diff --git a/test/net/sf/briar/transport/ConnectionEncrypterImplTest.java b/test/net/sf/briar/transport/ConnectionEncrypterImplTest.java index eb46a182d1fc4bce87ea3bf9e445b1c680220761..ddc9325180c5cdb222a477ffe18410b8b366c42d 100644 --- a/test/net/sf/briar/transport/ConnectionEncrypterImplTest.java +++ b/test/net/sf/briar/transport/ConnectionEncrypterImplTest.java @@ -36,7 +36,7 @@ public class ConnectionEncrypterImplTest extends BriarTestCase { } @Test - public void testEncryption() throws Exception { + public void testEncryptionWithFirstSegmentTagged() throws Exception { // Calculate the expected tag byte[] tag = new byte[TAG_LENGTH]; TagEncoder.encodeTag(tag, 0, tagCipher, tagKey); @@ -69,4 +69,43 @@ public class ConnectionEncrypterImplTest extends BriarTestCase { assertArrayEquals(expected, actual); assertEquals(Long.MAX_VALUE - actual.length, e.getRemainingCapacity()); } + + @Test + public void testEncryptionWithEverySegmentTagged() throws Exception { + // Calculate the expected tag for the first segment + byte[] tag = new byte[TAG_LENGTH]; + TagEncoder.encodeTag(tag, 0, tagCipher, tagKey); + // Calculate the expected ciphertext for the first frame + byte[] iv = new byte[frameCipher.getBlockSize()]; + byte[] plaintext = new byte[123 + MAC_LENGTH]; + IvParameterSpec ivSpec = new IvParameterSpec(iv); + frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec); + byte[] ciphertext = frameCipher.doFinal(plaintext); + // Calculate the expected tag for the second frame + byte[] tag1 = new byte[TAG_LENGTH]; + TagEncoder.encodeTag(tag1, 1, tagCipher, tagKey); + // Calculate the expected ciphertext for the second frame + byte[] plaintext1 = new byte[1234 + MAC_LENGTH]; + IvEncoder.updateIv(iv, 1L); + ivSpec = new IvParameterSpec(iv); + frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec); + byte[] ciphertext1 = frameCipher.doFinal(plaintext1); + // Concatenate the ciphertexts + ByteArrayOutputStream out = new ByteArrayOutputStream(); + out.write(tag); + out.write(ciphertext); + out.write(tag1); + out.write(ciphertext1); + byte[] expected = out.toByteArray(); + // Use a ConnectionEncrypter to encrypt the plaintext + out.reset(); + ConnectionEncrypter e = new ConnectionEncrypterImpl(out, Long.MAX_VALUE, + tagCipher, frameCipher, tagKey, frameKey, true); + e.writeFrame(plaintext, plaintext.length); + e.writeFrame(plaintext1, plaintext1.length); + byte[] actual = out.toByteArray(); + // Check that the actual ciphertext matches the expected ciphertext + assertArrayEquals(expected, actual); + assertEquals(Long.MAX_VALUE - actual.length, e.getRemainingCapacity()); + } } diff --git a/test/net/sf/briar/transport/SegmentedConnectionEncrypterTest.java b/test/net/sf/briar/transport/SegmentedConnectionEncrypterTest.java index 8cce6fa072430f334591f5320ae9c8b4941ef8d9..ab981dbef2d85f5cc18ccabca781c9ae690d62c1 100644 --- a/test/net/sf/briar/transport/SegmentedConnectionEncrypterTest.java +++ b/test/net/sf/briar/transport/SegmentedConnectionEncrypterTest.java @@ -39,7 +39,7 @@ public class SegmentedConnectionEncrypterTest extends BriarTestCase { } @Test - public void testEncryption() throws Exception { + public void testEncryptionWithFirstSegmentTagged() throws Exception { // Calculate the expected tag byte[] tag = new byte[TAG_LENGTH]; TagEncoder.encodeTag(tag, 0, tagCipher, tagKey); @@ -75,6 +75,45 @@ public class SegmentedConnectionEncrypterTest extends BriarTestCase { assertEquals(Long.MAX_VALUE - actual.length, e.getRemainingCapacity()); } + @Test + public void testEncryptionWithEverySegmentTagged() throws Exception { + // Calculate the expected tag for the first frame + byte[] tag = new byte[TAG_LENGTH]; + TagEncoder.encodeTag(tag, 0, tagCipher, tagKey); + // Calculate the expected ciphertext for the first frame + byte[] iv = new byte[frameCipher.getBlockSize()]; + byte[] plaintext = new byte[123 + MAC_LENGTH]; + IvParameterSpec ivSpec = new IvParameterSpec(iv); + frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec); + byte[] ciphertext = frameCipher.doFinal(plaintext); + // Calculate the expected tag for the second frame + byte[] tag1 = new byte[TAG_LENGTH]; + TagEncoder.encodeTag(tag1, 1, tagCipher, tagKey); + // Calculate the expected ciphertext for the second frame + byte[] plaintext1 = new byte[1234 + MAC_LENGTH]; + IvEncoder.updateIv(iv, 1L); + ivSpec = new IvParameterSpec(iv); + frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec); + byte[] ciphertext1 = frameCipher.doFinal(plaintext1); + // Concatenate the ciphertexts + ByteArrayOutputStream out = new ByteArrayOutputStream(); + out.write(tag); + out.write(ciphertext); + out.write(tag1); + out.write(ciphertext1); + byte[] expected = out.toByteArray(); + // Use a connection encrypter to encrypt the plaintext + SegmentSink sink = new ByteArraySegmentSink(); + ConnectionEncrypter e = new SegmentedConnectionEncrypter(sink, + Long.MAX_VALUE, tagCipher, frameCipher, tagKey, frameKey, true); + e.writeFrame(plaintext, plaintext.length); + e.writeFrame(plaintext1, plaintext1.length); + byte[] actual = out.toByteArray(); + // Check that the actual ciphertext matches the expected ciphertext + assertArrayEquals(expected, actual); + assertEquals(Long.MAX_VALUE - actual.length, e.getRemainingCapacity()); + } + private static class ByteArraySegmentSink extends ByteArrayOutputStream implements SegmentSink {