1 // Copyright 2021 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16
17 #include "tink/hybrid/internal/hpke_decrypt_boringssl.h"
18
19 #include <memory>
20 #include <string>
21 #include <utility>
22
23 #include "gtest/gtest.h"
24 #include "absl/status/status.h"
25 #include "absl/strings/escaping.h"
26 #include "openssl/hpke.h"
27 #include "tink/hybrid/internal/hpke_test_util.h"
28 #include "tink/util/status.h"
29 #include "tink/util/test_matchers.h"
30 #include "tink/util/test_util.h"
31 #include "proto/hpke.pb.h"
32
33 namespace crypto {
34 namespace tink {
35 namespace internal {
36 namespace {
37
38 using ::crypto::tink::test::IsOk;
39 using ::crypto::tink::test::IsOkAndHolds;
40 using ::crypto::tink::test::StatusIs;
41 using ::google::crypto::tink::HpkeAead;
42 using ::google::crypto::tink::HpkeKdf;
43 using ::google::crypto::tink::HpkeKem;
44 using ::google::crypto::tink::HpkeParams;
45 using ::testing::Values;
46
47 class HpkeDecryptBoringSslTest : public testing::TestWithParam<HpkeParams> {};
48
49 INSTANTIATE_TEST_SUITE_P(
50 HpkeDecryptionBoringSslTestSuite, HpkeDecryptBoringSslTest,
51 Values(CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256,
52 HpkeKdf::HKDF_SHA256, HpkeAead::AES_128_GCM),
53 CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256,
54 HpkeKdf::HKDF_SHA256,
55 HpkeAead::CHACHA20_POLY1305)));
56
TEST_P(HpkeDecryptBoringSslTest,SetupSenderContextAndDecrypt)57 TEST_P(HpkeDecryptBoringSslTest, SetupSenderContextAndDecrypt) {
58 HpkeParams hpke_params = GetParam();
59 util::StatusOr<HpkeTestParams> params = CreateHpkeTestParams(hpke_params);
60 ASSERT_THAT(params, IsOk());
61 util::StatusOr<std::unique_ptr<HpkeKeyBoringSsl>> hpke_key =
62 HpkeKeyBoringSsl::New(hpke_params.kem(), params->recipient_private_key);
63 ASSERT_THAT(hpke_key, IsOk());
64 util::StatusOr<std::unique_ptr<HpkeDecryptBoringSsl>> hpke_decrypt =
65 HpkeDecryptBoringSsl::New(hpke_params, **hpke_key,
66 params->encapsulated_key,
67 params->application_info);
68 ASSERT_THAT(hpke_decrypt, IsOk());
69 util::StatusOr<std::string> plaintext =
70 (*hpke_decrypt)->Decrypt(params->ciphertext, params->associated_data);
71 ASSERT_THAT(plaintext, IsOkAndHolds(params->plaintext));
72 }
73
74 class HpkeDecryptBoringSslWithBadParamTest
75 : public testing::TestWithParam<HpkeParams> {};
76
77 INSTANTIATE_TEST_SUITE_P(
78 HpkeDecryptionBoringSslWithBadParamTestSuite,
79 HpkeDecryptBoringSslWithBadParamTest,
80 Values(CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256,
81 HpkeKdf::KDF_UNKNOWN, HpkeAead::AES_128_GCM),
82 CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256,
83 HpkeKdf::HKDF_SHA256, HpkeAead::AEAD_UNKNOWN)));
84
TEST_P(HpkeDecryptBoringSslWithBadParamTest,BadParamsFails)85 TEST_P(HpkeDecryptBoringSslWithBadParamTest, BadParamsFails) {
86 HpkeParams hpke_params = GetParam();
87 HpkeTestParams params = DefaultHpkeTestParams();
88 util::StatusOr<std::unique_ptr<HpkeKeyBoringSsl>> hpke_key =
89 HpkeKeyBoringSsl::New(hpke_params.kem(), params.recipient_private_key);
90 ASSERT_THAT(hpke_key, IsOk());
91 util::StatusOr<std::unique_ptr<HpkeDecryptBoringSsl>> hpke_decrypt =
92 HpkeDecryptBoringSsl::New(hpke_params, **hpke_key,
93 params.encapsulated_key,
94 params.application_info);
95 ASSERT_THAT(hpke_decrypt.status(),
96 StatusIs(absl::StatusCode::kInvalidArgument));
97 }
98
99 } // namespace
100 } // namespace internal
101 } // namespace tink
102 } // namespace crypto
103