From 3cf2ba8853bd198a142d03e846af46c905942c4f Mon Sep 17 00:00:00 2001
From: sasha <sasha@z.cash>
Date: Fri, 1 Apr 2022 14:35:47 -0700
Subject: [PATCH] Fix sporadic failures in
 StoreAndRetrieveMnemonicSeedInEncryptedStore

---
 src/gtest/test_keystore.cpp | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/gtest/test_keystore.cpp b/src/gtest/test_keystore.cpp
index 342e274b5..64e3ea97d 100644
--- a/src/gtest/test_keystore.cpp
+++ b/src/gtest/test_keystore.cpp
@@ -359,15 +359,14 @@ TEST(KeystoreTests, StoreAndRetrieveMnemonicSeedInEncryptedStore) {
     seedOut = keyStore.GetMnemonicSeed();
     EXPECT_FALSE(seedOut.has_value());
 
-    // Unlocking with a random key should fail
-    CKeyingMaterial vRandomKey(32, 0);
-    GetRandBytes(vRandomKey.data(), 32);
-    EXPECT_FALSE(keyStore.Unlock(vRandomKey));
+    // Unlocking with a random key causes sporadic failures, since we currently
+    // don't use an authenticated encryption scheme for CCryptoKeyStore.
 
-    // Unlocking with a slightly-modified vMasterKey should fail
-    CKeyingMaterial vModifiedKey(vMasterKey);
-    vModifiedKey[0] += 1;
-    EXPECT_FALSE(keyStore.Unlock(vModifiedKey));
+    // Currently, DecryptMnemonicSeed tests if a key is invalid by looking at
+    // the return value of CBCDecrypt. If keyStore.Unlock is called with an
+    // invalid key, there's roughly a 257/65536 chance that the padding check
+    // in CBCDecrypt will pass, in which case DecryptMnemonicSeed then calls
+    // the deserialization code in mnemonic.h with random data.
 
     // Unlocking with vMasterKey should succeed
     ASSERT_TRUE(keyStore.Unlock(vMasterKey));