shuffler/src/util/crypto_util_test.go - cobalt - Git at Google

 // Copyright 2016 The Fuchsia Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //    http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package util

 import (
 	"crypto/elliptic"
 	"crypto/rand"
 	"io"
 	"testing"
 )

 func TestSymmetricCipher(t *testing.T) {
 	const nonceSize = 12

 	// test for an invalid key with length != 16 bytes
 	key := []byte("AES256Key")
 	_, err := NewSymmetricCipher(key)
 	if err == nil {
 		t.Errorf("expected error for invalid key")
 		return
 	}

 	// Use a 16 byte key to select AES-128
 	key = []byte("AES256Key-16Char")
 	c, err := NewSymmetricCipher(key)
 	if err != nil {
 		t.Errorf("Unable to initialize test SymmetricCipher: %v", err)
 		return
 	}

 	// test for different plaintexts
 	for _, plaintextSize := range []int{32, 128, 256, 1024} {
 		plaintext := make([]byte, plaintextSize)
 		if _, err := io.ReadFull(rand.Reader, plaintext); err != nil {
 			t.Errorf("got error in generating plaintext: %v", err)
 			return
 		}

 		// generate random nonce
 		nonce := make([]byte, nonceSize)
 		if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
 			t.Errorf("got error in generating nonce: %v", err)
 			return
 		}

 		// test encrypt
 		ciphertext, err := c.Encrypt(plaintext, nonce)
 		if err != nil {
 			t.Errorf("got encryption error:%v", err)
 			return
 		}
 		if ciphertext == nil {
 			t.Error("ciphertext after encryption is nil")
 			return
 		}

 		// test decrypt
 		decryptedtext, err := c.Decrypt(ciphertext, nonce)
 		if err != nil {
 			t.Errorf("got decryption error:%v", err)
 			return
 		}
 		if string(plaintext) != string(decryptedtext) {
 			t.Errorf("got [%s] after decryption, want [%s]", decryptedtext, plaintext)
 			return
 		}
 	}
 }

 func TestHybridCipher(t *testing.T) {
 	privateKey, publicKey, _, _, err := generateECKey()
 	if err != nil {
 		t.Errorf("%v", err)
 	}

 	hybridCipher := NewHybridCipher(privateKey, publicKey)

 	// This is Shakespearean Sonnet number 110.
 	plaintext := `
   Alas 'tis true, I have gone here and there,
   And made my self a motley to the view,
   Gored mine own thoughts, sold cheap what is most dear,
   Made old offences of affections new.

   Most true it is, that I have looked on truth
   Askance and strangely: but by all above,
   These blenches gave my heart another youth,
   And worse essays proved thee my best of love.

   Now all is done, have what shall have no end,
   Mine appetite I never more will grind
   On newer proof, to try an older friend,
   A god in love, to whom I am confined.

     Then give me welcome, next my heaven the best,
     Even to thy pure and most most loving breast.`
 	ciphertext, err := hybridCipher.Encrypt([]byte(plaintext))
 	if err != nil {
 		t.Errorf("%v", err)
 	}

 	recoveredText, err := hybridCipher.Decrypt(ciphertext)
 	if err != nil {
 		t.Errorf("%v", err)
 	}
 	if string(recoveredText) != plaintext {
 		t.Errorf("recoveredText=[%s]", string(recoveredText))
 	}

 	// Intentionally corrupt the ciphertext by omitting the first byte.
 	corruptedCiphertext := ciphertext[1:]
 	// Check that Decrypt() returns an error but does not crash.
 	_, err = hybridCipher.Decrypt(corruptedCiphertext)
 	if err == nil {
 		t.Errorf("Expected an error.")
 	}

 	// Intentionally corrupt the ciphertext by prepending an extra zero byte.
 	corruptedCiphertext = []byte{0}
 	corruptedCiphertext = append(corruptedCiphertext, ciphertext...)
 	// Check that Decrypt() returns an error but does not crash.
 	_, err = hybridCipher.Decrypt(corruptedCiphertext)
 	if err == nil {
 		t.Errorf("Expected an error.")
 	}

 	// Intentionally corrupt the ciphertext by appending an extra zero byte.
 	corruptedCiphertext = append(ciphertext, 0)
 	// Check that Decrypt() returns an error but does not crash.
 	_, err = hybridCipher.Decrypt(corruptedCiphertext)
 	if err == nil {
 		t.Errorf("Expected an error.")
 	}
 }

 func TestMarshalUnmarshall(t *testing.T) {
 	_, _, pubX, pubY, err := generateECKey()
 	if err != nil {
 		t.Errorf("%v", err)
 	}

 	// Test uncompressed
 	uncompressedData := elliptic.Marshal(ellipticCurve, pubX, pubY)
 	if uncompressedData == nil {
 		t.Errorf("Marshal failed.")
 	}

 	x, y := Unmarshal(ellipticCurve, uncompressedData)
 	if x.Cmp(pubX) != 0 {
 		t.Errorf("x's don't match")
 	}
 	if y.Cmp(pubY) != 0 {
 		t.Errorf("x's don't match")
 	}

 	// Test compressed
 	compressedData := MarshalCompressed(ellipticCurve, pubX, pubY)
 	if compressedData == nil {
 		t.Errorf("Marshal failed.")
 	}

 	x, y = Unmarshal(ellipticCurve, compressedData)
 	if x.Cmp(pubX) != 0 {
 		t.Errorf("x's don't match")
 	}
 	if y.Cmp(pubY) != 0 {
 		t.Errorf("x's don't match")
 	}
 }
	// Copyright 2016 The Fuchsia Authors
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package util

	import (
	"crypto/elliptic"
	"crypto/rand"
	"io"
	"testing"
	)

	func TestSymmetricCipher(t *testing.T) {
	const nonceSize = 12

	// test for an invalid key with length != 16 bytes
	key := []byte("AES256Key")
	_, err := NewSymmetricCipher(key)
	if err == nil {
	t.Errorf("expected error for invalid key")
	return
	}

	// Use a 16 byte key to select AES-128
	key = []byte("AES256Key-16Char")
	c, err := NewSymmetricCipher(key)
	if err != nil {
	t.Errorf("Unable to initialize test SymmetricCipher: %v", err)
	return
	}

	// test for different plaintexts
	for _, plaintextSize := range []int{32, 128, 256, 1024} {
	plaintext := make([]byte, plaintextSize)
	if _, err := io.ReadFull(rand.Reader, plaintext); err != nil {
	t.Errorf("got error in generating plaintext: %v", err)
	return
	}

	// generate random nonce
	nonce := make([]byte, nonceSize)
	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
	t.Errorf("got error in generating nonce: %v", err)
	return
	}

	// test encrypt
	ciphertext, err := c.Encrypt(plaintext, nonce)
	if err != nil {
	t.Errorf("got encryption error:%v", err)
	return
	}
	if ciphertext == nil {
	t.Error("ciphertext after encryption is nil")
	return
	}

	// test decrypt
	decryptedtext, err := c.Decrypt(ciphertext, nonce)
	if err != nil {
	t.Errorf("got decryption error:%v", err)
	return
	}
	if string(plaintext) != string(decryptedtext) {
	t.Errorf("got [%s] after decryption, want [%s]", decryptedtext, plaintext)
	return
	}
	}
	}

	func TestHybridCipher(t *testing.T) {
	privateKey, publicKey, _, _, err := generateECKey()
	if err != nil {
	t.Errorf("%v", err)
	}

	hybridCipher := NewHybridCipher(privateKey, publicKey)

	// This is Shakespearean Sonnet number 110.
	plaintext := `
	Alas 'tis true, I have gone here and there,
	And made my self a motley to the view,
	Gored mine own thoughts, sold cheap what is most dear,
	Made old offences of affections new.

	Most true it is, that I have looked on truth
	Askance and strangely: but by all above,
	These blenches gave my heart another youth,
	And worse essays proved thee my best of love.

	Now all is done, have what shall have no end,
	Mine appetite I never more will grind
	On newer proof, to try an older friend,
	A god in love, to whom I am confined.

	Then give me welcome, next my heaven the best,
	Even to thy pure and most most loving breast.`
	ciphertext, err := hybridCipher.Encrypt([]byte(plaintext))
	if err != nil {
	t.Errorf("%v", err)
	}

	recoveredText, err := hybridCipher.Decrypt(ciphertext)
	if err != nil {
	t.Errorf("%v", err)
	}
	if string(recoveredText) != plaintext {
	t.Errorf("recoveredText=[%s]", string(recoveredText))
	}

	// Intentionally corrupt the ciphertext by omitting the first byte.
	corruptedCiphertext := ciphertext[1:]
	// Check that Decrypt() returns an error but does not crash.
	_, err = hybridCipher.Decrypt(corruptedCiphertext)
	if err == nil {
	t.Errorf("Expected an error.")
	}

	// Intentionally corrupt the ciphertext by prepending an extra zero byte.
	corruptedCiphertext = []byte{0}
	corruptedCiphertext = append(corruptedCiphertext, ciphertext...)
	// Check that Decrypt() returns an error but does not crash.
	_, err = hybridCipher.Decrypt(corruptedCiphertext)
	if err == nil {
	t.Errorf("Expected an error.")
	}

	// Intentionally corrupt the ciphertext by appending an extra zero byte.
	corruptedCiphertext = append(ciphertext, 0)
	// Check that Decrypt() returns an error but does not crash.
	_, err = hybridCipher.Decrypt(corruptedCiphertext)
	if err == nil {
	t.Errorf("Expected an error.")
	}
	}

	func TestMarshalUnmarshall(t *testing.T) {
	_, _, pubX, pubY, err := generateECKey()
	if err != nil {
	t.Errorf("%v", err)
	}

	// Test uncompressed
	uncompressedData := elliptic.Marshal(ellipticCurve, pubX, pubY)
	if uncompressedData == nil {
	t.Errorf("Marshal failed.")
	}

	x, y := Unmarshal(ellipticCurve, uncompressedData)
	if x.Cmp(pubX) != 0 {
	t.Errorf("x's don't match")
	}
	if y.Cmp(pubY) != 0 {
	t.Errorf("x's don't match")
	}

	// Test compressed
	compressedData := MarshalCompressed(ellipticCurve, pubX, pubY)
	if compressedData == nil {
	t.Errorf("Marshal failed.")
	}

	x, y = Unmarshal(ellipticCurve, compressedData)
	if x.Cmp(pubX) != 0 {
	t.Errorf("x's don't match")
	}
	if y.Cmp(pubY) != 0 {
	t.Errorf("x's don't match")
	}
	}