blob: 32cc7d5127a7c2e503fe8e121fabbbb0818797a3 [file] [log] [blame]
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// See the License for the specific language governing permissions and
// limitations under the License.
package hybrid
import (
subtle ""
tinkpb ""
func TestXxx(t *testing.T) {
func modifyDecrypt(t *testing.T, c string, k *tinkpb.KeyTemplate) {
curve, err := subtle.GetCurve(c)
if err != nil {
t.Fatalf("error getting %s curve: %s ", c, err)
pvt, err := subtle.GenerateECDHKeyPair(curve)
if err != nil {
t.Fatalf("error generating ECDH key pair: %s", err)
salt := random.GetRandomBytes(8)
pt := random.GetRandomBytes(4)
context := random.GetRandomBytes(4)
rDem, err := newRegisterECIESAEADHKDFDemHelper(k)
if err != nil {
t.Fatalf("error generating a DEM helper :%s", err)
e, err := subtle.NewECIESAEADHKDFHybridEncrypt(&pvt.PublicKey, salt, "SHA256", "UNCOMPRESSED", rDem)
if err != nil {
t.Fatalf("error generating an encryption construct :%s", err)
d, err := subtle.NewECIESAEADHKDFHybridDecrypt(pvt, salt, "SHA256", "UNCOMPRESSED", rDem)
if err != nil {
t.Fatalf("error generating an decryption construct :%s", err)
ct, err := e.Encrypt(pt, context)
if err != nil {
t.Fatalf("encryption error :%s", err)
dt, err := d.Decrypt(ct, context)
if err != nil {
t.Fatalf("decryption error :%s", err)
if !bytes.Equal(dt, pt) {
t.Fatalf("decryption not inverse of encryption")
for _, g := range testutil.GenerateMutations(ct) {
if _, err := d.Decrypt(g, context); err == nil {
t.Fatalf("invalid cipher text should throw exception")
for _, g := range testutil.GenerateMutations(context) {
if _, err := d.Decrypt(ct, g); err == nil {
t.Fatalf("invalid context should throw exception")
mSalt := make([]byte, len(salt))
for i := 0; i < len(salt); i++ {
for j := 0; j < 8; j++ {
copy(mSalt, salt)
mSalt[i] ^= (1 << uint8(j))
d, err = subtle.NewECIESAEADHKDFHybridDecrypt(pvt, mSalt, "SHA256", "UNCOMPRESSED", rDem)
if err != nil {
t.Fatalf("subtle.NewECIESAEADHKDFHybridDecrypt:%v", err)
if _, err := d.Decrypt(ct, context); err == nil {
t.Fatalf("invalid salt should throw exception")
func TestECAESCTRHMACSHA256Decrypt(t *testing.T) {
modifyDecrypt(t, "NIST_P256", aead.AES256CTRHMACSHA256KeyTemplate())
modifyDecrypt(t, "NIST_P384", aead.AES256CTRHMACSHA256KeyTemplate())
modifyDecrypt(t, "NIST_P521", aead.AES256CTRHMACSHA256KeyTemplate())
modifyDecrypt(t, "NIST_P224", aead.AES256CTRHMACSHA256KeyTemplate())
modifyDecrypt(t, "NIST_P256", aead.AES128CTRHMACSHA256KeyTemplate())
modifyDecrypt(t, "NIST_P384", aead.AES128CTRHMACSHA256KeyTemplate())
modifyDecrypt(t, "NIST_P521", aead.AES128CTRHMACSHA256KeyTemplate())
modifyDecrypt(t, "NIST_P224", aead.AES128CTRHMACSHA256KeyTemplate())
func TestECAES256GCMDecrypt(t *testing.T) {
modifyDecrypt(t, "NIST_P256", aead.AES256GCMKeyTemplate())
modifyDecrypt(t, "NIST_P384", aead.AES256GCMKeyTemplate())
modifyDecrypt(t, "NIST_P521", aead.AES256GCMKeyTemplate())
modifyDecrypt(t, "NIST_P224", aead.AES256GCMKeyTemplate())
modifyDecrypt(t, "NIST_P256", aead.AES128GCMKeyTemplate())
modifyDecrypt(t, "NIST_P384", aead.AES128GCMKeyTemplate())
modifyDecrypt(t, "NIST_P521", aead.AES128GCMKeyTemplate())
modifyDecrypt(t, "NIST_P224", aead.AES128GCMKeyTemplate())