1 // Copyright 2017 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ////////////////////////////////////////////////////////////////////////////////
16 #include "tink/aead/aead_factory.h"
17
18 #include <stdint.h>
19
20 #include <memory>
21 #include <string>
22 #include <utility>
23
24 #include "gtest/gtest.h"
25 #include "absl/status/status.h"
26 #include "absl/strings/string_view.h"
27 #include "tink/aead.h"
28 #include "tink/aead/aead_config.h"
29 #include "tink/aead/aes_gcm_key_manager.h"
30 #include "tink/crypto_format.h"
31 #include "tink/internal/key_info.h"
32 #include "tink/keyset_handle.h"
33 #include "tink/util/status.h"
34 #include "tink/util/statusor.h"
35 #include "tink/util/test_keyset_handle.h"
36 #include "tink/util/test_util.h"
37 #include "proto/aes_gcm.pb.h"
38 #include "proto/tink.pb.h"
39
40 using crypto::tink::test::AddRawKey;
41 using crypto::tink::test::AddTinkKey;
42 using google::crypto::tink::AesGcmKey;
43 using google::crypto::tink::AesGcmKeyFormat;
44 using google::crypto::tink::KeyData;
45 using google::crypto::tink::Keyset;
46 using google::crypto::tink::KeyStatusType;
47
48
49 namespace crypto {
50 namespace tink {
51 namespace {
52
53 class AeadFactoryTest : public ::testing::Test {
54 };
55
TEST_F(AeadFactoryTest,testBasic)56 TEST_F(AeadFactoryTest, testBasic) {
57 Keyset keyset;
58 auto aead_result =
59 AeadFactory::GetPrimitive(*TestKeysetHandle::GetKeysetHandle(keyset));
60 EXPECT_FALSE(aead_result.ok());
61 EXPECT_EQ(absl::StatusCode::kInvalidArgument, aead_result.status().code());
62 EXPECT_PRED_FORMAT2(testing::IsSubstring, "at least one key",
63 std::string(aead_result.status().message()));
64 }
65
TEST_F(AeadFactoryTest,testPrimitive)66 TEST_F(AeadFactoryTest, testPrimitive) {
67 // Prepare a template for generating keys for a Keyset.
68 std::string key_type = AesGcmKeyManager().get_key_type();
69
70 AesGcmKeyFormat key_format;
71 key_format.set_key_size(16);
72
73 // Prepare a Keyset.
74 Keyset keyset;
75 uint32_t key_id_1 = 1234543;
76 AesGcmKey new_key = AesGcmKeyManager().CreateKey(key_format).value();
77 AddTinkKey(key_type, key_id_1, new_key, KeyStatusType::ENABLED,
78 KeyData::SYMMETRIC, &keyset);
79
80 uint32_t key_id_2 = 726329;
81 new_key = AesGcmKeyManager().CreateKey(key_format).value();
82 AddRawKey(key_type, key_id_2, new_key, KeyStatusType::ENABLED,
83 KeyData::SYMMETRIC, &keyset);
84
85 uint32_t key_id_3 = 7213743;
86 new_key = AesGcmKeyManager().CreateKey(key_format).value();
87 AddTinkKey(key_type, key_id_3, new_key, KeyStatusType::ENABLED,
88 KeyData::SYMMETRIC, &keyset);
89
90 keyset.set_primary_key_id(key_id_3);
91
92 // Initialize the registry.
93 ASSERT_TRUE(AeadConfig::Register().ok());;
94
95 // Create a KeysetHandle and use it with the factory.
96 auto aead_result =
97 AeadFactory::GetPrimitive(*TestKeysetHandle::GetKeysetHandle(keyset));
98 EXPECT_TRUE(aead_result.ok()) << aead_result.status();
99 auto aead = std::move(aead_result.value());
100
101 // Test the resulting Aead-instance.
102 std::string plaintext = "some_plaintext";
103 std::string aad = "some_aad";
104
105 auto encrypt_result = aead->Encrypt(plaintext, aad);
106 EXPECT_TRUE(encrypt_result.ok()) << encrypt_result.status();
107 std::string ciphertext = encrypt_result.value();
108 std::string prefix =
109 CryptoFormat::GetOutputPrefix(KeyInfoFromKey(keyset.key(2))).value();
110 EXPECT_PRED_FORMAT2(testing::IsSubstring, prefix, ciphertext);
111
112 auto decrypt_result = aead->Decrypt(ciphertext, aad);
113 EXPECT_TRUE(decrypt_result.ok()) << decrypt_result.status();
114 EXPECT_EQ(plaintext, decrypt_result.value());
115
116 decrypt_result = aead->Decrypt("some bad ciphertext", aad);
117 EXPECT_FALSE(decrypt_result.ok());
118 EXPECT_EQ(absl::StatusCode::kInvalidArgument,
119 decrypt_result.status().code());
120 EXPECT_PRED_FORMAT2(testing::IsSubstring, "decryption failed",
121 std::string(decrypt_result.status().message()));
122
123 // Create raw ciphertext with 2nd key, and decrypt with Aead-instance.
124 AesGcmKey raw_key;
125 EXPECT_TRUE(raw_key.ParseFromString(keyset.key(1).key_data().value()));
126 auto raw_aead =
127 std::move(AesGcmKeyManager().GetPrimitive<Aead>(raw_key).value());
128 std::string raw_ciphertext = raw_aead->Encrypt(plaintext, aad).value();
129 decrypt_result = aead->Decrypt(ciphertext, aad);
130 EXPECT_TRUE(decrypt_result.ok()) << decrypt_result.status();
131 EXPECT_EQ(plaintext, decrypt_result.value());
132 }
133
134 } // namespace
135 } // namespace tink
136 } // namespace crypto
137