#!/usr/bin/bash

##
#   run_claes TESTS
##

#-----------------------------------------------------------#
red() {
     echo -en "\\0033[1;31m"
     echo "$1"
     echo -en "\\0033[0;39m"
}

green() {
     echo -en "\\0033[1;32m"
     echo "$1"
     echo -en "\\0033[0;39m"

}

orange() {
     echo -en "\\0033[1;33m"
     echo "$1"
     echo -en "\\0033[0;39m"

}
#-----------------------------------------------------------#

/bin/mkdir -p claes
orange "Preparing claes for canned password"
cp /bin/claes claes/aes; /bin/sed -i '98s/^/ASKPASS = "echo deadbeefdead"/' claes/aes
cd claes
cp ../fixed/bsd .
rm -f err log

echo
orange "Self-tests"
DESC="\nENcrypt a gpg format file produced by clAES : bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f bsd.asc
./aes -debug bsd  >> log 2>> err 
echo "--> : $?"
if ls -l bsd.asc ; then green "OK"; else red "FAILED"; fi

DESC="\nDEcrypt a aes-gpg encrypted file with clAES : bsd.asc ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
echo echo y | mv -f bsd bsd.orig; echo -n "y"| ./aes -debug -decrypt bsd.asc  >> log 2>> err 
echo "--> : $?"
if diff bsd bsd.orig ; then green "OK"; else red "FAILED"; fi

# CMS tests
DESC="\nENcrypt a CMS formated file produced by clAES : bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f bsd.cms
./aes -debug -cms bsd  >> log 2>> err
echo "--> : $?"
if ls -l bsd.asc ; then green "OK"; else red "FAILED"; fi

DESC="\nDEcrypt a CMS encrypted file with clAES : bsd.cms ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
echo echo y | mv -f bsd bsd.orig; echo -n "y"| ./aes -debug -cms -decrypt bsd.cms  >> log 2>> err 
echo "--> : $?"
if diff bsd bsd.orig ; then green "OK"; else red "FAILED"; fi

# openssl tests
DESC="\nENcrypt a raw OpenSSL formated file produced by clAES 256 bits : bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f bsd.asc
./aes -debug -openssl bsd  >> log 2>> err 
echo "--> : $?"
if ls -l bsd.asc ; then green "OK"; else red "FAILED"; fi

DESC="\nDEcrypt a raw OpenSSL encrypted file 256 bits : bsd.asc ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
echo echo y | mv -f bsd bsd.orig; echo -n "y"| ./aes -debug -openssl -decrypt bsd.asc  >> log 2>> err 
echo "--> : $?"
if diff bsd bsd.orig ; then green "OK"; else red "FAILED"; fi

DESC="\nENcrypt a raw OpenSSL formated file produced by clAES 128 bits : bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f bsd.asc
./aes -debug -openssl -128 bsd  >> log 2>> err 
echo "--> : $?"
if ls -l bsd.asc ; then green "OK"; else red "FAILED"; fi

DESC="\nDEcrypt a raw OpenSSL encrypted file 128 bits : bsd.asc ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
echo echo y | mv -f bsd bsd.orig; echo -n "y"| ./aes -debug -openssl -128 -decrypt bsd.asc  >> log 2>> err 
echo "--> : $?"
if diff bsd bsd.orig ; then green "OK"; else red "FAILED"; fi

echo
orange "GPG tests"

DESC="\nencrypt file using gpg2 with AES-128 (no compression): bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f gpg2-AES-128.asc gpg2-AES-128
echo "gpg -ca -z 0 --cipher-algo AES --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./gpg2-AES-128.asc ./bsd"
gpg -ca -z 0 --cipher-algo AES --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./gpg2-AES-128.asc ./bsd
echo "--> : $?"
if ls -l  gpg2-AES-128.asc; then green "gpg2 encryption OK"; else red "gpg2 encryption FAILED"; fi

DESC="\nDEcrypt a aes-gpg encrypted file with clAES : gpg2-AES-128.asc ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
./aes -debug -decrypt gpg2-AES-128.asc >> log 2>> err
echo "--> : $?"
if diff gpg2-AES-128 bsd.orig ; then green "clAES decryption OK"; else red "clAES decryption FAILED"; fi

DESC="\nencrypt file using gpg2 with AES-256 (no compression): bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f gpg2-AES-256.asc gpg2-AES-256
echo "gpg -ca -z 0 --cipher-algo AES256 --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./gpg2-AES-256.asc ./bsd"
gpg -ca -z 0 --cipher-algo AES256 --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./gpg2-AES-256.asc ./bsd
echo "--> : $?"
if ls -l  gpg2-AES-256.asc; then green "gpg2 encryption OK"; else red "gpg2 encryption FAILED"; fi

DESC="\nDEcrypt a aes-gpg encrypted file with clAES : gpg2-AES-256.asc ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
./aes -debug -decrypt gpg2-AES-256.asc >> log 2>> err
echo "--> : $?"
if diff gpg2-AES-256 bsd.orig ; then green "clAES decryption OK"; else red "clAES decryption FAILED"; fi

DESC="\nencrypt file using gpg2 with AES-256 (BINARY output): bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f gpg2-AES-256.asc gpg2-AES-256
echo "gpg -c -z 0 --cipher-algo AES256 --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./gpg2-AES-256.asc ./bsd"
gpg -c -z 0 --cipher-algo AES256 --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./gpg2-AES-256.asc ./bsd
echo "--> : $?"
if ls -l  gpg2-AES-256.asc; then green "gpg2 encryption OK"; else red "gpg2 encryption FAILED"; fi

DESC="\nDEcrypt a aes-gpg encrypted file with clAES : gpg2-AES-256.asc ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
./aes -debug -decrypt gpg2-AES-256.asc >> log 2>> err
echo "--> : $?"
if diff gpg2-AES-256 bsd.orig ; then green "clAES decryption OK"; else red "clAES decryption FAILED"; fi

echo
orange "testing MDC integrity"
# check the corner cases of MDC integrity (https://github.com/cryptlib/cryptlib/issues/10)
for FILE in 163 164 185 186 8355 8356 8377 8378
do
     DESC="\nencrypt file with clAES: ${FILE} ... "
     echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -en ${DESC}
     rm -f ${FILE} ${FILE}.gpg ${FILE}.orig 2>/dev/null
     dd if=/dev/urandom of=${FILE} bs=1 count=${FILE} 2>/dev/null >/dev/null
     ./aes -debug -binary ${FILE} >> log 2>> err
     mv ${FILE} ${FILE}.orig
     DESC="\ndecrypt file with clAES: ${FILE}.gpg ... "
     echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
     ./aes -debug -decrypt -binary ${FILE}.gpg >> log 2>> err
     if diff ${FILE} ${FILE}.orig; then green "clAES decryption OK"; else red "clAES decryption FAILED"; fi
done

echo
orange "Testing OpenSSL interaction"

DESC="\nencrypt file using openssl with AES-256: bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ossl-AES-256.asc ossl-AES-256
echo "openssl aes-256-cbc  -pbkdf2 -a -p -k deadbeefdead -in ./bsd -out ossl-AES-256.asc"
openssl aes-256-cbc  -pbkdf2 -a -p -k deadbeefdead -in ./bsd -out ossl-AES-256.asc
echo "--> : $?"
if ls -l  ossl-AES-256.asc; then green "OpenSSL encryption OK"; else red "OpenSSL encryption FAILED"; fi

DESC="\ndecrypt ossl-AES-256.asc  with clAES ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
./aes -debug -openssl -decrypt ossl-AES-256.asc >> log 2>> err
echo "--> : $?"
if diff ossl-AES-256 bsd.orig ; then green "clAES decryption OK"; else red "clAES decryption FAILED"; fi

DESC="\nencrypt file using openssl with AES-128: bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ossl-AES-128.asc ossl-AES-128
echo "openssl aes-128-cbc  -pbkdf2 -a -p -k deadbeefdead -in ./bsd -out ossl-AES-128.asc"
openssl aes-128-cbc  -pbkdf2 -a -p -k deadbeefdead -in ./bsd -out ossl-AES-128.asc
echo "--> : $?"
if ls -l  ossl-AES-128.asc; then green "OpenSSL encryption OK"; else red "OpenSSL encryption FAILED"; fi

DESC="\ndecrypt ossl-AES-128.asc  with clAES ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
./aes -debug -openssl -128 -decrypt ossl-AES-128.asc >> log 2>> err
echo "--> : $?"
if diff ossl-AES-128 bsd.orig ; then green "clAES decryption OK"; else red "clAES decryption FAILED"; fi


DESC="\nencrypt file using openssl with AES-256 (BINARY output): bsd ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ossl-AES-256.asc ossl-AES-256
echo "openssl aes-256-cbc  -pbkdf2 -p -k deadbeefdead -in ./bsd -out ossl-AES-256.asc"
openssl aes-256-cbc  -pbkdf2 -p -k deadbeefdead -in ./bsd -out ossl-AES-256.asc
echo "--> : $?"
if ls -l  ossl-AES-256.asc; then green "OpenSSL encryption OK"; else red "OpenSSL encryption FAILED"; fi

DESC="\ndecrypt ossl-AES-256.asc  with clAES ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
./aes -debug -openssl -decrypt ossl-AES-256.asc >> log 2>> err
echo "--> : $?"
if diff ossl-AES-256 bsd.orig ; then green "clAES decryption OK"; else red "clAES decryption FAILED"; fi

echo
orange "Testing big files"

DESC="\nENcrypt a HUGE random file produced by clAES : huge ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f huge huge.gpg
dd if=/dev/urandom of=huge bs=1M count=30
ls -l huge
./aes -debug -binary huge  >> log 2>> err
echo "--> : $?"
if ls -l huge.gpg ; then green " encrypting a huge file OK"; else red "encrypting a huge file FAILED"; fi

DESC="\nDEcrypt a HUGE encrypted file with clAES : huge.gpg ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
echo echo y | mv -f huge huge.orig; echo -n "y"| ./aes -debug -decrypt huge.gpg  >> log 2>> err
echo "--> : $?"
if diff huge huge.orig ; then green "OK"; else red "FAILED"; fi

# test piping via standard input 
DESC="\nENcrypt a HUGE random file piped into clAES : huge ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f huge huge.gpg
dd if=/dev/urandom of=huge bs=1M count=30
ls -l huge
cat huge | ./aes -debug -binary  >> log 2>> err
echo "--> : $?"
if ls -l stdin.asc ; then green " encrypting a piped huge file OK"; else red "encrypting a piped huge file FAILED"; fi

DESC="\nDEcrypt a HUGE encrypted piped file with clAES : stdin.asc ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
echo echo y | mv -f huge huge.orig; cat stdin.asc | ./aes -debug -decrypt  >> log 2>> err
echo "--> : $?"
if diff stdin huge.orig ; then green "OK"; else red "FAILED"; fi

echo
orange "Testing compression"
cat bsd > bsd3
cat bsd3>bsd2;cat bsd2>>bsd3 ; cat bsd3>bsd2;cat bsd2>>bsd3 ;cat bsd3>bsd2;cat bsd2>>bsd3
cat bsd3>bsd2;cat bsd2>>bsd3 ; cat bsd3>bsd2;cat bsd2>>bsd3 ;cat bsd3>bsd2;cat bsd2>>bsd3
FILE=bsd3
cat ${FILE} > ${FILE}.orig; ls -l ${FILE}*

DESC="\nENcrypt file using gpg2 with compression (BINARY output): ${FILE} ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ${FILE}.gpg
echo "gpg -c -z-1  --cipher-algo AES256 --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./${FILE}.gpg ${FILE}"
gpg -c -z-1 --cipher-algo AES256 --s2k-digest-algo SHA256 --batch --passphrase deadbeefdead -o ./${FILE}.gpg ${FILE}
echo "--> : $?"
if ls -l  ${FILE}.gpg; then green "gpg2 encryption OK"; else red "gpg2 encryption FAILED"; fi

DESC="\nDEcrypt a gpg encrypted compressed file with clAES : ${FILE}.gpg ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ${FILE}
./aes -debug -decrypt ${FILE}.gpg >> log 2>> err
echo "--> : $?"
if diff ${FILE} ${FILE}.orig > /dev/null ; then green "clAES (compressed) decryption OK"; else red "clAES decryption FAILED"; fi


DESC="\nENcrypt file using clAES with compression (BINARY output): ${FILE} ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ${FILE}.gpg
./aes -debug -compress -binary ${FILE} >> log 2>> err
echo "--> : $?"
if ls -l  ${FILE}.gpg; then green "clAES (compressed) encryption OK"; else red "clAES encryption FAILED"; fi

DESC="\nDEcrypt a encrypted compressed file with gpg2 : ${FILE}.gpg ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ${FILE}.clear
echo "gpg -d --batch --passphrase deadbeefdead -o ${FILE}.clear ${FILE}.gpg"
gpg -d --batch --passphrase deadbeefdead -o ${FILE}.clear ${FILE}.gpg >> log 2>> err
echo "--> : $?"
if diff ${FILE}.clear ${FILE}.orig > /dev/null ; then green "gpg2 (compressed) decryption OK"; else red "gpg2 decryption FAILED"; fi

DESC="\nDEcrypt a encrypted compressed file with clAES : ${FILE}.gpg ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ${FILE}
echo "./aes -debug -decrypt ${FILE}.gpg"
./aes -debug -decrypt ${FILE}.gpg >> log 2>> err
echo "--> : $?"
if diff ${FILE} ${FILE}.orig > /dev/null ; then green "clAES (compressed) decryption OK"; else red "clAES decryption FAILED"; fi

DESC="\nENcrypt CMS file using clAES with compression (BINARY output): ${FILE} ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ${FILE}.cms
echo "./aes -debug -compress -cms ${FILE} "
./aes -debug -compress -cms ${FILE} >> log 2>> err
echo "--> : $?"
if ls -l  ${FILE}.cms; then green "clAES (CMS compressed) encryption OK"; else red "clAES encryption FAILED"; fi

DESC="\nDEcrypt a CMS encrypted compressed file with clAES : ${FILE}.cms ... "
echo -e "------ ${DESC}" >> log; echo -e "------ ${DESC}" >> err; echo -e ${DESC}
rm -f ${FILE}
echo "./aes -debug -decrypt -cms ${FILE}.cms"
./aes -debug -decrypt -cms ${FILE}.cms >> log 2>> err
echo "--> : $?"
if diff ${FILE} ${FILE}.orig > /dev/null ; then green "clAES (CMS compressed) decryption OK"; else red "clAES decryption FAILED"; fi

rm -f huge* bsd2* bsd3* stdin*

echo
orange "claes tests finished."
echo

ls -l
