1// Copyright 2019 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14// 15//////////////////////////////////////////////////////////////////////////////// 16 17package aead_test 18 19import ( 20 "bytes" 21 "log" 22 "testing" 23 24 "github.com/google/tink/go/aead" 25 "github.com/google/tink/go/testing/fakekms" 26 tinkpb "github.com/google/tink/go/proto/tink_go_proto" 27) 28 29func TestKMSEnvelopeWorksWithTinkKeyTemplatesAsDekTemplate(t *testing.T) { 30 keyURI := "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEIK75t5L-adlUwVhWvRuWUwYARABGM2b3_MDIAE" 31 client, err := fakekms.NewClient(keyURI) 32 if err != nil { 33 log.Fatal(err) 34 } 35 kekAEAD, err := client.GetAEAD(keyURI) 36 if err != nil { 37 log.Fatal(err) 38 } 39 plaintext := []byte("plaintext") 40 associatedData := []byte("associatedData") 41 invalidAssociatedData := []byte("invalidAssociatedData") 42 43 var kmsEnvelopeAeadDekTestCases = []struct { 44 name string 45 dekTemplate *tinkpb.KeyTemplate 46 }{ 47 { 48 name: "AES128_GCM", 49 dekTemplate: aead.AES128GCMKeyTemplate(), 50 }, { 51 name: "AES256_GCM", 52 dekTemplate: aead.AES256GCMKeyTemplate(), 53 }, { 54 name: "AES256_GCM_NO_PREFIX", 55 dekTemplate: aead.AES256GCMNoPrefixKeyTemplate(), 56 }, { 57 name: "AES128_GCM_SIV", 58 dekTemplate: aead.AES128GCMSIVKeyTemplate(), 59 }, { 60 name: "AES256_GCM_SIV", 61 dekTemplate: aead.AES256GCMSIVKeyTemplate(), 62 }, { 63 name: "AES256_GCM_SIV_NO_PREFIX", 64 dekTemplate: aead.AES256GCMSIVNoPrefixKeyTemplate(), 65 }, { 66 name: "AES128_CTR_HMAC_SHA256", 67 dekTemplate: aead.AES128CTRHMACSHA256KeyTemplate(), 68 }, { 69 name: "AES256_CTR_HMAC_SHA256", 70 dekTemplate: aead.AES256CTRHMACSHA256KeyTemplate(), 71 }, { 72 name: "CHACHA20_POLY1305", 73 dekTemplate: aead.ChaCha20Poly1305KeyTemplate(), 74 }, { 75 name: "XCHACHA20_POLY1305", 76 dekTemplate: aead.XChaCha20Poly1305KeyTemplate(), 77 }, 78 } 79 for _, tc := range kmsEnvelopeAeadDekTestCases { 80 t.Run(tc.name, func(t *testing.T) { 81 a := aead.NewKMSEnvelopeAEAD2(tc.dekTemplate, kekAEAD) 82 ciphertext, err := a.Encrypt(plaintext, associatedData) 83 if err != nil { 84 t.Fatalf("a.Encrypt(plaintext, associatedData) err = %q, want nil", err) 85 } 86 gotPlaintext, err := a.Decrypt(ciphertext, associatedData) 87 if err != nil { 88 t.Fatalf("a.Decrypt(ciphertext, associatedData) err = %q, want nil", err) 89 } 90 if !bytes.Equal(gotPlaintext, plaintext) { 91 t.Fatalf("got plaintext %q, want %q", gotPlaintext, plaintext) 92 } 93 if _, err = a.Decrypt(ciphertext, invalidAssociatedData); err == nil { 94 t.Error("a.Decrypt(ciphertext, invalidAssociatedData) err = nil, want error") 95 } 96 }) 97 } 98} 99 100func TestKMSEnvelopeWithKmsEnvelopeKeyTemplatesAsDekTemplate_fails(t *testing.T) { 101 keyURI := "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEIK75t5L-adlUwVhWvRuWUwYARABGM2b3_MDIAE" 102 client, err := fakekms.NewClient(keyURI) 103 if err != nil { 104 t.Fatalf("fakekms.NewClient(keyURI) err = %q, want nil", err) 105 } 106 kekAEAD, err := client.GetAEAD(keyURI) 107 if err != nil { 108 t.Fatalf("client.GetAEAD(keyURI) err = %q, want nil", err) 109 } 110 plaintext := []byte("plaintext") 111 associatedData := []byte("associatedData") 112 113 // Use a KmsEnvelopeAeadKeyTemplate as DEK template. 114 dekTemplate, err := aead.CreateKMSEnvelopeAEADKeyTemplate(keyURI, aead.AES128GCMKeyTemplate()) 115 if err != nil { 116 t.Fatalf("aead.CreateKMSEnvelopAEADKeyTemplate() err = %q, want nil", err) 117 } 118 119 a := aead.NewKMSEnvelopeAEAD2(dekTemplate, kekAEAD) 120 _, err = a.Encrypt(plaintext, associatedData) 121 if err == nil { 122 t.Error("a.Encrypt(plaintext, associatedData) err = nil, want error") 123 } 124} 125 126func TestKMSEnvelopeShortCiphertext(t *testing.T) { 127 keyURI := "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEIK75t5L-adlUwVhWvRuWUwYARABGM2b3_MDIAE" 128 client, err := fakekms.NewClient(keyURI) 129 if err != nil { 130 log.Fatal(err) 131 } 132 kekAEAD, err := client.GetAEAD(keyURI) 133 if err != nil { 134 log.Fatal(err) 135 } 136 a := aead.NewKMSEnvelopeAEAD2(aead.AES256GCMKeyTemplate(), kekAEAD) 137 if _, err = a.Decrypt([]byte{1}, nil); err == nil { 138 t.Error("a.Decrypt([]byte{1}, nil) err = nil, want error") 139 } 140} 141