Use C_Encrypt Instead of C_EncryptUpdate in DecryptUpdateErrors Test Case

[ondergormez]

According to the latest PKCS#11 Standard;

After calling C_EncryptInit, the application can either call C_Encrypt to encrypt data in a single part; or call C_EncryptUpdate zero or more times, followed by C_EncryptFinal, to encrypt data in multiple parts. The encryption operation is active until the application uses a call to C_Encrypt or C_EncryptFinal to actually obtain the final piece of ciphertext.

In the implementation on SoftHSMv2 C_EncryptUpdate call doesn't finish the encryption operation. So C_EncryptFinal must be called for a further cryptographic operation.

Instead of this, the C_Encrypt method can be used in the DecryptUpdateErrors test case. And this solves the problem.

[daviddrysdale]

The EncryptUpdateErrors test case checks error behaviour for the C_EncryptUpdate operation. PKCS#11 states (in both v2.2 and v2.4):

A call to C_EncryptUpdate which results in an error other than CKR_BUFFER_TOO_SMALL terminates the current encryption operation.

So the EncryptUpdateErrors case looks OK to me.

[daviddrysdale]

Ah, looking at the pull request I think you maybe meant the DecryptUpdateErrors test case, not the EncryptUpdateErrors case?

[ondergormez]

This is my fault :)
This should be related with the DecryptUpdateErrors test case

[ondergormez]

I changed the pull request with the correct one.

40

[daviddrysdale]

Thanks for the fix – well spotted.

[ondergormez]

You are welcome