mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-25 00:52:02 +00:00
Fixed argument checks and updated tests accordingly
This commit is contained in:
parent
ac670d6868
commit
f0d5ade1c1
@ -315,15 +315,14 @@ private:
|
||||
|
||||
if constexpr (mode != CipherMode::MySQLCompatibility)
|
||||
{
|
||||
// in GCM mode IV can be of arbitrary size (>0).
|
||||
if ((mode == CipherMode::RFC5116_AEAD_AES_GCM && iv_value.size == 0)
|
||||
|| (mode != CipherMode::RFC5116_AEAD_AES_GCM && iv_value.size != iv_size))
|
||||
// in GCM mode IV can be of arbitrary size (>0), IV is optional for other modes.
|
||||
if (mode == CipherMode::RFC5116_AEAD_AES_GCM && iv_value.size == 0)
|
||||
{
|
||||
throw Exception("Invalid IV size " + std::to_string(iv_value.size) + " != expected size " + std::to_string(iv_size),
|
||||
DB::ErrorCodes::BAD_ARGUMENTS);
|
||||
}
|
||||
|
||||
if (key_value.size != key_size)
|
||||
if (mode != CipherMode::RFC5116_AEAD_AES_GCM && key_value.size != key_size)
|
||||
{
|
||||
throw Exception("Invalid key size " + std::to_string(key_value.size) + " != expected size " + std::to_string(key_size),
|
||||
DB::ErrorCodes::BAD_ARGUMENTS);
|
||||
@ -591,6 +590,22 @@ private:
|
||||
input_value.size -= tag_size;
|
||||
}
|
||||
|
||||
if constexpr (mode != CipherMode::MySQLCompatibility)
|
||||
{
|
||||
// in GCM mode IV can be of arbitrary size (>0), for other modes IV is optional.
|
||||
if (mode == CipherMode::RFC5116_AEAD_AES_GCM && iv_value.size == 0)
|
||||
{
|
||||
throw Exception("Invalid IV size " + std::to_string(iv_value.size) + " != expected size " + std::to_string(iv_size),
|
||||
DB::ErrorCodes::BAD_ARGUMENTS);
|
||||
}
|
||||
|
||||
if (key_value.size != key_size)
|
||||
{
|
||||
throw Exception("Invalid key size " + std::to_string(key_value.size) + " != expected size " + std::to_string(key_size),
|
||||
DB::ErrorCodes::BAD_ARGUMENTS);
|
||||
}
|
||||
}
|
||||
|
||||
// Avoid extra work on empty ciphertext/plaintext for some ciphers
|
||||
if (!(input_value.size == 0 && block_size == 1 && mode != CipherMode::RFC5116_AEAD_AES_GCM))
|
||||
{
|
||||
|
@ -276,7 +276,7 @@ def invalid_key_or_iv_length_for_gcm(self, mode, key_len, iv_len, aad):
|
||||
else:
|
||||
with When("iv is not specified"):
|
||||
ciphertext = "unhex('1CD4EC93A4B0C687926E8F8C2AA3B4CE1943D006DAE3A774CB1AE5')"
|
||||
decrypt(ciphertext=ciphertext, key=f"'{key[:key_len]}'", mode=mode, exitcode=198, message="DB::Exception: Failed to set custom IV length to 0")
|
||||
decrypt(ciphertext=ciphertext, key=f"'{key[:key_len]}'", mode=mode, exitcode=36, message="DB::Exception: Invalid IV size 0 != expected size 12")
|
||||
|
||||
@TestScenario
|
||||
@Requirements(
|
||||
|
Loading…
Reference in New Issue
Block a user