diff options
author | Jack Lloyd <[email protected]> | 2018-06-27 15:02:03 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-06-27 15:02:03 -0400 |
commit | 59af940718918e4da5cf36c64f2129d0747f383a (patch) | |
tree | 7eba0b9ec7d8c8718e292032bb19a56c9835cdb6 /src/tests/test_ffi.cpp | |
parent | 61f0900216b6873f32a3497786cc06099b8b5e9f (diff) |
Prohibit empty nonces with GCM
This is mostly harmless but not allowed by the specification.
See for example SP800-38D section 5.2.1.1
Diffstat (limited to 'src/tests/test_ffi.cpp')
-rw-r--r-- | src/tests/test_ffi.cpp | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index b1c117dcc..9eb7847a2 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -409,8 +409,10 @@ class FFI_Unit_Tests final : public Test result.test_int_eq(tag_len, 16, "Expected GCM tag length"); TEST_FFI_RC(1, botan_cipher_valid_nonce_length, (cipher_encrypt, 12)); - // GCM accepts any nonce size... - TEST_FFI_RC(1, botan_cipher_valid_nonce_length, (cipher_encrypt, 0)); + // GCM accepts any nonce size except zero + TEST_FFI_RC(0, botan_cipher_valid_nonce_length, (cipher_encrypt, 0)); + TEST_FFI_RC(1, botan_cipher_valid_nonce_length, (cipher_encrypt, 1)); + TEST_FFI_RC(1, botan_cipher_valid_nonce_length, (cipher_encrypt, 100009)); // NIST test vector const std::vector<uint8_t> plaintext = |