diff options
Diffstat (limited to 'tools')
-rw-r--r-- | tools/WORKSPACE | 100 | ||||
-rw-r--r-- | tools/testing/BUILD.bazel | 38 | ||||
-rw-r--r-- | tools/testing/cc/BUILD.bazel | 33 | ||||
-rw-r--r-- | tools/testing/cc/aead_cli.cc | 108 | ||||
-rw-r--r-- | tools/testing/cc/cli_util.cc | 243 | ||||
-rw-r--r-- | tools/testing/cc/cli_util.h | 87 | ||||
-rw-r--r-- | tools/testing/cross_language/BUILD.bazel | 10 | ||||
-rwxr-xr-x | tools/testing/cross_language/test_util.sh | 143 | ||||
-rw-r--r-- | tools/testing/java/com/google/crypto/tink/testing/AeadCli.java | 84 | ||||
-rw-r--r-- | tools/testing/java/com/google/crypto/tink/testing/CliUtil.java | 113 |
10 files changed, 0 insertions, 959 deletions
diff --git a/tools/WORKSPACE b/tools/WORKSPACE index e63f98a55..3a5c62ee4 100644 --- a/tools/WORKSPACE +++ b/tools/WORKSPACE @@ -3,110 +3,10 @@ workspace(name = "tools") load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") local_repository( - name = "tink_cc", - path = "../cc", -) - -local_repository( - name = "tink_cc_awskms", - path = "../cc/integration/awskms", -) - -local_repository( - name = "tink_cc_gcpkms", - path = "../cc/integration/gcpkms", -) - -local_repository( name = "tink_java", path = "../java_src", ) -local_repository( - name = "tink_go", - path = "../go", -) - -local_repository( - name = "tink_py", - path = "../python", -) - -# Release from 2022-01-24 -http_archive( - name = "io_bazel_rules_go", - sha256 = "d6b2513456fe2229811da7eb67a444be7785f5323c6708b38d851d2b51e54d83", - urls = [ - "https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.30.0/rules_go-v0.30.0.zip", - "https://github.com/bazelbuild/rules_go/releases/download/v0.30.0/rules_go-v0.30.0.zip", - ], -) - -# Release from 2021-10-11 -http_archive( - name = "bazel_gazelle", - sha256 = "de69a09dc70417580aabf20a28619bb3ef60d038470c7cf8442fafcf627c21cb", - urls = [ - "https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.24.0/bazel-gazelle-v0.24.0.tar.gz", - "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.24.0/bazel-gazelle-v0.24.0.tar.gz", - ], -) - -load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies") -load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies", "go_repository") -load("@tink_py//:tink_py_deps.bzl", "tink_py_deps") - -tink_py_deps() - -load("@tink_py//:tink_py_deps_init.bzl", "tink_py_deps_init") - -tink_py_deps_init("tink_py") - -load("@rules_python//python:pip.bzl", "pip_install") - -pip_install( - name = "pip_deps", - requirements = "//:requirements.txt", -) - -load("@tink_go//:deps.bzl", "go_dependencies") - -go_dependencies() - -# TODO(b/213404399): Remove after Gazelle issue is fixed. -go_repository( - name = "com_google_cloud_go_compute", - importpath = "cloud.google.com/go/compute", - sum = "h1:rSUBvAyVwNJ5uQCKNJFMwPtTvJkfN38b6Pvb9zZoqJ8=", - version = "v0.1.0", -) - -go_rules_dependencies() - -go_register_toolchains(version = "1.17.6") - -gazelle_dependencies() - -load("@tink_cc//:tink_cc_deps.bzl", "tink_cc_deps") - -tink_cc_deps() - -load("@tink_cc//:tink_cc_deps_init.bzl", "tink_cc_deps_init") - -tink_cc_deps_init() - -load("@tink_cc_awskms//:tink_cc_awskms_deps.bzl", "tink_cc_awskms_deps") - -tink_cc_awskms_deps() - -load("@tink_cc_gcpkms//:tink_cc_gcpkms_deps.bzl", "tink_cc_gcpkms_deps") - -tink_cc_gcpkms_deps() - -load("@tink_cc_gcpkms//:tink_cc_gcpkms_deps_init.bzl", "tink_cc_gcpkms_deps_init") - -tink_cc_gcpkms_deps_init(register_go = False) - load("@tink_java//:tink_java_deps.bzl", "tink_java_deps", "TINK_MAVEN_ARTIFACTS") tink_java_deps() diff --git a/tools/testing/BUILD.bazel b/tools/testing/BUILD.bazel deleted file mode 100644 index 12b9a516b..000000000 --- a/tools/testing/BUILD.bazel +++ /dev/null @@ -1,38 +0,0 @@ -package(default_visibility = ["//:__subpackages__"]) - -licenses(["notice"]) - -java_library( - name = "cli_util", - testonly = 1, - srcs = [ - "java/com/google/crypto/tink/testing/CliUtil.java", - ], - deps = [ - "@tink_java//src/main/java/com/google/crypto/tink:insecure_secret_key_access", - "@tink_java//src/main/java/com/google/crypto/tink:registry_cluster", - "@tink_java//src/main/java/com/google/crypto/tink:tink_proto_keyset_format", - "@tink_java//src/main/java/com/google/crypto/tink/config:tink_config", - "@tink_java//src/main/java/com/google/crypto/tink/daead:deterministic_aead_config", - "@tink_java//src/main/java/com/google/crypto/tink/hybrid:hybrid_config", - "@tink_java//src/main/java/com/google/crypto/tink/keyderivation:key_derivation_config", - "@tink_java//src/main/java/com/google/crypto/tink/prf:prf_config", - "@tink_java//src/main/java/com/google/crypto/tink/signature:signature_config", - "@tink_java//src/main/java/com/google/crypto/tink/streamingaead:streaming_aead_config", - ], -) - -java_binary( - name = "aead_cli_java", - testonly = 1, - srcs = [ - "java/com/google/crypto/tink/testing/AeadCli.java", - ], - main_class = "com.google.crypto.tink.testing.AeadCli", - deps = [ - ":cli_util", - "@tink_java//src/main/java/com/google/crypto/tink:aead", - "@tink_java//src/main/java/com/google/crypto/tink:registry_cluster", - "@tink_java//src/main/java/com/google/crypto/tink/aead:aead_config", - ], -) diff --git a/tools/testing/cc/BUILD.bazel b/tools/testing/cc/BUILD.bazel deleted file mode 100644 index 34813794d..000000000 --- a/tools/testing/cc/BUILD.bazel +++ /dev/null @@ -1,33 +0,0 @@ -package( - default_testonly = 1, - default_visibility = ["//:__subpackages__"], -) - -licenses(["notice"]) - -cc_library( - name = "cli_util", - srcs = ["cli_util.cc"], - hdrs = ["cli_util.h"], - deps = [ - "@com_google_absl//absl/memory", - "@com_google_absl//absl/strings", - "@tink_cc", - "@tink_cc//:binary_keyset_reader", - "@tink_cc//:cleartext_keyset_handle", - "@tink_cc//:json_keyset_reader", - "@tink_cc//:json_keyset_writer", - "@tink_cc//:kms_clients", - "@tink_cc//config:tink_config", - "@tink_cc//util:status", - ], -) - -cc_binary( - name = "aead_cli_cc", - srcs = ["aead_cli.cc"], - deps = [ - ":cli_util", - "@tink_cc", - ], -) diff --git a/tools/testing/cc/aead_cli.cc b/tools/testing/cc/aead_cli.cc deleted file mode 100644 index bec194dc0..000000000 --- a/tools/testing/cc/aead_cli.cc +++ /dev/null @@ -1,108 +0,0 @@ -// Copyright 2017 Google Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -/////////////////////////////////////////////////////////////////////////////// - -#include <fstream> -#include <iostream> -#include <string> -#include <utility> - -#include "tink/aead.h" -#include "tink/keyset_handle.h" -#include "tink/util/status.h" -#include "testing/cc/cli_util.h" - -using crypto::tink::KeysetHandle; - -// A command-line utility for testing AEAD-primitives. -// It requires 5 arguments: -// keyset-file: name of the file with the keyset to be used for encryption -// operation: the actual AEAD-operation, i.e. "encrypt" or "decrypt" -// input-file: name of the file with input (plaintext for encryption, or -// or ciphertext for decryption) -// associated-data-file: name of the file containing associated data -// output-file: name of the file for the resulting output -int main(int argc, char** argv) { - if (argc != 6) { - std::clog << "Usage: " << argv[0] - << " keyset-file operation input-file associated-data-file " - << "output-file\n"; - exit(1); - } - std::string keyset_filename(argv[1]); - std::string operation(argv[2]); - std::string input_filename(argv[3]); - std::string associated_data_file(argv[4]); - std::string output_filename(argv[5]); - if (!(operation == "encrypt" || operation == "decrypt")) { - std::clog << "Unknown operation '" << operation << "'.\n" - << "Expected 'encrypt' or 'decrypt'.\n"; - exit(1); - } - std::clog << "Using keyset from file " << keyset_filename - << " to AEAD-" << operation - << " file "<< input_filename - << " with associated data from from file " << associated_data_file - << ".\n" << "The resulting output will be written to file " - << output_filename << std::endl; - - // Init Tink; - CliUtil::InitTink(); - - // Read the keyset. - std::unique_ptr<KeysetHandle> keyset_handle = - CliUtil::ReadKeyset(keyset_filename); - - // Get the primitive. - auto primitive_result = keyset_handle->GetPrimitive<crypto::tink::Aead>(); - if (!primitive_result.ok()) { - std::clog << "Getting AEAD-primitive from the factory failed: " - << primitive_result.status().message() << std::endl; - exit(1); - } - std::unique_ptr<crypto::tink::Aead> aead = - std::move(primitive_result.value()); - - // Read the input. - std::string input = CliUtil::Read(input_filename); - std::string associated_data = CliUtil::Read(associated_data_file); - - // Compute the output. - std::clog << operation << "ing...\n"; - std::string output; - if (operation == "encrypt") { - auto encrypt_result = aead->Encrypt(input, associated_data); - if (!encrypt_result.ok()) { - std::clog << "Error while encrypting the input:" - << encrypt_result.status().message() << std::endl; - exit(1); - } - output = encrypt_result.value(); - } else { // operation == "decrypt" - auto decrypt_result = aead->Decrypt(input, associated_data); - if (!decrypt_result.ok()) { - std::clog << "Error while decrypting the input:" - << decrypt_result.status().message() << std::endl; - exit(1); - } - output = decrypt_result.value(); - } - - // Write the output to the output file. - CliUtil::Write(output, output_filename); - - std::clog << "All done.\n"; - return 0; -} diff --git a/tools/testing/cc/cli_util.cc b/tools/testing/cc/cli_util.cc deleted file mode 100644 index 327b30600..000000000 --- a/tools/testing/cc/cli_util.cc +++ /dev/null @@ -1,243 +0,0 @@ -// Copyright 2017 Google Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -/////////////////////////////////////////////////////////////////////////////// - -#include "testing/cc/cli_util.h" - -#include <algorithm> -#include <fstream> -#include <iostream> -#include <sstream> -#include <string> -#include <utility> - -#include "absl/status/status.h" -#include "tink/binary_keyset_reader.h" -#include "tink/binary_keyset_writer.h" -#include "tink/cleartext_keyset_handle.h" -#include "tink/config/tink_config.h" -#include "tink/input_stream.h" -#include "tink/json_keyset_reader.h" -#include "tink/json_keyset_writer.h" -#include "tink/keyset_handle.h" -#include "tink/keyset_reader.h" -#include "tink/keyset_writer.h" -#include "tink/kms_clients.h" -#include "tink/output_stream.h" -#include "tink/util/status.h" - -using crypto::tink::BinaryKeysetReader; -using crypto::tink::BinaryKeysetWriter; -using crypto::tink::CleartextKeysetHandle; -using crypto::tink::InputStream; -using crypto::tink::JsonKeysetReader; -using crypto::tink::JsonKeysetWriter; -using crypto::tink::KeysetHandle; -using crypto::tink::KeysetReader; -using crypto::tink::KeysetWriter; -using crypto::tink::OutputStream; -using crypto::tink::TinkConfig; -using crypto::tink::util::Status; - -namespace { - -// Writes 'contents' of the specified 'size' to 'output_stream'. -// In case of errors writes a log message and aborts. -void WriteToStream(OutputStream* output_stream, const void* contents, - int size) { - if (output_stream == nullptr) { - std::clog << "'output_stream' must be non-null" << std::endl; - exit(1); - } - void* buffer; - int pos = 0; - int remaining = size; - int available_space; - int available_bytes; - while (remaining > 0) { - auto next_result = output_stream->Next(&buffer); - if (!next_result.ok()) { - std::clog << "Error writing to a stream: " << next_result.status() - << std::endl; - exit(1); - } - available_space = next_result.value(); - available_bytes = std::min(available_space, remaining); - memcpy(buffer, reinterpret_cast<const char*>(contents) + pos, - available_bytes); - remaining -= available_bytes; - pos += available_bytes; - } - if (available_space > available_bytes) { - output_stream->BackUp(available_space - available_bytes); - } -} - -} // namespace - -// static -std::unique_ptr<KeysetReader> CliUtil::GetBinaryKeysetReader( - const std::string& filename) { - std::clog << "Creating a BinaryKeysetReader...\n"; - std::unique_ptr<std::ifstream> keyset_stream(new std::ifstream()); - keyset_stream->open(filename, std::ifstream::in); - auto keyset_reader_result = BinaryKeysetReader::New(std::move(keyset_stream)); - if (!keyset_reader_result.ok()) { - std::clog << "Creation of the reader failed: " - << keyset_reader_result.status().message() << std::endl; - exit(1); - } - return std::move(keyset_reader_result.value()); -} - -// static -std::unique_ptr<KeysetReader> CliUtil::GetJsonKeysetReader( - const std::string& filename) { - std::clog << "Creating a JsonKeysetReader...\n"; - std::unique_ptr<std::ifstream> keyset_stream(new std::ifstream()); - keyset_stream->open(filename, std::ifstream::in); - auto keyset_reader_result = JsonKeysetReader::New(std::move(keyset_stream)); - if (!keyset_reader_result.ok()) { - std::clog << "Creation of the reader failed: " - << keyset_reader_result.status().message() << std::endl; - exit(1); - } - return std::move(keyset_reader_result.value()); -} - -// static -std::unique_ptr<KeysetWriter> CliUtil::GetBinaryKeysetWriter( - const std::string& filename) { - std::clog << "Creating a BinaryKeysetWriter...\n"; - std::unique_ptr<std::ofstream> keyset_stream(new std::ofstream()); - keyset_stream->open(filename, std::ofstream::out); - auto keyset_writer_result = BinaryKeysetWriter::New(std::move(keyset_stream)); - if (!keyset_writer_result.ok()) { - std::clog << "Creation of the writer failed: " - << keyset_writer_result.status().message() << std::endl; - exit(1); - } - return std::move(keyset_writer_result.value()); -} - -// static -std::unique_ptr<KeysetWriter> CliUtil::GetJsonKeysetWriter( - const std::string& filename) { - std::clog << "Creating a JsonKeysetWriter...\n"; - std::unique_ptr<std::ofstream> keyset_stream(new std::ofstream()); - keyset_stream->open(filename, std::ifstream::out); - auto keyset_writer_result = JsonKeysetWriter::New(std::move(keyset_stream)); - if (!keyset_writer_result.ok()) { - std::clog << "Creation of the writer failed: " - << keyset_writer_result.status().message() << std::endl; - exit(1); - } - return std::move(keyset_writer_result.value()); -} - -// static -std::unique_ptr<KeysetHandle> CliUtil::ReadKeyset(const std::string& filename) { - auto keyset_reader = GetBinaryKeysetReader(filename); - auto keyset_handle_result = - CleartextKeysetHandle::Read(std::move(keyset_reader)); - if (!keyset_handle_result.ok()) { - std::clog << "Reading the keyset failed: " - << keyset_handle_result.status().message() << std::endl; - exit(1); - } - return std::move(keyset_handle_result.value()); -} - -// static -void CliUtil::WriteKeyset(const KeysetHandle& keyset_handle, - const std::string& filename) { - auto writer = GetBinaryKeysetWriter(filename); - auto status = writer->Write(CleartextKeysetHandle::GetKeyset(keyset_handle)); - if (!status.ok()) { - std::clog << "Writing the keyset failed: " << status.message() << std::endl; - exit(1); - } -} - -// static -void CliUtil::InitTink() { - std::clog << "Initializing Tink...\n"; - auto status = TinkConfig::Register(); - if (!status.ok()) { - std::clog << "Initialization of Tink failed: " << status.message() - << std::endl; - exit(1); - } -} - -// static -std::string CliUtil::Read(const std::string& filename) { - std::clog << "Reading the input...\n"; - std::ifstream input_stream; - input_stream.open(filename, std::ifstream::in); - if (!input_stream.is_open()) { - std::clog << "Error opening input file " << filename << std::endl; - exit(1); - } - std::stringstream input; - input << input_stream.rdbuf(); - input_stream.close(); - return input.str(); -} - -// static -void CliUtil::Write(const std::string& output, const std::string& filename) { - std::clog << "Writing the output...\n"; - std::ofstream output_stream(filename, - std::ofstream::out | std::ofstream::binary); - if (!output_stream.is_open()) { - std::clog << "Error opening output file " << filename << std::endl; - exit(1); - } - output_stream << output; - output_stream.close(); -} - -// static -void CliUtil::CopyStream(InputStream* input_stream, - OutputStream* output_stream) { - if (input_stream == nullptr || output_stream == nullptr) { - std::clog << "'input_stream' and 'output_stream' must be non-null" - << std::endl; - exit(1); - } - const void* in_buffer; - while (true) { - auto next_result = input_stream->Next(&in_buffer); - if (next_result.status().code() == absl::StatusCode::kOutOfRange) { - // End of stream. - auto status = output_stream->Close(); - if (!status.ok()) { - std::clog << "Error closing the output stream: " << status << std::endl; - exit(1); - } - return; - } - if (!next_result.ok()) { - std::clog << "Error reading from a stream: " << next_result.status() - << std::endl; - exit(1); - } - auto read_bytes = next_result.value(); - if (read_bytes > 0) { - WriteToStream(output_stream, in_buffer, read_bytes); - } - } -} diff --git a/tools/testing/cc/cli_util.h b/tools/testing/cc/cli_util.h deleted file mode 100644 index 8acedf857..000000000 --- a/tools/testing/cc/cli_util.h +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2017 Google Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -/////////////////////////////////////////////////////////////////////////////// - -#ifndef TOOLS_TESTING_CC_CLI_UTIL_H_ -#define TOOLS_TESTING_CC_CLI_UTIL_H_ - -#include <fstream> -#include <iostream> -#include <string> - -#include "tink/input_stream.h" -#include "tink/keyset_handle.h" -#include "tink/output_stream.h" - -// Helper function for CLI applications. -class CliUtil { - public: - // Returns a BinaryKeysetReader that reads from the specified file. - // In case of errors writes a log message and aborts. - static std::unique_ptr<crypto::tink::KeysetReader> GetBinaryKeysetReader( - const std::string& filename); - - // Returns a JsonKeysetReader that reads from the specified file. - // In case of errors writes a log message and aborts. - static std::unique_ptr<crypto::tink::KeysetReader> GetJsonKeysetReader( - const std::string& filename); - - // Returns a BinaryKeysetWriter that writes from the specified file. - // In case of errors writes a log message and aborts. - static std::unique_ptr<crypto::tink::KeysetWriter> GetBinaryKeysetWriter( - const std::string& filename); - - // Returns a JsonKeysetWriter that writes from the specified file. - // In case of errors writes a log message and aborts. - static std::unique_ptr<crypto::tink::KeysetWriter> GetJsonKeysetWriter( - const std::string& filename); - - // Reads a keyset from the specified file. - // In case of errors writes a log message and aborts. - static std::unique_ptr<crypto::tink::KeysetHandle> ReadKeyset( - const std::string& filename); - - // Writes a keyset into the specified file. - // In case of errors writes a log message and aborts. - static void WriteKeyset(const crypto::tink::KeysetHandle& keyset_handle, - const std::string& filename); - - // Initializes Tink registry. - // In case of errors writes a log message and aborts. - static void InitTink(); - - // Initializes a GCP client. - static crypto::tink::util::Status InitGcp(); - - // Initializes an AWS client. - static crypto::tink::util::Status InitAws(); - - // Reads the specified file and returns the contents as a string. - // In case of errors writes a log message and aborts. - static std::string Read(const std::string& filename); - - // Writes the given 'output' to the specified file. - // In case of errors writes a log message and aborts. - static void Write(const std::string& output, const std::string& filename); - - // Reads all bytes from the specified 'input_stream', and writes them - // into 'output_stream', where both 'input_stream' and 'output_stream' - // must be non-null. Afte writing all the bytes, closes 'output_stream'. - // In case of errors writes a log message and aborts. - static void CopyStream(crypto::tink::InputStream* input_stream, - crypto::tink::OutputStream* output_stream); -}; - -#endif // TOOLS_TESTING_CC_CLI_UTIL_H_ diff --git a/tools/testing/cross_language/BUILD.bazel b/tools/testing/cross_language/BUILD.bazel deleted file mode 100644 index 6ad5f6f70..000000000 --- a/tools/testing/cross_language/BUILD.bazel +++ /dev/null @@ -1,10 +0,0 @@ -package(default_visibility = ["//:__subpackages__"]) - -licenses(["notice"]) - -filegroup( - name = "test_lib", - srcs = [ - "test_util.sh", - ], -) diff --git a/tools/testing/cross_language/test_util.sh b/tools/testing/cross_language/test_util.sh deleted file mode 100755 index e466760c4..000000000 --- a/tools/testing/cross_language/test_util.sh +++ /dev/null @@ -1,143 +0,0 @@ -#!/bin/bash -# Copyright 2018 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -################################################################################ - - -REPO_DIR="${TEST_SRCDIR}" -TOOLS_DIR="${REPO_DIR}/tools" -TINKEY_CLI="${TOOLS_DIR}/tinkey/tinkey" -############################################################################# -##### Helper functions. - -# Generates private and public keys according to $key_template, -# which should be supported by Tinkey. -# If $output_prefix is specified, the generated keyset will use it -# instead of default value "TINK". -# Stores the keys in files $priv_key_file and $pub_key_file, respectively. -generate_asymmetric_keys() { - local key_name="$1" - local key_template="$2" - local output_prefix="$3" - if [ "$output_prefix" == "" ]; then - output_prefix="TINK" - fi - - local json_priv_key_file="$TEST_TMPDIR/${key_name}_private_key.json" - priv_key_file="$TEST_TMPDIR/${key_name}_private_key.bin" - pub_key_file="$TEST_TMPDIR/${key_name}_public_key.bin" - echo "--- Using template $key_template to generate keysets"\ - "to files $priv_key_file and $pub_key_file ..." - - $TINKEY_CLI create-keyset --key-template $key_template --out-format JSON\ - | sed -e "s/\"TINK\"/\"$output_prefix\"/" > $json_priv_key_file || exit 1 - $TINKEY_CLI convert-keyset --in-format JSON --in $json_priv_key_file\ - --out-format BINARY --out $priv_key_file || exit 1 - $TINKEY_CLI create-public-keyset --in-format BINARY --in $priv_key_file\ - --out-format BINARY --out $pub_key_file || exit 1 - echo "Done generating keysets." -} - -# Generates a symmetric key according to $key_template, -# which should be supported by Tinkey. -# Stores the key in file $symmetric_key_file. -generate_symmetric_key() { - local key_name="$1" - local key_template="$2" - local output_format="$3" - if [ "$output_format" == "" ]; then - output_format="BINARY" - fi - - symmetric_key_file="$TEST_TMPDIR/${key_name}_symmetric_key.bin" - echo "--- Using template $key_template to generate keyset"\ - "to file $symmetric_key_file ..." - - $TINKEY_CLI create-keyset --key-template $key_template\ - --out-format $output_format --out $symmetric_key_file || exit 1 - echo "Done generating a symmetric keyset." -} - -# Generates some example plaintext data, and stores it in $plaintext_file. -generate_plaintext() { - local plaintext_name="$1" - - plaintext_file="$TEST_TMPDIR/${plaintext_name}_plaintext.bin" - echo "This is some plaintext message to be encrypted and/or signed" \ - " named $plaintext_name just like that." > $plaintext_file -} - -# Checks that two files are equal. -assert_files_equal() { - local expected_file="$1" - local given_file="$2" - echo "*** Checking that 2 files are equal:" - echo " file #1: $expected_file" - echo " file #2: $given_file" - diff $expected_file $given_file - if [ $? -ne 0 ]; then - echo "--- Failure: the files are different." - exit 1 - fi - echo "+++ Success: the files are equal." -} - -# Checks that the given file has the expected content. -assert_file_equals() { - local expected_content="$1" - local given_file="$2" - echo "*** Checking that given file: $given_file" - echo " has content equal to \"$expected_content\"" - local file_content=`cat $given_file` - if [ "$expected_content" != "$file_content" ]; then - echo "--- Failure. expected content: \"$expected_content\","\ - " actual content: \"$file_content\"" - exit 1 - fi - echo "+++ Success: the file has expected content: \"$expected_content\"." -} - -# Checks that two files are different. -assert_files_different() { - local expected_file="$1" - local given_file="$2" - echo "*** Checking that 2 files are different:" - echo " file #1: $expected_file" - echo " file #2: $given_file" - diff -q $expected_file $given_file - if [ $? -eq 0 ]; then - echo "--- Failure: the files are equal." - exit 1 - fi - echo "+++ Success: the files are different." -} - -# Checks that a given file contains specified substrings. -assert_file_contains() { - local file_to_test="$1" - echo "*** Checking that file $file_to_test contains substrings:" - cat $file_to_test - # Shift the first argument and iterate through the remaining ones. - shift - for s do - echo "... checking for string [$s]" - if grep -q "$s" "$file_to_test"; then - echo " found" - else - echo "--- Failure: file does not contain string [$s]" - exit 1 - fi - done - echo "+++ Success: file contains all expected substrings." -} diff --git a/tools/testing/java/com/google/crypto/tink/testing/AeadCli.java b/tools/testing/java/com/google/crypto/tink/testing/AeadCli.java deleted file mode 100644 index 7f81b80ff..000000000 --- a/tools/testing/java/com/google/crypto/tink/testing/AeadCli.java +++ /dev/null @@ -1,84 +0,0 @@ -// Copyright 2017 Google Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -//////////////////////////////////////////////////////////////////////////////// - -package com.google.crypto.tink.testing; - -import com.google.crypto.tink.Aead; -import com.google.crypto.tink.KeysetHandle; -import com.google.crypto.tink.aead.AeadConfig; - -/** - * A command-line utility for testing Aead-primitives. It requires 5 arguments: keyset-file: name of - * the file with the keyset to be used for encryption operation: the actual AEAD-operation, i.e. - * "encrypt" or "decrypt" input-file: name of the file with input (plaintext for encryption, or or - * ciphertext for decryption) associated-data-file: name of the file containing associated data - * output-file: name of the file for the resulting output - */ -public class AeadCli { - public static void main(String[] args) throws Exception { - - if (args.length != 5) { - System.out.println( - "Usage: AeadCli keyset-file operation input-file associated-data-file output-file"); - System.exit(1); - } - String keysetFilename = args[0]; - String operation = args[1]; - String inputFilename = args[2]; - String associatedDataFile = args[3]; - String outputFilename = args[4]; - - AeadConfig.register(); - - if (!(operation.equals("encrypt") || operation.equals("decrypt"))) { - System.out.println( - "Unknown operation '" + operation + "'.\nExpected 'encrypt' or 'decrypt'."); - System.exit(1); - } - System.out.println("Using keyset from file " + keysetFilename + " to AEAD-" + operation - + " file " + inputFilename + " with associated data from file " + associatedDataFile + "."); - System.out.println("The resulting output will be written to file " + outputFilename); - - // Init Tink. - CliUtil.initTink(); - - // Read the keyset. - System.out.println("Reading the keyset..."); - KeysetHandle keysetHandle = CliUtil.readKeyset(keysetFilename); - // Get the primitive. - System.out.println("Getting the primitive..."); - Aead aead = keysetHandle.getPrimitive(Aead.class); - - // Read the input. - byte[] input = CliUtil.read(inputFilename); - byte[] aad = CliUtil.read(associatedDataFile); - - // Compute the output. - System.out.println(operation + "ing..."); - byte[] output; - if (operation.equals("encrypt")) { - output = aead.encrypt(input, aad); - } else { // operation.equals("decrypt") - output = aead.decrypt(input, aad); - } - // Write the output to the output file. - CliUtil.write(output, outputFilename); - - System.out.println("All done."); - } - - private AeadCli() {} -} diff --git a/tools/testing/java/com/google/crypto/tink/testing/CliUtil.java b/tools/testing/java/com/google/crypto/tink/testing/CliUtil.java deleted file mode 100644 index cd9e051c1..000000000 --- a/tools/testing/java/com/google/crypto/tink/testing/CliUtil.java +++ /dev/null @@ -1,113 +0,0 @@ -// Copyright 2017 Google Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -//////////////////////////////////////////////////////////////////////////////// - -package com.google.crypto.tink.testing; - -import com.google.crypto.tink.InsecureSecretKeyAccess; -import com.google.crypto.tink.KeysetHandle; -import com.google.crypto.tink.TinkProtoKeysetFormat; -import com.google.crypto.tink.daead.DeterministicAeadConfig; -import com.google.crypto.tink.hybrid.HybridConfig; -import com.google.crypto.tink.keyderivation.KeyDerivationConfig; -import com.google.crypto.tink.prf.PrfConfig; -import com.google.crypto.tink.signature.SignatureConfig; -import com.google.crypto.tink.streamingaead.StreamingAeadConfig; -import java.io.ByteArrayOutputStream; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.nio.charset.Charset; -import java.nio.file.Files; -import java.nio.file.Paths; -import java.security.GeneralSecurityException; - -/** Helper function for CLI applications. */ -public final class CliUtil { - public static final Charset UTF_8 = Charset.forName("UTF-8"); - - /** - * Reads a keyset from the specified file. - * In case of errors throws an exception. - */ - public static KeysetHandle readKeyset(String filename) - throws GeneralSecurityException, IOException { - System.out.println("Reading the keyset..."); - return TinkProtoKeysetFormat.parseKeyset( - Files.readAllBytes(Paths.get(filename)), InsecureSecretKeyAccess.get()); - } - - /** Writes a keyset to the specified file. In case of errors throws an exception. */ - public static void writeKeyset(KeysetHandle handle, String filename) - throws IOException, GeneralSecurityException { - System.out.println("Writing the keyset..."); - byte[] serializedKeyset = - TinkProtoKeysetFormat.serializeKeyset(handle, InsecureSecretKeyAccess.get()); - Files.write(Paths.get(filename), serializedKeyset); - } - - /** - * Initializes Tink registry. - * In case of errors throws an exception. - */ - public static void initTink() throws GeneralSecurityException { - DeterministicAeadConfig.register(); - HybridConfig.register(); // includes Aead and Mac - PrfConfig.register(); - SignatureConfig.register(); - StreamingAeadConfig.register(); - KeyDerivationConfig.register(); - } - - /** - * Reads the specified file and returns the contents as a byte array. - * In case of errors throws an exception. - */ - public static byte[] read(String filename) throws GeneralSecurityException, IOException { - System.out.println("Reading file " + filename); - InputStream inputStream = new FileInputStream(Paths.get(filename).toFile()); - return read(inputStream); - } - - /** - * Reads the specified InputStream and returns the contents as a byte array. - * In case of errors throws an exception. - */ - public static byte[] read(InputStream inputStream) throws GeneralSecurityException, IOException { - ByteArrayOutputStream result = new ByteArrayOutputStream(); - byte[] buffer = new byte[512]; - int length; - while ((length = inputStream.read(buffer)) != -1) { - result.write(buffer, 0, length); - } - inputStream.close(); - return result.toByteArray(); - } - - /** - * Writes the given 'output' to the specified file. - * In case of errors throws an exception. - */ - public static void write(byte[] output, String filename) throws IOException { - System.out.println("Writing to file " + filename); - OutputStream outputStream = new FileOutputStream(Paths.get(filename).toFile()); - outputStream.write(output); - outputStream.close(); - } - - private CliUtil() {} -} |