xref: /aosp_15_r20/external/tink/java_src/examples/encryptedkeyset/encrypted_keyset_example_test.sh (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1#!/bin/bash
2# Copyright 2021 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15################################################################################
16
17set -euo pipefail
18
19#############################################################################
20##### Tests for encrypted keyset example.
21
22CLI="$1"
23KEK_URI="$2"
24CREDENTIAL_FILE="$3"
25
26DATA_FILE="${TEST_TMPDIR}/example_data.txt"
27KEYSET_FILE="${TEST_TMPDIR}/example_encrypted_keyset.json"
28
29echo "This is some plaintext to be encrypted." > ${DATA_FILE}
30
31#############################################################################
32
33# A helper function for getting the return code of a command that may fail
34# Temporarily disables error safety and stores return value in ${TEST_STATUS}
35# Usage:
36# % test_command somecommand some args
37# % echo ${TEST_STATUS}
38test_command() {
39  set +e
40  "$@"
41  TEST_STATUS=$?
42  set -e
43}
44
45#############################################################################
46#### Test initialization and key generation
47test_name="generate"
48echo "+++ Starting test ${test_name}..."
49
50##### Run encryption
51test_command ${CLI} generate ${KEYSET_FILE} ${KEK_URI} ${CREDENTIAL_FILE}
52
53if [[ ${TEST_STATUS} -eq 0 ]]; then
54  echo "+++ Success: key file was generated and encrypted."
55else
56  echo "--- Failure: could not generate or encrypt key file."
57  exit 1
58fi
59
60#############################################################################
61#### Test initialization and encryption
62test_name="encrypt"
63echo "+++ Starting test ${test_name}..."
64
65##### Run encryption
66test_command ${CLI} encrypt ${KEYSET_FILE} ${KEK_URI} ${CREDENTIAL_FILE} \
67    ${DATA_FILE} "${DATA_FILE}.encrypted"
68
69if [[ ${TEST_STATUS} -eq 0 ]]; then
70  echo "+++ Success: file was encrypted."
71else
72  echo "--- Failure: could not encrypt file."
73  exit 1
74fi
75
76#############################################################################
77#### Test if decryption succeeds and returns original file
78test_name="decrypt"
79echo "+++ Starting test $test_name..."
80
81##### Run decryption
82test_command ${CLI} decrypt ${KEYSET_FILE} ${KEK_URI} ${CREDENTIAL_FILE} \
83    ${DATA_FILE}.encrypted "${DATA_FILE}.decrypted"
84
85if [[ ${TEST_STATUS} -eq 0 ]]; then
86  echo "+++ Success: file was successfully decrypted."
87else
88  echo "--- Failure: could not decrypt file."
89  exit 1
90fi
91
92if cmp -s ${DATA_FILE} "${DATA_FILE}.decrypted"; then
93  echo "+++ Success: file content is the same after decryption."
94else
95  echo "--- Failure: file content is not the same after decryption."
96  exit 1
97fi
98