From: Mark Wooding <mdw@distorted.org.uk>
Date: Tue, 30 Oct 2018 10:24:29 +0000 (+0000)
Subject: symm/modes-test.c: Test discarding output by changing encryption order.
X-Git-Tag: 2.5.0~14^2~42
X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/commitdiff_plain/6a61f346525a8eeaadf79f77435e5755a0b136ce

symm/modes-test.c: Test discarding output by changing encryption order.

Some of the code paths for discarding output are, or might become, quite
complicated, so they're worth exercising.
---

diff --git a/symm/modes-test.c b/symm/modes-test.c
index bbda53b7..b06d230a 100644
--- a/symm/modes-test.c
+++ b/symm/modes-test.c
@@ -303,7 +303,8 @@ static int step(size_t *sz_inout, size_t max)
  *
  *		  * @enc@ is called to encrypt a source buffer @s@ and write
  *		    the ciphertext to a destination @d@; @sz@ is the common
- *		    size of these buffers.
+ *		    size of these buffers.  @d@ might be null, to discard
+ *		    output; @s@ might be null, to process all-zero input.
  *
  *		  * @dec@ is called to decrypt a source buffer @s@ and write
  *		    the recovered plaintext to a destination @d@; @sz@ is the
@@ -451,15 +452,21 @@ int test_encmode(const char *name,
     sz2 = TEXTSZ - sz1 - sz0;
     ok = 1;
 
-    /* Encrypt the three fragments. */
+    /* Encrypt the last fragment first, to check discarding behaviour. */
+    if (sz2) {
+      reset(iv);
+      enc(text, 0, sz0);
+      enc(text + sz0, 0, sz1);
+      enc(text + sz0 + sz1, ct + sz0 + sz1, sz2);
+    }
+
+    /* Encrypt the first two fragments. */
     reset(iv);
     enc(text, ct, sz0);
     if (sz1) {
       memcpy(ct + sz0, text + sz0, sz1);
       enc(ct + sz0, ct + sz0, sz1);
     }
-    if (sz2)
-      enc(text + sz0 + sz1, ct + sz0 + sz1, sz2);
 
     /* Try to check consistency.  We can't do this if (a) the mode is
      * non-resumable and the fragments sizes are misaligned, or (b) this is
diff --git a/symm/modes-test.h b/symm/modes-test.h
index a53341ce..83d35dc3 100644
--- a/symm/modes-test.h
+++ b/symm/modes-test.h
@@ -105,7 +105,8 @@ typedef void encfn(const octet */*s*/, octet */*d*/, size_t /*sz*/);
  *
  *		  * @enc@ is called to encrypt a source buffer @s@ and write
  *		    the ciphertext to a destination @d@; @sz@ is the common
- *		    size of these buffers.
+ *		    size of these buffers.  @d@ might be null, to discard
+ *		    output; @s@ might be null, to process all-zero input.
  *
  *		  * @dec@ is called to decrypt a source buffer @s@ and write
  *		    the recovered plaintext to a destination @d@; @sz@ is the