xref: /aosp_15_r20/external/tink/java_src/examples/envelopeaead/envelope_aead_example_test.sh (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1#!/bin/bash
2# Copyright 2021 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15################################################################################
16
17set -euo pipefail
18
19#############################################################################
20##### Tests for envelope encryption AEAD example.
21
22CLI="$1"
23KEY_URI="$2"
24CRED_FILE="$3"
25
26DATA_FILE="$TEST_TMPDIR/example_data.txt"
27
28echo "This is some plaintext to be encrypted." > ${DATA_FILE}
29
30#############################################################################
31
32# A helper function for getting the return code of a command that may fail
33# Temporarily disables error safety and stores return value in ${TEST_STATUS}
34# Usage:
35# % test_command somecommand some args
36# % echo ${TEST_STATUS}
37test_command() {
38  set +e
39  "$@"
40  TEST_STATUS=$?
41  set -e
42}
43
44#############################################################################
45#### Test initialization and encryption
46test_name="encrypt"
47echo "+++ Starting test $test_name..."
48
49# ##### Run encryption
50test_command ${CLI} encrypt ${KEY_URI} ${CRED_FILE} ${DATA_FILE} "${DATA_FILE}.encrypted"
51
52if [[ ${TEST_STATUS} -eq 0 ]]; then
53  echo "+++ Success: file was encrypted."
54else
55  echo "--- Failure: could not encrypt file."
56  exit 1
57fi
58
59#############################################################################
60#### Test if decryption succeeds and returns original file
61test_name="decrypt"
62echo "+++ Starting test $test_name..."
63
64##### Run decryption
65test_command ${CLI} decrypt ${KEY_URI} ${CRED_FILE} "${DATA_FILE}.encrypted" "${DATA_FILE}.decrypted"
66
67if [[ ${TEST_STATUS} -eq 0 ]]; then
68  echo "+++ Success: file was successfully decrypted."
69else
70  echo "--- Failure: could not decrypt file."
71  exit 1
72fi
73
74if cmp -s ${DATA_FILE} "${DATA_FILE}.decrypted"; then
75  echo "+++ Success: file content is the same after decryption."
76else
77  echo "--- Failure: file content is not the same after decryption."
78  exit 1
79fi
80
81#############################################################################
82#### Test correct encryption and decryption with associated data
83test_name="test_encrypt_decrypt_succeeds_with_associated_data"
84echo "+++ Starting test ${test_name}..."
85
86##### Run encryption
87ASSOCIATED_DATA="header information"
88test_command ${CLI} encrypt ${KEY_URI} ${CRED_FILE} ${DATA_FILE} "${DATA_FILE}.encrypted" "${ASSOCIATED_DATA}"
89if [[ ${TEST_STATUS} -eq 0 ]]; then
90  echo "+++ Encryption successful."
91else
92  echo "--- Encryption failed."
93  exit 1
94fi
95
96##### Run decryption
97test_command ${CLI} decrypt ${KEY_URI} ${CRED_FILE} "${DATA_FILE}.encrypted" "${DATA_FILE}.decrypted" "${ASSOCIATED_DATA}"
98if [[ ${TEST_STATUS} -eq 0 ]]; then
99  echo "+++ Decryption successful."
100else
101  echo "--- Decryption failed."
102  exit 1
103fi
104
105cmp --silent ${DATA_FILE} ${DATA_FILE}.decrypted
106
107#############################################################################
108#### Test decryption fails with modified associated data
109test_name="test_encrypt_decrypt_fails_with_modified_associated_data"
110echo "+++ Starting test ${test_name}..."
111
112##### Run encryption
113ASSOCIATED_DATA="header information"
114test_command ${CLI} encrypt ${KEY_URI} ${CRED_FILE} ${DATA_FILE} "${DATA_FILE}.encrypted" "${ASSOCIATED_DATA}"
115if [[ ${TEST_STATUS} -eq 0 ]]; then
116  echo "+++ Encryption successful."
117else
118  echo "--- Encryption failed."
119  exit 1
120fi
121
122##### Run decryption
123MODIFIED_ASSOCIATED_DATA="modified header information"
124test_command ${CLI} decrypt ${KEY_URI} ${CRED_FILE} "${DATA_FILE}.encrypted" "${DATA_FILE}.decrypted" "${MODIFIED_ASSOCIATED_DATA}"
125if [[ ${TEST_STATUS} -eq 1 ]]; then
126  echo "+++ Decryption failed as expected."
127else
128  echo "--- Decryption succeeded but expected to fail."
129  exit 1
130fi
131
132