Skip to content

Commit

Permalink
Add unit tests explicitly convering confused deputy attacks
Browse files Browse the repository at this point in the history
  • Loading branch information
paragonie-security committed May 10, 2024
1 parent 1081aeb commit 3b9c8bd
Show file tree
Hide file tree
Showing 2 changed files with 62 additions and 0 deletions.
31 changes: 31 additions & 0 deletions tests/EncryptedMultiRowsTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,37 @@ public function engineProvider()
];
}

/**
* @dataProvider engineProvider
*/
public function testFieldsAreNotSwappable(CipherSweet $engine): void
{
$eR = new EncryptedMultiRows($engine);
$eR
->addOptionalTextField('foo', 'field1')
->addOptionalTextField('foo', 'field2');

$plain = ['foo' => ['field1' => 'example', 'field2' => 'message']];
$encrypted = $eR->encryptManyRows($plain);
$swapped = [];
[$swapped['foo']['field1'], $swapped['foo']['field2']] = [$encrypted['foo']['field2'], $encrypted['foo']['field1']];
// Sanity check: Did we actually swap them?
$this->assertSame($swapped['foo']['field2'], $encrypted['foo']['field1']);
$this->assertSame($swapped['foo']['field1'], $encrypted['foo']['field2']);

// Is decryption successful still?
$decrypted = $eR->decryptManyRows($encrypted);
$this->assertSame($plain['foo']['field1'], $decrypted['foo']['field1']);
$this->assertSame($plain['foo']['field2'], $decrypted['foo']['field2']);

// Okay, let's decryptRow() on the swapped values. This must throw.
try {
$eR->decryptManyRows($swapped);
$this->fail('Expected decryptRow() to fail.');
} catch (CipherSweetException|SodiumException) {
}
}

/**
* @dataProvider engineProvider
*/
Expand Down
31 changes: 31 additions & 0 deletions tests/EncryptedRowTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -519,6 +519,37 @@ public function testJsonField(CipherSweet $engine)
$this->assertSame($plaintext, $eR->decryptRow($some));
}

/**
* @dataProvider engineProvider
*/
public function testFieldsAreNotSwappable(CipherSweet $engine): void
{
$eR = new EncryptedRow($engine, 'foo');
$eR
->addOptionalTextField('field1')
->addOptionalTextField('field2');

$plain = ['field1' => 'example', 'field2' => 'message'];
$encrypted = $eR->encryptRow($plain);
$swapped = [];
[$swapped['field1'], $swapped['field2']] = [$encrypted['field2'], $encrypted['field1']];
// Sanity check: Did we actually swap them?
$this->assertSame($swapped['field2'], $encrypted['field1']);
$this->assertSame($swapped['field1'], $encrypted['field2']);

// Is decryption successful still?
$decrypted = $eR->decryptRow($encrypted);
$this->assertSame($plain['field1'], $decrypted['field1']);
$this->assertSame($plain['field2'], $decrypted['field2']);

// Okay, let's decryptRow() on the swapped values. This must throw.
try {
$eR->decryptRow($swapped);
$this->fail('Expected decryptRow() to fail.');
} catch (CipherSweetException|SodiumException) {
}
}

/**
* @dataProvider engineProvider
*/
Expand Down

0 comments on commit 3b9c8bd

Please sign in to comment.