1 // Copyright 2023 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include "anonymous_tokens/cpp/client/anonymous_tokens_public_key_client.h"
16
17 #include <cstddef>
18 #include <memory>
19 #include <string>
20 #include <utility>
21 #include <vector>
22
23 #include <gmock/gmock.h>
24 #include <gtest/gtest.h>
25 #include "absl/status/status.h"
26 #include "absl/strings/string_view.h"
27 #include "anonymous_tokens/cpp/shared/proto_utils.h"
28 #include "anonymous_tokens/cpp/shared/status_utils.h"
29 #include "anonymous_tokens/cpp/testing/utils.h"
30 #include "anonymous_tokens/proto/anonymous_tokens.pb.h"
31
32
33 namespace anonymous_tokens {
34 namespace {
35
36 constexpr int kKeyByteSize = 512;
37 constexpr int kSaltByteLength = 48;
38 constexpr int kMessageMaskByteLength = 32;
39 constexpr absl::Duration kEndTimeIncrement = absl::Minutes(100);
40 constexpr absl::Duration kStartTimeIncrement = absl::Minutes(35);
41
42 class AnonymousTokensPublicKeysGetClientTest : public ::testing::Test {
43 protected:
SetUp()44 void SetUp() override {
45 start_time_ = absl::Now();
46 default_n_str_ = std::string(kKeyByteSize, 'a');
47 default_e_str_ = std::string(kKeyByteSize, 'b');
48
49 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
50 client_, AnonymousTokensPublicKeysGetClient::Create());
51 }
52
GenerateFakeRsaKey(std::string n_str,std::string e_str)53 RSAPublicKey GenerateFakeRsaKey(std::string n_str, std::string e_str) {
54 RSAPublicKey public_key;
55 public_key.set_n(n_str);
56 public_key.set_e(e_str);
57 return public_key;
58 }
59
SimpleGetResponse()60 absl::StatusOr<AnonymousTokensPublicKeysGetResponse> SimpleGetResponse() {
61 RSAPublicKey public_key =
62 GenerateFakeRsaKey(default_n_str_, default_e_str_);
63 return PublicKeysGetResponse({public_key});
64 }
65
PublicKeysGetResponse(const std::vector<RSAPublicKey> & public_keys)66 absl::StatusOr<AnonymousTokensPublicKeysGetResponse> PublicKeysGetResponse(
67 const std::vector<RSAPublicKey>& public_keys) {
68 AnonymousTokensPublicKeysGetResponse resp;
69 for (size_t i = 0; i < public_keys.size(); ++i) {
70 RSABlindSignaturePublicKey* key = resp.add_rsa_public_keys();
71 key->set_use_case("TEST_USE_CASE");
72 key->set_key_version(i + 1);
73 key->set_serialized_public_key(public_keys[i].SerializeAsString());
74 ANON_TOKENS_ASSIGN_OR_RETURN(
75 *(key->mutable_key_validity_start_time()),
76 TimeToProto(start_time_ - (kStartTimeIncrement * i)));
77 ANON_TOKENS_ASSIGN_OR_RETURN(
78 *(key->mutable_expiration_time()),
79 TimeToProto(start_time_ + (kEndTimeIncrement * (i + 1))));
80 key->set_mask_gen_function(AT_MGF_SHA384);
81 key->set_sig_hash_type(AT_HASH_TYPE_SHA384);
82 key->set_key_size(kKeyByteSize);
83 key->set_salt_length(kSaltByteLength);
84 key->set_message_mask_type(AT_MESSAGE_MASK_CONCAT);
85 key->set_message_mask_size(kMessageMaskByteLength);
86 key->set_public_metadata_support(true);
87 }
88 return resp;
89 }
90
91 absl::Time start_time_;
92 std::string default_n_str_;
93 std::string default_e_str_;
94 std::unique_ptr<AnonymousTokensPublicKeysGetClient> client_;
95 };
96
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientMoreThanOneRequest)97 TEST_F(AnonymousTokensPublicKeysGetClientTest,
98 PublicKeyGetClientMoreThanOneRequest) {
99 // Create the first request.
100 ASSERT_TRUE(client_
101 ->CreateAnonymousTokensPublicKeysGetRequest(
102 TEST_USE_CASE, 1, absl::Now(), absl::nullopt)
103 .ok());
104 // Second request will err.
105 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
106 client_->CreateAnonymousTokensPublicKeysGetRequest(
107 TEST_USE_CASE, 1, absl::Now(), absl::nullopt);
108 EXPECT_EQ(request.status().code(), absl::StatusCode::kFailedPrecondition);
109 EXPECT_THAT(request.status().message(),
110 testing::HasSubstr("Public Key request is already created."));
111 }
112
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientInvalidUseCaseRequest)113 TEST_F(AnonymousTokensPublicKeysGetClientTest,
114 PublicKeyGetClientInvalidUseCaseRequest) {
115 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
116 client_->CreateAnonymousTokensPublicKeysGetRequest(
117 ANONYMOUS_TOKENS_USE_CASE_UNDEFINED, 0, absl::Now(), absl::nullopt);
118 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
119 EXPECT_THAT(request.status().message(),
120 testing::HasSubstr("Use case must be defined."));
121 }
122
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientInvalidKeyVersionRequest)123 TEST_F(AnonymousTokensPublicKeysGetClientTest,
124 PublicKeyGetClientInvalidKeyVersionRequest) {
125 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
126 client_->CreateAnonymousTokensPublicKeysGetRequest(
127 TEST_USE_CASE, -1, absl::Now(), absl::nullopt);
128 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
129 EXPECT_THAT(
130 request.status().message(),
131 testing::HasSubstr("Key Version in an AnonymousTokensPublicKeysGetRequest"
132 " must be 0 or greater than 0."));
133 }
134
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientExpiryBeforeValidityStartRequest)135 TEST_F(AnonymousTokensPublicKeysGetClientTest,
136 PublicKeyGetClientExpiryBeforeValidityStartRequest) {
137 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
138 client_->CreateAnonymousTokensPublicKeysGetRequest(
139 TEST_USE_CASE, 0, absl::Now(), absl::Now() - absl::Minutes(10));
140 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
141 EXPECT_THAT(
142 request.status().message(),
143 testing::HasSubstr("Key validity start time can not be the same or after"
144 " key validity end time (if set)."));
145 }
146
TEST_F(AnonymousTokensPublicKeysGetClientTest,PublicKeyGetClientExpiryInThePastRequest)147 TEST_F(AnonymousTokensPublicKeysGetClientTest,
148 PublicKeyGetClientExpiryInThePastRequest) {
149 absl::StatusOr<AnonymousTokensPublicKeysGetRequest> request =
150 client_->CreateAnonymousTokensPublicKeysGetRequest(
151 TEST_USE_CASE, 0, absl::Now() - absl::Minutes(30),
152 absl::Now() - absl::Minutes(10));
153 EXPECT_EQ(request.status().code(), absl::StatusCode::kInvalidArgument);
154 EXPECT_THAT(
155 request.status().message(),
156 testing::HasSubstr(
157 "Requested Key expiry time (if set) must not be in the past."));
158 }
159
TEST_F(AnonymousTokensPublicKeysGetClientTest,CreateAnonymousTokensPublicKeysGetRequestWithExpiryTime)160 TEST_F(AnonymousTokensPublicKeysGetClientTest,
161 CreateAnonymousTokensPublicKeysGetRequestWithExpiryTime) {
162 absl::Time end_time = start_time_ + kEndTimeIncrement;
163 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
164 AnonymousTokensPublicKeysGetRequest request,
165 client_->CreateAnonymousTokensPublicKeysGetRequest(
166 TEST_USE_CASE, 0, start_time_, end_time));
167
168 EXPECT_EQ(request.use_case(), AnonymousTokensUseCase_Name(TEST_USE_CASE));
169 EXPECT_EQ(request.key_version(), 0);
170 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
171 absl::Time request_start_time,
172 TimeFromProto(request.key_validity_start_time()));
173 EXPECT_EQ(request_start_time, start_time_);
174 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
175 absl::Time request_end_time,
176 TimeFromProto(request.key_validity_end_time()));
177 EXPECT_EQ(request_end_time, end_time);
178 }
179
TEST_F(AnonymousTokensPublicKeysGetClientTest,CreateAnonymousTokensPublicKeysGetRequestWithNoExpiryTime)180 TEST_F(AnonymousTokensPublicKeysGetClientTest,
181 CreateAnonymousTokensPublicKeysGetRequestWithNoExpiryTime) {
182 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
183 auto request, client_->CreateAnonymousTokensPublicKeysGetRequest(
184 TEST_USE_CASE, 0, start_time_, absl::nullopt));
185
186 EXPECT_EQ(request.use_case(), AnonymousTokensUseCase_Name(TEST_USE_CASE));
187 EXPECT_EQ(request.key_version(), 0);
188 EXPECT_EQ(TimeFromProto(request.key_validity_start_time()).value(),
189 start_time_);
190 EXPECT_EQ(request.has_key_validity_end_time(), false);
191 }
192
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessPublicKeyGetResponseWithoutCreatingRequest)193 TEST_F(AnonymousTokensPublicKeysGetClientTest,
194 ProcessPublicKeyGetResponseWithoutCreatingRequest) {
195 AnonymousTokensPublicKeysGetResponse response;
196 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
197 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
198 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kFailedPrecondition);
199 EXPECT_THAT(public_keys.status().message(),
200 testing::HasSubstr(
201 "CreateAnonymousTokensPublicKeysGetRequest has not been "
202 "called yet."));
203 }
204
TEST_F(AnonymousTokensPublicKeysGetClientTest,UndefinedUseCaseInPublicKeyGetResponse)205 TEST_F(AnonymousTokensPublicKeysGetClientTest,
206 UndefinedUseCaseInPublicKeyGetResponse) {
207 ASSERT_TRUE(
208 client_
209 ->CreateAnonymousTokensPublicKeysGetRequest(
210 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
211 .ok());
212 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
213
214 // Invalid use case.
215 response.mutable_rsa_public_keys(0)->set_use_case("invalid");
216
217 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
218 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
219 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
220 EXPECT_THAT(
221 public_keys.status().message(),
222 testing::HasSubstr("Invalid / undefined use case cannot be parsed."));
223 }
224
TEST_F(AnonymousTokensPublicKeysGetClientTest,UseCaseInPublicKeyGetResponseDifferentThanRequest)225 TEST_F(AnonymousTokensPublicKeysGetClientTest,
226 UseCaseInPublicKeyGetResponseDifferentThanRequest) {
227 ASSERT_TRUE(
228 client_
229 ->CreateAnonymousTokensPublicKeysGetRequest(
230 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
231 .ok());
232 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
233
234 // Receiving a different use case response is invalid.
235 response.mutable_rsa_public_keys(0)->set_use_case("TEST_USE_CASE_2");
236
237 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
238 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
239 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
240 EXPECT_THAT(
241 public_keys.status().message(),
242 testing::HasSubstr("Public key is not for the Use Case requested."));
243 }
244
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyVersionNegativeInPublicKeyGetResponse)245 TEST_F(AnonymousTokensPublicKeysGetClientTest,
246 KeyVersionNegativeInPublicKeyGetResponse) {
247 ASSERT_TRUE(
248 client_
249 ->CreateAnonymousTokensPublicKeysGetRequest(
250 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
251 .ok());
252 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
253
254 // Key version cannot be negative.
255 response.mutable_rsa_public_keys(0)->set_key_version(-10);
256
257 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
258 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
259 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
260 EXPECT_THAT(public_keys.status().message(),
261 testing::HasSubstr("Key_version cannot be zero or negative."));
262 }
263
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyVersionZeroInPublicKeyGetResponse)264 TEST_F(AnonymousTokensPublicKeysGetClientTest,
265 KeyVersionZeroInPublicKeyGetResponse) {
266 ASSERT_TRUE(
267 client_
268 ->CreateAnonymousTokensPublicKeysGetRequest(
269 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
270 .ok());
271 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
272
273 // Key version cannot be 0.
274 response.mutable_rsa_public_keys(0)->set_key_version(0);
275
276 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
277 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
278 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
279 EXPECT_THAT(public_keys.status().message(),
280 testing::HasSubstr("Key_version cannot be zero or negative."));
281 }
282
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyVersionDifferentThanRequestedInPublicKeyGetResponse)283 TEST_F(AnonymousTokensPublicKeysGetClientTest,
284 KeyVersionDifferentThanRequestedInPublicKeyGetResponse) {
285 ASSERT_TRUE(
286 client_
287 ->CreateAnonymousTokensPublicKeysGetRequest(
288 TEST_USE_CASE, 2, start_time_, start_time_ + absl::Minutes(100))
289 .ok());
290 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
291
292 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
293 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
294 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
295 EXPECT_THAT(
296 public_keys.status().message(),
297 testing::HasSubstr("Public key is not for the Key Version requested."));
298 }
299
TEST_F(AnonymousTokensPublicKeysGetClientTest,SaltLengthZeroInPublicKeyGetResponse)300 TEST_F(AnonymousTokensPublicKeysGetClientTest,
301 SaltLengthZeroInPublicKeyGetResponse) {
302 ASSERT_TRUE(
303 client_
304 ->CreateAnonymousTokensPublicKeysGetRequest(
305 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
306 .ok());
307 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
308
309 // Do not allow deterministic signatures due to empty salts.
310 response.mutable_rsa_public_keys(0)->set_salt_length(0);
311
312 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
313 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
314 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
315 EXPECT_THAT(public_keys.status().message(),
316 testing::HasSubstr("Salt length must not be zero or negative."));
317 }
318
TEST_F(AnonymousTokensPublicKeysGetClientTest,SaltLengthNegativeInPublicKeyGetResponse)319 TEST_F(AnonymousTokensPublicKeysGetClientTest,
320 SaltLengthNegativeInPublicKeyGetResponse) {
321 ASSERT_TRUE(
322 client_
323 ->CreateAnonymousTokensPublicKeysGetRequest(
324 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
325 .ok());
326 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
327
328 // Negative salt length is invalid.
329 response.mutable_rsa_public_keys(0)->set_salt_length(-10);
330
331 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
332 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
333 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
334 EXPECT_THAT(public_keys.status().message(),
335 testing::HasSubstr("Salt length must not be zero or negative."));
336 }
337
TEST_F(AnonymousTokensPublicKeysGetClientTest,InvalidKeySizeInPublicKeyGetResponse)338 TEST_F(AnonymousTokensPublicKeysGetClientTest,
339 InvalidKeySizeInPublicKeyGetResponse) {
340 ASSERT_TRUE(
341 client_
342 ->CreateAnonymousTokensPublicKeysGetRequest(
343 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
344 .ok());
345 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
346
347 // Too short keys are invalid.
348 response.mutable_rsa_public_keys(0)->set_key_size(128);
349
350 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
351 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
352 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
353 EXPECT_THAT(public_keys.status().message(),
354 testing::HasSubstr("Key_size cannot be less than 256 bytes."));
355 }
356
TEST_F(AnonymousTokensPublicKeysGetClientTest,NegativeKeySizeInPublicKeyGetResponse)357 TEST_F(AnonymousTokensPublicKeysGetClientTest,
358 NegativeKeySizeInPublicKeyGetResponse) {
359 ASSERT_TRUE(
360 client_
361 ->CreateAnonymousTokensPublicKeysGetRequest(
362 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
363 .ok());
364 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
365
366 // Negative key size is invalid.
367 response.mutable_rsa_public_keys(0)->set_key_size(-10);
368
369 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
370 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
371 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
372 EXPECT_THAT(public_keys.status().message(),
373 testing::HasSubstr("Key_size cannot be less than 256 bytes."));
374 }
375
TEST_F(AnonymousTokensPublicKeysGetClientTest,UndefinedOrUnsupportedMessageMaskType)376 TEST_F(AnonymousTokensPublicKeysGetClientTest,
377 UndefinedOrUnsupportedMessageMaskType) {
378 ASSERT_TRUE(
379 client_
380 ->CreateAnonymousTokensPublicKeysGetRequest(
381 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
382 .ok());
383 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
384
385 // Undefined message mask type is invalid.
386 response.mutable_rsa_public_keys(0)->set_message_mask_type(
387 AT_MESSAGE_MASK_TYPE_UNDEFINED);
388
389 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
390 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
391 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
392 EXPECT_THAT(
393 public_keys.status().message(),
394 testing::HasSubstr("Message mask type must be defined and supported."));
395
396 // Unsupported message mask type is invalid.
397 response.mutable_rsa_public_keys(0)->set_message_mask_type(
398 AT_MESSAGE_MASK_XOR);
399
400 public_keys =
401 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
402 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
403 EXPECT_THAT(
404 public_keys.status().message(),
405 testing::HasSubstr("Message mask type must be defined and supported."));
406 }
407
TEST_F(AnonymousTokensPublicKeysGetClientTest,MessageMaskConcatSizeLessThan32)408 TEST_F(AnonymousTokensPublicKeysGetClientTest,
409 MessageMaskConcatSizeLessThan32) {
410 ASSERT_TRUE(
411 client_
412 ->CreateAnonymousTokensPublicKeysGetRequest(
413 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
414 .ok());
415 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
416
417 // Message mask must be at least 32 bytes.
418 response.mutable_rsa_public_keys(0)->set_message_mask_size(10);
419
420 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
421 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
422 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
423 EXPECT_THAT(
424 public_keys.status().message(),
425 testing::HasSubstr(
426 "Message mask concat type must have a size of at least 32 bytes."));
427 }
428
TEST_F(AnonymousTokensPublicKeysGetClientTest,MessageMaskNoMaskSizeNotZero)429 TEST_F(AnonymousTokensPublicKeysGetClientTest, MessageMaskNoMaskSizeNotZero) {
430 ASSERT_TRUE(
431 client_
432 ->CreateAnonymousTokensPublicKeysGetRequest(
433 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
434 .ok());
435 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
436 response.mutable_rsa_public_keys(0)->set_message_mask_type(
437 AT_MESSAGE_MASK_NO_MASK);
438
439 // If mask type is no mask, sizes other than 0 are invalid.
440 response.mutable_rsa_public_keys(0)->set_message_mask_size(10);
441
442 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
443 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
444 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
445 EXPECT_THAT(public_keys.status().message(),
446 testing::HasSubstr(
447 "Message mask no mask type must be set to size 0 bytes."));
448 }
449
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeySizeIsDifferentThanRealSize)450 TEST_F(AnonymousTokensPublicKeysGetClientTest, KeySizeIsDifferentThanRealSize) {
451 ASSERT_TRUE(
452 client_
453 ->CreateAnonymousTokensPublicKeysGetRequest(
454 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
455 .ok());
456
457 // Make response with wrong key size.
458 RSAPublicKey public_key = GenerateFakeRsaKey(
459 std::string(kKeyByteSize - 1, 'a'), std::string(kKeyByteSize - 1, 'b'));
460 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response,
461 PublicKeysGetResponse({public_key}));
462
463 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
464 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
465 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
466 EXPECT_THAT(
467 public_keys.status().message(),
468 testing::HasSubstr("Actual and given Public Key sizes are different."));
469 }
470
TEST_F(AnonymousTokensPublicKeysGetClientTest,NoPublicKeyInPublicKeyGetResponse)471 TEST_F(AnonymousTokensPublicKeysGetClientTest,
472 NoPublicKeyInPublicKeyGetResponse) {
473 ASSERT_TRUE(
474 client_
475 ->CreateAnonymousTokensPublicKeysGetRequest(
476 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
477 .ok());
478
479 // Make response with no public key.
480 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
481 response.mutable_rsa_public_keys(0)->clear_serialized_public_key();
482
483 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
484 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
485 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
486 EXPECT_THAT(
487 public_keys.status().message(),
488 testing::HasSubstr(
489 "Public Key not set for a particular use case and key version."));
490 }
491
TEST_F(AnonymousTokensPublicKeysGetClientTest,NoValidityStartTimeInPublicKeyGetResponse)492 TEST_F(AnonymousTokensPublicKeysGetClientTest,
493 NoValidityStartTimeInPublicKeyGetResponse) {
494 ASSERT_TRUE(
495 client_
496 ->CreateAnonymousTokensPublicKeysGetRequest(
497 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
498 .ok());
499 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
500 response.mutable_rsa_public_keys(0)->clear_key_validity_start_time();
501 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
502 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
503 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
504 EXPECT_THAT(public_keys.status().message(),
505 testing::HasSubstr("Public Key has no set validity start time."));
506 }
507
TEST_F(AnonymousTokensPublicKeysGetClientTest,ValidityStartTimeAfterRequestedStartTime)508 TEST_F(AnonymousTokensPublicKeysGetClientTest,
509 ValidityStartTimeAfterRequestedStartTime) {
510 ASSERT_TRUE(client_
511 ->CreateAnonymousTokensPublicKeysGetRequest(
512 TEST_USE_CASE, 0, start_time_ - absl::Minutes(100),
513 start_time_ + absl::Minutes(100))
514 .ok());
515 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
516
517 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
518 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
519 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
520 EXPECT_THAT(
521 public_keys.status().message(),
522 testing::HasSubstr(
523 "Public Key is not valid at the requested validity start time."));
524 }
525
TEST_F(AnonymousTokensPublicKeysGetClientTest,IndefinitelyValidKeyReturnedButNotRequested)526 TEST_F(AnonymousTokensPublicKeysGetClientTest,
527 IndefinitelyValidKeyReturnedButNotRequested) {
528 ASSERT_TRUE(
529 client_
530 ->CreateAnonymousTokensPublicKeysGetRequest(
531 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
532 .ok());
533 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
534 response.mutable_rsa_public_keys(0)->clear_expiration_time();
535
536 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
537 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
538 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
539 EXPECT_THAT(public_keys.status().message(),
540 testing::HasSubstr("Public Key does not expire."));
541 }
542
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyWithExpirationTimeReturnedButIndefinitelyValidKeyWasRequested)543 TEST_F(AnonymousTokensPublicKeysGetClientTest,
544 KeyWithExpirationTimeReturnedButIndefinitelyValidKeyWasRequested) {
545 ASSERT_TRUE(client_
546 ->CreateAnonymousTokensPublicKeysGetRequest(
547 TEST_USE_CASE, 0, start_time_, absl::nullopt)
548 .ok());
549 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
550
551 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
552 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
553 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
554 EXPECT_THAT(public_keys.status().message(),
555 testing::HasSubstr("Public Key is not indefinitely valid"));
556 }
557
TEST_F(AnonymousTokensPublicKeysGetClientTest,WrongExpirationTime)558 TEST_F(AnonymousTokensPublicKeysGetClientTest, WrongExpirationTime) {
559 ASSERT_TRUE(
560 client_
561 ->CreateAnonymousTokensPublicKeysGetRequest(
562 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(90))
563 .ok());
564 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
565
566 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
567 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
568 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
569 EXPECT_THAT(public_keys.status().message(),
570 testing::HasSubstr(
571 "Public Key expires after the requested expiry time."));
572 }
573
TEST_F(AnonymousTokensPublicKeysGetClientTest,KeyExpiredBeforeValidityStart)574 TEST_F(AnonymousTokensPublicKeysGetClientTest, KeyExpiredBeforeValidityStart) {
575 ASSERT_TRUE(
576 client_
577 ->CreateAnonymousTokensPublicKeysGetRequest(
578 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(100))
579 .ok());
580 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
581 *(response.mutable_rsa_public_keys(0)->mutable_expiration_time()) =
582 TimeToProto(start_time_ - absl::Minutes(10)).value();
583 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
584 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
585 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
586 EXPECT_THAT(public_keys.status().message(),
587 testing::HasSubstr(
588 "Public Key cannot be expired at or before its validity "
589 "start time."));
590 }
591
TEST_F(AnonymousTokensPublicKeysGetClientTest,AlreadyExpiredKey)592 TEST_F(AnonymousTokensPublicKeysGetClientTest, AlreadyExpiredKey) {
593 ASSERT_TRUE(
594 client_
595 ->CreateAnonymousTokensPublicKeysGetRequest(
596 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(110))
597 .ok());
598 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response, SimpleGetResponse());
599 *(response.mutable_rsa_public_keys(0)->mutable_expiration_time()) =
600 TimeToProto(start_time_ + (absl::Seconds(5))).value();
601 absl::SleepFor(absl::Seconds(10));
602 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>> public_keys =
603 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
604 EXPECT_EQ(public_keys.status().code(), absl::StatusCode::kInvalidArgument);
605 EXPECT_THAT(public_keys.status().message(),
606 testing::HasSubstr("Expired Public Key was returned"));
607 }
608
TEST_F(AnonymousTokensPublicKeysGetClientTest,DuplicateResponsesInPublicKeyGetResponse)609 TEST_F(AnonymousTokensPublicKeysGetClientTest,
610 DuplicateResponsesInPublicKeyGetResponse) {
611 ASSERT_TRUE(
612 client_
613 ->CreateAnonymousTokensPublicKeysGetRequest(
614 TEST_USE_CASE, 0, start_time_, start_time_ + absl::Minutes(1000))
615 .ok());
616 int num_keys = 2;
617 std::vector<RSAPublicKey> public_keys(2);
618 for (int i = 0; i < num_keys; ++i) {
619 public_keys[i] = GenerateFakeRsaKey(std::string(kKeyByteSize, 'a' + i),
620 std::string(kKeyByteSize, 'b' + i));
621 }
622 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response,
623 PublicKeysGetResponse(public_keys));
624 response.mutable_rsa_public_keys(0)->set_key_version(1);
625 response.mutable_rsa_public_keys(1)->set_key_version(1);
626
627 absl::StatusOr<std::vector<RSABlindSignaturePublicKey>>
628 processed_public_keys =
629 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response);
630 EXPECT_EQ(processed_public_keys.status().code(),
631 absl::StatusCode::kInvalidArgument);
632 EXPECT_THAT(
633 processed_public_keys.status().message(),
634 testing::HasSubstr("Use Case and Key Version combination must not be "
635 "repeated in the response."));
636 }
637
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessPublicKeyGetResponse)638 TEST_F(AnonymousTokensPublicKeysGetClientTest, ProcessPublicKeyGetResponse) {
639 ASSERT_TRUE(
640 client_
641 ->CreateAnonymousTokensPublicKeysGetRequest(
642 TEST_USE_CASE, 1, start_time_, start_time_ + absl::Minutes(100))
643 .ok());
644 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto single_key_resp, SimpleGetResponse());
645 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
646 auto processed_single_key_resp,
647 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(single_key_resp));
648
649 ASSERT_EQ(processed_single_key_resp.size(), 1);
650
651 EXPECT_EQ(processed_single_key_resp[0].use_case(), "TEST_USE_CASE");
652 EXPECT_EQ(processed_single_key_resp[0].key_version(), 1);
653 EXPECT_EQ(processed_single_key_resp[0].key_size(), kKeyByteSize);
654 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
655 absl::Time response_start_time,
656 TimeFromProto(processed_single_key_resp[0].key_validity_start_time()));
657 EXPECT_EQ(response_start_time, start_time_);
658 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
659 absl::Time response_end_time,
660 TimeFromProto(processed_single_key_resp[0].expiration_time()));
661 EXPECT_EQ(response_end_time, start_time_ + kEndTimeIncrement);
662 EXPECT_EQ(processed_single_key_resp[0].mask_gen_function(), AT_MGF_SHA384);
663 EXPECT_EQ(processed_single_key_resp[0].sig_hash_type(), AT_HASH_TYPE_SHA384);
664 EXPECT_EQ(processed_single_key_resp[0].salt_length(), kSaltByteLength);
665 EXPECT_EQ(processed_single_key_resp[0].message_mask_type(),
666 AT_MESSAGE_MASK_CONCAT);
667 EXPECT_EQ(processed_single_key_resp[0].message_mask_size(),
668 kMessageMaskByteLength);
669 EXPECT_EQ(processed_single_key_resp[0].public_metadata_support(), true);
670
671 RSAPublicKey public_key;
672 ASSERT_TRUE(public_key.ParseFromString(
673 processed_single_key_resp[0].serialized_public_key()));
674 EXPECT_EQ(public_key.n(), default_n_str_);
675 EXPECT_EQ(public_key.e(), default_e_str_);
676 }
677
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessPublicKeyGetResponseNoExpiry)678 TEST_F(AnonymousTokensPublicKeysGetClientTest,
679 ProcessPublicKeyGetResponseNoExpiry) {
680 ASSERT_TRUE(client_
681 ->CreateAnonymousTokensPublicKeysGetRequest(
682 TEST_USE_CASE, 1, start_time_, absl::nullopt)
683 .ok());
684 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto single_key_resp, SimpleGetResponse());
685 single_key_resp.mutable_rsa_public_keys(0)->clear_expiration_time();
686 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
687 auto processed_single_key_resp,
688 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(single_key_resp));
689
690 ASSERT_EQ(processed_single_key_resp.size(), 1);
691
692 EXPECT_EQ(processed_single_key_resp[0].use_case(), "TEST_USE_CASE");
693 EXPECT_EQ(processed_single_key_resp[0].key_version(), 1);
694 EXPECT_EQ(processed_single_key_resp[0].key_size(), kKeyByteSize);
695 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
696 absl::Time response_start_time,
697 TimeFromProto(processed_single_key_resp[0].key_validity_start_time()));
698 EXPECT_EQ(response_start_time, start_time_);
699 EXPECT_FALSE(processed_single_key_resp[0].has_expiration_time());
700 EXPECT_EQ(processed_single_key_resp[0].mask_gen_function(), AT_MGF_SHA384);
701 EXPECT_EQ(processed_single_key_resp[0].sig_hash_type(), AT_HASH_TYPE_SHA384);
702 EXPECT_EQ(processed_single_key_resp[0].salt_length(), kSaltByteLength);
703 EXPECT_EQ(processed_single_key_resp[0].message_mask_type(),
704 AT_MESSAGE_MASK_CONCAT);
705 EXPECT_EQ(processed_single_key_resp[0].message_mask_size(),
706 kMessageMaskByteLength);
707 EXPECT_EQ(processed_single_key_resp[0].public_metadata_support(), true);
708
709 RSAPublicKey public_key;
710 ASSERT_TRUE(public_key.ParseFromString(
711 processed_single_key_resp[0].serialized_public_key()));
712 EXPECT_EQ(public_key.n(), default_n_str_);
713 EXPECT_EQ(public_key.e(), default_e_str_);
714 }
715
TEST_F(AnonymousTokensPublicKeysGetClientTest,ProcessResponseContainingMultiplePublicKeys)716 TEST_F(AnonymousTokensPublicKeysGetClientTest,
717 ProcessResponseContainingMultiplePublicKeys) {
718 int total_keys = 5;
719 ASSERT_TRUE(client_
720 ->CreateAnonymousTokensPublicKeysGetRequest(
721 TEST_USE_CASE, 0, start_time_,
722 start_time_ + (kEndTimeIncrement * (total_keys + 1)))
723 .ok());
724 std::vector<RSAPublicKey> public_keys(total_keys);
725 for (int i = 0; i < total_keys; ++i) {
726 public_keys[i] = GenerateFakeRsaKey(std::string(kKeyByteSize, 'a' + i),
727 std::string(kKeyByteSize, 'b' + i));
728 }
729 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto response,
730 PublicKeysGetResponse(public_keys));
731 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
732 auto processed_multi_key_resp,
733 client_->ProcessAnonymousTokensRSAPublicKeysGetResponse(response));
734
735 ASSERT_EQ(processed_multi_key_resp.size(), total_keys);
736
737 for (int i = 1; i < total_keys; ++i) {
738 EXPECT_EQ(processed_multi_key_resp[i].use_case(), "TEST_USE_CASE");
739 EXPECT_EQ(processed_multi_key_resp[i].key_version(), i + 1);
740 EXPECT_EQ(processed_multi_key_resp[i].key_size(), kKeyByteSize);
741 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
742 absl::Time response_start_time,
743 TimeFromProto(processed_multi_key_resp[i].key_validity_start_time()));
744 EXPECT_EQ(response_start_time, start_time_ - (kStartTimeIncrement * i));
745 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
746 absl::Time response_end_time,
747 TimeFromProto(processed_multi_key_resp[i].expiration_time()));
748 EXPECT_EQ(response_end_time, start_time_ + (kEndTimeIncrement * (i + 1)));
749 EXPECT_EQ(processed_multi_key_resp[i].mask_gen_function(), AT_MGF_SHA384);
750 EXPECT_EQ(processed_multi_key_resp[i].sig_hash_type(), AT_HASH_TYPE_SHA384);
751 EXPECT_EQ(processed_multi_key_resp[i].salt_length(), kSaltByteLength);
752 EXPECT_EQ(processed_multi_key_resp[i].message_mask_type(),
753 AT_MESSAGE_MASK_CONCAT);
754 EXPECT_EQ(processed_multi_key_resp[i].message_mask_size(),
755 kMessageMaskByteLength);
756 EXPECT_EQ(processed_multi_key_resp[i].public_metadata_support(), true);
757
758 RSAPublicKey public_key;
759 ASSERT_TRUE(public_key.ParseFromString(
760 processed_multi_key_resp[i].serialized_public_key()));
761 EXPECT_EQ(public_key.n(), public_keys[i].n());
762 EXPECT_EQ(public_key.e(), public_keys[i].e());
763 }
764 }
765
766 } // namespace
767 } // namespace anonymous_tokens
768
769