implement AES-GCM as AEAD

2016-04-14 09:56:39 +02:00
parent 3588f24ad4
commit 8b7e2744da
6 changed files with 139 additions and 9 deletions
--- a/crypto/aes_gcm_aead_test.go
+++ b/crypto/aes_gcm_aead_test.go
@@ -0,0 +1,59 @@
+package crypto
+
+import (
+	"bytes"
+	"crypto/rand"
+	"io/ioutil"
+
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("AES-GCM AEAD", func() {
+	var (
+		alice, bob AEAD
+	)
+
+	BeforeEach(func() {
+		keyAlice := make([]byte, 16)
+		keyBob := make([]byte, 16)
+		ivAlice := make([]byte, 4)
+		ivBob := make([]byte, 4)
+		rand.Reader.Read(keyAlice)
+		rand.Reader.Read(keyBob)
+		rand.Reader.Read(ivAlice)
+		rand.Reader.Read(ivBob)
+		var err error
+		alice, err = NewAEADAESGCM(keyBob, keyAlice, ivBob, ivAlice)
+		Expect(err).ToNot(HaveOccurred())
+		bob, err = NewAEADAESGCM(keyAlice, keyBob, ivAlice, ivBob)
+		Expect(err).ToNot(HaveOccurred())
+	})
+
+	It("seals and opens", func() {
+		b := &bytes.Buffer{}
+		alice.Seal(42, b, []byte("aad"), []byte("foobar"))
+		r, err := bob.Open(42, []byte("aad"), b)
+		Expect(err).ToNot(HaveOccurred())
+		text, err := ioutil.ReadAll(r)
+		Expect(err).ToNot(HaveOccurred())
+		Expect(text).To(Equal([]byte("foobar")))
+	})
+
+	It("seals and opens reverse", func() {
+		b := &bytes.Buffer{}
+		bob.Seal(42, b, []byte("aad"), []byte("foobar"))
+		r, err := alice.Open(42, []byte("aad"), b)
+		Expect(err).ToNot(HaveOccurred())
+		text, err := ioutil.ReadAll(r)
+		Expect(err).ToNot(HaveOccurred())
+		Expect(text).To(Equal([]byte("foobar")))
+	})
+
+	It("fails with wrong aad", func() {
+		b := &bytes.Buffer{}
+		alice.Seal(42, b, []byte("aad"), []byte("foobar"))
+		_, err := bob.Open(42, []byte("aad2"), b)
+		Expect(err).To(MatchError("cipher: message authentication failed"))
+	})
+})