1 // Copyright 2021 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16
17 #include "tink/hybrid/internal/hpke_key_manager_util.h"
18
19 #include "gtest/gtest.h"
20 #include "absl/status/status.h"
21 #include "tink/hybrid/internal/hpke_test_util.h"
22 #include "tink/util/status.h"
23 #include "tink/util/test_matchers.h"
24
25 namespace crypto {
26 namespace tink {
27 namespace internal {
28 namespace {
29
30 using ::crypto::tink::internal::CreateHpkeParams;
31 using ::crypto::tink::internal::CreateHpkePublicKey;
32 using ::crypto::tink::test::IsOk;
33 using ::crypto::tink::test::StatusIs;
34 using ::google::crypto::tink::HpkeAead;
35 using ::google::crypto::tink::HpkeKdf;
36 using ::google::crypto::tink::HpkeKem;
37 using ::google::crypto::tink::HpkePublicKey;
38
TEST(HpkeKeyManagerUtilTest,ValidateValidParamsSucceeds)39 TEST(HpkeKeyManagerUtilTest, ValidateValidParamsSucceeds) {
40 ASSERT_THAT(ValidateParams(CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256,
41 HpkeKdf::HKDF_SHA256,
42 HpkeAead::AES_256_GCM)),
43 IsOk());
44 }
45
TEST(HpkeKeyManagerUtilTest,ValidateInvalidParamsFails)46 TEST(HpkeKeyManagerUtilTest, ValidateInvalidParamsFails) {
47 ASSERT_THAT(
48 ValidateParams(CreateHpkeParams(
49 HpkeKem::KEM_UNKNOWN, HpkeKdf::HKDF_SHA256, HpkeAead::AES_256_GCM)),
50 StatusIs(absl::StatusCode::kInvalidArgument));
51
52 ASSERT_THAT(ValidateParams(CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256,
53 HpkeKdf::KDF_UNKNOWN,
54 HpkeAead::AES_256_GCM)),
55 StatusIs(absl::StatusCode::kInvalidArgument));
56
57 ASSERT_THAT(ValidateParams(CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256,
58 HpkeKdf::HKDF_SHA256,
59 HpkeAead::AEAD_UNKNOWN)),
60 StatusIs(absl::StatusCode::kInvalidArgument));
61 }
62
TEST(HpkeKeyManagerUtilTest,ValidateValidKeyAndVersionSucceeds)63 TEST(HpkeKeyManagerUtilTest, ValidateValidKeyAndVersionSucceeds) {
64 HpkePublicKey key = CreateHpkePublicKey(
65 CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
66 HpkeAead::AES_256_GCM),
67 "rawkeybytes");
68
69 ASSERT_THAT(ValidateKeyAndVersion(key, /*max_key_version=*/1), IsOk());
70 }
71
TEST(HpkeKeyManagerUtilTest,ValidateTooHighKeyVersionFails)72 TEST(HpkeKeyManagerUtilTest, ValidateTooHighKeyVersionFails) {
73 HpkePublicKey key = CreateHpkePublicKey(
74 CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
75 HpkeAead::AES_256_GCM),
76 "rawkeybytes");
77 key.set_version(1);
78
79 ASSERT_THAT(ValidateKeyAndVersion(key, /*max_key_version=*/0),
80 StatusIs(absl::StatusCode::kInvalidArgument));
81 }
82
TEST(HpkeKeyManagerUtilTest,ValidateMissingKeyParamsFails)83 TEST(HpkeKeyManagerUtilTest, ValidateMissingKeyParamsFails) {
84 HpkePublicKey key = CreateHpkePublicKey(
85 CreateHpkeParams(HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
86 HpkeAead::AES_256_GCM),
87 "rawkeybytes");
88 key.clear_params();
89
90 ASSERT_THAT(ValidateKeyAndVersion(key, /*max_key_version=*/1),
91 StatusIs(absl::StatusCode::kInvalidArgument));
92 }
93
94 } // namespace
95 } // namespace internal
96 } // namespace tink
97 } // namespace crypto
98