AES-XTS Enc Dec test on rand incremental length inputs #2795
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
crypto/fipsmodule/modes/xts_test.cc
Outdated
|
|
||
| SCOPED_TRACE(plaintext.size()); | ||
|
|
||
| int len; |
There was a problem hiding this comment.
warning: variable 'len' is not initialized [cppcoreguidelines-init-variables]
| int len; | |
| int len = 0; |
crypto/fipsmodule/modes/xts_test.cc
Outdated
| SCOPED_TRACE(plaintext.size()); | ||
|
|
||
| int len; | ||
| uint8_t *in_p, *out_p; |
There was a problem hiding this comment.
warning: variable 'in_p' is not initialized [cppcoreguidelines-init-variables]
| uint8_t *in_p, *out_p; | |
| uint8_t *in_p = nullptr, *out_p; |
crypto/fipsmodule/modes/xts_test.cc
Outdated
| SCOPED_TRACE(plaintext.size()); | ||
|
|
||
| int len; | ||
| uint8_t *in_p, *out_p; |
There was a problem hiding this comment.
warning: variable 'out_p' is not initialized [cppcoreguidelines-init-variables]
| uint8_t *in_p, *out_p; | |
| uint8_t *in_p, *out_p = nullptr; |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #2795 +/- ##
==========================================
+ Coverage 78.24% 78.25% +0.01%
==========================================
Files 683 683
Lines 117187 117237 +50
Branches 16476 16483 +7
==========================================
+ Hits 91694 91747 +53
+ Misses 24609 24606 -3
Partials 884 884 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
nebeid
left a comment
nebeid
left a comment
There was a problem hiding this comment.
Looks good. Thank you @manastasova.
crypto/fipsmodule/modes/xts_test.cc
Outdated
| iv.data())); | ||
| ASSERT_TRUE( | ||
| EVP_EncryptUpdate(ctx.get(), out_p, &len, in_p, plaintext.size())); | ||
| OPENSSL_memcpy(ciphertext.data(), out_p, plaintext.size()); |
There was a problem hiding this comment.
Is this line, and more so ciphertext, used?
There was a problem hiding this comment.
Indeed, not used. Thanks, Nevine. Updated.
crypto/fipsmodule/modes/xts_test.cc
Outdated
| #endif | ||
| } | ||
|
|
||
| TEST(XTSTest, EncryptDecyptRand) { |
There was a problem hiding this comment.
| TEST(XTSTest, EncryptDecyptRand) { | |
| TEST(XTSTest, EncryptDecryptRand) { |
manastasova
changed the title
|
|
||
| // Test encryption. | ||
|
|
||
| OPENSSL_memcpy(in_p, plaintext.data(), plaintext.size()); |
There was a problem hiding this comment.
warning: Use of memory after it is freed [clang-analyzer-cplusplus.NewDelete]
OPENSSL_memcpy(in_p, plaintext.data(), plaintext.size());
^There was a problem hiding this comment.
Not sure why this warning appears. in_p is used as the input message for the encryption function later on.
4 participants
Add incremental length random input message tests for AES-XTS encryption/decryption
Issues:
N/A
Description of changes:
AWS-LC's current AES-XTS tests use fixed-size test vectors but do not systematically verify that encryption and decryption work correctly across different message lengths.
This PR adds a new test that generates random inputs of incremental lengths and verify that
encrypt(decrypt(input)) == inputfor each length. This ensures that AES-XTS correctly handles messages of varying sizes, particularly:The tests also add explicit length equality checks between plaintext and ciphertext to catch potential length-related bugs early.
Call-outs:
The test provides better confidence in correctness across different input sizes.
Testing:
./crypto/crypto_test --gtest_filter=XTSTest.EncryptDecryptRand.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.