void testEncryption(const EncryptionType encryptionType, const std::string &plaintext) { AESEncryptor encryptor; AESDecryptor decryptor; std::string iv; EncryptionParams encryptionData = EncryptionParams::generateEncryptionParams(encryptionType); EXPECT_EQ(encryptionType, encryptionData.getType()); LOG(INFO) << "Generated encryption key"; const int length = plaintext.size(); uint8_t encryptedText[length]; bool success = encryptor.start(encryptionData, iv); EXPECT_TRUE(success); success = encryptor.encrypt((uint8_t *)(plaintext.data()), length, encryptedText); EXPECT_TRUE(success); success = encryptor.finish(); EXPECT_TRUE(success); EXPECT_NE(plaintext, std::string(encryptedText, encryptedText + length)); uint8_t decryptedText[length]; success = decryptor.start(encryptionData, iv); EXPECT_TRUE(success); success = decryptor.decrypt(encryptedText, length, decryptedText); EXPECT_TRUE(success); EXPECT_EQ(plaintext, std::string(decryptedText, decryptedText + length)); success = decryptor.finish(); EXPECT_TRUE(success); // change one byte. Should not decrypt to the correct plain text encryptedText[0]++; success = decryptor.start(encryptionData, iv); EXPECT_TRUE(success); success = decryptor.decrypt(encryptedText, length, decryptedText); EXPECT_TRUE(success); EXPECT_NE(plaintext, std::string(decryptedText, decryptedText + length)); success = decryptor.finish(); EXPECT_TRUE(success); }
// Removed & on plaintext purpose: // make a copy to help ensure we don't accidentally // mutate the original data void testEncryption(const EncryptionType encryptionType, const std::string &plaintext) { AESEncryptor encryptor; AESDecryptor decryptor; std::string iv; EncryptionParams encryptionData = EncryptionParams::generateEncryptionParams(encryptionType); EXPECT_EQ(encryptionType, encryptionData.getType()); WLOG(INFO) << "Generated encryption key for type " << encryptionType; const int length = plaintext.size(); char encryptedText[length]; bool success = encryptor.start(encryptionData, iv); EXPECT_TRUE(success); success = encryptor.encrypt(plaintext.data(), length, encryptedText); EXPECT_TRUE(success); std::string tag; success = encryptor.finish(tag); EXPECT_TRUE(success); EXPECT_NE(plaintext, std::string(encryptedText, encryptedText + length)); char decryptedText[length]; success = decryptor.start(encryptionData, iv); EXPECT_TRUE(success); success = decryptor.decrypt(encryptedText, length, decryptedText); EXPECT_TRUE(success); EXPECT_EQ(plaintext, std::string(decryptedText, decryptedText + length)); success = decryptor.finish(tag); EXPECT_TRUE(success); // change one byte. Should not decrypt to the correct plain text encryptedText[3]++; success = decryptor.start(encryptionData, iv); EXPECT_TRUE(success); success = decryptor.decrypt(encryptedText, length, decryptedText); // EXPECT_EQ((encryptionType != ENC_AES128_GCM), success); EXPECT_EQ(true, success); success = decryptor.finish(tag); // gcm does/should detect the error, not the others: EXPECT_EQ((encryptionType != ENC_AES128_GCM), success); // But none of them should get back our input: EXPECT_NE(plaintext, std::string(decryptedText, decryptedText + length)); if (!encryptionTypeToTagLen(encryptionType)) { return; } // test incremental verification const int numInterval = 5; std::vector<std::string> tags; std::vector<int> lengths; int lenSum = 0; success = encryptor.start(encryptionData, iv); EXPECT_TRUE(success); for (int i = 0; i < numInterval; i++) { lengths.emplace_back((length - lenSum) / (numInterval - i)); success = encryptor.encrypt(plaintext.data() + lenSum, lengths[i], encryptedText + lenSum); EXPECT_TRUE(success); std::string curTag = encryptor.computeCurrentTag(); EXPECT_EQ(std::find(tags.begin(), tags.end(), curTag), tags.end()); tags.emplace_back(curTag); lenSum += lengths[i]; } EXPECT_EQ(lenSum, length); success = encryptor.finish(tag); EXPECT_TRUE(success); EXPECT_EQ(tag, tags.back()); success = decryptor.start(encryptionData, iv); EXPECT_TRUE(success); lenSum = 0; for (int i = 0; i < numInterval; i++) { success = decryptor.decrypt(encryptedText + lenSum, lengths[i], decryptedText + lenSum); EXPECT_TRUE(success); success = decryptor.verifyTag(tags[i]); EXPECT_TRUE(success); lenSum += lengths[i]; } success = decryptor.finish(tag); EXPECT_TRUE(success); EXPECT_EQ(plaintext, std::string(decryptedText, decryptedText + length)); }