|
1 From f0377a2851f13eda1993fd92d3f55d23884bdb83 Mon Sep 17 00:00:00 2001 |
|
2 From: Michael Munday <[email protected]> |
|
3 Date: Thu, 13 Oct 2016 17:08:54 -0400 |
|
4 Subject: [PATCH 24/38] [release-branch.go1.7] crypto/{aes,cipher}: fix panic |
|
5 in CBC on s390x when src length is 0 |
|
6 |
|
7 Adds a test to check that block cipher modes accept a zero-length |
|
8 input. |
|
9 |
|
10 Fixes #17435. |
|
11 |
|
12 Change-Id: Ie093c4cdff756b5c2dcb79342e167b3de5622389 |
|
13 Reviewed-on: https://go-review.googlesource.com/31070 |
|
14 Run-TryBot: Michael Munday <[email protected]> |
|
15 TryBot-Result: Gobot Gobot <[email protected]> |
|
16 Reviewed-by: Brad Fitzpatrick <[email protected]> |
|
17 Reviewed-on: https://go-review.googlesource.com/31291 |
|
18 Reviewed-by: Michael Munday <[email protected]> |
|
19 Run-TryBot: Chris Broadfoot <[email protected]> |
|
20 --- |
|
21 src/crypto/aes/cbc_s390x.go | 4 ++- |
|
22 src/crypto/cipher/cipher_test.go | 54 ++++++++++++++++++++++++++++++++++++++++ |
|
23 2 files changed, 57 insertions(+), 1 deletion(-) |
|
24 |
|
25 diff --git a/src/crypto/aes/cbc_s390x.go b/src/crypto/aes/cbc_s390x.go |
|
26 index 427b30b..739e1fe 100644 |
|
27 --- a/src/crypto/aes/cbc_s390x.go |
|
28 +++ b/src/crypto/aes/cbc_s390x.go |
|
29 @@ -48,7 +48,9 @@ func (x *cbc) CryptBlocks(dst, src []byte) { |
|
30 if len(dst) < len(src) { |
|
31 panic("crypto/cipher: output smaller than input") |
|
32 } |
|
33 - cryptBlocksChain(x.c, &x.iv[0], &x.b.key[0], &dst[0], &src[0], len(src)) |
|
34 + if len(src) > 0 { |
|
35 + cryptBlocksChain(x.c, &x.iv[0], &x.b.key[0], &dst[0], &src[0], len(src)) |
|
36 + } |
|
37 } |
|
38 |
|
39 func (x *cbc) SetIV(iv []byte) { |
|
40 diff --git a/src/crypto/cipher/cipher_test.go b/src/crypto/cipher/cipher_test.go |
|
41 index 1faa7b8..4d7cd6b 100644 |
|
42 --- a/src/crypto/cipher/cipher_test.go |
|
43 +++ b/src/crypto/cipher/cipher_test.go |
|
44 @@ -5,8 +5,10 @@ |
|
45 package cipher_test |
|
46 |
|
47 import ( |
|
48 + "bytes" |
|
49 "crypto/aes" |
|
50 "crypto/cipher" |
|
51 + "crypto/des" |
|
52 "testing" |
|
53 ) |
|
54 |
|
55 @@ -34,3 +36,55 @@ func mustPanic(t *testing.T, msg string, f func()) { |
|
56 }() |
|
57 f() |
|
58 } |
|
59 + |
|
60 +func TestEmptyPlaintext(t *testing.T) { |
|
61 + var key [16]byte |
|
62 + a, err := aes.NewCipher(key[:16]) |
|
63 + if err != nil { |
|
64 + t.Fatal(err) |
|
65 + } |
|
66 + d, err := des.NewCipher(key[:8]) |
|
67 + if err != nil { |
|
68 + t.Fatal(err) |
|
69 + } |
|
70 + |
|
71 + s := 16 |
|
72 + pt := make([]byte, s) |
|
73 + ct := make([]byte, s) |
|
74 + for i := 0; i < 16; i++ { |
|
75 + pt[i], ct[i] = byte(i), byte(i) |
|
76 + } |
|
77 + |
|
78 + assertEqual := func(name string, got, want []byte) { |
|
79 + if !bytes.Equal(got, want) { |
|
80 + t.Fatalf("%s: got %v, want %v", name, got, want) |
|
81 + } |
|
82 + } |
|
83 + |
|
84 + for _, b := range []cipher.Block{a, d} { |
|
85 + iv := make([]byte, b.BlockSize()) |
|
86 + cbce := cipher.NewCBCEncrypter(b, iv) |
|
87 + cbce.CryptBlocks(ct, pt[:0]) |
|
88 + assertEqual("CBC encrypt", ct, pt) |
|
89 + |
|
90 + cbcd := cipher.NewCBCDecrypter(b, iv) |
|
91 + cbcd.CryptBlocks(ct, pt[:0]) |
|
92 + assertEqual("CBC decrypt", ct, pt) |
|
93 + |
|
94 + cfbe := cipher.NewCFBEncrypter(b, iv) |
|
95 + cfbe.XORKeyStream(ct, pt[:0]) |
|
96 + assertEqual("CFB encrypt", ct, pt) |
|
97 + |
|
98 + cfbd := cipher.NewCFBDecrypter(b, iv) |
|
99 + cfbd.XORKeyStream(ct, pt[:0]) |
|
100 + assertEqual("CFB decrypt", ct, pt) |
|
101 + |
|
102 + ctr := cipher.NewCTR(b, iv) |
|
103 + ctr.XORKeyStream(ct, pt[:0]) |
|
104 + assertEqual("CTR", ct, pt) |
|
105 + |
|
106 + ofb := cipher.NewOFB(b, iv) |
|
107 + ofb.XORKeyStream(ct, pt[:0]) |
|
108 + assertEqual("OFB", ct, pt) |
|
109 + } |
|
110 +} |
|
111 -- |
|
112 2.7.4 |
|
113 |