1// Copyright 2017 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5package crypto 6 7import ( 8 "crypto/aes" 9 "crypto/cipher" 10 "crypto/rc4" 11 "testing" 12) 13 14func TestRC4OutOfBoundsWrite(t *testing.T) { 15 // This cipherText is encrypted "0123456789" 16 cipherText := []byte{238, 41, 187, 114, 151, 2, 107, 13, 178, 63} 17 cipher, err := rc4.NewCipher([]byte{0}) 18 if err != nil { 19 panic(err) 20 } 21 test(t, "RC4", cipherText, cipher.XORKeyStream) 22} 23func TestCTROutOfBoundsWrite(t *testing.T) { 24 testBlock(t, "CTR", cipher.NewCTR) 25} 26func TestOFBOutOfBoundsWrite(t *testing.T) { 27 testBlock(t, "OFB", cipher.NewOFB) 28} 29func TestCFBEncryptOutOfBoundsWrite(t *testing.T) { 30 testBlock(t, "CFB Encrypt", cipher.NewCFBEncrypter) 31} 32func TestCFBDecryptOutOfBoundsWrite(t *testing.T) { 33 testBlock(t, "CFB Decrypt", cipher.NewCFBDecrypter) 34} 35func testBlock(t *testing.T, name string, newCipher func(cipher.Block, []byte) cipher.Stream) { 36 // This cipherText is encrypted "0123456789" 37 cipherText := []byte{86, 216, 121, 231, 219, 191, 26, 12, 176, 117} 38 var iv, key [16]byte 39 block, err := aes.NewCipher(key[:]) 40 if err != nil { 41 panic(err) 42 } 43 stream := newCipher(block, iv[:]) 44 test(t, name, cipherText, stream.XORKeyStream) 45} 46func test(t *testing.T, name string, cipherText []byte, xor func([]byte, []byte)) { 47 want := "abcdefghij" 48 plainText := []byte(want) 49 shorterLen := len(cipherText) / 2 50 defer func() { 51 err := recover() 52 if err == nil { 53 t.Errorf("%v XORKeyStream expected to panic on len(dst) < len(src), but didn't", name) 54 } 55 const plain = "0123456789" 56 if plainText[shorterLen] == plain[shorterLen] { 57 t.Errorf("%v XORKeyStream did out of bounds write, want %v, got %v", name, want, string(plainText)) 58 } 59 }() 60 xor(plainText[:shorterLen], cipherText) 61} 62