1 // Copyright 2017 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ////////////////////////////////////////////////////////////////////////////////
16
17 #include "tink/signature/public_key_sign_factory.h"
18
19 #include <string>
20 #include <utility>
21
22 #include "gtest/gtest.h"
23 #include "tink/crypto_format.h"
24 #include "tink/keyset_handle.h"
25 #include "tink/public_key_sign.h"
26 #include "tink/registry.h"
27 #include "tink/signature/ecdsa_sign_key_manager.h"
28 #include "tink/signature/signature_config.h"
29 #include "tink/util/status.h"
30 #include "tink/util/test_keyset_handle.h"
31 #include "tink/util/test_util.h"
32 #include "proto/ecdsa.pb.h"
33 #include "proto/tink.pb.h"
34
35 using crypto::tink::test::AddTinkKey;
36 using google::crypto::tink::EcdsaPrivateKey;
37 using google::crypto::tink::EcdsaSignatureEncoding;
38 using google::crypto::tink::EllipticCurveType;
39 using google::crypto::tink::HashType;
40 using google::crypto::tink::KeyData;
41 using google::crypto::tink::Keyset;
42 using google::crypto::tink::KeyStatusType;
43
44 namespace crypto {
45 namespace tink {
46 namespace {
47
48 class PublicKeySignFactoryTest : public ::testing::Test {
49 protected:
SetUp()50 void SetUp() override {
51 auto status = SignatureConfig::Register();
52 ASSERT_TRUE(status.ok()) << status;
53 }
54 };
55
GetNewEcdsaPrivateKey()56 EcdsaPrivateKey GetNewEcdsaPrivateKey() {
57 return test::GetEcdsaTestPrivateKey(EllipticCurveType::NIST_P256,
58 HashType::SHA256,
59 EcdsaSignatureEncoding::DER);
60 }
61
TEST_F(PublicKeySignFactoryTest,testBasic)62 TEST_F(PublicKeySignFactoryTest, testBasic) {
63 Keyset keyset;
64 auto public_key_sign_result = PublicKeySignFactory::GetPrimitive(
65 *TestKeysetHandle::GetKeysetHandle(keyset));
66 EXPECT_FALSE(public_key_sign_result.ok());
67 EXPECT_EQ(absl::StatusCode::kInvalidArgument,
68 public_key_sign_result.status().code());
69 EXPECT_PRED_FORMAT2(testing::IsSubstring, "at least one key",
70 std::string(public_key_sign_result.status().message()));
71 }
72
TEST_F(PublicKeySignFactoryTest,testPrimitive)73 TEST_F(PublicKeySignFactoryTest, testPrimitive) {
74 // Prepare a Keyset.
75 Keyset keyset;
76 std::string key_type =
77 "type.googleapis.com/google.crypto.tink.EcdsaPrivateKey";
78
79 uint32_t key_id_1 = 1234543;
80 AddTinkKey(key_type, key_id_1, GetNewEcdsaPrivateKey(),
81 KeyStatusType::ENABLED, KeyData::ASYMMETRIC_PUBLIC, &keyset);
82
83 uint32_t key_id_2 = 726329;
84 AddTinkKey(key_type, key_id_2, GetNewEcdsaPrivateKey(),
85 KeyStatusType::ENABLED, KeyData::ASYMMETRIC_PUBLIC, &keyset);
86
87 uint32_t key_id_3 = 7213743;
88 AddTinkKey(key_type, key_id_3, GetNewEcdsaPrivateKey(),
89 KeyStatusType::ENABLED, KeyData::ASYMMETRIC_PUBLIC, &keyset);
90
91 keyset.set_primary_key_id(key_id_3);
92
93 // Create a KeysetHandle and use it with the factory.
94 auto public_key_sign_result = PublicKeySignFactory::GetPrimitive(
95 *TestKeysetHandle::GetKeysetHandle(keyset));
96 EXPECT_TRUE(public_key_sign_result.ok())
97 << public_key_sign_result.status();
98 auto public_key_sign = std::move(public_key_sign_result.value());
99
100 std::string data = "some data to sign";
101 auto sign_result = public_key_sign->Sign(data);
102 EXPECT_TRUE(sign_result.ok()) << sign_result.status();
103 EXPECT_NE(data, sign_result.value());
104 }
105
106 } // namespace
107 } // namespace tink
108 } // namespace crypto
109