xref: /aosp_15_r20/external/tink/go/streamingaead/streamingaead_key_templates_test.go (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1// Copyright 2020 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//      http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15////////////////////////////////////////////////////////////////////////////////
16
17package streamingaead_test
18
19import (
20	"bytes"
21	"io"
22	"testing"
23
24	"github.com/google/tink/go/keyset"
25	"github.com/google/tink/go/streamingaead"
26	tinkpb "github.com/google/tink/go/proto/tink_go_proto"
27)
28
29func TestKeyTemplates(t *testing.T) {
30	var testCases = []struct {
31		name     string
32		template *tinkpb.KeyTemplate
33	}{
34		{
35			name:     "AES128_GCM_HKDF_4KB",
36			template: streamingaead.AES128GCMHKDF4KBKeyTemplate(),
37		},
38		{
39			name:     "AES128_GCM_HKDF_1MB",
40			template: streamingaead.AES128GCMHKDF1MBKeyTemplate(),
41		},
42		{
43			name:     "AES256_GCM_HKDF_4KB",
44			template: streamingaead.AES256GCMHKDF4KBKeyTemplate(),
45		}, {
46			name:     "AES256_GCM_HKDF_1MB",
47			template: streamingaead.AES256GCMHKDF1MBKeyTemplate(),
48		}, {
49			name:     "AES128_CTR_HMAC_SHA256_4KB",
50			template: streamingaead.AES128CTRHMACSHA256Segment4KBKeyTemplate(),
51		},
52		{
53			name:     "AES128_CTR_HMAC_SHA256_1MB",
54			template: streamingaead.AES128CTRHMACSHA256Segment1MBKeyTemplate(),
55		},
56		{
57			name:     "AES256_CTR_HMAC_SHA256_4KB",
58			template: streamingaead.AES256CTRHMACSHA256Segment4KBKeyTemplate(),
59		},
60		{
61			name:     "AES256_CTR_HMAC_SHA256_1MB",
62			template: streamingaead.AES256CTRHMACSHA256Segment1MBKeyTemplate(),
63		},
64	}
65	for _, tc := range testCases {
66		t.Run(tc.name, func(t *testing.T) {
67			handle, err := keyset.NewHandle(tc.template)
68			if err != nil {
69				t.Fatalf("keyset.NewHandle(template) failed: %v", err)
70			}
71			primitive, err := streamingaead.New(handle)
72			if err != nil {
73				t.Fatalf("aead.New(handle) failed: %v", err)
74			}
75
76			plaintext := []byte("some data to encrypt")
77			aad := []byte("extra data to authenticate")
78			buf := &bytes.Buffer{}
79			w, err := primitive.NewEncryptingWriter(buf, aad)
80			if err != nil {
81				t.Fatalf("primitive.NewEncryptingWriter(buf, aad) failed: %v", err)
82			}
83			if _, err := w.Write(plaintext); err != nil {
84				t.Fatalf("w.Write(plaintext) failed: %v", err)
85			}
86			if err := w.Close(); err != nil {
87				t.Fatalf("w.Close() failed: %v", err)
88			}
89
90			r, err := primitive.NewDecryptingReader(buf, aad)
91			if err != nil {
92				t.Fatalf("primitive.NewDecryptingReader(buf, aad) failed: %v", err)
93			}
94			decrypted, err := io.ReadAll(r)
95			if err != nil {
96				t.Fatalf("io.ReadAll(r) failed: %v", err)
97			}
98			if !bytes.Equal(decrypted, plaintext) {
99				t.Errorf("decrypted data doesn't match plaintext, got: %q, want: ''", decrypted)
100			}
101		})
102	}
103}
104