1 // Copyright 2023 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include "anonymous_tokens/cpp/client/anonymous_tokens_public_key_client.h"
16
17 #include <cstddef>
18 #include <memory>
19 #include <string>
20 #include <utility>
21 #include <vector>
22
23 #include <gmock/gmock.h>
24 #include <gtest/gtest.h>
25 #include "absl/status/status.h"
26 #include "absl/strings/string_view.h"
27 #include "anonymous_tokens/cpp/shared/proto_utils.h"
28 #include "anonymous_tokens/cpp/shared/status_utils.h"
29 #include "anonymous_tokens/cpp/testing/utils.h"
30 #include "anonymous_tokens/proto/anonymous_tokens.pb.h"
31
32 namespace anonymous_tokens {
33 namespace {
34
35 constexpr int kKeyByteSize = 512;
36 constexpr int kSaltByteLength = 48;
37 constexpr int kMessageMaskByteLength = 32;
38 constexpr absl::Duration kEndTimeIncrement = absl::Minutes(100);
39 constexpr absl::Duration kStartTimeIncrement = absl::Minutes(35);
40
41 class AnonymousTokensPublicKeysGetClientTest : public ::testing::Test {
42 protected:
SetUp()43 void SetUp() override {
44 start_time_ = absl::Now();
45 default_n_str_ = std::string(kKeyByteSize, 'a');
46 default_e_str_ = std::string(kKeyByteSize, 'b');
47
48 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
49 client_, AnonymousTokensPublicKeysGetClient::Create());
50 }
51
GenerateFakeRsaKey(std::string n_str,std::string e_str)52 RSAPublicKey GenerateFakeRsaKey(std::string n_str, std::string e_str) {
53 RSAPublicKey public_key;
54 public_key.set_n(n_str);
55 public_key.set_e(e_str);
56 return public_key;
57 }
58
SimpleGetResponse()59 absl::StatusOr<AnonymousTokensPublicKeysGetResponse> SimpleGetResponse() {
60 RSAPublicKey public_key =
61 GenerateFakeRsaKey(default_n_str_, default_e_str_);
62 return PublicKeysGetResponse({public_key});
63 }
64
PublicKeysGetResponse(const std::vector<RSAPublicKey> & public_keys)65 absl::StatusOr<AnonymousTokensPublicKeysGetResponse> PublicKeysGetResponse(
66 const std::vector<RSAPublicKey>& public_keys) {
67 AnonymousTokensPublicKeysGetResponse resp;
68 for (size_t i = 0; i < public_keys.size(); ++i) {
69 RSABlindSignaturePublicKey* key = resp.add_rsa_public_keys();
70 key->set_use_case("TEST_USE_CASE");
71 key->set_key_version(i + 1);
72 key->set_serialized_public_key(public_keys[i].SerializeAsString());
73 ANON_TOKENS_ASSIGN_OR_RETURN(
74 *(key->mutable_key_validity_start_time()),
75 TimeToProto(start_time_ - (kStartTimeIncrement * i)));
76 ANON_TOKENS_ASSIGN_OR_RETURN(
77 *(key->mutable_expiration_time()),
78 TimeToProto(start_time_ + (kEndTimeIncrement * (i + 1))));
79 key->set_mask_gen_function(AT_MGF_SHA384);
80 key->set_sig_hash_type(AT_HASH_TYPE_SHA384);
81 key->set_key_size(kKeyByteSize);
82 key->set_salt_length(kSaltByteLength);
83 key->set_message_mask_type(AT_MESSAGE_MASK_CONCAT);
84 key->set_message_mask_size(kMessageMaskByteLength);
85 key->set_public_metadata_support(true);
86 }
87 return resp;
88 }
89
90 absl::Time start_time_;
91 std::string default_n_str_;
92 std::string default_e_str_;
93 std::unique_ptr<AnonymousTokensPublicKeysGetClient> client_;
94 };
95
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientMoreThanOneRequest)96 TEST_F(AnonymousTokensPublicKeysGetClientTest,
97 PublicKeyGetClientMoreThanOneRequest) {
98 // Create the first request.
99 ASSERT_TRUE(client_
100 ->CreateAnonymousTokensPublicKeysGetRequest(
101 TEST_USE_CASE, 1, absl::Now(), absl::nullopt)
102 .ok());
103 // Second request will err.
104 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
105 client_->CreateAnonymousTokensPublicKeysGetRequest(
106 TEST_USE_CASE, 1, absl::Now(), absl::nullopt);
107 EXPECT_EQ(request.status().code(), absl::StatusCode::kFailedPrecondition);
108 EXPECT_THAT(request.status().message(),
109 testing::HasSubstr("Public Key request is already created."));
110 }
111
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientInvalidUseCaseRequest)112 TEST_F(AnonymousTokensPublicKeysGetClientTest,
113 PublicKeyGetClientInvalidUseCaseRequest) {
114 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
115 client_->CreateAnonymousTokensPublicKeysGetRequest(
116 ANONYMOUS_TOKENS_USE_CASE_UNDEFINED, 0, absl::Now(), absl::nullopt);
117 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
118 EXPECT_THAT(request.status().message(),
119 testing::HasSubstr("Use case must be defined."));
120 }
121
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientInvalidKeyVersionRequest)122 TEST_F(AnonymousTokensPublicKeysGetClientTest,
123 PublicKeyGetClientInvalidKeyVersionRequest) {
124 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
125 client_->CreateAnonymousTokensPublicKeysGetRequest(
126 TEST_USE_CASE, -1, absl::Now(), absl::nullopt);
127 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
128 EXPECT_THAT(
129 request.status().message(),
130 testing::HasSubstr("Key Version in an AnonymousTokensPublicKeysGetRequest"
131 " must be 0 or greater than 0."));
132 }
133
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientExpiryBeforeValidityStartRequest)134 TEST_F(AnonymousTokensPublicKeysGetClientTest,
135 PublicKeyGetClientExpiryBeforeValidityStartRequest) {
136 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
137 client_->CreateAnonymousTokensPublicKeysGetRequest(
138 TEST_USE_CASE, 0, absl::Now(), absl::Now() - absl::Minutes(10));
139 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
140 EXPECT_THAT(
141 request.status().message(),
142 testing::HasSubstr("Key validity start time can not be the same or after"
143 " key validity end time (if set)."));
144 }
145
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientExpiryInThePastRequest)146 TEST_F(AnonymousTokensPublicKeysGetClientTest,
147 PublicKeyGetClientExpiryInThePastRequest) {
148 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
149 client_->CreateAnonymousTokensPublicKeysGetRequest(
150 TEST_USE_CASE, 0, absl::Now() - absl::Minutes(30),
151 absl::Now() - absl::Minutes(10));
152 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
153 EXPECT_THAT(
154 request.status().message(),
155 testing::HasSubstr(
156 "Requested Key expiry time (if set) must not be in the past."));
157 }
158
TEST_F(AnonymousTokensPublicKeysGetClientTest,CreateAnonymousTokensPublicKeysGetRequestWithExpiryTime)159 TEST_F(AnonymousTokensPublicKeysGetClientTest,
160 CreateAnonymousTokensPublicKeysGetRequestWithExpiryTime) {
161 absl::Time end_time = start_time_ + kEndTimeIncrement;
162 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
163 AnonymousTokensPublicKeysGetRequest request,
164 client_->CreateAnonymousTokensPublicKeysGetRequest(
165 TEST_USE_CASE, 0, start_time_, end_time));
166
167 EXPECT_EQ(request.use_case(), AnonymousTokensUseCase_Name(TEST_USE_CASE));
168 EXPECT_EQ(request.key_version(), 0u);
169 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
170 absl::Time request_start_time,
171 TimeFromProto(request.key_validity_start_time()));
172 EXPECT_EQ(request_start_time, start_time_);
173 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
174 absl::Time request_end_time,
175 TimeFromProto(request.key_validity_end_time()));
176 EXPECT_EQ(request_end_time, end_time);
177 }
178
TEST_F(AnonymousTokensPublicKeysGetClientTest,CreateAnonymousTokensPublicKeysGetRequestWithNoExpiryTime)179 TEST_F(AnonymousTokensPublicKeysGetClientTest,
180 CreateAnonymousTokensPublicKeysGetRequestWithNoExpiryTime) {
181 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
182 auto request, client_->CreateAnonymousTokensPublicKeysGetRequest(
183 TEST_USE_CASE, 0, start_time_, absl::nullopt));
184
185 EXPECT_EQ(request.use_case(), AnonymousTokensUseCase_Name(TEST_USE_CASE));
186 EXPECT_EQ(request.key_version(), 0u);
187 EXPECT_EQ(TimeFromProto(request.key_validity_start_time()).value(),
188 start_time_);
189 EXPECT_EQ(request.has_key_validity_end_time(), false);
190 }
191
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessPublicKeyGetResponseWithoutCreatingRequest)192 TEST_F(AnonymousTokensPublicKeysGetClientTest,
193 ProcessPublicKeyGetResponseWithoutCreatingRequest) {
194 AnonymousTokensPublicKeysGetResponse response;
195 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
196 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
197 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kFailedPrecondition);
198 EXPECT_THAT(public_keys.status().message(),
199 testing::HasSubstr(
200 "CreateAnonymousTokensPublicKeysGetRequest has not been "
201 "called yet."));
202 }
203
TEST_F(AnonymousTokensPublicKeysGetClientTest,UndefinedUseCaseInPublicKeyGetResponse)204 TEST_F(AnonymousTokensPublicKeysGetClientTest,
205 UndefinedUseCaseInPublicKeyGetResponse) {
206 ASSERT_TRUE(
207 client_
208 ->CreateAnonymousTokensPublicKeysGetRequest(
209 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
210 .ok());
211 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
212
213 // Invalid use case.
214 response.mutable_rsa_public_keys(0)->set_use_case("invalid");
215
216 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
217 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
218 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
219 EXPECT_THAT(
220 public_keys.status().message(),
221 testing::HasSubstr("Invalid / undefined use case cannot be parsed."));
222 }
223
TEST_F(AnonymousTokensPublicKeysGetClientTest,UseCaseInPublicKeyGetResponseDifferentThanRequest)224 TEST_F(AnonymousTokensPublicKeysGetClientTest,
225 UseCaseInPublicKeyGetResponseDifferentThanRequest) {
226 ASSERT_TRUE(
227 client_
228 ->CreateAnonymousTokensPublicKeysGetRequest(
229 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
230 .ok());
231 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
232
233 // Receiving a different use case response is invalid.
234 response.mutable_rsa_public_keys(0)->set_use_case("TEST_USE_CASE_2");
235
236 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
237 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
238 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
239 EXPECT_THAT(
240 public_keys.status().message(),
241 testing::HasSubstr("Public key is not for the Use Case requested."));
242 }
243
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyVersionZeroInPublicKeyGetResponse)244 TEST_F(AnonymousTokensPublicKeysGetClientTest,
245 KeyVersionZeroInPublicKeyGetResponse) {
246 ASSERT_TRUE(
247 client_
248 ->CreateAnonymousTokensPublicKeysGetRequest(
249 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
250 .ok());
251 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
252
253 // Key version cannot be 0.
254 response.mutable_rsa_public_keys(0)->set_key_version(0);
255
256 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
257 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
258 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
259 EXPECT_THAT(public_keys.status().message(),
260 testing::HasSubstr("Key_version cannot be zero or negative."));
261 }
262
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyVersionDifferentThanRequestedInPublicKeyGetResponse)263 TEST_F(AnonymousTokensPublicKeysGetClientTest,
264 KeyVersionDifferentThanRequestedInPublicKeyGetResponse) {
265 ASSERT_TRUE(
266 client_
267 ->CreateAnonymousTokensPublicKeysGetRequest(
268 TEST_USE_CASE, 2, start_time_, start_time_ + absl::Minutes(100))
269 .ok());
270 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
271
272 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
273 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
274 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
275 EXPECT_THAT(
276 public_keys.status().message(),
277 testing::HasSubstr("Public key is not for the Key Version requested."));
278 }
279
TEST_F(AnonymousTokensPublicKeysGetClientTest,SaltLengthZeroInPublicKeyGetResponse)280 TEST_F(AnonymousTokensPublicKeysGetClientTest,
281 SaltLengthZeroInPublicKeyGetResponse) {
282 ASSERT_TRUE(
283 client_
284 ->CreateAnonymousTokensPublicKeysGetRequest(
285 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
286 .ok());
287 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
288
289 // Do not allow deterministic signatures due to empty salts.
290 response.mutable_rsa_public_keys(0)->set_salt_length(0);
291
292 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
293 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
294 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
295 EXPECT_THAT(public_keys.status().message(),
296 testing::HasSubstr("Salt length must not be zero or negative."));
297 }
298
TEST_F(AnonymousTokensPublicKeysGetClientTest,SaltLengthNegativeInPublicKeyGetResponse)299 TEST_F(AnonymousTokensPublicKeysGetClientTest,
300 SaltLengthNegativeInPublicKeyGetResponse) {
301 ASSERT_TRUE(
302 client_
303 ->CreateAnonymousTokensPublicKeysGetRequest(
304 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
305 .ok());
306 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
307
308 // Negative salt length is invalid.
309 response.mutable_rsa_public_keys(0)->set_salt_length(-10);
310
311 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
312 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
313 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
314 EXPECT_THAT(public_keys.status().message(),
315 testing::HasSubstr("Salt length must not be zero or negative."));
316 }
317
TEST_F(AnonymousTokensPublicKeysGetClientTest,InvalidKeySizeInPublicKeyGetResponse)318 TEST_F(AnonymousTokensPublicKeysGetClientTest,
319 InvalidKeySizeInPublicKeyGetResponse) {
320 ASSERT_TRUE(
321 client_
322 ->CreateAnonymousTokensPublicKeysGetRequest(
323 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
324 .ok());
325 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
326
327 // Too short keys are invalid.
328 response.mutable_rsa_public_keys(0)->set_key_size(128);
329
330 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
331 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
332 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
333 EXPECT_THAT(public_keys.status().message(),
334 testing::HasSubstr("Key_size cannot be less than 256 bytes."));
335 }
336
TEST_F(AnonymousTokensPublicKeysGetClientTest,NegativeKeySizeInPublicKeyGetResponse)337 TEST_F(AnonymousTokensPublicKeysGetClientTest,
338 NegativeKeySizeInPublicKeyGetResponse) {
339 ASSERT_TRUE(
340 client_
341 ->CreateAnonymousTokensPublicKeysGetRequest(
342 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
343 .ok());
344 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
345
346 // Negative key size is invalid.
347 response.mutable_rsa_public_keys(0)->set_key_size(-10);
348
349 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
350 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
351 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
352 EXPECT_THAT(public_keys.status().message(),
353 testing::HasSubstr("Key_size cannot be less than 256 bytes."));
354 }
355
TEST_F(AnonymousTokensPublicKeysGetClientTest,UndefinedOrUnsupportedMessageMaskType)356 TEST_F(AnonymousTokensPublicKeysGetClientTest,
357 UndefinedOrUnsupportedMessageMaskType) {
358 ASSERT_TRUE(
359 client_
360 ->CreateAnonymousTokensPublicKeysGetRequest(
361 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
362 .ok());
363 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
364
365 // Undefined message mask type is invalid.
366 response.mutable_rsa_public_keys(0)->set_message_mask_type(
367 AT_MESSAGE_MASK_TYPE_UNDEFINED);
368
369 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
370 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
371 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
372 EXPECT_THAT(
373 public_keys.status().message(),
374 testing::HasSubstr("Message mask type must be defined and supported."));
375
376 // Unsupported message mask type is invalid.
377 response.mutable_rsa_public_keys(0)->set_message_mask_type(
378 AT_MESSAGE_MASK_XOR);
379
380 public_keys =
381 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
382 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
383 EXPECT_THAT(
384 public_keys.status().message(),
385 testing::HasSubstr("Message mask type must be defined and supported."));
386 }
387
TEST_F(AnonymousTokensPublicKeysGetClientTest,MessageMaskConcatSizeLessThan32)388 TEST_F(AnonymousTokensPublicKeysGetClientTest,
389 MessageMaskConcatSizeLessThan32) {
390 ASSERT_TRUE(
391 client_
392 ->CreateAnonymousTokensPublicKeysGetRequest(
393 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
394 .ok());
395 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
396
397 // Message mask must be at least 32 bytes.
398 response.mutable_rsa_public_keys(0)->set_message_mask_size(10);
399
400 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
401 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
402 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
403 EXPECT_THAT(
404 public_keys.status().message(),
405 testing::HasSubstr(
406 "Message mask concat type must have a size of at least 32 bytes."));
407 }
408
TEST_F(AnonymousTokensPublicKeysGetClientTest,MessageMaskNoMaskSizeNotZero)409 TEST_F(AnonymousTokensPublicKeysGetClientTest, MessageMaskNoMaskSizeNotZero) {
410 ASSERT_TRUE(
411 client_
412 ->CreateAnonymousTokensPublicKeysGetRequest(
413 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
414 .ok());
415 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
416 response.mutable_rsa_public_keys(0)->set_message_mask_type(
417 AT_MESSAGE_MASK_NO_MASK);
418
419 // If mask type is no mask, sizes other than 0 are invalid.
420 response.mutable_rsa_public_keys(0)->set_message_mask_size(10);
421
422 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
423 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
424 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
425 EXPECT_THAT(public_keys.status().message(),
426 testing::HasSubstr(
427 "Message mask no mask type must be set to size 0 bytes."));
428 }
429
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeySizeIsDifferentThanRealSize)430 TEST_F(AnonymousTokensPublicKeysGetClientTest, KeySizeIsDifferentThanRealSize) {
431 ASSERT_TRUE(
432 client_
433 ->CreateAnonymousTokensPublicKeysGetRequest(
434 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
435 .ok());
436
437 // Make response with wrong key size.
438 RSAPublicKey public_key = GenerateFakeRsaKey(
439 std::string(kKeyByteSize - 1, 'a'), std::string(kKeyByteSize - 1, 'b'));
440 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response,
441 PublicKeysGetResponse({public_key}));
442
443 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
444 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
445 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
446 EXPECT_THAT(
447 public_keys.status().message(),
448 testing::HasSubstr("Actual and given Public Key sizes are different."));
449 }
450
TEST_F(AnonymousTokensPublicKeysGetClientTest,NoPublicKeyInPublicKeyGetResponse)451 TEST_F(AnonymousTokensPublicKeysGetClientTest,
452 NoPublicKeyInPublicKeyGetResponse) {
453 ASSERT_TRUE(
454 client_
455 ->CreateAnonymousTokensPublicKeysGetRequest(
456 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
457 .ok());
458
459 // Make response with no public key.
460 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
461 response.mutable_rsa_public_keys(0)->clear_serialized_public_key();
462
463 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
464 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
465 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
466 EXPECT_THAT(
467 public_keys.status().message(),
468 testing::HasSubstr(
469 "Public Key not set for a particular use case and key version."));
470 }
471
TEST_F(AnonymousTokensPublicKeysGetClientTest,NoValidityStartTimeInPublicKeyGetResponse)472 TEST_F(AnonymousTokensPublicKeysGetClientTest,
473 NoValidityStartTimeInPublicKeyGetResponse) {
474 ASSERT_TRUE(
475 client_
476 ->CreateAnonymousTokensPublicKeysGetRequest(
477 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
478 .ok());
479 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
480 response.mutable_rsa_public_keys(0)->clear_key_validity_start_time();
481 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
482 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
483 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
484 EXPECT_THAT(public_keys.status().message(),
485 testing::HasSubstr("Public Key has no set validity start time."));
486 }
487
TEST_F(AnonymousTokensPublicKeysGetClientTest,ValidityStartTimeAfterRequestedStartTime)488 TEST_F(AnonymousTokensPublicKeysGetClientTest,
489 ValidityStartTimeAfterRequestedStartTime) {
490 ASSERT_TRUE(client_
491 ->CreateAnonymousTokensPublicKeysGetRequest(
492 TEST_USE_CASE, 0, start_time_ - absl::Minutes(100),
493 start_time_ + absl::Minutes(100))
494 .ok());
495 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
496
497 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
498 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
499 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
500 EXPECT_THAT(
501 public_keys.status().message(),
502 testing::HasSubstr(
503 "Public Key is not valid at the requested validity start time."));
504 }
505
TEST_F(AnonymousTokensPublicKeysGetClientTest,IndefinitelyValidKeyReturnedButNotRequested)506 TEST_F(AnonymousTokensPublicKeysGetClientTest,
507 IndefinitelyValidKeyReturnedButNotRequested) {
508 ASSERT_TRUE(
509 client_
510 ->CreateAnonymousTokensPublicKeysGetRequest(
511 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
512 .ok());
513 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
514 response.mutable_rsa_public_keys(0)->clear_expiration_time();
515
516 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
517 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
518 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
519 EXPECT_THAT(public_keys.status().message(),
520 testing::HasSubstr("Public Key does not expire."));
521 }
522
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyWithExpirationTimeReturnedButIndefinitelyValidKeyWasRequested)523 TEST_F(AnonymousTokensPublicKeysGetClientTest,
524 KeyWithExpirationTimeReturnedButIndefinitelyValidKeyWasRequested) {
525 ASSERT_TRUE(client_
526 ->CreateAnonymousTokensPublicKeysGetRequest(
527 TEST_USE_CASE, 0, start_time_, absl::nullopt)
528 .ok());
529 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
530
531 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
532 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
533 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
534 EXPECT_THAT(public_keys.status().message(),
535 testing::HasSubstr("Public Key is not indefinitely valid"));
536 }
537
TEST_F(AnonymousTokensPublicKeysGetClientTest,WrongExpirationTime)538 TEST_F(AnonymousTokensPublicKeysGetClientTest, WrongExpirationTime) {
539 ASSERT_TRUE(
540 client_
541 ->CreateAnonymousTokensPublicKeysGetRequest(
542 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(90))
543 .ok());
544 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
545
546 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
547 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
548 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
549 EXPECT_THAT(public_keys.status().message(),
550 testing::HasSubstr(
551 "Public Key expires after the requested expiry time."));
552 }
553
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyExpiredBeforeValidityStart)554 TEST_F(AnonymousTokensPublicKeysGetClientTest, KeyExpiredBeforeValidityStart) {
555 ASSERT_TRUE(
556 client_
557 ->CreateAnonymousTokensPublicKeysGetRequest(
558 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
559 .ok());
560 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
561 *(response.mutable_rsa_public_keys(0)->mutable_expiration_time()) =
562 TimeToProto(start_time_ - absl::Minutes(10)).value();
563 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
564 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
565 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
566 EXPECT_THAT(public_keys.status().message(),
567 testing::HasSubstr(
568 "Public Key cannot be expired at or before its validity "
569 "start time."));
570 }
571
TEST_F(AnonymousTokensPublicKeysGetClientTest,AlreadyExpiredKey)572 TEST_F(AnonymousTokensPublicKeysGetClientTest, AlreadyExpiredKey) {
573 ASSERT_TRUE(
574 client_
575 ->CreateAnonymousTokensPublicKeysGetRequest(
576 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(110))
577 .ok());
578 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
579 *(response.mutable_rsa_public_keys(0)->mutable_expiration_time()) =
580 TimeToProto(start_time_ + (absl::Seconds(5))).value();
581 absl::SleepFor(absl::Seconds(10));
582 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
583 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
584 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
585 EXPECT_THAT(public_keys.status().message(),
586 testing::HasSubstr("Expired Public Key was returned"));
587 }
588
TEST_F(AnonymousTokensPublicKeysGetClientTest,DuplicateResponsesInPublicKeyGetResponse)589 TEST_F(AnonymousTokensPublicKeysGetClientTest,
590 DuplicateResponsesInPublicKeyGetResponse) {
591 ASSERT_TRUE(
592 client_
593 ->CreateAnonymousTokensPublicKeysGetRequest(
594 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(1000))
595 .ok());
596 int num_keys = 2;
597 std::vector<RSAPublicKey> public_keys(2);
598 for (int i = 0; i < num_keys; ++i) {
599 public_keys[i] = GenerateFakeRsaKey(std::string(kKeyByteSize, 'a' + i),
600 std::string(kKeyByteSize, 'b' + i));
601 }
602 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response,
603 PublicKeysGetResponse(public_keys));
604 response.mutable_rsa_public_keys(0)->set_key_version(1);
605 response.mutable_rsa_public_keys(1)->set_key_version(1);
606
607 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>>
608 processed_public_keys =
609 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
610 EXPECT_EQ(processed_public_keys.status().code(),
611 absl::StatusCode::kInvalidArgument);
612 EXPECT_THAT(
613 processed_public_keys.status().message(),
614 testing::HasSubstr("Use Case and Key Version combination must not be "
615 "repeated in the response."));
616 }
617
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessPublicKeyGetResponse)618 TEST_F(AnonymousTokensPublicKeysGetClientTest, ProcessPublicKeyGetResponse) {
619 ASSERT_TRUE(
620 client_
621 ->CreateAnonymousTokensPublicKeysGetRequest(
622 TEST_USE_CASE, 1, start_time_, start_time_ + absl::Minutes(100))
623 .ok());
624 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto single_key_resp, SimpleGetResponse());
625 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
626 auto processed_single_key_resp,
627 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(single_key_resp));
628
629 ASSERT_EQ(processed_single_key_resp.size(), 1u);
630
631 EXPECT_EQ(processed_single_key_resp[0].use_case(), "TEST_USE_CASE");
632 EXPECT_EQ(processed_single_key_resp[0].key_version(), 1u);
633 EXPECT_EQ(processed_single_key_resp[0].key_size(), kKeyByteSize);
634 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
635 absl::Time response_start_time,
636 TimeFromProto(processed_single_key_resp[0].key_validity_start_time()));
637 EXPECT_EQ(response_start_time, start_time_);
638 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
639 absl::Time response_end_time,
640 TimeFromProto(processed_single_key_resp[0].expiration_time()));
641 EXPECT_EQ(response_end_time, start_time_ + kEndTimeIncrement);
642 EXPECT_EQ(processed_single_key_resp[0].mask_gen_function(), AT_MGF_SHA384);
643 EXPECT_EQ(processed_single_key_resp[0].sig_hash_type(), AT_HASH_TYPE_SHA384);
644 EXPECT_EQ(processed_single_key_resp[0].salt_length(), kSaltByteLength);
645 EXPECT_EQ(processed_single_key_resp[0].message_mask_type(),
646 AT_MESSAGE_MASK_CONCAT);
647 EXPECT_EQ(processed_single_key_resp[0].message_mask_size(),
648 kMessageMaskByteLength);
649 EXPECT_EQ(processed_single_key_resp[0].public_metadata_support(), true);
650
651 RSAPublicKey public_key;
652 ASSERT_TRUE(public_key.ParseFromString(
653 processed_single_key_resp[0].serialized_public_key()));
654 EXPECT_EQ(public_key.n(), default_n_str_);
655 EXPECT_EQ(public_key.e(), default_e_str_);
656 }
657
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessPublicKeyGetResponseNoExpiry)658 TEST_F(AnonymousTokensPublicKeysGetClientTest,
659 ProcessPublicKeyGetResponseNoExpiry) {
660 ASSERT_TRUE(client_
661 ->CreateAnonymousTokensPublicKeysGetRequest(
662 TEST_USE_CASE, 1, start_time_, absl::nullopt)
663 .ok());
664 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto single_key_resp, SimpleGetResponse());
665 single_key_resp.mutable_rsa_public_keys(0)->clear_expiration_time();
666 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
667 auto processed_single_key_resp,
668 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(single_key_resp));
669
670 ASSERT_EQ(processed_single_key_resp.size(), 1u);
671
672 EXPECT_EQ(processed_single_key_resp[0].use_case(), "TEST_USE_CASE");
673 EXPECT_EQ(processed_single_key_resp[0].key_version(), 1u);
674 EXPECT_EQ(processed_single_key_resp[0].key_size(), kKeyByteSize);
675 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
676 absl::Time response_start_time,
677 TimeFromProto(processed_single_key_resp[0].key_validity_start_time()));
678 EXPECT_EQ(response_start_time, start_time_);
679 EXPECT_FALSE(processed_single_key_resp[0].has_expiration_time());
680 EXPECT_EQ(processed_single_key_resp[0].mask_gen_function(), AT_MGF_SHA384);
681 EXPECT_EQ(processed_single_key_resp[0].sig_hash_type(), AT_HASH_TYPE_SHA384);
682 EXPECT_EQ(processed_single_key_resp[0].salt_length(), kSaltByteLength);
683 EXPECT_EQ(processed_single_key_resp[0].message_mask_type(),
684 AT_MESSAGE_MASK_CONCAT);
685 EXPECT_EQ(processed_single_key_resp[0].message_mask_size(),
686 kMessageMaskByteLength);
687 EXPECT_EQ(processed_single_key_resp[0].public_metadata_support(), true);
688
689 RSAPublicKey public_key;
690 ASSERT_TRUE(public_key.ParseFromString(
691 processed_single_key_resp[0].serialized_public_key()));
692 EXPECT_EQ(public_key.n(), default_n_str_);
693 EXPECT_EQ(public_key.e(), default_e_str_);
694 }
695
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessResponseContainingMultiplePublicKeys)696 TEST_F(AnonymousTokensPublicKeysGetClientTest,
697 ProcessResponseContainingMultiplePublicKeys) {
698 size_t total_keys = 5;
699 ASSERT_TRUE(client_
700 ->CreateAnonymousTokensPublicKeysGetRequest(
701 TEST_USE_CASE, 0, start_time_,
702 start_time_ + (kEndTimeIncrement * (total_keys + 1)))
703 .ok());
704 std::vector<RSAPublicKey> public_keys(total_keys);
705 for (size_t i = 0; i < total_keys; ++i) {
706 public_keys[i] = GenerateFakeRsaKey(std::string(kKeyByteSize, 'a' + i),
707 std::string(kKeyByteSize, 'b' + i));
708 }
709 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response,
710 PublicKeysGetResponse(public_keys));
711 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
712 auto processed_multi_key_resp,
713 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response));
714
715 ASSERT_EQ(processed_multi_key_resp.size(), total_keys);
716
717 for (size_t i = 1; i < total_keys; ++i) {
718 EXPECT_EQ(processed_multi_key_resp[i].use_case(), "TEST_USE_CASE");
719 EXPECT_EQ(processed_multi_key_resp[i].key_version(), i + 1);
720 EXPECT_EQ(processed_multi_key_resp[i].key_size(), kKeyByteSize);
721 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
722 absl::Time response_start_time,
723 TimeFromProto(processed_multi_key_resp[i].key_validity_start_time()));
724 EXPECT_EQ(response_start_time, start_time_ - (kStartTimeIncrement * i));
725 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
726 absl::Time response_end_time,
727 TimeFromProto(processed_multi_key_resp[i].expiration_time()));
728 EXPECT_EQ(response_end_time, start_time_ + (kEndTimeIncrement * (i + 1)));
729 EXPECT_EQ(processed_multi_key_resp[i].mask_gen_function(), AT_MGF_SHA384);
730 EXPECT_EQ(processed_multi_key_resp[i].sig_hash_type(), AT_HASH_TYPE_SHA384);
731 EXPECT_EQ(processed_multi_key_resp[i].salt_length(), kSaltByteLength);
732 EXPECT_EQ(processed_multi_key_resp[i].message_mask_type(),
733 AT_MESSAGE_MASK_CONCAT);
734 EXPECT_EQ(processed_multi_key_resp[i].message_mask_size(),
735 kMessageMaskByteLength);
736 EXPECT_EQ(processed_multi_key_resp[i].public_metadata_support(), true);
737
738 RSAPublicKey public_key;
739 ASSERT_TRUE(public_key.ParseFromString(
740 processed_multi_key_resp[i].serialized_public_key()));
741 EXPECT_EQ(public_key.n(), public_keys[i].n());
742 EXPECT_EQ(public_key.e(), public_keys[i].e());
743 }
744 }
745
746 } // namespace
747 } // namespace anonymous_tokens
748