xref: /aosp_15_r20/external/tink/cc/examples/mac/mac_cli_test.sh (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1#!/bin/bash
2# Copyright 2022 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15################################################################################
16
17set -euo pipefail
18
19#############################################################################
20# Tests for Tink CC MAC.
21#############################################################################
22
23: "${TEST_TMPDIR:=$(mktemp -d)}"
24
25readonly CLI="$1"
26readonly KEYSET_FILE="$2"
27readonly DATA_FILE="${TEST_TMPDIR}/example_data.txt"
28readonly TEST_NAME="TinkExamplesCcMacTest"
29
30echo "This is some input data to be authenticated." > "${DATA_FILE}"
31
32#######################################
33# A helper function for getting the return code of a command that may fail.
34# Temporarily disables error safety and stores return value in TEST_STATUS.
35#
36# Globals:
37#   TEST_STATUS
38# Arguments:
39#   Command to execute.
40#######################################
41test_command() {
42  set +e
43  "$@"
44  TEST_STATUS=$?
45  set -e
46}
47
48#######################################
49# Asserts that the outcome of the latest test command is 0.
50#
51# If not, it terminates the test execution.
52#
53# Globals:
54#   TEST_STATUS
55#   TEST_NAME
56#   TEST_CASE
57#######################################
58assert_command_succeeded() {
59  if (( TEST_STATUS != 0 )); then
60    echo "[   FAILED ] ${TEST_NAME}.${TEST_CASE}"
61    exit 1
62  fi
63}
64
65#######################################
66# Asserts that the outcome of the latest test command is not 0.
67#
68# If not, it terminates the test execution.
69#
70# Globals:
71#   TEST_STATUS
72#   TEST_NAME
73#   TEST_CASE
74#######################################
75assert_command_failed() {
76  if (( TEST_STATUS == 0 )); then
77      echo "[   FAILED ] ${TEST_NAME}.${TEST_CASE}"
78      exit 1
79  fi
80}
81
82#######################################
83# Starts a new test case; records the test case name to TEST_CASE.
84#
85# Globals:
86#   TEST_NAME
87#   TEST_CASE
88# Arguments:
89#   test_case: The name of the test case.
90#######################################
91start_test_case() {
92  TEST_CASE="$1"
93  echo "[ RUN      ] ${TEST_NAME}.${TEST_CASE}"
94}
95
96#######################################
97# Ends a test case printing a success message.
98#
99# Globals:
100#   TEST_NAME
101#   TEST_CASE
102#######################################
103end_test_case() {
104  echo "[       OK ] ${TEST_NAME}.${TEST_CASE}"
105}
106
107#############################################################################
108
109start_test_case "compute"
110
111# Run MAC computation.
112test_command "${CLI}" \
113  --mode compute \
114  --keyset_filename "${KEYSET_FILE}" \
115  --data_filename "${DATA_FILE}" \
116  --tag_filename "${DATA_FILE}.tag"
117assert_command_succeeded
118
119end_test_case
120
121#############################################################################
122
123start_test_case "verify"
124
125# Run MAC verification.
126test_command "${CLI}" \
127  --mode verify \
128  --keyset_filename "${KEYSET_FILE}" \
129  --data_filename "${DATA_FILE}" \
130  --tag_filename "${DATA_FILE}.tag"
131assert_command_succeeded
132
133end_test_case
134
135#############################################################################
136
137start_test_case "verify_fails_with_modified_input_data"
138
139# Run MAC computation.
140test_command "${CLI}" \
141  --mode compute \
142  --keyset_filename "${KEYSET_FILE}" \
143  --data_filename "${DATA_FILE}" \
144  --tag_filename "${DATA_FILE}.tag"
145assert_command_succeeded
146
147# Copy input file.
148cp "${DATA_FILE}" "${DATA_FILE}.copy"
149
150# Verify with unmodified input.
151test_command "${CLI}" \
152  --mode verify \
153  --keyset_filename "${KEYSET_FILE}" \
154  --data_filename "${DATA_FILE}.copy" \
155  --tag_filename "${DATA_FILE}.tag"
156assert_command_succeeded
157
158# Modify copy of input file.
159echo "modified" >> "${DATA_FILE}.copy"
160
161# Verify with modified input.
162test_command "${CLI}" \
163  --mode verify \
164  --keyset_filename "${KEYSET_FILE}" \
165  --data_filename "${DATA_FILE}.copy" \
166  --tag_filename "${DATA_FILE}.tag"
167assert_command_failed
168
169end_test_case
170
171#############################################################################
172
173start_test_case "verify_fails_with_modified_tag"
174
175# Run MAC computation.
176test_command "${CLI}" \
177  --mode compute \
178  --keyset_filename "${KEYSET_FILE}" \
179  --data_filename "${DATA_FILE}" \
180  --tag_filename "${DATA_FILE}.tag"
181assert_command_succeeded
182
183# Copy tag.
184cp "${DATA_FILE}.tag" "${DATA_FILE}.tag.copy"
185
186# Verify with unmodified tag.
187test_command "${CLI}" \
188  --mode verify \
189  --keyset_filename "${KEYSET_FILE}" \
190  --data_filename "${DATA_FILE}" \
191  --tag_filename "${DATA_FILE}.tag.copy"
192assert_command_succeeded
193
194# Modify copy of tag.
195echo "modified" >> "${DATA_FILE}.tag.copy"
196
197# Verify with modified tag.
198test_command "${CLI}" \
199  --mode verify \
200  --keyset_filename "${KEYSET_FILE}" \
201  --data_filename "${DATA_FILE}" \
202  --tag_filename "${DATA_FILE}.tag.copy"
203assert_command_failed
204
205end_test_case
206