Search in sources :

Example 1 with SeekableByteBufferChannel

use of com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel in project tink by google.

the class AesCtrHmacStreamingTest method testEncryptLimitedCiphertextChannel.

/**
 * Test encryption with a simulated ciphertext channel, which has only a limited capacity.
 */
@Test
public void testEncryptLimitedCiphertextChannel() throws Exception {
    int segmentSize = 512;
    int firstSegmentOffset = 0;
    int keySizeInBytes = 16;
    int tagSizeInBytes = 12;
    byte[] ikm = TestUtil.hexDecode("000102030405060708090a0b0c0d0e0f00112233445566778899aabbccddeeff");
    AesCtrHmacStreaming ags = new AesCtrHmacStreaming(ikm, "HmacSha256", keySizeInBytes, "HmacSha256", tagSizeInBytes, segmentSize, firstSegmentOffset);
    int plaintextSize = 1 << 15;
    int maxChunkSize = 100;
    byte[] aad = TestUtil.hexDecode("aabbccddeeff");
    byte[] plaintext = StreamingTestUtil.generatePlaintext(plaintextSize);
    int ciphertextLength = (int) ags.expectedCiphertextSize(plaintextSize);
    ByteBuffer ciphertext = ByteBuffer.allocate(ciphertextLength);
    WritableByteChannel ctChannel = new SeekableByteBufferChannel(ciphertext, maxChunkSize);
    WritableByteChannel encChannel = ags.newEncryptingChannel(ctChannel, aad);
    ByteBuffer plaintextBuffer = ByteBuffer.wrap(plaintext);
    int loops = 0;
    while (plaintextBuffer.remaining() > 0) {
        encChannel.write(plaintextBuffer);
        loops += 1;
        if (loops > 100000) {
            System.out.println(encChannel.toString());
            fail("Too many loops");
        }
    }
    encChannel.close();
    assertFalse(encChannel.isOpen());
    StreamingTestUtil.isValidCiphertext(ags, plaintext, aad, ciphertext.array());
}
Also used : WritableByteChannel(java.nio.channels.WritableByteChannel) SeekableByteBufferChannel(com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.Test)

Example 2 with SeekableByteBufferChannel

use of com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel in project tink by google.

the class StreamingAeadThreadSafetyTest method testRandomAccessDecryption.

/**
 * Test for thread safety using SeekableByteChannels. This test is an incorrect use case for
 * StreamingAead implementations, since SeekableByteChannels can't be used in multiple threads.
 * I.e. an implementation cannot guarantee that no other thread modifies the stream between a call
 * to SeekableByteChannel.position(long) and SeekableByteChannel.read(ByteBuffer). Therefore, the
 * test here only checks whether the operations are atomic. E.g. a read should read contiuous
 * bytes.
 */
public void testRandomAccessDecryption(StreamingAead stream, byte[] aad, int plaintextSize) throws Exception {
    int numberOfReads = 128;
    int numberOfThreads = 10;
    byte[] plaintext = new byte[plaintextSize];
    for (int i = 0; i < plaintextSize; i++) {
        // Setting plaintex[i] to (byte) i, allows the decrypting thread to check that the
        // plaintext is from a continuous part of the plaintext.
        plaintext[i] = (byte) i;
    }
    byte[] ciphertext = encrypt(stream, plaintext, aad);
    SeekableByteChannel ctChannel = new SeekableByteBufferChannel(ciphertext);
    SeekableByteChannel decChannel = stream.newSeekableDecryptingChannel(ctChannel, aad);
    ExceptionHandler exceptionHandler = new ExceptionHandler();
    Thread[] thread = new Thread[numberOfThreads];
    for (int i = 0; i < numberOfThreads; i++) {
        thread[i] = new RandomAccessThread(decChannel, plaintextSize, numberOfReads);
        thread[i].setUncaughtExceptionHandler(exceptionHandler);
    }
    for (int i = 0; i < numberOfThreads; i++) {
        thread[i].start();
    }
    for (int i = 0; i < numberOfThreads; i++) {
        thread[i].join();
    }
    exceptionHandler.check();
}
Also used : SeekableByteChannel(java.nio.channels.SeekableByteChannel) SeekableByteBufferChannel(com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel)

Example 3 with SeekableByteBufferChannel

use of com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel in project tink by google.

the class AesGcmHkdfStreamingTest method testEncryptLimitedCiphertextChannel.

/**
 * Test encryption with a simulated ciphertext channel, which has only a limited capacity.
 */
@Test
public void testEncryptLimitedCiphertextChannel() throws Exception {
    int segmentSize = 512;
    int firstSegmentOffset = 0;
    int keySizeInBytes = 16;
    byte[] ikm = TestUtil.hexDecode("000102030405060708090a0b0c0d0e0f00112233445566778899aabbccddeeff");
    AesGcmHkdfStreaming ags = new AesGcmHkdfStreaming(ikm, "HmacSha256", keySizeInBytes, segmentSize, firstSegmentOffset);
    int plaintextSize = 1 << 15;
    int maxChunkSize = 100;
    byte[] aad = TestUtil.hexDecode("aabbccddeeff");
    byte[] plaintext = StreamingTestUtil.generatePlaintext(plaintextSize);
    int ciphertextLength = (int) ags.expectedCiphertextSize(plaintextSize);
    ByteBuffer ciphertext = ByteBuffer.allocate(ciphertextLength);
    WritableByteChannel ctChannel = new SeekableByteBufferChannel(ciphertext, maxChunkSize);
    WritableByteChannel encChannel = ags.newEncryptingChannel(ctChannel, aad);
    ByteBuffer plaintextBuffer = ByteBuffer.wrap(plaintext);
    int loops = 0;
    while (plaintextBuffer.remaining() > 0) {
        encChannel.write(plaintextBuffer);
        loops += 1;
        if (loops > 100000) {
            System.out.println(encChannel.toString());
            fail("Too many loops");
        }
    }
    encChannel.close();
    assertFalse(encChannel.isOpen());
    StreamingTestUtil.isValidCiphertext(ags, plaintext, aad, ciphertext.array());
}
Also used : WritableByteChannel(java.nio.channels.WritableByteChannel) SeekableByteBufferChannel(com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.Test)

Example 4 with SeekableByteBufferChannel

use of com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel in project tink by google.

the class StreamingAeadThreadSafetyTest method testDecryption.

/**
 * Test for thread safety. This test is an incorrect use case for StreamingAead implementations.
 * Streams have state and hence their behaviour is not well defined. Nevertheless if an encrypting
 * channel is used concurrently we expect the following behaviour: (1) All bytes are read (2) The
 * thread sanitizer does not find anything.
 */
public void testDecryption(StreamingAead stream, byte[] aad, int chunkSize) throws Exception {
    int numberOfThreads = 10;
    // The plaintext size for each thread.
    int plaintextSize = 5432;
    byte[] ciphertext = encrypt(stream, new byte[numberOfThreads * plaintextSize], aad);
    SeekableByteChannel ctChannel = new SeekableByteBufferChannel(ciphertext);
    SeekableByteChannel decChannel = stream.newSeekableDecryptingChannel(ctChannel, aad);
    ExceptionHandler exceptionHandler = new ExceptionHandler();
    Thread[] thread = new Thread[numberOfThreads];
    for (int i = 0; i < numberOfThreads; i++) {
        thread[i] = new DecryptingThread(decChannel, plaintextSize, chunkSize);
        thread[i].setUncaughtExceptionHandler(exceptionHandler);
    }
    for (int i = 0; i < numberOfThreads; i++) {
        thread[i].start();
    }
    for (int i = 0; i < numberOfThreads; i++) {
        thread[i].join();
    }
    exceptionHandler.check();
    // Each thread has read plaintextSize bytes from decChannel. Hence nothing should be left.
    int read = decChannel.read(ByteBuffer.allocate(1));
    assertEquals(-1, read);
}
Also used : SeekableByteChannel(java.nio.channels.SeekableByteChannel) SeekableByteBufferChannel(com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel)

Aggregations

SeekableByteBufferChannel (com.google.crypto.tink.StreamingTestUtil.SeekableByteBufferChannel)4 ByteBuffer (java.nio.ByteBuffer)2 SeekableByteChannel (java.nio.channels.SeekableByteChannel)2 WritableByteChannel (java.nio.channels.WritableByteChannel)2 Test (org.junit.Test)2