cc/subtle/test_util.h - platform/external/tink - Git at Google

 // Copyright 2019 Google Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ///////////////////////////////////////////////////////////////////////////////

 #ifndef TINK_SUBTLE_TEST_UTIL_H_
 #define TINK_SUBTLE_TEST_UTIL_H_

 #include <memory>
 #include <string>
 #include <vector>

 #include "absl/memory/memory.h"
 #include "absl/status/status.h"
 #include "absl/strings/str_cat.h"
 #include "absl/strings/string_view.h"
 #include "tink/input_stream.h"
 #include "tink/output_stream.h"
 #include "tink/subtle/nonce_based_streaming_aead.h"
 #include "tink/subtle/stream_segment_decrypter.h"
 #include "tink/subtle/stream_segment_encrypter.h"
 #include "tink/util/status.h"
 #include "tink/util/statusor.h"

 namespace crypto {
 namespace tink {
 namespace subtle {
 namespace test {

 // Various utilities for testing.
 ///////////////////////////////////////////////////////////////////////////////

 // Writes 'contents' the specified 'output_stream', and if 'close_stream'
 // is true, then closes the stream.
 // Returns the status of output_stream->Close()-operation, or a non-OK status
 // of a prior output_stream->Next()-operation, if any.
 util::Status WriteToStream(OutputStream* output_stream,
                            absl::string_view contents,
                            bool close_stream = true);

 // Reads all bytes from the specified 'input_stream', and puts
 // them into 'output', where both 'input_stream' and 'output must be non-null.
 // Returns a non-OK status only if reading fails for some reason.
 // If the end of stream is reached ('input_stream' returns OUT_OF_RANGE),
 // then this function returns OK.
 util::Status ReadFromStream(InputStream* input_stream, std::string* output);

 // A dummy encrypter that "encrypts" by just appending to the plaintext
 // the current segment number and a marker byte indicating whether
 // the segment is last one.
 class DummyStreamSegmentEncrypter : public StreamSegmentEncrypter {
  public:
   // Size of the per-segment tag added upon encryption.
   static constexpr int kSegmentTagSize = sizeof(int64_t) + 1;

   // Bytes for marking whether a given segment is the last one.
   static constexpr char kLastSegment = 'l';
   static constexpr char kNotLastSegment = 'n';

   DummyStreamSegmentEncrypter(int pt_segment_size,
                               int header_size,
                               int ct_offset) :
       pt_segment_size_(pt_segment_size),
       ct_offset_(ct_offset),
       segment_number_(0) {
     // Fill the header with 'header_size' copies of letter 'h'
     header_.resize(0);
     header_.resize(header_size, static_cast<uint8_t>('h'));
     generated_output_size_ = header_size;
   }

   // Generates an expected ciphertext for the given 'plaintext'.
   std::string GenerateCiphertext(absl::string_view plaintext) {
     std::string ct(header_.begin(), header_.end());
     int64_t seg_no = 0;
     int pos = 0;
     do {
       int seg_len = pt_segment_size_;
       if (pos == 0) {  // The first segment.
         seg_len -= (ct_offset_ + header_.size());
       }
       if (seg_len > plaintext.size() - pos) {  // The last segment.
         seg_len = plaintext.size() - pos;
       }
       ct.append(plaintext.substr(pos, seg_len).data(), seg_len);
       pos += seg_len;
       ct.append(reinterpret_cast<const char*>(&seg_no), sizeof(seg_no));
       ct.append(1, pos < plaintext.size() ? kNotLastSegment : kLastSegment);
       seg_no++;
     } while (pos < plaintext.size());
     return ct;
   }

   util::Status EncryptSegment(
       const std::vector<uint8_t>& plaintext,
       bool is_last_segment,
       std::vector<uint8_t>* ciphertext_buffer) override {
     ciphertext_buffer->resize(plaintext.size() + kSegmentTagSize);
     memcpy(ciphertext_buffer->data(), plaintext.data(), plaintext.size());
     memcpy(ciphertext_buffer->data() + plaintext.size(),
            &segment_number_, sizeof(segment_number_));
     // The last byte of the a ciphertext segment.
     ciphertext_buffer->back() =
         is_last_segment ? kLastSegment : kNotLastSegment;
     generated_output_size_ += ciphertext_buffer->size();
     IncSegmentNumber();
     return util::OkStatus();
   }

   const std::vector<uint8_t>& get_header() const override {
     return header_;
   }

   int64_t get_segment_number() const override {
     return segment_number_;
   }

   int get_plaintext_segment_size() const override {
     return pt_segment_size_;
   }

   int get_ciphertext_segment_size() const override {
     return pt_segment_size_ + kSegmentTagSize;
   }

   int get_ciphertext_offset() const override {
     return ct_offset_;
   }

   ~DummyStreamSegmentEncrypter() override = default;

   int get_generated_output_size() {
     return generated_output_size_;
   }

  protected:
   void IncSegmentNumber() override {
     segment_number_++;
   }

  private:
   std::vector<uint8_t> header_;
   int pt_segment_size_;
   int ct_offset_;
   int64_t segment_number_;
   int64_t generated_output_size_;
 };   // class DummyStreamSegmentEncrypter

 // A dummy decrypter that "decrypts" segments encrypted by
 // DummyStreamSegmentEncrypter.
 class DummyStreamSegmentDecrypter : public StreamSegmentDecrypter {
  public:
   DummyStreamSegmentDecrypter(int pt_segment_size,
                               int header_size,
                               int ct_offset) :
       pt_segment_size_(pt_segment_size),
       ct_offset_(ct_offset) {
     // Fill the header with 'header_size' copies of letter 'h'
     header_.resize(0);
     header_.resize(header_size, static_cast<uint8_t>('h'));
     generated_output_size_ = 0;
   }

   util::Status Init(const std::vector<uint8_t>& header) override {
     if (header_.size() != header.size() ||
         memcmp(header_.data(), header.data(), header_.size()) != 0) {
       return util::Status(absl::StatusCode::kInvalidArgument,
                           "Invalid stream header");
     }
     return util::OkStatus();
   }

   int get_header_size() const override {
     return header_.size();
   }

   util::Status DecryptSegment(
       const std::vector<uint8_t>& ciphertext,
       int64_t segment_number,
       bool is_last_segment,
       std::vector<uint8_t>* plaintext_buffer) override {
     if (ciphertext.size() < DummyStreamSegmentEncrypter::kSegmentTagSize) {
       return util::Status(absl::StatusCode::kInvalidArgument,
                           "Ciphertext segment too short");
     }
     if (ciphertext.back() !=
         (is_last_segment ? DummyStreamSegmentEncrypter::kLastSegment :
          DummyStreamSegmentEncrypter::kNotLastSegment)) {
       return util::Status(absl::StatusCode::kInvalidArgument,
                           "unexpected last-segment marker");
     }
     int pt_size =
         ciphertext.size() - DummyStreamSegmentEncrypter::kSegmentTagSize;
     if (memcmp(ciphertext.data() + pt_size,
                reinterpret_cast<const char*>(&segment_number),
                sizeof(segment_number)) != 0) {
       return util::Status(absl::StatusCode::kInvalidArgument,
                           "wrong segment number");
     }
     plaintext_buffer->resize(pt_size);
     memcpy(plaintext_buffer->data(), ciphertext.data(), pt_size);
     generated_output_size_ += pt_size;
     return util::OkStatus();
   }


   int get_plaintext_segment_size() const override {
     return pt_segment_size_;
   }

   int get_ciphertext_segment_size() const override {
     return pt_segment_size_ + DummyStreamSegmentEncrypter::kSegmentTagSize;
   }

   int get_ciphertext_offset() const override {
     return ct_offset_;
   }

   ~DummyStreamSegmentDecrypter() override = default;

   int get_generated_output_size() {
     return generated_output_size_;
   }

  private:
   std::vector<uint8_t> header_;
   int pt_segment_size_;
   int ct_offset_;
   int64_t generated_output_size_;
 };   // class DummyStreamSegmentDecrypter

 class DummyStreamingAead : public NonceBasedStreamingAead {
  public:
   DummyStreamingAead(int pt_segment_size, int header_size, int ct_offset)
       : pt_segment_size_(pt_segment_size),
         header_size_(header_size),
         ct_offset_(ct_offset) {}

  protected:
   util::StatusOr<std::unique_ptr<StreamSegmentEncrypter>> NewSegmentEncrypter(
       absl::string_view associated_data) const override {
     return {absl::make_unique<DummyStreamSegmentEncrypter>(
         pt_segment_size_, header_size_, ct_offset_)};
   }

   util::StatusOr<std::unique_ptr<StreamSegmentDecrypter>> NewSegmentDecrypter(
       absl::string_view associated_data) const override {
     return {absl::make_unique<DummyStreamSegmentDecrypter>(
         pt_segment_size_, header_size_, ct_offset_)};
   }

  private:
   int pt_segment_size_;
   int header_size_;
   int ct_offset_;
 };

 }  // namespace test
 }  // namespace subtle
 }  // namespace tink
 }  // namespace crypto

 #endif  // TINK_SUBTLE_TEST_UTIL_H_
	// Copyright 2019 Google Inc.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	///////////////////////////////////////////////////////////////////////////////

	#ifndef TINK_SUBTLE_TEST_UTIL_H_
	#define TINK_SUBTLE_TEST_UTIL_H_

	#include <memory>
	#include <string>
	#include <vector>

	#include "absl/memory/memory.h"
	#include "absl/status/status.h"
	#include "absl/strings/str_cat.h"
	#include "absl/strings/string_view.h"
	#include "tink/input_stream.h"
	#include "tink/output_stream.h"
	#include "tink/subtle/nonce_based_streaming_aead.h"
	#include "tink/subtle/stream_segment_decrypter.h"
	#include "tink/subtle/stream_segment_encrypter.h"
	#include "tink/util/status.h"
	#include "tink/util/statusor.h"

	namespace crypto {
	namespace tink {
	namespace subtle {
	namespace test {

	// Various utilities for testing.
	///////////////////////////////////////////////////////////////////////////////

	// Writes 'contents' the specified 'output_stream', and if 'close_stream'
	// is true, then closes the stream.
	// Returns the status of output_stream->Close()-operation, or a non-OK status
	// of a prior output_stream->Next()-operation, if any.
	util::Status WriteToStream(OutputStream* output_stream,
	absl::string_view contents,
	bool close_stream = true);

	// Reads all bytes from the specified 'input_stream', and puts
	// them into 'output', where both 'input_stream' and 'output must be non-null.
	// Returns a non-OK status only if reading fails for some reason.
	// If the end of stream is reached ('input_stream' returns OUT_OF_RANGE),
	// then this function returns OK.
	util::Status ReadFromStream(InputStream* input_stream, std::string* output);

	// A dummy encrypter that "encrypts" by just appending to the plaintext
	// the current segment number and a marker byte indicating whether
	// the segment is last one.
	class DummyStreamSegmentEncrypter : public StreamSegmentEncrypter {
	public:
	// Size of the per-segment tag added upon encryption.
	static constexpr int kSegmentTagSize = sizeof(int64_t) + 1;

	// Bytes for marking whether a given segment is the last one.
	static constexpr char kLastSegment = 'l';
	static constexpr char kNotLastSegment = 'n';

	DummyStreamSegmentEncrypter(int pt_segment_size,
	int header_size,
	int ct_offset) :
	pt_segment_size_(pt_segment_size),
	ct_offset_(ct_offset),
	segment_number_(0) {
	// Fill the header with 'header_size' copies of letter 'h'
	header_.resize(0);
	header_.resize(header_size, static_cast<uint8_t>('h'));
	generated_output_size_ = header_size;
	}

	// Generates an expected ciphertext for the given 'plaintext'.
	std::string GenerateCiphertext(absl::string_view plaintext) {
	std::string ct(header_.begin(), header_.end());
	int64_t seg_no = 0;
	int pos = 0;
	do {
	int seg_len = pt_segment_size_;
	if (pos == 0) { // The first segment.
	seg_len -= (ct_offset_ + header_.size());
	}
	if (seg_len > plaintext.size() - pos) { // The last segment.
	seg_len = plaintext.size() - pos;
	}
	ct.append(plaintext.substr(pos, seg_len).data(), seg_len);
	pos += seg_len;
	ct.append(reinterpret_cast<const char*>(&seg_no), sizeof(seg_no));
	ct.append(1, pos < plaintext.size() ? kNotLastSegment : kLastSegment);
	seg_no++;
	} while (pos < plaintext.size());
	return ct;
	}

	util::Status EncryptSegment(
	const std::vector<uint8_t>& plaintext,
	bool is_last_segment,
	std::vector<uint8_t>* ciphertext_buffer) override {
	ciphertext_buffer->resize(plaintext.size() + kSegmentTagSize);
	memcpy(ciphertext_buffer->data(), plaintext.data(), plaintext.size());
	memcpy(ciphertext_buffer->data() + plaintext.size(),
	&segment_number_, sizeof(segment_number_));
	// The last byte of the a ciphertext segment.
	ciphertext_buffer->back() =
	is_last_segment ? kLastSegment : kNotLastSegment;
	generated_output_size_ += ciphertext_buffer->size();
	IncSegmentNumber();
	return util::OkStatus();
	}

	const std::vector<uint8_t>& get_header() const override {
	return header_;
	}

	int64_t get_segment_number() const override {
	return segment_number_;
	}

	int get_plaintext_segment_size() const override {
	return pt_segment_size_;
	}

	int get_ciphertext_segment_size() const override {
	return pt_segment_size_ + kSegmentTagSize;
	}

	int get_ciphertext_offset() const override {
	return ct_offset_;
	}

	~DummyStreamSegmentEncrypter() override = default;

	int get_generated_output_size() {
	return generated_output_size_;
	}

	protected:
	void IncSegmentNumber() override {
	segment_number_++;
	}

	private:
	std::vector<uint8_t> header_;
	int pt_segment_size_;
	int ct_offset_;
	int64_t segment_number_;
	int64_t generated_output_size_;
	}; // class DummyStreamSegmentEncrypter

	// A dummy decrypter that "decrypts" segments encrypted by
	// DummyStreamSegmentEncrypter.
	class DummyStreamSegmentDecrypter : public StreamSegmentDecrypter {
	public:
	DummyStreamSegmentDecrypter(int pt_segment_size,
	int header_size,
	int ct_offset) :
	pt_segment_size_(pt_segment_size),
	ct_offset_(ct_offset) {
	// Fill the header with 'header_size' copies of letter 'h'
	header_.resize(0);
	header_.resize(header_size, static_cast<uint8_t>('h'));
	generated_output_size_ = 0;
	}

	util::Status Init(const std::vector<uint8_t>& header) override {
	if (header_.size() != header.size() \|\|
	memcmp(header_.data(), header.data(), header_.size()) != 0) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"Invalid stream header");
	}
	return util::OkStatus();
	}

	int get_header_size() const override {
	return header_.size();
	}

	util::Status DecryptSegment(
	const std::vector<uint8_t>& ciphertext,
	int64_t segment_number,
	bool is_last_segment,
	std::vector<uint8_t>* plaintext_buffer) override {
	if (ciphertext.size() < DummyStreamSegmentEncrypter::kSegmentTagSize) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"Ciphertext segment too short");
	}
	if (ciphertext.back() !=
	(is_last_segment ? DummyStreamSegmentEncrypter::kLastSegment :
	DummyStreamSegmentEncrypter::kNotLastSegment)) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"unexpected last-segment marker");
	}
	int pt_size =
	ciphertext.size() - DummyStreamSegmentEncrypter::kSegmentTagSize;
	if (memcmp(ciphertext.data() + pt_size,
	reinterpret_cast<const char*>(&segment_number),
	sizeof(segment_number)) != 0) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"wrong segment number");
	}
	plaintext_buffer->resize(pt_size);
	memcpy(plaintext_buffer->data(), ciphertext.data(), pt_size);
	generated_output_size_ += pt_size;
	return util::OkStatus();
	}


	int get_plaintext_segment_size() const override {
	return pt_segment_size_;
	}

	int get_ciphertext_segment_size() const override {
	return pt_segment_size_ + DummyStreamSegmentEncrypter::kSegmentTagSize;
	}

	int get_ciphertext_offset() const override {
	return ct_offset_;
	}

	~DummyStreamSegmentDecrypter() override = default;

	int get_generated_output_size() {
	return generated_output_size_;
	}

	private:
	std::vector<uint8_t> header_;
	int pt_segment_size_;
	int ct_offset_;
	int64_t generated_output_size_;
	}; // class DummyStreamSegmentDecrypter

	class DummyStreamingAead : public NonceBasedStreamingAead {
	public:
	DummyStreamingAead(int pt_segment_size, int header_size, int ct_offset)
	: pt_segment_size_(pt_segment_size),
	header_size_(header_size),
	ct_offset_(ct_offset) {}

	protected:
	util::StatusOr<std::unique_ptr<StreamSegmentEncrypter>> NewSegmentEncrypter(
	absl::string_view associated_data) const override {
	return {absl::make_unique<DummyStreamSegmentEncrypter>(
	pt_segment_size_, header_size_, ct_offset_)};
	}

	util::StatusOr<std::unique_ptr<StreamSegmentDecrypter>> NewSegmentDecrypter(
	absl::string_view associated_data) const override {
	return {absl::make_unique<DummyStreamSegmentDecrypter>(
	pt_segment_size_, header_size_, ct_offset_)};
	}

	private:
	int pt_segment_size_;
	int header_size_;
	int ct_offset_;
	};

	} // namespace test
	} // namespace subtle
	} // namespace tink
	} // namespace crypto

	#endif // TINK_SUBTLE_TEST_UTIL_H_