Google Git
Sign in
fuchsia / third_party / tink / 77ea5026740aaedda87a23e0254bd8a1639674b4 / . / tools / testing / cross_language / aead_envelope_test.sh
blob: c9d3547b62db9d1d8780de3a1e9152c7815638f3 [file] [log] [blame]
#!/bin/bash
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
################################################################################
readonly REPO_DIR="${TEST_SRCDIR}"
readonly TOOLS_DIR="${REPO_DIR}/tools"
readonly TEST_UTIL="${TOOLS_DIR}/testing/cross_language/test_util.sh"
# Paths to AEAD CLI utilities.
readonly CC_AEAD_CLI="${TOOLS_DIR}/testing/cc/aead_cli_cc"
readonly GO_AEAD_CLI="${TOOLS_DIR}/testing/go/aead_cli_go"
readonly JAVA_AEAD_CLI="${TOOLS_DIR}/testing/aead_cli_java"
readonly PY_AEAD_CLI="${TOOLS_DIR}/testing/python/aead_cli_python"
# Modify the following variables to alter the set of languages and key formats
# tested.
declare -a ENCRYPT_CLIS
ENCRYPT_CLIS=(
"${GO_AEAD_CLI}"
"${JAVA_AEAD_CLI}"
"${CC_AEAD_CLI}"
"${PY_AEAD_CLI}"
)
readonly ENCRYPT_CLIS
declare -a DECRYPT_CLIS
DECRYPT_CLIS=(
"${GO_AEAD_CLI}"
"${JAVA_AEAD_CLI}"
"${CC_AEAD_CLI}"
"${PY_AEAD_CLI}"
)
readonly DECRYPT_CLIS
declare -a KEY_TEMPLATES
KEY_TEMPLATES=(
AES128_GCM
AES128_CTR_HMAC_SHA256
)
readonly KEY_TEMPLATES
# Root certificates for GRPC.
# (https://github.com/grpc/grpc/blob/master/doc/environment_variables.md)
export GRPC_DEFAULT_SSL_ROOTS_FILE_PATH="${TEST_SRCDIR}/google_root_pem/file/downloaded"
source "${TEST_UTIL}" || exit 1
#######################################
# Execute cross-language AEAD envelope encryption tests.
# Globals:
# ENCRYPT_CLIS
# DECRYPT_CLIS
# KEY_TEMPLATES
# Arguments:
# A name which describes the test.
# The name of a command/function to generate the keyset.
#######################################
aead_envelope_test() {
local test_name="$1"
local keyset_function="$2"
echo "############ starting test ${test_name} for the following templates:"
echo "${KEY_TEMPLATES}"
for key_template in "${KEY_TEMPLATES[@]}"
do
echo "## TEST for key template ${key_template}"
for encrypt_cli in "${ENCRYPT_CLIS[@]}"
do
local test_instance="${test_name}_${key_template}"
local encrypt_cli_name="$(basename "${encrypt_cli}")"
"${keyset_function}" \
"${test_instance}_ENCRYPT_${encrypt_cli_name}" \
"${key_template}"
generate_plaintext "${test_instance}"
local encrypted_prefix="${test_instance}}_ENCRYPT_${encrypt_cli_name}"
local encrypted_file="${TEST_TMPDIR}/${encrypted_prefix}_encrypted.bin"
local associated_data_file="${encrypted_prefix}_aad.bin"
echo "AAD for ${test_instance} using ${encrypt_cli_name} for encryption" \
> "${associated_data_file}"
echo "## ENCRYPTING using ${encrypt_cli_name}"
"${encrypt_cli}" \
"${aws_keyset_file}" \
"encrypt" \
"${plaintext_file}" \
"${associated_data_file}" \
"${encrypted_file}" \
|| exit 1
assert_files_different "${plaintext_file}" "${encrypted_file}"
for decrypt_cli in "${DECRYPT_CLIS[@]}"
do
local decrypt_cli_name="$(basename "${decrypt_cli}")"
local decrypted_prefix="${encrypted_prefix}_DECRYPT_${decrypted_cli_name}"
local decrypted_file="${TEST_TMPDIR}/${decrypted_prefix}_decrypted.bin"
echo "## DECRYPTING using ${decrypt_cli_name}"
"${decrypt_cli}" \
"${aws_keyset_file}" \
"decrypt" \
"${encrypted_file}" \
"${associated_data_file}" \
"${decrypted_file}" \
|| exit 1
assert_files_equal "${plaintext_file}" "${decrypted_file}"
done
done
done
}
main() {
aead_envelope_test "aead-envelope-aws-test" generate_aws_keyset
aead_envelope_test "aead-envelope-gcp-test" generate_gcp_keyset
}
main "$@"