aboutsummaryrefslogtreecommitdiff
path: root/internal/stupidgcm/common_test.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-09-07 17:47:48 +0200
committerJakob Unterwurzacher2021-09-07 18:15:04 +0200
commit3a80db953da93c741ad391ae124121459c1046b0 (patch)
treee8502cde88ac0bf0b2236a4c7da785d8be26089d /internal/stupidgcm/common_test.go
parent738d5a2b3a001318064be649d683684630eff4c2 (diff)
stupidgcm: allow zero-length input data
We used to panic in this case because it is useless. But Go stdlib supports it, so we should as well.
Diffstat (limited to 'internal/stupidgcm/common_test.go')
-rw-r--r--internal/stupidgcm/common_test.go40
1 files changed, 34 insertions, 6 deletions
diff --git a/internal/stupidgcm/common_test.go b/internal/stupidgcm/common_test.go
index 519efb0..10a7ce1 100644
--- a/internal/stupidgcm/common_test.go
+++ b/internal/stupidgcm/common_test.go
@@ -19,6 +19,8 @@ func testCiphers(t *testing.T, our cipher.AEAD, ref cipher.AEAD) {
t.Run("testCorruption_c1", func(t *testing.T) { testCorruption(t, our) })
t.Run("testCorruption_c2", func(t *testing.T) { testCorruption(t, ref) })
t.Run("testConcurrency", func(t *testing.T) { testConcurrency(t, our, ref) })
+ t.Run("testOpenAllZero_our", func(t *testing.T) { testOpenAllZero(t, our) })
+ t.Run("testOpenAllZero_ref", func(t *testing.T) { testOpenAllZero(t, ref) })
t.Run("testWipe", func(t *testing.T) { testWipe(t, our) })
}
@@ -37,9 +39,13 @@ func testEncryptDecrypt(t *testing.T, c1 cipher.AEAD, c2 cipher.AEAD) {
dst := make([]byte, 71) // 71 = arbitrary length
- // Check all block sizes from 1 to 5000
- for i := 1; i < 5000; i++ {
- in := make([]byte, i)
+ // Check all block sizes from nil to 0 to 5000
+ for i := -1; i < 5000; i++ {
+ // stays nil at i == -1
+ var in []byte
+ if i >= 0 {
+ in = make([]byte, i)
+ }
c1out := c1.Seal(dst, iv, in, authData)
c2out := c2.Seal(dst, iv, in, authData)
@@ -79,8 +85,8 @@ func testConcurrency(t *testing.T, c1 cipher.AEAD, c2 cipher.AEAD) {
for i := 0; i < goroutineCount; i++ {
wg.Add(1)
go func() {
+ defer wg.Done()
testEncryptDecrypt(t, c1, c2)
- wg.Done()
}()
wg.Wait()
}
@@ -96,8 +102,9 @@ func testInplaceSeal(t *testing.T, c1 cipher.AEAD, c2 cipher.AEAD) {
iv := randBytes(c1.NonceSize())
max := 5016
- // Check all block sizes from 1 to 5000
- for i := 1; i < max-16; i++ {
+
+ // Check all block sizes from 0 to 5000
+ for i := 0; i < max-16; i++ {
in := make([]byte, i)
dst := make([]byte, max-i)
dst = dst[:16]
@@ -185,6 +192,27 @@ func testCorruption(t *testing.T, c cipher.AEAD) {
}
}
+// testOpenAllZero tests that we do not crash for nil or any block size of zeros
+func testOpenAllZero(t *testing.T, c cipher.AEAD) {
+ authData := make([]byte, 24)
+ iv := make([]byte, c.NonceSize())
+
+ for i := -1; i < 5000; i++ {
+ // stays nil at i == -1
+ var cipher []byte
+ if i >= 0 {
+ cipher = make([]byte, i)
+ }
+ plain, err := c.Open(nil, iv, cipher, authData)
+ if err == nil {
+ t.Error("should have gotten error, but did not")
+ }
+ if len(plain) > 0 {
+ t.Errorf("should not have received data, but got %d bytes", len(plain))
+ }
+ }
+}
+
func testWipe(t *testing.T, c cipher.AEAD) {
switch c2 := c.(type) {
case *StupidGCM: