Mercurial > hg > orthanc-object-storage
annotate UnitTestsSources/EncryptionTests.cpp @ 56:b922ae86bbe1
full static linking against AWS SDK
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Tue, 22 Jun 2021 15:00:36 +0200 |
parents | f55b2afdf53d |
children | 3c7e0374f28e |
rev | line source |
---|---|
1 | 1 /** |
2 * Cloud storage plugins for Orthanc | |
37
f55b2afdf53d
upgrade to year 2021
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
24
diff
changeset
|
3 * Copyright (C) 2020-2021 Osimis S.A., Belgium |
1 | 4 * |
5 * This program is free software: you can redistribute it and/or | |
6 * modify it under the terms of the GNU Affero General Public License | |
7 * as published by the Free Software Foundation, either version 3 of | |
8 * the License, or (at your option) any later version. | |
9 * | |
10 * This program is distributed in the hope that it will be useful, but | |
11 * WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
13 * Affero General Public License for more details. | |
14 * | |
15 * You should have received a copy of the GNU Affero General Public License | |
16 * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
17 **/ | |
56
b922ae86bbe1
full static linking against AWS SDK
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
37
diff
changeset
|
18 |
b922ae86bbe1
full static linking against AWS SDK
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
37
diff
changeset
|
19 |
1 | 20 #include "gtest/gtest.h" |
21 | |
22 #include "../Common/EncryptionHelpers.h" | |
23 #include <boost/chrono/chrono.hpp> | |
24 #include <boost/date_time.hpp> | |
25 | |
26 TEST(EncryptionHelpers, GenerateKey) | |
27 { | |
28 CryptoPP::SecByteBlock key1, key2; | |
29 EncryptionHelpers::GenerateKey(key1); | |
30 EncryptionHelpers::GenerateKey(key2); | |
31 | |
32 // std::cout << EncryptionHelpers::ToHexString(key1) << std::endl; | |
33 // std::cout << EncryptionHelpers::ToHexString(key2) << std::endl; | |
34 | |
35 ASSERT_NE(key1, key2); | |
36 | |
24
84c4ca822a13
fix warning in unit test
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
1
diff
changeset
|
37 ASSERT_EQ(32u, key1.size()); // right now, we work with 256bits key |
84c4ca822a13
fix warning in unit test
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
1
diff
changeset
|
38 ASSERT_EQ(32u * 2u, EncryptionHelpers::ToHexString(key1).size()); |
1 | 39 } |
40 | |
41 TEST(EncryptionHelpers, EncryptDecryptSimpleText) | |
42 { | |
43 CryptoPP::SecByteBlock masterKey; | |
44 EncryptionHelpers::GenerateKey(masterKey); | |
45 | |
46 EncryptionHelpers crypto; | |
47 crypto.SetCurrentMasterKey(1, masterKey); | |
48 | |
49 std::string plainTextMessage = "Plain text message"; | |
50 std::string encryptedMessage; | |
51 | |
52 crypto.Encrypt(encryptedMessage, plainTextMessage); | |
53 | |
54 std::string decryptedMessage; | |
55 | |
56 crypto.Decrypt(decryptedMessage, encryptedMessage); | |
57 | |
58 ASSERT_EQ(plainTextMessage, decryptedMessage); | |
59 } | |
60 | |
61 TEST(EncryptionHelpers, EncryptDecrypt1byteText) | |
62 { | |
63 CryptoPP::SecByteBlock masterKey; | |
64 EncryptionHelpers::GenerateKey(masterKey); | |
65 | |
66 EncryptionHelpers crypto; | |
67 crypto.SetCurrentMasterKey(1, masterKey); | |
68 | |
69 std::string plainTextMessage = "P"; | |
70 std::string encryptedMessage; | |
71 | |
72 crypto.Encrypt(encryptedMessage, plainTextMessage); | |
73 | |
74 std::string decryptedMessage; | |
75 | |
76 crypto.Decrypt(decryptedMessage, encryptedMessage); | |
77 | |
78 ASSERT_EQ(plainTextMessage, decryptedMessage); | |
79 } | |
80 | |
81 TEST(EncryptionHelpers, EncryptDecrypt0byteText) | |
82 { | |
83 CryptoPP::SecByteBlock masterKey; | |
84 EncryptionHelpers::GenerateKey(masterKey); | |
85 | |
86 EncryptionHelpers crypto; | |
87 crypto.SetCurrentMasterKey(1, masterKey); | |
88 | |
89 std::string plainTextMessage = ""; | |
90 std::string encryptedMessage; | |
91 | |
92 crypto.Encrypt(encryptedMessage, plainTextMessage); | |
93 | |
94 std::string decryptedMessage; | |
95 | |
96 crypto.Decrypt(decryptedMessage, encryptedMessage); | |
97 | |
98 ASSERT_EQ(plainTextMessage, decryptedMessage); | |
99 } | |
100 | |
101 TEST(EncryptionHelpers, EncryptDecryptTampering) | |
102 { | |
103 CryptoPP::SecByteBlock masterKey; | |
104 EncryptionHelpers::GenerateKey(masterKey); | |
105 | |
106 EncryptionHelpers crypto; | |
107 crypto.SetCurrentMasterKey(1, masterKey); | |
108 | |
109 std::string plainTextMessage = "Plain text message"; | |
110 std::string encryptedMessage; | |
111 std::string decryptedMessage; | |
112 | |
113 crypto.Encrypt(encryptedMessage, plainTextMessage); | |
114 | |
115 { | |
116 std::string tamperedEncryptedMessage = encryptedMessage; | |
117 // change the header | |
118 tamperedEncryptedMessage[0] = 'B'; | |
119 ASSERT_THROW(crypto.Decrypt(decryptedMessage, tamperedEncryptedMessage), EncryptionException); | |
120 } | |
121 | |
122 { | |
123 std::string tamperedEncryptedMessage = encryptedMessage; | |
124 // tamper the masterKeyId: | |
125 tamperedEncryptedMessage[EncryptionHelpers::HEADER_VERSION_SIZE + 2] = 0xAF; | |
126 ASSERT_THROW(crypto.Decrypt(decryptedMessage, tamperedEncryptedMessage), EncryptionException); | |
127 } | |
128 | |
129 { | |
130 std::string tamperedEncryptedMessage = encryptedMessage; | |
131 // tamper the iv: | |
132 tamperedEncryptedMessage[EncryptionHelpers::HEADER_VERSION_SIZE + EncryptionHelpers::MASTER_KEY_ID_SIZE + 2] = 0; | |
133 ASSERT_THROW(crypto.Decrypt(decryptedMessage, tamperedEncryptedMessage), EncryptionException); | |
134 } | |
135 | |
136 { | |
137 std::string tamperedEncryptedMessage = encryptedMessage; | |
138 // tamper the encrypted text: | |
139 tamperedEncryptedMessage[EncryptionHelpers::HEADER_VERSION_SIZE + EncryptionHelpers::MASTER_KEY_ID_SIZE + EncryptionHelpers::IV_SIZE + 2] = 0; | |
140 ASSERT_THROW(crypto.Decrypt(decryptedMessage, tamperedEncryptedMessage), EncryptionException); | |
141 } | |
142 | |
143 { | |
144 std::string tamperedEncryptedMessage = encryptedMessage; | |
145 // tamper the mac: | |
146 tamperedEncryptedMessage[tamperedEncryptedMessage.size() - 2] = 0; | |
147 ASSERT_THROW(crypto.Decrypt(decryptedMessage, tamperedEncryptedMessage), EncryptionException); | |
148 } | |
149 | |
150 { | |
151 std::string tamperedEncryptedMessage = encryptedMessage; | |
152 // extend the file content | |
153 tamperedEncryptedMessage = tamperedEncryptedMessage + "TAMPER"; | |
154 ASSERT_THROW(crypto.Decrypt(decryptedMessage, tamperedEncryptedMessage), EncryptionException); | |
155 } | |
156 | |
157 { | |
158 std::string tamperedEncryptedMessage = encryptedMessage; | |
159 // reduce the file content | |
160 tamperedEncryptedMessage = tamperedEncryptedMessage.substr(0, tamperedEncryptedMessage.size() - 5); | |
161 ASSERT_THROW(crypto.Decrypt(decryptedMessage, tamperedEncryptedMessage), EncryptionException); | |
162 } | |
163 } | |
164 | |
165 | |
166 TEST(EncryptionHelpers, EncryptDecrypt2TimesSameText) | |
167 { | |
168 CryptoPP::SecByteBlock masterKey; | |
169 EncryptionHelpers::GenerateKey(masterKey); | |
170 | |
171 EncryptionHelpers crypto; | |
172 crypto.SetCurrentMasterKey(1, masterKey); | |
173 | |
174 std::string plainTextMessage = "Plain text message"; | |
175 std::string encryptedMessage1; | |
176 std::string encryptedMessage2; | |
177 | |
178 crypto.Encrypt(encryptedMessage1, plainTextMessage); | |
179 crypto.Encrypt(encryptedMessage2, plainTextMessage); | |
180 | |
181 ASSERT_NE(encryptedMessage1, encryptedMessage2); | |
182 | |
183 std::string decryptedMessage1; | |
184 std::string decryptedMessage2; | |
185 | |
186 crypto.Decrypt(decryptedMessage1, encryptedMessage1); | |
187 crypto.Decrypt(decryptedMessage2, encryptedMessage2); | |
188 | |
189 ASSERT_EQ(plainTextMessage, decryptedMessage1); | |
190 ASSERT_EQ(plainTextMessage, decryptedMessage2); | |
191 } | |
192 | |
193 TEST(EncryptionHelpers, RotateMasterKeys) | |
194 { | |
195 std::string plainTextMessage = "Plain text message"; | |
196 std::string encryptedMessage1; | |
197 std::string encryptedMessage2; | |
198 std::string decryptedMessage; | |
199 | |
200 CryptoPP::SecByteBlock masterKey1; | |
201 CryptoPP::SecByteBlock masterKey2; | |
202 EncryptionHelpers::GenerateKey(masterKey1); | |
203 EncryptionHelpers::GenerateKey(masterKey2); | |
204 | |
205 { | |
206 EncryptionHelpers crypto; | |
207 crypto.SetCurrentMasterKey(1, masterKey1); | |
208 crypto.Encrypt(encryptedMessage1, plainTextMessage); | |
209 | |
210 crypto.SetCurrentMasterKey(2, masterKey2); | |
211 crypto.AddPreviousMasterKey(1, masterKey1); | |
212 | |
213 crypto.Encrypt(encryptedMessage2, plainTextMessage); | |
214 | |
215 // ensure that we can decrypt messages encrypted with both master keys | |
216 crypto.Decrypt(decryptedMessage, encryptedMessage1); | |
217 ASSERT_EQ(plainTextMessage, decryptedMessage); | |
218 | |
219 crypto.Decrypt(decryptedMessage, encryptedMessage2); | |
220 ASSERT_EQ(plainTextMessage, decryptedMessage); | |
221 } | |
222 | |
223 { | |
224 // if we don't know the old key, check we can not decrypt the old message | |
225 EncryptionHelpers crypto; | |
226 crypto.SetCurrentMasterKey(2, masterKey2); | |
227 | |
228 ASSERT_THROW(crypto.Decrypt(decryptedMessage, encryptedMessage1), EncryptionException); | |
229 } | |
230 } | |
231 | |
232 | |
233 void MeasurePerformance(size_t sizeInMB, EncryptionHelpers& crypto) | |
234 { | |
235 std::string largePlainText(sizeInMB * 1024 * 1024, 'A'); | |
236 std::string encryptedMessage; | |
237 std::string decryptedMessage; | |
238 | |
239 { | |
240 auto start = boost::posix_time::microsec_clock::local_time(); | |
241 crypto.Encrypt(encryptedMessage, largePlainText); | |
242 | |
243 auto end = boost::posix_time::microsec_clock::local_time(); | |
244 boost::posix_time::time_duration diff = end - start; | |
245 std::cout << "encryption of " << sizeInMB << " MB file took " << diff.total_milliseconds() << " ms" << std::endl; | |
246 } | |
247 | |
248 { | |
249 auto start = boost::posix_time::microsec_clock::local_time(); | |
250 crypto.Decrypt(decryptedMessage, encryptedMessage); | |
251 | |
252 auto end = boost::posix_time::microsec_clock::local_time(); | |
253 boost::posix_time::time_duration diff = end - start; | |
254 std::cout << "decryption of " << sizeInMB << " MB file took " << diff.total_milliseconds() << " ms" << std::endl; | |
255 } | |
256 | |
257 } | |
258 | |
259 TEST(EncryptionHelpers, Performance) | |
260 { | |
261 CryptoPP::SecByteBlock masterKey; | |
262 EncryptionHelpers::GenerateKey(masterKey); | |
263 | |
264 EncryptionHelpers crypto; | |
265 crypto.SetCurrentMasterKey(1, masterKey); | |
266 | |
267 MeasurePerformance(1, crypto); | |
268 MeasurePerformance(10, crypto); | |
269 // MeasurePerformance(100, crypto); | |
270 // MeasurePerformance(400, crypto); | |
271 } |