Google Git
Sign in
vanadium / release.go.x.ref / d412cb25ba2fc6c6c61865bcfd9faf0c6d646ed7 / . / runtimes / google / ipc / stream / crypto / box_cipher_test.go
blob: acd26ae8925ab4e23f47188e1e513b0dc15f435d [file] [log] [blame]
Jason Hickey96d30e82014-11-13 07:40:00 -0800[diff] [blame]1package crypto_test
2
3import (
4 "bytes"
5 "crypto/rand"
6 "testing"
7
Cosmos Nicolaoud412cb22014-12-15 22:06:32 -0800[diff] [blame^]8 "golang.org/x/crypto/nacl/box"
Jason Hickey96d30e82014-11-13 07:40:00 -0800[diff] [blame]9
10 "veyron.io/veyron/veyron/runtimes/google/ipc/stream/crypto"
11)
12
13// Add space for a MAC.
14func newMessage(s string) []byte {
15 b := make([]byte, len(s)+box.Overhead)
16 copy(b, []byte(s))
17 return b
18}
19
20func TestOpenSeal(t *testing.T) {
21 pub1, pvt1, err := box.GenerateKey(rand.Reader)
22 if err != nil {
23 t.Fatalf("can't generate key")
24 }
25 pub2, pvt2, err := box.GenerateKey(rand.Reader)
26 if err != nil {
27 t.Fatalf("can't generate key")
28 }
29 c1 := crypto.NewControlCipherIPC6(pub2, pvt1, true)
30 c2 := crypto.NewControlCipherIPC6(pub1, pvt2, false)
31
32 msg1 := newMessage("hello")
33 if err := c1.Seal(msg1); err != nil {
34 t.Errorf("unexpected error: %s", err)
35 }
36 msg2 := newMessage("world")
37 if err := c1.Seal(msg2); err != nil {
38 t.Errorf("unexpected error: %s", err)
39 }
40 msg3 := newMessage("hello")
41 if err := c1.Seal(msg3); err != nil {
42 t.Errorf("unexpected error: %s", err)
43 }
44 if bytes.Compare(msg1, msg3) == 0 {
45 t.Errorf("message should differ: %q, %q", msg1, msg3)
46 }
47
48 // Check that the client does not encrypt the same.
49 msg4 := newMessage("hello")
50 if err := c2.Seal(msg4); err != nil {
51 t.Errorf("unexpected error: %s", err)
52 }
53 if bytes.Compare(msg4, msg1) == 0 {
54 t.Errorf("messages should differ %q vs. %q", msg4, msg1)
55 }
56
57 // Corrupted message should not decrypt.
58 msg1[0] ^= 1
59 if ok := c2.Open(msg1); ok {
60 t.Errorf("expected error")
61 }
62
63 // Fix the message and try again.
64 msg1[0] ^= 1
65 if ok := c2.Open(msg1); !ok {
66 t.Errorf("Open failed")
67 }
68 if bytes.Compare(msg1[:5], []byte("hello")) != 0 {
69 t.Errorf("got %q, expected %q", msg1[:5], "hello")
70 }
71
72 // msg3 should not decrypt.
73 if ok := c2.Open(msg3); ok {
74 t.Errorf("expected error")
75 }
76
77 // Resume.
78 if ok := c2.Open(msg2); !ok {
79 t.Errorf("Open failed")
80 }
81 if bytes.Compare(msg2[:5], []byte("world")) != 0 {
82 t.Errorf("got %q, expected %q", msg2[:5], "world")
83 }
84 if ok := c2.Open(msg3); !ok {
85 t.Errorf("Open failed")
86 }
87 if bytes.Compare(msg3[:5], []byte("hello")) != 0 {
88 t.Errorf("got %q, expected %q", msg3[:5], "hello")
89 }
90}
91
92func TestXORKeyStream(t *testing.T) {
93 pub1, pvt1, err := box.GenerateKey(rand.Reader)
94 if err != nil {
95 t.Fatalf("can't generate key")
96 }
97 pub2, pvt2, err := box.GenerateKey(rand.Reader)
98 if err != nil {
99 t.Fatalf("can't generate key")
100 }
101 c1 := crypto.NewControlCipherIPC6(pub2, pvt1, true)
102 c2 := crypto.NewControlCipherIPC6(pub1, pvt2, false)
103
104 msg1 := []byte("hello")
105 msg2 := []byte("world")
106 msg3 := []byte("hello")
107 c1.Encrypt(msg1)
108 c1.Encrypt(msg2)
109 c1.Encrypt(msg3)
110 if bytes.Compare(msg1, msg3) == 0 {
111 t.Errorf("messages should differ: %q, %q", msg1, msg3)
112 }
113
114 c2.Decrypt(msg1)
115 c2.Decrypt(msg2)
116 c2.Decrypt(msg3)
117 s1 := string(msg1)
118 s2 := string(msg2)
119 s3 := string(msg3)
120 if s1 != "hello" {
121 t.Errorf("got %q, expected 'hello'", s1)
122 }
123 if s2 != "world" {
124 t.Errorf("got %q, expected 'world'", s2)
125 }
126 if s3 != "hello" {
127 t.Errorf("got %q, expected 'hello'", s3)
128 }
129}