Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reconcile AES and DES error messages with upstream #121

Merged
merged 3 commits into from
Sep 26, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 8 additions & 2 deletions aes.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,11 +56,17 @@ func (c *aesCipher) BlockSize() int {
}

func (c *aesCipher) Encrypt(dst, src []byte) {
c.encrypt(dst, src)
if err := c.encrypt(dst, src); err != nil {
// crypto/aes expects that the panic message starts with "crypto/aes: ".
panic("crypto/aes: " + err.Error())
}
}

func (c *aesCipher) Decrypt(dst, src []byte) {
c.decrypt(dst, src)
if err := c.decrypt(dst, src); err != nil {
// crypto/aes expects that the panic message starts with "crypto/aes: ".
panic("crypto/aes: " + err.Error())
}
}

func (c *aesCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode {
Expand Down
25 changes: 25 additions & 0 deletions aes_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,31 @@ import (
"github.com/golang-fips/openssl/v2"
)

func TestAESShortBlocks(t *testing.T) {
bytes := func(n int) []byte { return make([]byte, n) }

c, _ := openssl.NewAESCipher(bytes(16))

mustPanic(t, "crypto/aes: input not full block", func() { c.Encrypt(bytes(1), bytes(1)) })
mustPanic(t, "crypto/aes: input not full block", func() { c.Decrypt(bytes(1), bytes(1)) })
mustPanic(t, "crypto/aes: input not full block", func() { c.Encrypt(bytes(100), bytes(1)) })
mustPanic(t, "crypto/aes: input not full block", func() { c.Decrypt(bytes(100), bytes(1)) })
mustPanic(t, "crypto/aes: output not full block", func() { c.Encrypt(bytes(1), bytes(100)) })
mustPanic(t, "crypto/aes: output not full block", func() { c.Decrypt(bytes(1), bytes(100)) })
}

func mustPanic(t *testing.T, msg string, f func()) {
defer func() {
err := recover()
if err == nil {
t.Errorf("function did not panic, wanted %q", msg)
} else if err != msg {
t.Errorf("got panic %v, wanted %q", err, msg)
}
}()
f()
}

func TestNewGCMNonce(t *testing.T) {
key := []byte("D249BF6DEC97B1EBD69BC4D6B3A3C49D")
ci, err := openssl.NewAESCipher(key)
Expand Down
26 changes: 14 additions & 12 deletions cipher.go
Original file line number Diff line number Diff line change
Expand Up @@ -166,57 +166,59 @@ func (c *evpCipher) finalize() {
}
}

func (c *evpCipher) encrypt(dst, src []byte) {
func (c *evpCipher) encrypt(dst, src []byte) error {
if len(src) < c.blockSize {
panic("crypto/cipher: input not full block")
return errors.New("input not full block")
}
if len(dst) < c.blockSize {
panic("crypto/cipher: output not full block")
return errors.New("output not full block")
}
// Only check for overlap between the parts of src and dst that will actually be used.
// This matches Go standard library behavior.
if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) {
panic("crypto/cipher: invalid buffer overlap")
return errors.New("invalid buffer overlap")
}
if c.enc_ctx == nil {
var err error
c.enc_ctx, err = newCipherCtx(c.kind, cipherModeECB, cipherOpEncrypt, c.key, nil)
if err != nil {
panic(err)
return err
}
}

if C.go_openssl_EVP_EncryptUpdate_wrapper(c.enc_ctx, base(dst), base(src), C.int(c.blockSize)) != 1 {
panic("crypto/cipher: EncryptUpdate failed")
return errors.New("EncryptUpdate failed")
}
runtime.KeepAlive(c)
return nil
}

func (c *evpCipher) decrypt(dst, src []byte) {
func (c *evpCipher) decrypt(dst, src []byte) error {
if len(src) < c.blockSize {
panic("crypto/cipher: input not full block")
return errors.New("input not full block")
}
if len(dst) < c.blockSize {
panic("crypto/cipher: output not full block")
return errors.New("output not full block")
}
// Only check for overlap between the parts of src and dst that will actually be used.
// This matches Go standard library behavior.
if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) {
panic("crypto/cipher: invalid buffer overlap")
return errors.New("invalid buffer overlap")
}
if c.dec_ctx == nil {
var err error
c.dec_ctx, err = newCipherCtx(c.kind, cipherModeECB, cipherOpDecrypt, c.key, nil)
if err != nil {
panic(err)
return err
}
if C.go_openssl_EVP_CIPHER_CTX_set_padding(c.dec_ctx, 0) != 1 {
panic("crypto/cipher: could not disable cipher padding")
return errors.New("could not disable cipher padding")
}
}

C.go_openssl_EVP_DecryptUpdate_wrapper(c.dec_ctx, base(dst), base(src), C.int(c.blockSize))
runtime.KeepAlive(c)
return nil
}

type cipherCBC struct {
Expand Down
10 changes: 8 additions & 2 deletions des.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,11 +75,17 @@ func (c *desCipher) BlockSize() int {
}

func (c *desCipher) Encrypt(dst, src []byte) {
c.encrypt(dst, src)
if err := c.encrypt(dst, src); err != nil {
// crypto/des expects that the panic message starts with "crypto/des: ".
panic("crypto/des: " + err.Error())
}
}

func (c *desCipher) Decrypt(dst, src []byte) {
c.decrypt(dst, src)
if err := c.decrypt(dst, src); err != nil {
// crypto/des expects that the panic message starts with "crypto/des: ".
panic("crypto/des: " + err.Error())
}
}

func (c *desCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode {
Expand Down