xref: /aosp_15_r20/external/tink/go/hybrid/ecies_aead_hkdf_dem_helper_test.go (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1// Copyright 2021 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//      http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15////////////////////////////////////////////////////////////////////////////////
16
17package hybrid
18
19import (
20	"bytes"
21	"encoding/hex"
22	"testing"
23
24	"github.com/google/tink/go/aead"
25	"github.com/google/tink/go/daead"
26	"github.com/google/tink/go/mac"
27	"github.com/google/tink/go/signature"
28	"github.com/google/tink/go/subtle/random"
29	"github.com/google/tink/go/tink"
30	tinkpb "github.com/google/tink/go/proto/tink_go_proto"
31)
32
33var (
34	keyTemplates = map[*tinkpb.KeyTemplate]uint32{
35		aead.AES256CTRHMACSHA256KeyTemplate(): 64,
36		aead.AES128CTRHMACSHA256KeyTemplate(): 48,
37		aead.AES256GCMKeyTemplate():           32,
38		aead.AES128GCMKeyTemplate():           16,
39		daead.AESSIVKeyTemplate():             64,
40	}
41	uTemplates = []*tinkpb.KeyTemplate{
42		signature.ECDSAP256KeyTemplate(),
43		mac.HMACSHA256Tag256KeyTemplate(),
44		&tinkpb.KeyTemplate{TypeUrl: "some url", Value: []byte{0}},
45		&tinkpb.KeyTemplate{TypeUrl: aesCTRHMACAEADTypeURL},
46		&tinkpb.KeyTemplate{TypeUrl: aesGCMTypeURL},
47		&tinkpb.KeyTemplate{TypeUrl: aesSIVTypeURL},
48	}
49)
50
51func TestCipherKeySize(t *testing.T) {
52	for c, l := range keyTemplates {
53		rDem, err := newRegisterECIESAEADHKDFDemHelper(c)
54		if err != nil {
55			t.Fatalf("error generating a DEM helper :%s", err)
56		}
57		if rDem.GetSymmetricKeySize() != l {
58			t.Errorf("incorrect key size %s template, got: %d, want: %d", c, rDem.GetSymmetricKeySize(), l)
59		}
60	}
61}
62
63func TestUnsupportedKeyTemplates(t *testing.T) {
64	for _, l := range uTemplates {
65		_, err := newRegisterECIESAEADHKDFDemHelper(l)
66		if err == nil {
67			t.Fatalf("unsupported key template %s should have generated error", l)
68		}
69	}
70}
71
72func TestAead(t *testing.T) {
73	for c := range keyTemplates {
74		pt := random.GetRandomBytes(20)
75		ad := random.GetRandomBytes(20)
76		rDem, err := newRegisterECIESAEADHKDFDemHelper(c)
77		if err != nil {
78			t.Fatalf("error generating a DEM helper :%s", err)
79		}
80		sk := random.GetRandomBytes(rDem.GetSymmetricKeySize())
81		prim, err := rDem.GetAEADOrDAEAD(sk)
82		if err != nil {
83			t.Errorf("error getting AEAD primitive :%s", err)
84		}
85		var ct []byte
86		switch a := prim.(type) {
87		case tink.AEAD:
88			ct, err = a.Encrypt(pt, ad)
89		case tink.DeterministicAEAD:
90			ct, err = a.EncryptDeterministically(pt, ad)
91		}
92		if err != nil {
93			t.Errorf("error encrypting :%s", err)
94		}
95
96		var dt []byte
97		switch a := prim.(type) {
98		case tink.AEAD:
99			dt, err = a.Decrypt(ct, ad)
100		case tink.DeterministicAEAD:
101			dt, err = a.DecryptDeterministically(ct, ad)
102		}
103		if err != nil {
104			t.Errorf("error decrypting :%s", err)
105		}
106		if !bytes.Equal(dt, pt) {
107			t.Errorf("decryption not inverse of encryption,\n want :%s,\n got: %s", hex.Dump(pt), hex.Dump(dt))
108		}
109
110		// shorter symmetric key
111		sk = random.GetRandomBytes(rDem.GetSymmetricKeySize() - 1)
112		if _, err = rDem.GetAEADOrDAEAD(sk); err == nil {
113			t.Errorf("retrieving AEAD primitive should have failed")
114		}
115
116		// longer symmetric key
117		sk = random.GetRandomBytes(rDem.GetSymmetricKeySize() + 1)
118		if _, err = rDem.GetAEADOrDAEAD(sk); err == nil {
119			t.Errorf("retrieving AEAD primitive should have failed")
120		}
121
122	}
123}
124