1 // Copyright 2017 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package crypto 6 7 import ( 8 "crypto/aes" 9 "crypto/cipher" 10 "crypto/rc4" 11 "testing" 12 ) 13 14 func TestRC4OutOfBoundsWrite(t *testing.T) { 15 // This cipherText is encrypted "0123456789" 16 cipherText := []byte{238, 41, 187, 114, 151, 2, 107, 13, 178, 63} 17 cipher, err := rc4.NewCipher([]byte{0}) 18 if err != nil { 19 panic(err) 20 } 21 test(t, "RC4", cipherText, cipher.XORKeyStream) 22 } 23 func TestCTROutOfBoundsWrite(t *testing.T) { 24 testBlock(t, "CTR", cipher.NewCTR) 25 } 26 func TestOFBOutOfBoundsWrite(t *testing.T) { 27 testBlock(t, "OFB", cipher.NewOFB) 28 } 29 func TestCFBEncryptOutOfBoundsWrite(t *testing.T) { 30 testBlock(t, "CFB Encrypt", cipher.NewCFBEncrypter) 31 } 32 func TestCFBDecryptOutOfBoundsWrite(t *testing.T) { 33 testBlock(t, "CFB Decrypt", cipher.NewCFBDecrypter) 34 } 35 func testBlock(t *testing.T, name string, newCipher func(cipher.Block, []byte) cipher.Stream) { 36 // This cipherText is encrypted "0123456789" 37 cipherText := []byte{86, 216, 121, 231, 219, 191, 26, 12, 176, 117} 38 var iv, key [16]byte 39 block, err := aes.NewCipher(key[:]) 40 if err != nil { 41 panic(err) 42 } 43 stream := newCipher(block, iv[:]) 44 test(t, name, cipherText, stream.XORKeyStream) 45 } 46 func test(t *testing.T, name string, cipherText []byte, xor func([]byte, []byte)) { 47 want := "abcdefghij" 48 plainText := []byte(want) 49 shorterLen := len(cipherText) / 2 50 defer func() { 51 err := recover() 52 if err == nil { 53 t.Errorf("%v XORKeyStream expected to panic on len(dst) < len(src), but didn't", name) 54 } 55 const plain = "0123456789" 56 if plainText[shorterLen] == plain[shorterLen] { 57 t.Errorf("%v XORKeyStream did out of bounds write, want %v, got %v", name, want, string(plainText)) 58 } 59 }() 60 xor(plainText[:shorterLen], cipherText) 61 } 62