && !defined(OS_MACOSX) | |
99 crypto::Encryptor decryptor; | 98 crypto::Encryptor decryptor; |
100 EXPECT_TRUE(decryptor.Init(wrong_key.get(), crypto::Encryptor::CBC, iv)); | 99 EXPECT_TRUE(decryptor.Init(wrong_key.get(), crypto::Encryptor::CBC, iv)); |
101 EXPECT_FALSE(decryptor.Decrypt(ciphertext, &decrypted)); | 100 EXPECT_FALSE(decryptor.Decrypt(ciphertext, &decrypted)); |
102 #endif | |
103 | 101 |
104 // This demonstrates that not all wrong keys can be detected by padding | 102 // This demonstrates that not all wrong keys can be detected by padding |
105 // error. This wrong key causes the last padding byte to be 1, which is | 103 // error. This wrong key causes the last padding byte to be 1, which is |
106 // a valid padding block of length 1. | 104 // a valid padding block of length 1. |
107 crypto::Encryptor decryptor2; | 105 crypto::Encryptor decryptor2; |
108 EXPECT_TRUE(decryptor2.Init(wrong_key2.get(), crypto::Encryptor::CBC, iv)); | 106 EXPECT_TRUE(decryptor2.Init(wrong_key2.get(), crypto::Encryptor::CBC, iv)); |
109 EXPECT_TRUE(decryptor2.Decrypt(ciphertext, &decrypted)); | 107 EXPECT_TRUE(decryptor2.Decrypt(ciphertext, &decrypted)); |
110 | 108 |
111 // This wrong key causes the last padding byte to be 253, which should be | 109 // This wrong key causes the last padding byte to be 253, which should be |
112 // rejected by all implementations. | 110 // rejected by all implementations. |
(...skipping 412 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
525 // | 523 // |
526 // Otherwise when using std::string as the other tests do, accesses several | 524 // Otherwise when using std::string as the other tests do, accesses several |
527 // bytes off the end of the buffer may fall inside the reservation of | 525 // bytes off the end of the buffer may fall inside the reservation of |
528 // the string and not be detected. | 526 // the string and not be detected. |
529 std::unique_ptr<char[]> ciphertext(new char[1]); | 527 std::unique_ptr<char[]> ciphertext(new char[1]); |
530 | 528 |
531 std::string plaintext; | 529 std::string plaintext; |
532 EXPECT_FALSE( | 530 EXPECT_FALSE( |
533 encryptor.Decrypt(base::StringPiece(ciphertext.get(), 1), &plaintext)); | 531 encryptor.Decrypt(base::StringPiece(ciphertext.get(), 1), &plaintext)); |
534 } | 532 } |
OLD | NEW |