projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
GCM cipher in provider now fails if passed bad keylength
[openssl.git] / test / aesgcmtest.c
diff --git a/test/aesgcmtest.c b/test/aesgcmtest.c
index c616438b0051c7f380dd0b315dab17605713a8a0..a13e9b856cc932ded003049656dcefa33dc59be5 100644 (file)
--- a/test/aesgcmtest.c
+++ b/test/aesgcmtest.c
@@ -100,6 +100,20 @@ static int kat_test(void)
            && do_decrypt(gcm_iv, ct, ctlen, tag, taglen);
 }
 
+static int badkeylen_test(void)
+{
+    int ret;
+    EVP_CIPHER_CTX *ctx = NULL;
+    const EVP_CIPHER *cipher;
+
+    ret = TEST_ptr(cipher = EVP_aes_192_gcm())
+          && TEST_ptr(ctx = EVP_CIPHER_CTX_new())
+          && TEST_true(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL))
+          && TEST_false(EVP_CIPHER_CTX_set_key_length(ctx, 2));
+    EVP_CIPHER_CTX_free(ctx);
+    return ret;
+}
+
 #ifdef FIPS_MODE
 static int ivgen_test(void)
 {
@@ -116,6 +130,7 @@ static int ivgen_test(void)
 int setup_tests(void)
 {
     ADD_TEST(kat_test);
+    ADD_TEST(badkeylen_test);
 #ifdef FIPS_MODE
     ADD_TEST(ivgen_test);
 #endif /* FIPS_MODE */
Unnamed repository; edit this file 'description' to name the repository.