EncryptDecryptInitInvalid test uses invalid instead of valid mechanism

Hlipa commented 2 years ago

On Solaris PKCS11 implementation EncryptDecryptInitInvalid fails because C_EncryptInit/C_DecryptInit CKR_KEY_HANDLE_INVALID test also passes invalid mechanism. Solaris validates mechanism before key.

See diff:

diff --git a/cipher.cc b/cipher.cc
index 42302a9..cee4a11 100644
--- a/cipher.cc
+++ b/cipher.cc
@@ -233,9 +233,9 @@ TEST_P(SecretKeyTest, EncryptDecryptInitInvalid) {
              g_fns->C_DecryptInit(INVALID_SESSION_HANDLE, &mechanism_, key_.handle()));

   EXPECT_CKR(CKR_KEY_HANDLE_INVALID,
-             g_fns->C_EncryptInit(session_, &mechanism, INVALID_OBJECT_HANDLE));
+             g_fns->C_EncryptInit(session_, &mechanism_, INVALID_OBJECT_HANDLE));
   EXPECT_CKR(CKR_KEY_HANDLE_INVALID,
-             g_fns->C_DecryptInit(session_, &mechanism, INVALID_OBJECT_HANDLE));
+             g_fns->C_DecryptInit(session_, &mechanism_, INVALID_OBJECT_HANDLE));

   CK_RV rv;
   rv = g_fns->C_EncryptInit(session_, NULL_PTR, key_.handle());

daviddrysdale commented 2 years ago

Thanks for spotting – could you convert to a pull request?

daviddrysdale commented 2 years ago

Fixed by #62 – thanks!

bharsaklemukesh975 commented 1 year ago

Hello @daviddrysdale, I think the issue needs to mark as closed. Thank you!

daviddrysdale commented 1 year ago

True, thanks for spotting.

google / pkcs11test

EncryptDecryptInitInvalid test uses invalid instead of valid mechanism #62