From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 72ECF2F664 for ; Sun, 23 Jun 2019 14:16:50 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rJUFGhMnYj-E for ; Sun, 23 Jun 2019 14:16:50 -0400 (EDT) Received: from smtp34.i.mail.ru (smtp34.i.mail.ru [94.100.177.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 34B3C2F3A1 for ; Sun, 23 Jun 2019 14:16:50 -0400 (EDT) From: Vladislav Shpilevoy Subject: [tarantool-patches] [PATCH 1/1] test: fix unit/crypto test flakiness Date: Sun, 23 Jun 2019 20:17:30 +0200 Message-Id: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-Help: List-Unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-Subscribe: List-Owner: List-post: List-Archive: To: tarantool-patches@freelists.org Cc: georgy@tarantool.org, alexander.turenko@tarantool.org One of subtests was checking if crypto_decode returns an error when fails to decode. But due to randomness of the test sometimes it happened, that initial vector of encrypted data somehow didn't lead to an error. Decryption was not correct, but only in terms of result, not in terms of decryption algorithm. -1 was not returned, and diag was not set. This patch checks all the cases. Closes #4306 --- Branch: https://github.com/tarantool/tarantool/tree/gerold103/gh-4306-flaky-unit-crypto Issue: https://github.com/tarantool/tarantool/issues/4306 [CC += Georgy] because he is an author of crypto module. [CC += Alexander] because he is an author of the issue, and revolves around tests. test/unit/crypto.c | 16 +++++++++++----- test/unit/crypto.result | 4 ++-- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/test/unit/crypto.c b/test/unit/crypto.c index fad1842f1..8dc4c7332 100644 --- a/test/unit/crypto.c +++ b/test/unit/crypto.c @@ -86,11 +86,17 @@ test_aes128_codec(void) is(rc, plain_size, "decrypt returns correct number of bytes"); is(memcmp(buffer2, plain, plain_size), 0, "and correctly decrypts data"); - - rc = crypto_codec_decrypt(c, "false iv not meaning anything", - buffer1, 16, buffer2, buffer_size); - is(rc, -1, "decrypt can fail with wrong IV"); - ok(! diag_is_empty(diag_get()), "diag error is set"); + /* + * Create a different IV to ensure it does not decrypt a + * message with the original IV. + */ + for (int i = 0; i < CRYPTO_AES_IV_SIZE; ++i) + iv[i]++; + rc = crypto_codec_decrypt(c, iv, buffer1, 16, buffer2, buffer_size); + ok(rc == -1 || rc != plain_size || memcmp(buffer1, buffer2, rc) != 0, + "decrypt can't correctly decode anything with a wrong IV"); + ok(rc != -1 || ! diag_is_empty(diag_get()), + "in case decrypt has totally failed, diag is set"); crypto_codec_gen_iv(c, iv2, sizeof(iv2)); rc = crypto_codec_encrypt(c, iv2, plain, plain_size, diff --git a/test/unit/crypto.result b/test/unit/crypto.result index d6ff327e6..6e01896b1 100644 --- a/test/unit/crypto.result +++ b/test/unit/crypto.result @@ -15,8 +15,8 @@ ok 1 - crypto checks that algo argument is correct ok 10 - decrypt also checks length and returns needed number of bytes ok 11 - decrypt returns correct number of bytes ok 12 - and correctly decrypts data - ok 13 - decrypt can fail with wrong IV - ok 14 - diag error is set + ok 13 - decrypt can't correctly decode anything with a wrong IV + ok 14 - in case decrypt has totally failed, diag is set ok 15 - encrypt with different IV and the same number of written bytes returned ok 16 - the encrypted data looks different ok 17 - decrypt works with correct but another IV -- 2.20.1 (Apple Git-117)