-
Notifications
You must be signed in to change notification settings - Fork 118
Expand file tree
/
Copy pathHttpEceTest.java
More file actions
107 lines (87 loc) · 3.93 KB
/
HttpEceTest.java
File metadata and controls
107 lines (87 loc) · 3.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package nl.martijndwars.webpush;
import org.bouncycastle.jce.interfaces.ECPrivateKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test;
import java.security.*;
import java.util.Base64;
import java.util.HashMap;
import static nl.martijndwars.webpush.Encoding.AES128GCM;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
class HttpEceTest {
@BeforeAll
public static void addSecurityProvider() {
Security.addProvider(new BouncyCastleProvider());
}
private byte[] decode(String s) {
return Base64.getUrlDecoder().decode(s);
}
@Test
public void testZeroSaltAndKey() throws GeneralSecurityException {
HttpEce httpEce = HttpEce.createWithDefaultCipher();
String plaintext = "Hello";
byte[] salt = new byte[16];
byte[] key = new byte[16];
byte[] actual = httpEce.encrypt(plaintext.getBytes(), salt, key, null, null, null, AES128GCM);
byte[] expected = decode("AAAAAAAAAAAAAAAAAAAAAAAAEAAAMpsi6NfZUkOdJI96XyX0tavLqyIdiw");
assertArrayEquals(expected, actual);
}
/**
* See https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-09#section-3.1
*
* - Record size is 4096.
* - Input keying material is identified by an empty string.
*
* @throws GeneralSecurityException
*/
@Test
public void testSampleEncryption() throws GeneralSecurityException {
HttpEce httpEce = HttpEce.createWithThreadLocalCipher();
byte[] plaintext = "I am the walrus".getBytes();
byte[] salt = decode("I1BsxtFttlv3u_Oo94xnmw");
byte[] key = decode("yqdlZ-tYemfogSmv7Ws5PQ");
byte[] actual = httpEce.encrypt(plaintext, salt, key, null, null, null, AES128GCM);
byte[] expected = decode("I1BsxtFttlv3u_Oo94xnmwAAEAAA-NAVub2qFgBEuQKRapoZu-IxkIva3MEB1PD-ly8Thjg");
assertArrayEquals(expected, actual);
}
@Test
public void testSampleEncryptDecrypt() throws GeneralSecurityException {
String encodedKey = "yqdlZ-tYemfogSmv7Ws5PQ";
String encodedSalt = "I1BsxtFttlv3u_Oo94xnmw";
// Prepare the key map, which maps a keyid to a keypair.
PrivateKey privateKey = Utils.loadPrivateKey(encodedKey);
PublicKey publicKey = Utils.loadPublicKey((ECPrivateKey) privateKey);
KeyPair keyPair = new KeyPair(publicKey, privateKey);
HashMap<String, KeyPair> keys = new HashMap<>();
keys.put("", keyPair);
HashMap<String, String> labels = new HashMap<>();
labels.put("", "P-256");
// Run the encryption and decryption
HttpEce httpEce = new HttpEce(keys, labels);
byte[] plaintext = "I am the walrus".getBytes();
byte[] salt = decode(encodedSalt);
byte[] key = decode(encodedKey);
byte[] ciphertext = httpEce.encrypt(plaintext, salt, key, null, null, null, AES128GCM);
byte[] decrypted = httpEce.decrypt(ciphertext, null, key, null, AES128GCM);
assertArrayEquals(plaintext, decrypted);
}
/**
* See https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-09#section-3.2
*
* TODO: This test is disabled because the library does not deal with multiple records yet.
*
* @throws GeneralSecurityException
*/
@Test
@Disabled
public void testEncryptionWithMultipleRecords() throws GeneralSecurityException {
HttpEce httpEce = new HttpEce();
byte[] plaintext = "I am the walrus".getBytes();
byte[] salt = decode("uNCkWiNYzKTnBN9ji3-qWA");
byte[] key = decode("BO3ZVPxUlnLORbVGMpbT1Q");
byte[] actual = httpEce.encrypt(plaintext, salt, key, null, null, null, AES128GCM);
byte[] expected = decode("uNCkWiNYzKTnBN9ji3-qWAAAABkCYTHOG8chz_gnvgOqdGYovxyjuqRyJFjEDyoF1Fvkj6hQPdPHI51OEUKEpgz3SsLWIqS_uA");
assertArrayEquals(expected, actual);
}
}