1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
package tpm2
// Note: this unit test is in the tpm2 package instead of in the tpm2test package.
// This is to allow calling encapsulateDerandomized from the test without exporting it.
import (
"bytes"
"testing"
"github.com/google/go-tpm/tpm2/test/testvectors"
)
func TestECCLabeledEncapsulation(t *testing.T) {
for _, testcase := range testvectors.ECCLabeledEncapsulation(t) {
t.Run(testcase.Name, func(t *testing.T) {
pub, err := Unmarshal[TPMTPublic](testcase.PublicKey)
if err != nil {
t.Fatalf("Unmarshal() = %v", err)
}
encapsPub, err := importECCEncapsulationKey(pub)
if err != nil {
t.Fatalf("importECCEncapsulationKey() = %v", err)
}
ephPriv, err := encapsPub.eccPub.Curve().NewPrivateKey(testcase.EphemeralPrivate)
if err != nil {
t.Fatalf("NewPrivateKey() = %v", err)
}
secret, ciphertext, err := encapsPub.encapsulateDerandomized(ephPriv, testcase.Label)
if err != nil {
t.Fatalf("encapsulateDerandomized() = %v", err)
}
if !bytes.Equal(testcase.Secret, secret) {
t.Errorf("want %x got %x", testcase.Secret, secret)
}
if !bytes.Equal(testcase.Ciphertext, ciphertext) {
t.Errorf("want %x got %x", testcase.Ciphertext, ciphertext)
}
})
}
}
func TestRSALabeledEncapsulation(t *testing.T) {
for _, testcase := range testvectors.RSALabeledEncapsulation(t) {
t.Run(testcase.Name, func(t *testing.T) {
pub, err := Unmarshal[TPMTPublic](testcase.PublicKey)
if err != nil {
t.Fatalf("Unmarshal() = %v", err)
}
encapsPub, err := importRSAEncapsulationKey(pub)
if err != nil {
t.Fatalf("importRSAEncapsulationKey() = %v", err)
}
ciphertext, err := encapsPub.encapsulateDerandomized(bytes.NewReader(testcase.OAEPSalt), testcase.Secret, testcase.Label)
if err != nil {
t.Fatalf("encapsulateDerandomized() = %v", err)
}
if !bytes.Equal(testcase.Ciphertext, ciphertext) {
t.Errorf("want %x got %x", testcase.Ciphertext, ciphertext)
}
})
}
}
|
