Add AES unwrap test with invalid key.

This tests the unwrap algorithm with an invalid key. The result should
be rejected without returning any plaintext.

Reviewed-by: Emilia Käsper <emilia@openssl.org>

diff --git a/crypto/evp/evptests.txt b/crypto/evp/evptests.txt
index 8bf90d063052f94118f1947c6a28aa4b4cb47238..26d371c559197f9881d3831048ec38eabf7e9dc2 100644 (file)
--- a/crypto/evp/evptests.txt
+++ b/crypto/evp/evptests.txt
@@ -2002,6 +2002,15 @@ Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
 Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F
 Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
 
+# Same as previous example but with invalid unwrap key: should be rejected
+# without returning any plaintext
+Cipher = id-aes256-wrap
+Operation = DECRYPT
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E00
+Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F
+Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
+Result = CIPHERUPDATE_ERROR
+
 # AES wrap tests from RFC5649
 Cipher = id-aes192-wrap-pad
 Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8