Exemple #1
0
// TestAESRelatedUtilFunctions tests various functions commonly used in fabric wrt AES
func TestAESRelatedUtilFunctions(t *testing.T) {

	key, err := GenAESKey()
	if err != nil {
		t.Fatalf("Failed generating AES key [%s]", err)
	}

	for i := 1; i < 100; i++ {
		len, err := rand.Int(rand.Reader, big.NewInt(1024))
		if err != nil {
			t.Fatalf("Failed generating AES key [%s]", err)
		}
		msg, err := primitives.GetRandomBytes(int(len.Int64()) + 1)
		if err != nil {
			t.Fatalf("Failed generating AES key [%s]", err)
		}

		ct, err := CBCPKCS7Encrypt(key, msg)
		if err != nil {
			t.Fatalf("Failed encrypting [%s]", err)
		}

		msg2, err := CBCPKCS7Decrypt(key, ct)
		if err != nil {
			t.Fatalf("Failed decrypting [%s]", err)
		}

		if 0 != bytes.Compare(msg, msg2) {
			t.Fatalf("Wrong decryption output [%x][%x]", msg, msg2)
		}

	}

}
Exemple #2
0
func TestAES256GSMSPIDencryption(t *testing.T) {
	spi := NewAES256GSMSPI()

	// Generate Key
	key, err := spi.GenerateKey()
	if err != nil {
		t.Fatalf("Failed generating key [%s]", err)
	}
	if key.GetRand() == nil {
		t.Fatalf("Nil random generator in key.")
	}

	// Encrypt
	sc, err := spi.NewStreamCipherForDecryptionFromKey(key)
	if err != nil {
		t.Fatalf("Failed NewStreamCipherForDecryptionFromKey [%s]", err)
	}
	_, err = sc.Process(nil)
	if err == nil {
		t.Fatalf("Decryption should fail on nil")
	}
	_, err = sc.Process([]byte{0, 1, 2})
	if err == nil {
		t.Fatalf("Decryption should fail on invalid ciphertext")
	}
	randCt, err := primitives.GetRandomBytes(45)
	if err != nil {
		t.Fatalf("Failed generating random bytes [%s]", err)
	}
	_, err = sc.Process(randCt)
	if err == nil {
		t.Fatalf("Decryption should fail on invalid ciphertext")
	}

}
Exemple #3
0
func (spi *aes256GCMStreamCipherSPIImpl) GenerateKeyAndSerialize() (primitives.SecretKey, []byte, error) {
	key, err := primitives.GetRandomBytes(32)
	if err != nil {
		return nil, nil, err
	}

	return &aesSecretKeyImpl{key, rand.Reader}, utils.Clone(key), nil
}
Exemple #4
0
func (spi *aes256GCMStreamCipherSPIImpl) GenerateKey() (primitives.SecretKey, error) {
	key, err := primitives.GetRandomBytes(32)
	if err != nil {
		return nil, err
	}

	return &aesSecretKeyImpl{key, rand.Reader}, nil
}
Exemple #5
0
func (se *queryStateEncryptor) Encrypt(msg []byte) ([]byte, error) {
	nonce, err := primitives.GetRandomBytes(se.nonceSize)
	if err != nil {
		se.node.Errorf("Failed getting randomness [%s].", err.Error())
		return nil, err
	}

	// Seal will append the output to the first argument; the usage
	// here appends the ciphertext to the nonce. The final parameter
	// is any additional data to be authenticated.
	out := se.gcmEnc.Seal(nonce, nonce, msg, nil)

	return out, nil
}
Exemple #6
0
func TestAES256GSMSPI(t *testing.T) {
	spi := NewAES256GSMSPI()

	// Gen Key

	// Invalid Key
	keyRaw, err := primitives.GetRandomBytes(45)
	if err != nil {
		t.Fatalf("Failed generating random bytes [%s]", err)
	}

	key, err := spi.NewSecretKey(rand.Reader, keyRaw)
	if err == nil {
		t.Fatalf("Generating key should fail on invalid key length")
	}

	key, err = spi.NewSecretKey(rand.Reader, rand.Reader)
	if err == nil {
		t.Fatalf("Generating key should fail on invalid key length")
	}

	// Valid Key
	keyRaw, err = primitives.GetRandomBytes(32)
	if err != nil {
		t.Fatalf("Failed generating random bytes [%s]", err)
	}
	key, err = spi.NewSecretKey(rand.Reader, keyRaw)
	if err != nil {
		t.Fatalf("Failed generating key [%s]", err)
	}
	if key.GetRand() == nil {
		t.Fatalf("Nil random generator in key.")
	}

	// Serialize, Deserialize
	keySer, err := spi.SerializeSecretKey(key)
	if err != nil {
		t.Fatalf("Failed serializing key [%s]", err)
	}
	key, err = spi.DeserializeSecretKey(keySer)
	if err != nil {
		t.Fatalf("Failed deserializing key [%s]", err)
	}
	if reflect.DeepEqual(key, keyRaw) {
		t.Fatalf("Deserialization failed to recover the original key [%x][%x]", keyRaw, key)
	}

	// Encrypt
	msg := []byte("Hellow World")
	sc, err := spi.NewStreamCipherForEncryptionFromKey(key)
	if err != nil {
		t.Fatalf("Failed NewStreamCipherForEncryptionFromKey [%s]", err)
	}
	ct, err := sc.Process(msg)
	if err != nil {
		t.Fatalf("Failed encrypting plaintext [%s]", err)
	}

	// Decrypt
	sc, err = spi.NewStreamCipherForDecryptionFromKey(key)
	if err != nil {
		t.Fatalf("Failed NewStreamCipherForDecryptionFromKey [%s]", err)
	}
	msg2, err := sc.Process(ct)
	if err != nil {
		t.Fatalf("Failed decrypting ciphertext [%s]", err)
	}

	// Test msg2 is equal to msg
	if !reflect.DeepEqual(msg2, msg) {
		t.Fatalf("Failed decrypting the right value [%x][%x]", msg, msg2)
	}

	sc, err = spi.NewStreamCipherForDecryptionFromSerializedKey(keySer)
	if err != nil {
		t.Fatalf("Failed NewStreamCipherForDecryptionFromSerializedKey [%s]", err)
	}
	msg2, err = sc.Process(ct)
	if err != nil {
		t.Fatalf("Failed decrypting ciphertext [%s]", err)
	}

	// Test msg2 is equal to msg
	if !reflect.DeepEqual(msg2, msg) {
		t.Fatalf("Failed decrypting the right value [%x][%x]", msg, msg2)
	}

}
Exemple #7
0
func (sc *aes256GCMStreamCipherImpl) generateNonce() ([]byte, error) {
	return primitives.GetRandomBytes(sc.nonceSize)
}
Exemple #8
0
// GenAESKey returns a random AES key of length AESKeyLength
func GenAESKey() ([]byte, error) {
	return primitives.GetRandomBytes(AESKeyLength)
}