github.com/lestrrat-go/jwx/v2@v2.0.21/jwe/internal/aescbc/aescbc_test.go

github.com/lestrrat-go/jwx/v2@v2.0.21/jwe/internal/aescbc/aescbc_test.go (about)

     1  package aescbc
     2  
     3  import (
     4  	"crypto/aes"
     5  	"testing"
     6  
     7  	"github.com/stretchr/testify/assert"
     8  )
     9  
    10  func TestVectorsAESCBC128(t *testing.T) {
    11  	// Source: http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-29#appendix-A.2
    12  	plaintext := []byte{
    13  		76, 105, 118, 101, 32, 108, 111, 110, 103, 32, 97, 110, 100, 32,
    14  		112, 114, 111, 115, 112, 101, 114, 46}
    15  
    16  	aad := []byte{
    17  		101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 48, 69,
    18  		120, 88, 122, 85, 105, 76, 67, 74, 108, 98, 109, 77, 105, 79, 105,
    19  		74, 66, 77, 84, 73, 52, 81, 48, 74, 68, 76, 85, 104, 84, 77, 106, 85,
    20  		50, 73, 110, 48}
    21  
    22  	ciphertext := []byte{
    23  		40, 57, 83, 181, 119, 33, 133, 148, 198, 185, 243, 24, 152, 230, 6,
    24  		75, 129, 223, 127, 19, 210, 82, 183, 230, 168, 33, 215, 104, 143,
    25  		112, 56, 102}
    26  
    27  	authtag := []byte{
    28  		246, 17, 244, 190, 4, 95, 98, 3, 231, 0, 115, 157, 242, 203, 100,
    29  		191}
    30  
    31  	key := []byte{
    32  		4, 211, 31, 197, 84, 157, 252, 254, 11, 100, 157, 250, 63, 170, 106, 206,
    33  		107, 124, 212, 45, 111, 107, 9, 219, 200, 177, 0, 240, 143, 156, 44, 207}
    34  
    35  	nonce := []byte{
    36  		3, 22, 60, 12, 43, 67, 104, 105, 108, 108, 105, 99, 111, 116, 104, 101}
    37  
    38  	enc, err := New(key, aes.NewCipher)
    39  	if !assert.NoError(t, err, "aescbc.New") {
    40  		return
    41  	}
    42  	out := enc.Seal(nil, nonce, plaintext, aad)
    43  	if !assert.NoError(t, err, "enc.Seal") {
    44  		return
    45  	}
    46  
    47  	if !assert.Equal(t, ciphertext, out[:len(out)-enc.keysize], "Ciphertext tag should match") {
    48  		return
    49  	}
    50  
    51  	if !assert.Equal(t, authtag, out[len(out)-enc.keysize:], "Auth tag should match") {
    52  		return
    53  	}
    54  
    55  	out, err = enc.Open(nil, nonce, out, aad)
    56  	if !assert.NoError(t, err, "Open should succeed") {
    57  		return
    58  	}
    59  
    60  	if !assert.Equal(t, plaintext, out, "Open should get us original text") {
    61  		return
    62  	}
    63  }
    64  
    65  func TestPad(t *testing.T) {
    66  	for i := 0; i < 256; i++ {
    67  		buf := make([]byte, i)
    68  		pb := pad(buf, 16)
    69  
    70  		if !assert.Equal(t, len(pb)%16, 0, "pb should be multiple of 16") {
    71  			return
    72  		}
    73  
    74  		toRemove, good := extractPadding(pb)
    75  		if !assert.Equal(t, 1, int(good)&1, "padding should be good") {
    76  			return
    77  		}
    78  		pb = pb[:len(pb)-toRemove]
    79  
    80  		if !assert.Len(t, pb, i, "Unpad should result in len = %d", i) {
    81  			return
    82  		}
    83  	}
    84  }