1 // Copyright 2019 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16
17 #include "tink/core/key_manager_impl.h"
18
19 #include <memory>
20 #include <sstream>
21 #include <string>
22
23 #include "gmock/gmock.h"
24 #include "gtest/gtest.h"
25 #include "absl/status/status.h"
26 #include "tink/aead.h"
27 #include "tink/subtle/aes_gcm_boringssl.h"
28 #include "tink/subtle/random.h"
29 #include "tink/util/input_stream_util.h"
30 #include "tink/util/istream_input_stream.h"
31 #include "tink/util/secret_data.h"
32 #include "tink/util/status.h"
33 #include "tink/util/statusor.h"
34 #include "tink/util/test_matchers.h"
35 #include "tink/util/test_util.h"
36 #include "tink/util/validation.h"
37 #include "proto/aes_gcm.pb.h"
38
39 namespace crypto {
40 namespace tink {
41 namespace internal {
42 namespace {
43
44 using ::crypto::tink::test::IsOk;
45 using ::crypto::tink::test::StatusIs;
46 using ::google::crypto::tink::AesGcmKey;
47 using ::google::crypto::tink::AesGcmKeyFormat;
48 using ::google::crypto::tink::KeyData;
49 using ::testing::_;
50 using ::testing::Eq;
51 using ::testing::HasSubstr;
52 using ::testing::Return;
53 using ::testing::SizeIs;
54
55 // A class for testing. We will construct objects from an aead key, so that we
56 // can check that a keymanager can handle multiple primitives. It is really
57 // insecure, as it does nothing except provide access to the key.
58 class AeadVariant {
59 public:
AeadVariant(std::string s)60 explicit AeadVariant(std::string s) : s_(s) {}
61
get()62 std::string get() { return s_; }
63
64 private:
65 std::string s_;
66 };
67
68 class ExampleKeyTypeManager : public KeyTypeManager<AesGcmKey, AesGcmKeyFormat,
69 List<Aead, AeadVariant>> {
70 public:
71 class AeadFactory : public PrimitiveFactory<Aead> {
72 public:
Create(const AesGcmKey & key) const73 crypto::tink::util::StatusOr<std::unique_ptr<Aead>> Create(
74 const AesGcmKey& key) const override {
75 // Ignore the key and returned one with a fixed size for this test.
76 return {subtle::AesGcmBoringSsl::New(
77 util::SecretDataFromStringView(key.key_value()))};
78 }
79 };
80
81 class AeadVariantFactory : public PrimitiveFactory<AeadVariant> {
82 public:
Create(const AesGcmKey & key) const83 crypto::tink::util::StatusOr<std::unique_ptr<AeadVariant>> Create(
84 const AesGcmKey& key) const override {
85 return absl::make_unique<AeadVariant>(key.key_value());
86 }
87 };
88
ExampleKeyTypeManager()89 ExampleKeyTypeManager()
90 : KeyTypeManager(absl::make_unique<AeadFactory>(),
91 absl::make_unique<AeadVariantFactory>()) {}
92
key_material_type() const93 google::crypto::tink::KeyData::KeyMaterialType key_material_type()
94 const override {
95 return google::crypto::tink::KeyData::SYMMETRIC;
96 }
97
98 MOCK_METHOD(uint32_t, get_version, (), (const, override));
99
100 // We mock out ValidateKey, ValidateKeyFormat, and DeriveKey so that we can
101 // easily test proper behavior in case they return an error.
102 MOCK_METHOD(crypto::tink::util::Status, ValidateKey, (const AesGcmKey& key),
103 (const, override));
104 MOCK_METHOD(crypto::tink::util::Status, ValidateKeyFormat,
105 (const AesGcmKeyFormat& key), (const, override));
106 MOCK_METHOD(crypto::tink::util::StatusOr<AesGcmKey>, DeriveKey,
107 (const KeyFormatProto& key_format, InputStream* input_stream),
108 (const, override));
109
get_key_type() const110 const std::string& get_key_type() const override { return kKeyType; }
111
CreateKey(const AesGcmKeyFormat & key_format) const112 crypto::tink::util::StatusOr<AesGcmKey> CreateKey(
113 const AesGcmKeyFormat& key_format) const override {
114 AesGcmKey result;
115 result.set_key_value(subtle::Random::GetRandomBytes(key_format.key_size()));
116 return result;
117 }
118
119 private:
120 const std::string kKeyType =
121 "type.googleapis.com/google.crypto.tink.AesGcmKey";
122 };
123
TEST(KeyManagerImplTest,FactoryNewKeyFromMessage)124 TEST(KeyManagerImplTest, FactoryNewKeyFromMessage) {
125 ExampleKeyTypeManager internal_km;
126 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
127 MakeKeyManager<AeadVariant>(&internal_km);
128
129 AesGcmKeyFormat key_format;
130 key_format.set_key_size(16);
131 auto key = key_manager->get_key_factory().NewKey(key_format).value();
132
133 EXPECT_THAT(dynamic_cast<AesGcmKey&>(*key).key_value(), SizeIs(16));
134 }
135
TEST(KeyManagerImplTest,FactoryNewKeyFromStringView)136 TEST(KeyManagerImplTest, FactoryNewKeyFromStringView) {
137 ExampleKeyTypeManager internal_km;
138 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
139 MakeKeyManager<AeadVariant>(&internal_km);
140
141 AesGcmKeyFormat key_format;
142 key_format.set_key_size(16);
143 auto key = key_manager->get_key_factory()
144 .NewKey(key_format.SerializeAsString())
145 .value();
146
147 EXPECT_THAT(dynamic_cast<AesGcmKey&>(*key).key_value(), SizeIs(16));
148 }
149
TEST(KeyManagerImplTest,FactoryNewKeyFromKeyData)150 TEST(KeyManagerImplTest, FactoryNewKeyFromKeyData) {
151 ExampleKeyTypeManager internal_km;
152 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
153 MakeKeyManager<AeadVariant>(&internal_km);
154
155 AesGcmKeyFormat key_format;
156 key_format.set_key_size(16);
157 auto key_data = *key_manager->get_key_factory()
158 .NewKeyData(key_format.SerializeAsString())
159 .value();
160
161 AesGcmKey key;
162 key.ParseFromString(key_data.value());
163 EXPECT_THAT(key.key_value(), SizeIs(16));
164 }
165
TEST(KeyManagerImplTest,FactoryNewKeyFromMessageCallsValidate)166 TEST(KeyManagerImplTest, FactoryNewKeyFromMessageCallsValidate) {
167 ExampleKeyTypeManager internal_km;
168 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
169 MakeKeyManager<AeadVariant>(&internal_km);
170
171 AesGcmKeyFormat key_format;
172 key_format.set_key_size(16);
173 EXPECT_CALL(internal_km, ValidateKeyFormat(_))
174 .WillOnce(Return(util::Status(absl::StatusCode::kOutOfRange,
175 "FactoryNewKeyFromMessageCallsValidate")));
176 EXPECT_THAT(key_manager->get_key_factory().NewKey(key_format).status(),
177 StatusIs(absl::StatusCode::kOutOfRange,
178 HasSubstr("FactoryNewKeyFromMessageCallsValidate")));
179 }
180
TEST(KeyManagerImplTest,FactoryNewKeyFromStringViewCallsValidate)181 TEST(KeyManagerImplTest, FactoryNewKeyFromStringViewCallsValidate) {
182 ExampleKeyTypeManager internal_km;
183 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
184 MakeKeyManager<AeadVariant>(&internal_km);
185
186 AesGcmKeyFormat key_format;
187 key_format.set_key_size(16);
188 EXPECT_CALL(internal_km, ValidateKeyFormat(_))
189 .WillOnce(
190 Return(util::Status(absl::StatusCode::kOutOfRange,
191 "FactoryNewKeyFromStringViewCallsValidate")));
192 EXPECT_THAT(key_manager->get_key_factory()
193 .NewKey(key_format.SerializeAsString())
194 .status(),
195 StatusIs(absl::StatusCode::kOutOfRange,
196 HasSubstr("FactoryNewKeyFromStringViewCallsValidate")));
197 }
198
TEST(KeyManagerImplTest,FactoryNewKeyFromKeyDataCallsValidate)199 TEST(KeyManagerImplTest, FactoryNewKeyFromKeyDataCallsValidate) {
200 ExampleKeyTypeManager internal_km;
201 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
202 MakeKeyManager<AeadVariant>(&internal_km);
203
204 AesGcmKeyFormat key_format;
205 key_format.set_key_size(16);
206 EXPECT_CALL(internal_km, ValidateKeyFormat(_))
207 .WillOnce(Return(util::Status(absl::StatusCode::kOutOfRange,
208 "FactoryNewKeyFromKeyDataCallsValidate")));
209 EXPECT_THAT(key_manager->get_key_factory()
210 .NewKeyData(key_format.SerializeAsString())
211 .status(),
212 StatusIs(absl::StatusCode::kOutOfRange,
213 HasSubstr("FactoryNewKeyFromKeyDataCallsValidate")));
214 }
215
TEST(CreateDeriverFunctionForTest,KeyMaterialAndKeyType)216 TEST(CreateDeriverFunctionForTest, KeyMaterialAndKeyType) {
217 ExampleKeyTypeManager internal_km;
218 EXPECT_CALL(internal_km, DeriveKey(_, _)).
219 WillOnce(Return(AesGcmKey()));
220 auto deriver = CreateDeriverFunctionFor(&internal_km);
221
222 AesGcmKeyFormat key_format;
223 key_format.set_key_size(16);
224 auto key_or = deriver(key_format.SerializeAsString(), nullptr);
225 ASSERT_THAT(key_or, IsOk());
226 EXPECT_THAT(key_or.value().key_material_type(),
227 Eq(ExampleKeyTypeManager().key_material_type()));
228 EXPECT_THAT(key_or.value().type_url(),
229 Eq(ExampleKeyTypeManager().get_key_type()));
230 }
231
TEST(CreateDeriverFunctionForTest,UseParametersAndReturnValue)232 TEST(CreateDeriverFunctionForTest, UseParametersAndReturnValue) {
233 crypto::tink::util::IstreamInputStream input_stream{
234 absl::make_unique<std::stringstream>("0123456789abcdefghijklmnop")};
235 ExampleKeyTypeManager internal_km;
236 AesGcmKeyFormat key_format;
237 key_format.set_key_size(9);
238
239 EXPECT_CALL(internal_km, DeriveKey(_, _))
240 .WillOnce([](const AesGcmKeyFormat& format, InputStream* randomness)
241 -> crypto::tink::util::StatusOr<AesGcmKey> {
242 auto bytes_or = ReadBytesFromStream(format.key_size(), randomness);
243 if (!bytes_or.ok()) {
244 return bytes_or.status();
245 }
246 AesGcmKey key;
247 key.set_key_value(bytes_or.value());
248 return key;
249 });
250
251 auto deriver = CreateDeriverFunctionFor(&internal_km);
252 auto key_or = deriver(key_format.SerializeAsString(), &input_stream);
253 AesGcmKey result;
254 result.ParseFromString(key_or.value().value());
255 // Length 9 prefix of the above string.
256 EXPECT_THAT(result.key_value(), Eq("012345678"));
257 }
258
TEST(CreateDeriverFunctionForTest,ValidateKeyFormatIsCalled)259 TEST(CreateDeriverFunctionForTest, ValidateKeyFormatIsCalled) {
260 ExampleKeyTypeManager internal_km;
261 EXPECT_CALL(internal_km, ValidateKeyFormat(_))
262 .WillOnce(Return(util::Status(
263 absl::StatusCode::kOutOfRange,
264 "CreateDeriverFunctionForTest ValidateKeyFormatIsCalled")));
265 auto deriver = CreateDeriverFunctionFor(&internal_km);
266
267 EXPECT_THAT(
268 deriver(AesGcmKeyFormat().SerializeAsString(), nullptr).status(),
269 StatusIs(
270 absl::StatusCode::kOutOfRange,
271 HasSubstr("CreateDeriverFunctionForTest ValidateKeyFormatIsCalled")));
272 }
273
TEST(CreateDeriverFunctionForTest,ValidateKeyIsCalled)274 TEST(CreateDeriverFunctionForTest, ValidateKeyIsCalled) {
275 ExampleKeyTypeManager internal_km;
276 EXPECT_CALL(internal_km, DeriveKey(_, _)).
277 WillOnce(Return(AesGcmKey()));
278 EXPECT_CALL(internal_km, ValidateKey(_))
279 .WillOnce(Return(
280 util::Status(absl::StatusCode::kOutOfRange,
281 "CreateDeriverFunctionForTest ValidateKeyIsCalled")));
282
283 auto deriver = CreateDeriverFunctionFor(&internal_km);
284
285 EXPECT_THAT(
286 deriver(AesGcmKeyFormat().SerializeAsString(), nullptr).status(),
287 StatusIs(
288 absl::StatusCode::kOutOfRange,
289 HasSubstr("CreateDeriverFunctionForTest ValidateKeyIsCalled")));
290 }
291
TEST(KeyManagerImplTest,GetPrimitiveAead)292 TEST(KeyManagerImplTest, GetPrimitiveAead) {
293 ExampleKeyTypeManager internal_km;
294 std::unique_ptr<KeyManager<Aead>> key_manager =
295 MakeKeyManager<Aead>(&internal_km);
296
297 AesGcmKeyFormat key_format;
298 key_format.set_key_size(16);
299
300 auto key_data = *key_manager->get_key_factory()
301 .NewKeyData(key_format.SerializeAsString())
302 .value();
303
304 auto aead = key_manager->GetPrimitive(key_data).value();
305 std::string encryption = aead->Encrypt("Hi", "aad").value();
306 std::string decryption = aead->Decrypt(encryption, "aad").value();
307 EXPECT_THAT(decryption, Eq("Hi"));
308 }
309
TEST(KeyManagerImplTest,GetPrimitiveAeadVariant)310 TEST(KeyManagerImplTest, GetPrimitiveAeadVariant) {
311 ExampleKeyTypeManager internal_km;
312 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
313 MakeKeyManager<AeadVariant>(&internal_km);
314
315 AesGcmKeyFormat key_format;
316 key_format.set_key_size(16);
317 auto key_data = *key_manager->get_key_factory()
318 .NewKeyData(key_format.SerializeAsString())
319 .value();
320
321 AesGcmKey key;
322 key.ParseFromString(key_data.value());
323 auto aead_variant = key_manager->GetPrimitive(key_data).value();
324 EXPECT_THAT(aead_variant->get(), Eq(key.key_value()));
325 }
326
TEST(KeyManagerImplTest,GetPrimitiveFromKey)327 TEST(KeyManagerImplTest, GetPrimitiveFromKey) {
328 ExampleKeyTypeManager internal_km;
329 std::unique_ptr<KeyManager<Aead>> key_manager =
330 MakeKeyManager<Aead>(&internal_km);
331
332 AesGcmKeyFormat key_format;
333 key_format.set_key_size(16);
334 auto key = key_manager->get_key_factory()
335 .NewKey(key_format.SerializeAsString())
336 .value();
337
338 auto aead = key_manager->GetPrimitive(*key).value();
339 std::string encryption = aead->Encrypt("Hi", "aad").value();
340 std::string decryption = aead->Decrypt(encryption, "aad").value();
341 EXPECT_THAT(decryption, Eq("Hi"));
342 }
343
TEST(KeyManagerImplTest,GetKeyType)344 TEST(KeyManagerImplTest, GetKeyType) {
345 ExampleKeyTypeManager internal_km;
346 std::unique_ptr<KeyManager<Aead>> key_manager =
347 MakeKeyManager<Aead>(&internal_km);
348 EXPECT_THAT(key_manager->get_key_type(), Eq(internal_km.get_key_type()));
349 }
350
TEST(KeyManagerImplTest,GetVersion)351 TEST(KeyManagerImplTest, GetVersion) {
352 ExampleKeyTypeManager internal_km;
353 std::unique_ptr<KeyManager<Aead>> key_manager =
354 MakeKeyManager<Aead>(&internal_km);
355 EXPECT_CALL(internal_km, get_version()).WillOnce(Return(121351));
356 EXPECT_THAT(121351, Eq(internal_km.get_version()));
357 }
358
TEST(KeyManagerImplTest,DoesSupport)359 TEST(KeyManagerImplTest, DoesSupport) {
360 ExampleKeyTypeManager internal_km;
361 std::unique_ptr<KeyManager<Aead>> key_manager =
362 MakeKeyManager<Aead>(&internal_km);
363 EXPECT_TRUE(key_manager->DoesSupport(internal_km.get_key_type()));
364 // Check with first and last letter removed.
365 EXPECT_FALSE(key_manager->DoesSupport(
366 "type.googleapis.com/google.crypto.tink.AesGcmKe"));
367 EXPECT_FALSE(key_manager->DoesSupport(
368 "ype.googleapis.com/google.crypto.tink.AesGcmKey"));
369 }
370
TEST(KeyManagerImplTest,GetPrimitiveCallsValidate)371 TEST(KeyManagerImplTest, GetPrimitiveCallsValidate) {
372 ExampleKeyTypeManager internal_km;
373 std::unique_ptr<KeyManager<Aead>> key_manager =
374 MakeKeyManager<Aead>(&internal_km);
375
376 AesGcmKeyFormat key_format;
377 key_format.set_key_size(16);
378 auto key_data = *key_manager->get_key_factory()
379 .NewKeyData(key_format.SerializeAsString())
380 .value();
381
382 AesGcmKey key;
383 key.ParseFromString(key_data.value());
384
385 EXPECT_CALL(internal_km, ValidateKey(_))
386 .WillOnce(Return(util::Status(absl::StatusCode::kOutOfRange,
387 "GetPrimitiveCallsValidate")));
388 EXPECT_THAT(key_manager->GetPrimitive(key_data).status(),
389 StatusIs(absl::StatusCode::kOutOfRange,
390 HasSubstr("GetPrimitiveCallsValidate")));
391 }
392
TEST(KeyManagerImplTest,GetPrimitiveFromKeyCallsValidate)393 TEST(KeyManagerImplTest, GetPrimitiveFromKeyCallsValidate) {
394 ExampleKeyTypeManager internal_km;
395 std::unique_ptr<KeyManager<Aead>> key_manager =
396 MakeKeyManager<Aead>(&internal_km);
397
398 AesGcmKeyFormat key_format;
399 key_format.set_key_size(16);
400 auto key_data = *key_manager->get_key_factory()
401 .NewKeyData(key_format.SerializeAsString())
402 .value();
403
404 AesGcmKey key;
405 key.ParseFromString(key_data.value());
406
407 EXPECT_CALL(internal_km, ValidateKey(_))
408 .WillOnce(Return(util::Status(absl::StatusCode::kOutOfRange,
409 "GetPrimitiveFromKeyCallsValidate")));
410 EXPECT_THAT(key_manager->GetPrimitive(key).status(),
411 StatusIs(absl::StatusCode::kOutOfRange,
412 HasSubstr("GetPrimitiveFromKeyCallsValidate")));
413 }
414
415 // If we create a KeyManager for a not supported class, creating the key manager
416 // succeeds, but "GetPrimitive" will fail. Since MakeKeyManager is only supposed
417 // to be used internally, we are not doing extra work to make this a compile
418 // time error.
419 class NotSupported {};
TEST(KeyManagerImplTest,GetPrimitiveFails)420 TEST(KeyManagerImplTest, GetPrimitiveFails) {
421 ExampleKeyTypeManager internal_km;
422 std::unique_ptr<KeyManager<NotSupported>> key_manager =
423 MakeKeyManager<NotSupported>(&internal_km);
424 AesGcmKeyFormat key_format;
425 key_format.set_key_size(16);
426 auto key_data = *key_manager->get_key_factory()
427 .NewKeyData(key_format.SerializeAsString())
428 .value();
429
430 EXPECT_THAT(key_manager->GetPrimitive(key_data).status(),
431 StatusIs(absl::StatusCode::kInvalidArgument,
432 HasSubstr("No PrimitiveFactory was registered")));
433 }
434
435 // Next, we test some of the methods with a KeyTypeManager which has no
436 // factory.
437 class ExampleKeyTypeManagerWithoutFactory
438 : public KeyTypeManager<AesGcmKey, void, List<Aead, AeadVariant>> {
439 public:
440 class AeadFactory : public PrimitiveFactory<Aead> {
441 public:
Create(const AesGcmKey & key) const442 crypto::tink::util::StatusOr<std::unique_ptr<Aead>> Create(
443 const AesGcmKey& key) const override {
444 // Ignore the key and returned one with a fixed size for this test.
445 return {subtle::AesGcmBoringSsl::New(
446 util::SecretDataFromStringView(key.key_value()))};
447 }
448 };
449
450 class AeadVariantFactory : public PrimitiveFactory<AeadVariant> {
451 public:
Create(const AesGcmKey & key) const452 crypto::tink::util::StatusOr<std::unique_ptr<AeadVariant>> Create(
453 const AesGcmKey& key) const override {
454 return absl::make_unique<AeadVariant>(key.key_value());
455 }
456 };
457
ExampleKeyTypeManagerWithoutFactory()458 ExampleKeyTypeManagerWithoutFactory()
459 : KeyTypeManager(absl::make_unique<AeadFactory>(),
460 absl::make_unique<AeadVariantFactory>()) {}
461
key_material_type() const462 google::crypto::tink::KeyData::KeyMaterialType key_material_type()
463 const override {
464 return google::crypto::tink::KeyData::SYMMETRIC;
465 }
466
get_version() const467 uint32_t get_version() const override { return kVersion; }
468
get_key_type() const469 const std::string& get_key_type() const override { return key_type_; }
470
ValidateKey(const AesGcmKey & key) const471 util::Status ValidateKey(const AesGcmKey& key) const override {
472 util::Status status = ValidateVersion(key.version(), kVersion);
473 if (!status.ok()) return status;
474 return ValidateAesKeySize(key.key_value().size());
475 }
476
477 private:
478 static constexpr int kVersion = 0;
479 const std::string key_type_ =
480 "type.googleapis.com/google.crypto.tink.AesGcmKey";
481 };
482
TEST(KeyManagerImplTest,GetPrimitiveWithoutFactoryAead)483 TEST(KeyManagerImplTest, GetPrimitiveWithoutFactoryAead) {
484 ExampleKeyTypeManagerWithoutFactory internal_km;
485 std::unique_ptr<KeyManager<Aead>> key_manager =
486 MakeKeyManager<Aead>(&internal_km);
487
488 AesGcmKeyFormat key_format;
489 key_format.set_key_size(16);
490
491 KeyData key_data =
492 test::AsKeyData(ExampleKeyTypeManager().CreateKey(key_format).value(),
493 KeyData::SYMMETRIC);
494
495 auto aead = key_manager->GetPrimitive(key_data).value();
496 std::string encryption = aead->Encrypt("Hi", "aad").value();
497 std::string decryption = aead->Decrypt(encryption, "aad").value();
498 EXPECT_THAT(decryption, Eq("Hi"));
499 }
500
TEST(KeyManagerImplTest,NonexistentFactoryNewKeyFromMessage)501 TEST(KeyManagerImplTest, NonexistentFactoryNewKeyFromMessage) {
502 ExampleKeyTypeManagerWithoutFactory internal_km;
503 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
504 MakeKeyManager<AeadVariant>(&internal_km);
505
506 AesGcmKeyFormat key_format;
507 key_format.set_key_size(16);
508 EXPECT_THAT(key_manager->get_key_factory().NewKey(key_format).status(),
509 StatusIs(absl::StatusCode::kUnimplemented));
510 }
511
TEST(KeyManagerImplTest,NonexistentFactoryNewKeyFromStringView)512 TEST(KeyManagerImplTest, NonexistentFactoryNewKeyFromStringView) {
513 ExampleKeyTypeManagerWithoutFactory internal_km;
514 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
515 MakeKeyManager<AeadVariant>(&internal_km);
516
517 AesGcmKeyFormat key_format;
518 key_format.set_key_size(16);
519
520 EXPECT_THAT(key_manager->get_key_factory()
521 .NewKey(key_format.SerializeAsString())
522 .status(),
523 StatusIs(absl::StatusCode::kUnimplemented));
524 }
525
TEST(KeyManagerImplTest,NonexistentFactoryNewKeyFromKeyData)526 TEST(KeyManagerImplTest, NonexistentFactoryNewKeyFromKeyData) {
527 ExampleKeyTypeManagerWithoutFactory internal_km;
528 std::unique_ptr<KeyManager<AeadVariant>> key_manager =
529 MakeKeyManager<AeadVariant>(&internal_km);
530
531 AesGcmKeyFormat key_format;
532 key_format.set_key_size(16);
533 EXPECT_THAT(key_manager->get_key_factory()
534 .NewKeyData(key_format.SerializeAsString())
535 .status(),
536 StatusIs(absl::StatusCode::kUnimplemented));
537 }
538
TEST(CreateDeriverFunctionForTest,DeriverWithoutFactory)539 TEST(CreateDeriverFunctionForTest, DeriverWithoutFactory) {
540 ExampleKeyTypeManagerWithoutFactory internal_km;
541 auto deriver = CreateDeriverFunctionFor(&internal_km);
542 EXPECT_THAT(deriver("", nullptr).status(),
543 StatusIs(absl::StatusCode::kUnimplemented));
544 }
545
546
547 } // namespace
548
549 } // namespace internal
550 } // namespace tink
551 } // namespace crypto
552