From 1e4c56e58a92bd7b51092e0eb2ea3ed24eb7b306 Mon Sep 17 00:00:00 2001
From: Ugljesa Jovanovic <ugljesa.jovanovic@ionspin.com>
Date: Sat, 17 Oct 2020 10:03:27 +0200
Subject: [PATCH] make tampered tests fail less by modifying more bytes

---
 .../AuthenticatedEncryptionWithAssociatedDataTest.kt | 12 ++++++++++++
 .../ionspin/kotlin/crypto/secretbox/SecretBoxTest.kt |  4 ++++
 .../kotlin/crypto/secretstream/SecretStreamTest.kt   |  2 ++
 .../ionspin/kotlin/crypto/signature/SignatureTest.kt |  4 ++++
 4 files changed, 22 insertions(+)

diff --git a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/aead/AuthenticatedEncryptionWithAssociatedDataTest.kt b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/aead/AuthenticatedEncryptionWithAssociatedDataTest.kt
index c6de2bf..fe3a6b5 100644
--- a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/aead/AuthenticatedEncryptionWithAssociatedDataTest.kt
+++ b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/aead/AuthenticatedEncryptionWithAssociatedDataTest.kt
@@ -53,6 +53,8 @@ class AuthenticatedEncryptionWithAssociatedDataTest {
             assertFailsWith(AeadCorrupedOrTamperedDataException::class) {
                 val tamperedTag = encrypted.copyOf()
                 tamperedTag[3] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 AuthenticatedEncryptionWithAssociatedData.xChaCha20Poly1305IetfDecrypt(
                     tamperedTag,
                     associatedData,
@@ -105,6 +107,8 @@ class AuthenticatedEncryptionWithAssociatedDataTest {
             assertFailsWith(AeadCorrupedOrTamperedDataException::class) {
                 val tamperedTag = encrypted.tag.copyOf()
                 tamperedTag[3] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 AuthenticatedEncryptionWithAssociatedData.xChaCha20Poly1305IetfDecryptDetached(
                     encrypted.data,
                     tamperedTag,
@@ -156,6 +160,8 @@ class AuthenticatedEncryptionWithAssociatedDataTest {
             assertFailsWith(AeadCorrupedOrTamperedDataException::class) {
                 val tamperedTag = encrypted.copyOf()
                 tamperedTag[3] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 AuthenticatedEncryptionWithAssociatedData.chaCha20Poly1305IetfDecrypt(
                     tamperedTag,
                     associatedData,
@@ -207,6 +213,8 @@ class AuthenticatedEncryptionWithAssociatedDataTest {
             assertFailsWith(AeadCorrupedOrTamperedDataException::class) {
                 val tamperedTag = encrypted.tag.copyOf()
                 tamperedTag[3] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 AuthenticatedEncryptionWithAssociatedData.chaCha20Poly1305IetfDecryptDetached(
                     encrypted.data,
                     tamperedTag,
@@ -257,6 +265,8 @@ class AuthenticatedEncryptionWithAssociatedDataTest {
             assertFailsWith(AeadCorrupedOrTamperedDataException::class) {
                 val tamperedTag = encrypted.copyOf()
                 tamperedTag[3] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 AuthenticatedEncryptionWithAssociatedData.chaCha20Poly1305Decrypt(
                     tamperedTag,
                     associatedData,
@@ -307,6 +317,8 @@ class AuthenticatedEncryptionWithAssociatedDataTest {
             assertFailsWith(AeadCorrupedOrTamperedDataException::class) {
                 val tamperedTag = encrypted.tag.copyOf()
                 tamperedTag[3] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 AuthenticatedEncryptionWithAssociatedData.chaCha20Poly1305DecryptDetached(
                     encrypted.data,
                     tamperedTag,
diff --git a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretbox/SecretBoxTest.kt b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretbox/SecretBoxTest.kt
index caf19a5..bae56b1 100644
--- a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretbox/SecretBoxTest.kt
+++ b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretbox/SecretBoxTest.kt
@@ -40,6 +40,8 @@ class SecretBoxTest {
             assertFailsWith(SecretBoxCorruptedOrTamperedDataExceptionOrInvalidKey::class) {
                 val tamperedTag = encrypted.copyOf()
                 tamperedTag[2] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 SecretBox.openEasy(tamperedTag, nonce, key)
             }
         }
@@ -73,6 +75,8 @@ class SecretBoxTest {
             assertFailsWith(SecretBoxCorruptedOrTamperedDataExceptionOrInvalidKey::class) {
                 val tamperedTag = encrypted.tag.copyOf()
                 tamperedTag[2] = 0U
+                tamperedTag[1] = 0U
+                tamperedTag[0] = 0U
                 SecretBox.openDetached(encrypted.data, tamperedTag, nonce, key)
             }
         }
diff --git a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretstream/SecretStreamTest.kt b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretstream/SecretStreamTest.kt
index 574891f..a000e99 100644
--- a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretstream/SecretStreamTest.kt
+++ b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/secretstream/SecretStreamTest.kt
@@ -75,6 +75,8 @@ class SecretStreamTest {
             }
             assertFailsWith(SecretStreamCorruptedOrTamperedDataException::class) {
                 encrypted[encrypted.size - 5] = 0U
+                encrypted[encrypted.size - 4] = 0U
+                encrypted[encrypted.size - 3] = 0U
                 val decryptState = SecretStream.xChaCha20Poly1305InitPull(key, stateAndHeader.header)
                 val decrypted =
                     SecretStream.xChaCha20Poly1305Pull(decryptState.state, encrypted, ubyteArrayOf())
diff --git a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/signature/SignatureTest.kt b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/signature/SignatureTest.kt
index dca334d..d82d939 100644
--- a/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/signature/SignatureTest.kt
+++ b/multiplatform-crypto-libsodium-bindings/src/commonTest/kotlin/com/ionspin/kotlin/crypto/signature/SignatureTest.kt
@@ -24,6 +24,8 @@ class SignatureTest {
             assertFailsWith(InvalidSignatureException::class) {
                 val tamperedMessage = signedMessage.copyOf()
                 tamperedMessage[crypto_sign_BYTES + 1] = 0U
+                tamperedMessage[crypto_sign_BYTES + 2] = 0U
+                tamperedMessage[crypto_sign_BYTES + 3] = 0U
                 Signature.open(tamperedMessage, keys.publicKey)
             }
         }
@@ -65,6 +67,8 @@ class SignatureTest {
             assertFailsWith(InvalidSignatureException::class) {
                 val tamperedSignature = signature.copyOf()
                 tamperedSignature[crypto_sign_BYTES - 1] = 0U
+                tamperedSignature[crypto_sign_BYTES - 2] = 0U
+                tamperedSignature[crypto_sign_BYTES - 3] = 0U
                 Signature.finalVerify(verificationState, tamperedSignature, keys.publicKey)
             }
         }