Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix all remaining System.Security.Cryptography.Algorithms test suite crashes. #48432

Merged
2 commits merged into from
Feb 18, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -360,13 +360,19 @@ int32_t CryptoNative_EvpCipherSetGcmTag(CipherCtx* ctx, uint8_t* tag, int32_t ta
if (!ctx)
return FAIL;

if (!tag)
return FAIL;

assert(tagLength <= TAG_MAX_LENGTH);

// Tag is provided using regular "cipher.update(tag)"
int32_t outl = 0;
uint8_t outd[1];
CryptoNative_EvpCipherUpdate(ctx, outd, &outl, tag, tagLength);
return SUCCESS;
JNIEnv* env = GetJNIEnv();
jbyteArray inDataBytes = (*env)->NewByteArray(env, tagLength);
(*env)->SetByteArrayRegion(env, inDataBytes, 0, tagLength, (jbyte*)tag);
jbyteArray outDataBytes = (jbyteArray)(*env)->CallObjectMethod(env, ctx->cipher, g_cipherUpdateMethod, inDataBytes);
jkoritzinsky marked this conversation as resolved.
Show resolved Hide resolved
(*env)->DeleteLocalRef(env, outDataBytes);
jkoritzinsky marked this conversation as resolved.
Show resolved Hide resolved
(*env)->DeleteLocalRef(env, inDataBytes);
return CheckJNIExceptions(env) ? FAIL : SUCCESS;
}

int32_t CryptoNative_EvpCipherSetCcmTag(CipherCtx* ctx, uint8_t* tag, int32_t tagLength)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -164,10 +164,13 @@ jclass g_TrustManager;

jobject ToGRef(JNIEnv *env, jobject lref)
{
assert(lref && "object shouldn't be null");
jobject gref = (*env)->NewGlobalRef(env, lref);
(*env)->DeleteLocalRef(env, lref);
return gref;
if (lref)
{
jobject gref = (*env)->NewGlobalRef(env, lref);
(*env)->DeleteLocalRef(env, lref);
return gref;
}
return lref;
}

jobject AddGRef(JNIEnv *env, jobject gref)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ PALEXPORT int32_t CryptoNative_RsaPublicEncrypt(int32_t flen, uint8_t* from, uin
PALEXPORT int32_t CryptoNative_RsaPrivateDecrypt(int32_t flen, uint8_t* from, uint8_t* to, RSA* rsa, RsaPadding padding)
{
if (!rsa)
return FAIL;
return RSA_FAIL;

JNIEnv* env = GetJNIEnv();

Expand All @@ -97,6 +97,15 @@ PALEXPORT int32_t CryptoNative_RsaPrivateDecrypt(int32_t flen, uint8_t* from, ui
jbyteArray fromBytes = (*env)->NewByteArray(env, flen);
(*env)->SetByteArrayRegion(env, fromBytes, 0, flen, (jbyte*)from);
jbyteArray decryptedBytes = (jbyteArray)(*env)->CallObjectMethod(env, cipher, g_cipherDoFinal2Method, fromBytes);

if (CheckJNIExceptions(env))
{
(*env)->DeleteLocalRef(env, cipher);
(*env)->DeleteLocalRef(env, fromBytes);
(*env)->DeleteLocalRef(env, algName);
return RSA_FAIL;
}

jsize decryptedBytesLen = (*env)->GetArrayLength(env, decryptedBytes);
(*env)->GetByteArrayRegion(env, decryptedBytes, 0, decryptedBytesLen, (jbyte*) to);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ private void DecryptInternal(

if (plaintextBytesWritten != plaintext.Length)
{
Debug.Fail($"GCM decrypt wrote {plaintextBytesWritten} of {plaintext.Length} bytes.");
// Debug.Fail($"GCM decrypt wrote {plaintextBytesWritten} of {plaintext.Length} bytes.");
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll work on trying to isolate and fix this issue, but in the meantime this is the easiest way to keep this Debug.Fail method from taking down the test process.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unlike ECB and CBC, GCM produces one byte of output for one byte of input. Goodness isn't happening if this assert fails (and tests seemingly shouldn't be passing, unless they got the data from elsewhere having depended on this assert)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this is needed, please don't merge without creating an issue to put it back.

Copy link
Member Author

@jkoritzinsky jkoritzinsky Feb 18, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh the tests aren’t passing. But this commented out assert allows them to run and fail and have XUnit record the issue.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They fail from the exception that immediately follows this assert.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tracking issue for re-enabling the assert is here: #48471

throw new CryptographicException();
}
}
Expand Down