1*e7b1675dSTing-Kang Chang // Copyright 2017 Google Inc.
2*e7b1675dSTing-Kang Chang //
3*e7b1675dSTing-Kang Chang // Licensed under the Apache License, Version 2.0 (the "License");
4*e7b1675dSTing-Kang Chang // you may not use this file except in compliance with the License.
5*e7b1675dSTing-Kang Chang // You may obtain a copy of the License at
6*e7b1675dSTing-Kang Chang //
7*e7b1675dSTing-Kang Chang // http://www.apache.org/licenses/LICENSE-2.0
8*e7b1675dSTing-Kang Chang //
9*e7b1675dSTing-Kang Chang // Unless required by applicable law or agreed to in writing, software
10*e7b1675dSTing-Kang Chang // distributed under the License is distributed on an "AS IS" BASIS,
11*e7b1675dSTing-Kang Chang // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12*e7b1675dSTing-Kang Chang // See the License for the specific language governing permissions and
13*e7b1675dSTing-Kang Chang // limitations under the License.
14*e7b1675dSTing-Kang Chang //
15*e7b1675dSTing-Kang Chang ////////////////////////////////////////////////////////////////////////////////
16*e7b1675dSTing-Kang Chang
17*e7b1675dSTing-Kang Chang #include "tink/aead/aead_config.h"
18*e7b1675dSTing-Kang Chang
19*e7b1675dSTing-Kang Chang #include <list>
20*e7b1675dSTing-Kang Chang #include <memory>
21*e7b1675dSTing-Kang Chang #include <string>
22*e7b1675dSTing-Kang Chang #include <utility>
23*e7b1675dSTing-Kang Chang
24*e7b1675dSTing-Kang Chang #include "gmock/gmock.h"
25*e7b1675dSTing-Kang Chang #include "gtest/gtest.h"
26*e7b1675dSTing-Kang Chang #include "absl/memory/memory.h"
27*e7b1675dSTing-Kang Chang #include "absl/status/status.h"
28*e7b1675dSTing-Kang Chang #include "tink/aead.h"
29*e7b1675dSTing-Kang Chang #include "tink/aead/aead_key_templates.h"
30*e7b1675dSTing-Kang Chang #include "tink/aead/aes_gcm_key.h"
31*e7b1675dSTing-Kang Chang #include "tink/aead/aes_gcm_key_manager.h"
32*e7b1675dSTing-Kang Chang #include "tink/aead/aes_gcm_parameters.h"
33*e7b1675dSTing-Kang Chang #include "tink/config/tink_fips.h"
34*e7b1675dSTing-Kang Chang #include "tink/insecure_secret_key_access.h"
35*e7b1675dSTing-Kang Chang #include "tink/internal/fips_utils.h"
36*e7b1675dSTing-Kang Chang #include "tink/internal/mutable_serialization_registry.h"
37*e7b1675dSTing-Kang Chang #include "tink/internal/proto_key_serialization.h"
38*e7b1675dSTing-Kang Chang #include "tink/internal/proto_parameters_serialization.h"
39*e7b1675dSTing-Kang Chang #include "tink/keyset_handle.h"
40*e7b1675dSTing-Kang Chang #include "tink/partial_key_access.h"
41*e7b1675dSTing-Kang Chang #include "tink/primitive_set.h"
42*e7b1675dSTing-Kang Chang #include "tink/registry.h"
43*e7b1675dSTing-Kang Chang #include "tink/util/status.h"
44*e7b1675dSTing-Kang Chang #include "tink/util/statusor.h"
45*e7b1675dSTing-Kang Chang #include "tink/util/test_matchers.h"
46*e7b1675dSTing-Kang Chang #include "proto/tink.pb.h"
47*e7b1675dSTing-Kang Chang
48*e7b1675dSTing-Kang Chang namespace crypto {
49*e7b1675dSTing-Kang Chang namespace tink {
50*e7b1675dSTing-Kang Chang namespace {
51*e7b1675dSTing-Kang Chang
52*e7b1675dSTing-Kang Chang using ::crypto::tink::test::IsOk;
53*e7b1675dSTing-Kang Chang using ::crypto::tink::test::StatusIs;
54*e7b1675dSTing-Kang Chang using ::crypto::tink::util::StatusOr;
55*e7b1675dSTing-Kang Chang using ::google::crypto::tink::KeyData;
56*e7b1675dSTing-Kang Chang using ::google::crypto::tink::KeyTemplate;
57*e7b1675dSTing-Kang Chang using ::google::crypto::tink::OutputPrefixType;
58*e7b1675dSTing-Kang Chang using ::testing::IsNull;
59*e7b1675dSTing-Kang Chang using ::testing::Not;
60*e7b1675dSTing-Kang Chang using ::testing::Test;
61*e7b1675dSTing-Kang Chang
62*e7b1675dSTing-Kang Chang class AeadConfigTest : public Test {
63*e7b1675dSTing-Kang Chang protected:
SetUp()64*e7b1675dSTing-Kang Chang void SetUp() override {
65*e7b1675dSTing-Kang Chang Registry::Reset();
66*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance().Reset();
67*e7b1675dSTing-Kang Chang }
68*e7b1675dSTing-Kang Chang };
69*e7b1675dSTing-Kang Chang
TEST_F(AeadConfigTest,RegisterWorks)70*e7b1675dSTing-Kang Chang TEST_F(AeadConfigTest, RegisterWorks) {
71*e7b1675dSTing-Kang Chang if (IsFipsModeEnabled()) {
72*e7b1675dSTing-Kang Chang GTEST_SKIP() << "Not supported in FIPS-only mode";
73*e7b1675dSTing-Kang Chang }
74*e7b1675dSTing-Kang Chang EXPECT_THAT(Registry::get_key_manager<Aead>(AesGcmKeyManager().get_key_type())
75*e7b1675dSTing-Kang Chang .status(),
76*e7b1675dSTing-Kang Chang StatusIs(absl::StatusCode::kNotFound));
77*e7b1675dSTing-Kang Chang EXPECT_THAT(AeadConfig::Register(), IsOk());
78*e7b1675dSTing-Kang Chang EXPECT_THAT(Registry::get_key_manager<Aead>(AesGcmKeyManager().get_key_type())
79*e7b1675dSTing-Kang Chang .status(),
80*e7b1675dSTing-Kang Chang IsOk());
81*e7b1675dSTing-Kang Chang }
82*e7b1675dSTing-Kang Chang
83*e7b1675dSTing-Kang Chang // Tests that the AeadWrapper has been properly registered and we can wrap
84*e7b1675dSTing-Kang Chang // primitives.
TEST_F(AeadConfigTest,WrappersRegistered)85*e7b1675dSTing-Kang Chang TEST_F(AeadConfigTest, WrappersRegistered) {
86*e7b1675dSTing-Kang Chang if (IsFipsModeEnabled()) {
87*e7b1675dSTing-Kang Chang GTEST_SKIP() << "Not supported in FIPS-only mode";
88*e7b1675dSTing-Kang Chang }
89*e7b1675dSTing-Kang Chang
90*e7b1675dSTing-Kang Chang ASSERT_THAT(AeadConfig::Register(), IsOk());
91*e7b1675dSTing-Kang Chang
92*e7b1675dSTing-Kang Chang StatusOr<std::unique_ptr<KeysetHandle>> keyset_handle =
93*e7b1675dSTing-Kang Chang KeysetHandle::GenerateNew(AeadKeyTemplates::Aes128Gcm());
94*e7b1675dSTing-Kang Chang ASSERT_THAT(keyset_handle.status(), IsOk());
95*e7b1675dSTing-Kang Chang StatusOr<std::unique_ptr<Aead>> aead = (*keyset_handle)->GetPrimitive<Aead>();
96*e7b1675dSTing-Kang Chang ASSERT_THAT(aead.status(), IsOk());
97*e7b1675dSTing-Kang Chang ASSERT_THAT(*aead, Not(IsNull()));
98*e7b1675dSTing-Kang Chang }
99*e7b1675dSTing-Kang Chang
100*e7b1675dSTing-Kang Chang // FIPS-only mode tests
TEST_F(AeadConfigTest,RegisterNonFipsTemplates)101*e7b1675dSTing-Kang Chang TEST_F(AeadConfigTest, RegisterNonFipsTemplates) {
102*e7b1675dSTing-Kang Chang if (!IsFipsModeEnabled() || !internal::IsFipsEnabledInSsl()) {
103*e7b1675dSTing-Kang Chang GTEST_SKIP() << "Only supported in FIPS-only mode with BoringCrypto.";
104*e7b1675dSTing-Kang Chang }
105*e7b1675dSTing-Kang Chang
106*e7b1675dSTing-Kang Chang ASSERT_THAT(AeadConfig::Register(), IsOk());
107*e7b1675dSTing-Kang Chang
108*e7b1675dSTing-Kang Chang std::list<KeyTemplate> non_fips_key_templates = {
109*e7b1675dSTing-Kang Chang AeadKeyTemplates::Aes128Eax(), AeadKeyTemplates::Aes256Eax(),
110*e7b1675dSTing-Kang Chang AeadKeyTemplates::Aes128GcmSiv(), AeadKeyTemplates::Aes256GcmSiv(),
111*e7b1675dSTing-Kang Chang AeadKeyTemplates::XChaCha20Poly1305(),
112*e7b1675dSTing-Kang Chang };
113*e7b1675dSTing-Kang Chang
114*e7b1675dSTing-Kang Chang for (auto key_template : non_fips_key_templates) {
115*e7b1675dSTing-Kang Chang auto new_keyset_handle_result = KeysetHandle::GenerateNew(key_template);
116*e7b1675dSTing-Kang Chang EXPECT_THAT(new_keyset_handle_result.status(),
117*e7b1675dSTing-Kang Chang StatusIs(absl::StatusCode::kNotFound));
118*e7b1675dSTing-Kang Chang }
119*e7b1675dSTing-Kang Chang }
120*e7b1675dSTing-Kang Chang
TEST_F(AeadConfigTest,RegisterFipsValidTemplates)121*e7b1675dSTing-Kang Chang TEST_F(AeadConfigTest, RegisterFipsValidTemplates) {
122*e7b1675dSTing-Kang Chang if (!IsFipsModeEnabled() || !internal::IsFipsEnabledInSsl()) {
123*e7b1675dSTing-Kang Chang GTEST_SKIP() << "Only supported in FIPS-only mode with BoringCrypto.";
124*e7b1675dSTing-Kang Chang }
125*e7b1675dSTing-Kang Chang
126*e7b1675dSTing-Kang Chang EXPECT_THAT(AeadConfig::Register(), IsOk());
127*e7b1675dSTing-Kang Chang
128*e7b1675dSTing-Kang Chang std::list<KeyTemplate> fips_key_templates = {
129*e7b1675dSTing-Kang Chang AeadKeyTemplates::Aes128Gcm(),
130*e7b1675dSTing-Kang Chang AeadKeyTemplates::Aes256Gcm(),
131*e7b1675dSTing-Kang Chang AeadKeyTemplates::Aes128CtrHmacSha256(),
132*e7b1675dSTing-Kang Chang AeadKeyTemplates::Aes256CtrHmacSha256(),
133*e7b1675dSTing-Kang Chang };
134*e7b1675dSTing-Kang Chang
135*e7b1675dSTing-Kang Chang for (auto key_template : fips_key_templates) {
136*e7b1675dSTing-Kang Chang auto new_keyset_handle_result = KeysetHandle::GenerateNew(key_template);
137*e7b1675dSTing-Kang Chang EXPECT_THAT(new_keyset_handle_result, IsOk());
138*e7b1675dSTing-Kang Chang }
139*e7b1675dSTing-Kang Chang }
140*e7b1675dSTing-Kang Chang
TEST_F(AeadConfigTest,RegisterFailsIfBoringCryptoNotAvailable)141*e7b1675dSTing-Kang Chang TEST_F(AeadConfigTest, RegisterFailsIfBoringCryptoNotAvailable) {
142*e7b1675dSTing-Kang Chang if (!IsFipsModeEnabled() || internal::IsFipsEnabledInSsl()) {
143*e7b1675dSTing-Kang Chang GTEST_SKIP()
144*e7b1675dSTing-Kang Chang << "Only supported in FIPS-only mode with BoringCrypto not available.";
145*e7b1675dSTing-Kang Chang }
146*e7b1675dSTing-Kang Chang
147*e7b1675dSTing-Kang Chang EXPECT_THAT(Registry::get_key_manager<Aead>(AesGcmKeyManager().get_key_type())
148*e7b1675dSTing-Kang Chang .status(),
149*e7b1675dSTing-Kang Chang StatusIs(absl::StatusCode::kNotFound));
150*e7b1675dSTing-Kang Chang EXPECT_THAT(AeadConfig::Register(), StatusIs(absl::StatusCode::kInternal));
151*e7b1675dSTing-Kang Chang }
152*e7b1675dSTing-Kang Chang
TEST_F(AeadConfigTest,AesGcmProtoParamsSerializationRegistered)153*e7b1675dSTing-Kang Chang TEST_F(AeadConfigTest, AesGcmProtoParamsSerializationRegistered) {
154*e7b1675dSTing-Kang Chang if (IsFipsModeEnabled()) {
155*e7b1675dSTing-Kang Chang GTEST_SKIP() << "Not supported in FIPS-only mode";
156*e7b1675dSTing-Kang Chang }
157*e7b1675dSTing-Kang Chang
158*e7b1675dSTing-Kang Chang util::StatusOr<internal::ProtoParametersSerialization>
159*e7b1675dSTing-Kang Chang proto_params_serialization =
160*e7b1675dSTing-Kang Chang internal::ProtoParametersSerialization::Create(
161*e7b1675dSTing-Kang Chang AeadKeyTemplates::Aes256Gcm());
162*e7b1675dSTing-Kang Chang ASSERT_THAT(proto_params_serialization, IsOk());
163*e7b1675dSTing-Kang Chang
164*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Parameters>> parsed_params =
165*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance().ParseParameters(
166*e7b1675dSTing-Kang Chang *proto_params_serialization);
167*e7b1675dSTing-Kang Chang ASSERT_THAT(parsed_params.status(), StatusIs(absl::StatusCode::kNotFound));
168*e7b1675dSTing-Kang Chang
169*e7b1675dSTing-Kang Chang util::StatusOr<AesGcmParameters> params =
170*e7b1675dSTing-Kang Chang AesGcmParameters::Builder()
171*e7b1675dSTing-Kang Chang .SetVariant(AesGcmParameters::Variant::kTink)
172*e7b1675dSTing-Kang Chang .SetKeySizeInBytes(32)
173*e7b1675dSTing-Kang Chang .SetIvSizeInBytes(12)
174*e7b1675dSTing-Kang Chang .SetTagSizeInBytes(16)
175*e7b1675dSTing-Kang Chang .Build();
176*e7b1675dSTing-Kang Chang ASSERT_THAT(params, IsOk());
177*e7b1675dSTing-Kang Chang
178*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Serialization>> serialized_params =
179*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance()
180*e7b1675dSTing-Kang Chang .SerializeParameters<internal::ProtoParametersSerialization>(*params);
181*e7b1675dSTing-Kang Chang ASSERT_THAT(serialized_params.status(),
182*e7b1675dSTing-Kang Chang StatusIs(absl::StatusCode::kNotFound));
183*e7b1675dSTing-Kang Chang
184*e7b1675dSTing-Kang Chang ASSERT_THAT(AeadConfig::Register(), IsOk());
185*e7b1675dSTing-Kang Chang
186*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Parameters>> parsed_params2 =
187*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance().ParseParameters(
188*e7b1675dSTing-Kang Chang *proto_params_serialization);
189*e7b1675dSTing-Kang Chang ASSERT_THAT(parsed_params2, IsOk());
190*e7b1675dSTing-Kang Chang
191*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Serialization>> serialized_params2 =
192*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance()
193*e7b1675dSTing-Kang Chang .SerializeParameters<internal::ProtoParametersSerialization>(*params);
194*e7b1675dSTing-Kang Chang ASSERT_THAT(serialized_params2, IsOk());
195*e7b1675dSTing-Kang Chang }
196*e7b1675dSTing-Kang Chang
TEST_F(AeadConfigTest,AesGcmProtoKeySerializationRegistered)197*e7b1675dSTing-Kang Chang TEST_F(AeadConfigTest, AesGcmProtoKeySerializationRegistered) {
198*e7b1675dSTing-Kang Chang if (IsFipsModeEnabled()) {
199*e7b1675dSTing-Kang Chang GTEST_SKIP() << "Not supported in FIPS-only mode";
200*e7b1675dSTing-Kang Chang }
201*e7b1675dSTing-Kang Chang
202*e7b1675dSTing-Kang Chang google::crypto::tink::AesGcmKey key_proto;
203*e7b1675dSTing-Kang Chang key_proto.set_version(0);
204*e7b1675dSTing-Kang Chang key_proto.set_key_value(subtle::Random::GetRandomBytes(32));
205*e7b1675dSTing-Kang Chang
206*e7b1675dSTing-Kang Chang util::StatusOr<internal::ProtoKeySerialization> proto_key_serialization =
207*e7b1675dSTing-Kang Chang internal::ProtoKeySerialization::Create(
208*e7b1675dSTing-Kang Chang "type.googleapis.com/google.crypto.tink.AesGcmKey",
209*e7b1675dSTing-Kang Chang RestrictedData(key_proto.SerializeAsString(),
210*e7b1675dSTing-Kang Chang InsecureSecretKeyAccess::Get()),
211*e7b1675dSTing-Kang Chang KeyData::SYMMETRIC, OutputPrefixType::TINK, /*id_requirement=*/123);
212*e7b1675dSTing-Kang Chang ASSERT_THAT(proto_key_serialization, IsOk());
213*e7b1675dSTing-Kang Chang
214*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Key>> parsed_key =
215*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance().ParseKey(
216*e7b1675dSTing-Kang Chang *proto_key_serialization, InsecureSecretKeyAccess::Get());
217*e7b1675dSTing-Kang Chang ASSERT_THAT(parsed_key.status(), StatusIs(absl::StatusCode::kNotFound));
218*e7b1675dSTing-Kang Chang
219*e7b1675dSTing-Kang Chang util::StatusOr<AesGcmParameters> params =
220*e7b1675dSTing-Kang Chang AesGcmParameters::Builder()
221*e7b1675dSTing-Kang Chang .SetVariant(AesGcmParameters::Variant::kTink)
222*e7b1675dSTing-Kang Chang .SetKeySizeInBytes(32)
223*e7b1675dSTing-Kang Chang .SetIvSizeInBytes(12)
224*e7b1675dSTing-Kang Chang .SetTagSizeInBytes(16)
225*e7b1675dSTing-Kang Chang .Build();
226*e7b1675dSTing-Kang Chang ASSERT_THAT(params, IsOk());
227*e7b1675dSTing-Kang Chang
228*e7b1675dSTing-Kang Chang util::StatusOr<AesGcmKey> key =
229*e7b1675dSTing-Kang Chang AesGcmKey::Create(*params,
230*e7b1675dSTing-Kang Chang RestrictedData(subtle::Random::GetRandomBytes(32),
231*e7b1675dSTing-Kang Chang InsecureSecretKeyAccess::Get()),
232*e7b1675dSTing-Kang Chang /*id_requirement=*/123, GetPartialKeyAccess());
233*e7b1675dSTing-Kang Chang ASSERT_THAT(key, IsOk());
234*e7b1675dSTing-Kang Chang
235*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Serialization>> serialized_key =
236*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance()
237*e7b1675dSTing-Kang Chang .SerializeKey<internal::ProtoKeySerialization>(
238*e7b1675dSTing-Kang Chang *key, InsecureSecretKeyAccess::Get());
239*e7b1675dSTing-Kang Chang ASSERT_THAT(serialized_key.status(), StatusIs(absl::StatusCode::kNotFound));
240*e7b1675dSTing-Kang Chang
241*e7b1675dSTing-Kang Chang ASSERT_THAT(AeadConfig::Register(), IsOk());
242*e7b1675dSTing-Kang Chang
243*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Key>> parsed_key2 =
244*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance().ParseKey(
245*e7b1675dSTing-Kang Chang *proto_key_serialization, InsecureSecretKeyAccess::Get());
246*e7b1675dSTing-Kang Chang ASSERT_THAT(parsed_key2, IsOk());
247*e7b1675dSTing-Kang Chang
248*e7b1675dSTing-Kang Chang util::StatusOr<std::unique_ptr<Serialization>> serialized_key2 =
249*e7b1675dSTing-Kang Chang internal::MutableSerializationRegistry::GlobalInstance()
250*e7b1675dSTing-Kang Chang .SerializeKey<internal::ProtoKeySerialization>(
251*e7b1675dSTing-Kang Chang *key, InsecureSecretKeyAccess::Get());
252*e7b1675dSTing-Kang Chang ASSERT_THAT(serialized_key2, IsOk());
253*e7b1675dSTing-Kang Chang }
254*e7b1675dSTing-Kang Chang
255*e7b1675dSTing-Kang Chang } // namespace
256*e7b1675dSTing-Kang Chang } // namespace tink
257*e7b1675dSTing-Kang Chang } // namespace crypto
258