From 8f934329305dea09286d69d3140135d0bd975de8 Mon Sep 17 00:00:00 2001
From: Yihong Wang <yh.wang@ibm.com>
Date: Mon, 7 May 2018 16:36:22 -0700
Subject: [PATCH] crypto: add test case for AES key wrapping

Add test cases for AES key wrapping and only detect output length in
cipher case. The reason being is the returned output length is
insufficient in AES key unwrapping case.

Signed-off-by: Yihong Wang <yh.wang@ibm.com>
---
 src/node_crypto.cc                    |  2 +-
 test/parallel/test-crypto-aes-wrap.js | 62 +++++++++++++++++++++++++++
 2 files changed, 63 insertions(+), 1 deletion(-)
 create mode 100644 test/parallel/test-crypto-aes-wrap.js

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index ce9c41deaebcd2..1e987480f7bea1 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -2998,7 +2998,7 @@ CipherBase::UpdateResult CipherBase::Update(const char* data,
   int buff_len = len + EVP_CIPHER_CTX_block_size(ctx_.get());
   // For key wrapping algorithms, get output size by calling
   // EVP_CipherUpdate() with null output.
-  if (mode == EVP_CIPH_WRAP_MODE &&
+  if (kind_ == kCipher && mode == EVP_CIPH_WRAP_MODE &&
       EVP_CipherUpdate(ctx_.get(),
                        nullptr,
                        &buff_len,
diff --git a/test/parallel/test-crypto-aes-wrap.js b/test/parallel/test-crypto-aes-wrap.js
new file mode 100644
index 00000000000000..6fe35258f7d6b2
--- /dev/null
+++ b/test/parallel/test-crypto-aes-wrap.js
@@ -0,0 +1,62 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+const crypto = require('crypto');
+
+const test = [
+  {
+    algorithm: 'aes128-wrap',
+    key: 'b26f309fbe57e9b3bb6ae5ef31d54450',
+    iv: '3fd838af4093d749',
+    text: '12345678123456781234567812345678'
+  },
+  {
+    algorithm: 'id-aes128-wrap-pad',
+    key: 'b26f309fbe57e9b3bb6ae5ef31d54450',
+    iv: '3fd838af',
+    text: '12345678123456781234567812345678123'
+  },
+  {
+    algorithm: 'aes192-wrap',
+    key: '40978085d68091f7dfca0d7dfc7a5ee76d2cc7f2f345a304',
+    iv: '3fd838af4093d749',
+    text: '12345678123456781234567812345678'
+  },
+  {
+    algorithm: 'id-aes192-wrap-pad',
+    key: '40978085d68091f7dfca0d7dfc7a5ee76d2cc7f2f345a304',
+    iv: '3fd838af',
+    text: '12345678123456781234567812345678123'
+  },
+  {
+    algorithm: 'aes256-wrap',
+    key: '29c9eab5ed5ad44134a1437fe2e673b4d88a5b7c72e68454fea08721392b7323',
+    iv: '3fd838af4093d749',
+    text: '12345678123456781234567812345678'
+  },
+  {
+    algorithm: 'id-aes256-wrap-pad',
+    key: '29c9eab5ed5ad44134a1437fe2e673b4d88a5b7c72e68454fea08721392b7323',
+    iv: '3fd838af',
+    text: '12345678123456781234567812345678123'
+  },
+];
+
+test.forEach((data) => {
+  const cipher = crypto.createCipheriv(
+    data.algorithm,
+    Buffer.from(data.key, 'hex'),
+    Buffer.from(data.iv, 'hex'));
+  const ciphertext = cipher.update(data.text, 'utf8');
+
+  const decipher = crypto.createDecipheriv(
+    data.algorithm,
+    Buffer.from(data.key, 'hex'),
+    Buffer.from(data.iv, 'hex'));
+  const msg = decipher.update(ciphertext, 'buffer', 'utf8');
+
+  assert.strictEqual(msg, data.text, `${data.algorithm} test case failed`);
+});