xref: /aosp_15_r20/external/tink/python/examples/hybrid/hybrid_test.sh (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1#!/bin/bash
2# Copyright 2021 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15################################################################################
16
17set -euo pipefail
18
19#############################################################################
20# Tests for hybrid encryption example.
21#############################################################################
22
23CLI="$1"
24PUBLIC_KEYSET_FILE="$2"
25PRIVATE_KEYSET_FILE="$3"
26
27INPUT_FILE="${TEST_TMPDIR}/example_data.txt"
28
29echo "This is some message to be encrypted." > "${INPUT_FILE}"
30
31#############################################################################
32
33# A helper function for getting the return code of a command that may fail
34# Temporarily disables error safety and stores return value in $TEST_STATUS
35# Usage:
36# % test_command somecommand some args
37# % echo $TEST_STATUS
38test_command() {
39  set +e
40  "$@"
41  TEST_STATUS=$?
42  set -e
43}
44
45print_test() {
46  echo "+++ Starting test $1..."
47}
48
49#############################################################################
50
51print_test "test_encrypt_decrypt_succeeds"
52
53# Run encryption
54test_command ${CLI} --mode=encrypt --keyset_path="${PUBLIC_KEYSET_FILE}" \
55    --input_path="${INPUT_FILE}" --output_path="${INPUT_FILE}.ciphertext"
56
57if (( TEST_STATUS == 0 )); then
58  echo "+++ Encryption successful."
59else
60  echo "--- Encryption failed."
61  exit 1
62fi
63
64# Run decryption
65test_command ${CLI} --mode=decrypt --keyset_path="${PRIVATE_KEYSET_FILE}" \
66    --input_path="${INPUT_FILE}.ciphertext" --output_path="${INPUT_FILE}.plaintext"
67
68if (( TEST_STATUS == 0 )); then
69  echo "+++ Decryption successful."
70else
71  echo "--- Decryption failed."
72  exit 1
73fi
74
75cat "${INPUT_FILE}"
76cat "${INPUT_FILE}.plaintext"
77cmp --silent "${INPUT_FILE}" "${INPUT_FILE}.plaintext"
78
79
80#############################################################################
81
82print_test "test_encrypt_decrypt_succeeds_with_context"
83
84# Run encryption
85CONTEXT_INFORMATION="context information"
86test_command ${CLI} --mode=encrypt --context_info="${CONTEXT_INFORMATION}" \
87    --keyset_path="${PUBLIC_KEYSET_FILE}" --input_path="${INPUT_FILE}" \
88    --output_path="${INPUT_FILE}.ciphertext"
89
90if (( TEST_STATUS == 0 )); then
91  echo "+++ Encryption successful."
92else
93  echo "--- Encryption failed."
94  exit 1
95fi
96
97# Run decryption
98test_command ${CLI} --mode=decrypt --context_info="${CONTEXT_INFORMATION}" \
99    --keyset_path="${PRIVATE_KEYSET_FILE}" --input_path="${INPUT_FILE}.ciphertext" \
100    --output_path="${INPUT_FILE}.plaintext"
101
102if (( TEST_STATUS == 0 )); then
103  echo "+++ Decryption successful."
104else
105  echo "--- Decryption failed."
106  exit 1
107fi
108
109cmp --silent "${INPUT_FILE}" "${INPUT_FILE}.plaintext"
110
111#############################################################################
112
113print_test "test_encrypt_decrypt_fails_with_context"
114
115# Run encryption
116CONTEXT_INFORMATION="context information"
117test_command ${CLI} --mode=encrypt --context_info="${CONTEXT_INFORMATION}" \
118    --keyset_path="${PUBLIC_KEYSET_FILE}" --input_path="${INPUT_FILE}" \
119    --output_path="${INPUT_FILE}.ciphertext"
120
121if (( TEST_STATUS == 0 )); then
122  echo "+++ Encryption successful."
123else
124  echo "--- Encryption failed."
125  exit 1
126fi
127
128# Run decryption
129test_command ${CLI} --mode=decrypt --keyset_path="${PRIVATE_KEYSET_FILE}" \
130    --input_path="${INPUT_FILE}.ciphertext" --output_path="${INPUT_FILE}.plaintext"
131
132if (( TEST_STATUS == 1 )); then
133  echo "+++ Decryption failed as expected."
134else
135  echo "--- Decryption succeeded but expected to fail."
136  exit 1
137fi
138
139#############################################################################
140
141print_test "test_encrypt_fails_with_wrong_keyset"
142
143# Run encryption
144test_command ${CLI} --mode=encrypt --keyset_path="${PRIVATE_KEYSET_FILE}" \
145    --input_path="${INPUT_FILE}" --output_path="${INPUT_FILE}.ciphertext"
146
147if (( TEST_STATUS == 1 )); then
148  echo "+++ Encryption failed as expected."
149else
150  echo "--- Encryption succeeded but expected to fail."
151  exit 1
152fi
153