c46ed8ed9e
* barebone streaming functionality * encryption needs to return a writecloser * added eof check * workaround for reader problem with copies * separate mobile wrappers from main api * add a clone in the read result to avoid memory corruption * refactor to reuse code, and fix verification * have to give the verify key at the start of the decryption * enfore readAll before signature verification * streaming api for SessionKey * add split message stream apis * name interface params * fix streaming api so it's supported by go-mobile * hide internal writeCloser * fix nil access * added detached sigs methods * started unit testing * unit testing and fixed a bug where key and data packets where inverted * remove unecessary error wrapping * figured out closing order and error handling * add GC calls to mobile writer and reader * remove debugging values and arrays * writer with builtin sha256 * unit testing the mobile helpers * comments and linting * Typo in error Co-authored-by: wussler <aron@wussler.it> * Add GetKeyPacket doc Co-authored-by: wussler <aron@wussler.it> * Add rfc reference in comments Co-authored-by: wussler <aron@wussler.it> * small improvements * add compatibility tests with normal methods * remove unecessary copies in the tests * update go-crypto to the merged changes commit * update comments of core internal functions * remove unused nolint comment * group message metadata in a struct * fix comments * change default values for metadata * change the mobile reader wrapper to fit the behavior of java * remove gc calls in the wrappers to avoid performance penalties * bring back the former Go2MobileReader to be used for ios * Update crypto/keyring_streaming.go Co-authored-by: wussler <aron@wussler.it> * return an error when verifying an embedded sig with no keyring * Update crypto/sessionkey_streaming.go Co-authored-by: wussler <aron@wussler.it> * linter error * update changelog * update changelog Co-authored-by: wussler <aron@wussler.it>
176 lines
5.2 KiB
Go
176 lines
5.2 KiB
Go
package crypto
|
|
|
|
import (
|
|
"bytes"
|
|
"io"
|
|
"reflect"
|
|
"testing"
|
|
|
|
"github.com/pkg/errors"
|
|
)
|
|
|
|
func TestSessionKey_EncryptDecryptStream(t *testing.T) {
|
|
messageBytes := []byte("Hello World!")
|
|
messageReader := bytes.NewReader(messageBytes)
|
|
var dataPacketBuf bytes.Buffer
|
|
messageWriter, err := testSessionKey.EncryptStream(
|
|
&dataPacketBuf,
|
|
testMeta,
|
|
keyRingTestPrivate,
|
|
)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while encrypting stream with session key, got:", err)
|
|
}
|
|
bufferSize := 2
|
|
buffer := make([]byte, bufferSize)
|
|
reachedEnd := false
|
|
for !reachedEnd {
|
|
n, err := messageReader.Read(buffer)
|
|
if err != nil {
|
|
if errors.Is(err, io.EOF) {
|
|
reachedEnd = true
|
|
} else {
|
|
t.Fatal("Expected no error while reading data, got:", err)
|
|
}
|
|
}
|
|
writtenTotal := 0
|
|
for writtenTotal < n {
|
|
written, err := messageWriter.Write(buffer[writtenTotal:n])
|
|
if err != nil {
|
|
t.Fatal("Expected no error while writing data, got:", err)
|
|
}
|
|
writtenTotal += written
|
|
}
|
|
}
|
|
err = messageWriter.Close()
|
|
if err != nil {
|
|
t.Fatal("Expected no error while closing plaintext writer, got:", err)
|
|
}
|
|
dataPacket := dataPacketBuf.Bytes()
|
|
decryptedReader, err := testSessionKey.DecryptStream(
|
|
bytes.NewReader(dataPacket),
|
|
keyRingTestPublic,
|
|
GetUnixTime(),
|
|
)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while calling DecryptStream, got:", err)
|
|
}
|
|
decryptedBytes, err := io.ReadAll(decryptedReader)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while reading the decrypted data, got:", err)
|
|
}
|
|
err = decryptedReader.VerifySignature()
|
|
if err != nil {
|
|
t.Fatal("Expected no error while verifying the signature, got:", err)
|
|
}
|
|
if !bytes.Equal(decryptedBytes, messageBytes) {
|
|
t.Fatalf("Expected the decrypted data to be %s got %s", string(decryptedBytes), string(messageBytes))
|
|
}
|
|
decryptedMeta := decryptedReader.GetMetadata()
|
|
if !reflect.DeepEqual(testMeta, decryptedMeta) {
|
|
t.Fatalf("Expected the decrypted metadata to be %v got %v", testMeta, decryptedMeta)
|
|
}
|
|
}
|
|
|
|
func TestSessionKey_EncryptStreamCompatible(t *testing.T) {
|
|
messageBytes := []byte("Hello World!")
|
|
messageReader := bytes.NewReader(messageBytes)
|
|
var dataPacketBuf bytes.Buffer
|
|
messageWriter, err := testSessionKey.EncryptStream(
|
|
&dataPacketBuf,
|
|
testMeta,
|
|
keyRingTestPrivate,
|
|
)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while encrypting stream with session key, got:", err)
|
|
}
|
|
bufferSize := 2
|
|
buffer := make([]byte, bufferSize)
|
|
reachedEnd := false
|
|
for !reachedEnd {
|
|
n, err := messageReader.Read(buffer)
|
|
if err != nil {
|
|
if errors.Is(err, io.EOF) {
|
|
reachedEnd = true
|
|
} else {
|
|
t.Fatal("Expected no error while reading data, got:", err)
|
|
}
|
|
}
|
|
writtenTotal := 0
|
|
for writtenTotal < n {
|
|
written, err := messageWriter.Write(buffer[writtenTotal:n])
|
|
if err != nil {
|
|
t.Fatal("Expected no error while writing data, got:", err)
|
|
}
|
|
writtenTotal += written
|
|
}
|
|
}
|
|
err = messageWriter.Close()
|
|
if err != nil {
|
|
t.Fatal("Expected no error while closing plaintext writer, got:", err)
|
|
}
|
|
dataPacket := dataPacketBuf.Bytes()
|
|
decryptedMsg, err := testSessionKey.DecryptAndVerify(
|
|
dataPacket,
|
|
keyRingTestPublic,
|
|
GetUnixTime(),
|
|
)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while calling DecryptAndVerify, got:", err)
|
|
}
|
|
decryptedBytes := decryptedMsg.Data
|
|
if err != nil {
|
|
t.Fatal("Expected no error while reading the decrypted data, got:", err)
|
|
}
|
|
if !bytes.Equal(decryptedBytes, messageBytes) {
|
|
t.Fatalf("Expected the decrypted data to be %s got %s", string(decryptedBytes), string(messageBytes))
|
|
}
|
|
if testMeta.IsBinary != decryptedMsg.IsBinary() {
|
|
t.Fatalf("Expected isBinary to be %t got %t", testMeta.IsBinary, decryptedMsg.IsBinary())
|
|
}
|
|
if testMeta.Filename != decryptedMsg.GetFilename() {
|
|
t.Fatalf("Expected filename to be %s got %s", testMeta.Filename, decryptedMsg.GetFilename())
|
|
}
|
|
if testMeta.ModTime != int64(decryptedMsg.GetTime()) {
|
|
t.Fatalf("Expected modification time to be %d got %d", testMeta.ModTime, int64(decryptedMsg.GetTime()))
|
|
}
|
|
}
|
|
|
|
func TestSessionKey_DecryptStreamCompatible(t *testing.T) {
|
|
messageBytes := []byte("Hello World!")
|
|
dataPacket, err := testSessionKey.EncryptAndSign(
|
|
&PlainMessage{
|
|
Data: messageBytes,
|
|
TextType: !testMeta.IsBinary,
|
|
Time: uint32(testMeta.ModTime),
|
|
Filename: testMeta.Filename,
|
|
},
|
|
keyRingTestPrivate,
|
|
)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while encrypting plaintext, got:", err)
|
|
}
|
|
decryptedReader, err := testSessionKey.DecryptStream(
|
|
bytes.NewReader(dataPacket),
|
|
keyRingTestPublic,
|
|
GetUnixTime(),
|
|
)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while calling DecryptStream, got:", err)
|
|
}
|
|
decryptedBytes, err := io.ReadAll(decryptedReader)
|
|
if err != nil {
|
|
t.Fatal("Expected no error while reading the decrypted data, got:", err)
|
|
}
|
|
err = decryptedReader.VerifySignature()
|
|
if err != nil {
|
|
t.Fatal("Expected no error while verifying the signature, got:", err)
|
|
}
|
|
if !bytes.Equal(decryptedBytes, messageBytes) {
|
|
t.Fatalf("Expected the decrypted data to be %s got %s", string(decryptedBytes), string(messageBytes))
|
|
}
|
|
decryptedMeta := decryptedReader.GetMetadata()
|
|
if !reflect.DeepEqual(testMeta, decryptedMeta) {
|
|
t.Fatalf("Expected the decrypted metadata to be %v got %v", testMeta, decryptedMeta)
|
|
}
|
|
}
|