Handle malformed encrypted requests without panics

Signed-off-by: Sean Du <do4suki@gmail.com>
This commit is contained in:
2026-07-13 08:03:18 +08:00
parent aebbc4b889
commit b1dfc68a0f
7 changed files with 135 additions and 91 deletions
+36
View File
@@ -0,0 +1,36 @@
package encrypt
import (
"bytes"
"testing"
)
func TestAESCBCDecryptRoundTrip(t *testing.T) {
key := []byte("1234567890abcdef")
plainText := []byte("login payload")
cipherText, err := AESCBCEncrypt(plainText, key)
if err != nil {
t.Fatalf("encrypt: %v", err)
}
decrypted, err := AESCBCDecrypt(cipherText, key)
if err != nil {
t.Fatalf("decrypt: %v", err)
}
if !bytes.Equal(decrypted, plainText) {
t.Fatalf("decrypted plaintext = %q, want %q", decrypted, plainText)
}
}
func TestAESCBCDecryptRejectsMalformedCiphertext(t *testing.T) {
key := []byte("1234567890abcdef")
for _, cipherText := range [][]byte{nil, make([]byte, 15)} {
if _, err := AESCBCDecrypt(cipherText, key); err == nil {
t.Fatalf("AESCBCDecrypt(%d bytes) succeeded", len(cipherText))
}
}
if _, err := unPadding([]byte{1, 2, 3, 2}); err == nil {
t.Fatal("unPadding accepted invalid padding")
}
}