1 // Copyright 2023 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include "anonymous_tokens/cpp/crypto/anonymous_tokens_pb_openssl_converters.h"
16
17 #include <string>
18 #include <utility>
19
20 #include <gmock/gmock.h>
21 #include <gtest/gtest.h>
22 #include "absl/status/status.h"
23 #include "absl/status/statusor.h"
24 #include "anonymous_tokens/cpp/crypto/constants.h"
25 #include "anonymous_tokens/cpp/crypto/crypto_utils.h"
26 #include "anonymous_tokens/cpp/testing/proto_utils.h"
27 #include "anonymous_tokens/cpp/testing/utils.h"
28 #include "anonymous_tokens/proto/anonymous_tokens.pb.h"
29 #include <openssl/base.h>
30 #include <openssl/bn.h>
31 #include <openssl/digest.h>
32 #include <openssl/rsa.h>
33
34
35 namespace anonymous_tokens {
36 namespace {
37
TEST(AnonymousTokensPbOpensslConvertersTests,GenerateMaskTestInvalidType)38 TEST(AnonymousTokensPbOpensslConvertersTests, GenerateMaskTestInvalidType) {
39 RSABlindSignaturePublicKey public_key;
40 public_key.set_message_mask_type(AT_MESSAGE_MASK_TYPE_UNDEFINED);
41 public_key.set_message_mask_size(kRsaMessageMaskSizeInBytes32);
42 absl::StatusOr<std::string> mask_32_bytes = GenerateMask(public_key);
43 EXPECT_EQ(mask_32_bytes.status().code(), absl::StatusCode::kInvalidArgument);
44 EXPECT_THAT(mask_32_bytes.status().message(),
45 ::testing::HasSubstr("Unsupported message mask type"));
46 }
47
TEST(AnonymousTokensPbOpensslConvertersTests,GenerateMaskTestInvalidLength)48 TEST(AnonymousTokensPbOpensslConvertersTests, GenerateMaskTestInvalidLength) {
49 RSABlindSignaturePublicKey public_key;
50 // Mask meant to be concatenated is less than 32 bytes.
51 public_key.set_message_mask_type(AT_MESSAGE_MASK_CONCAT);
52 public_key.set_message_mask_size(kRsaMessageMaskSizeInBytes32 - 1);
53 absl::StatusOr<std::string> mask_32_bytes = GenerateMask(public_key);
54 // Mask type set to no mask but mask length requested is greater than 0.
55 public_key.set_message_mask_type(AT_MESSAGE_MASK_NO_MASK);
56 public_key.set_message_mask_size(kRsaMessageMaskSizeInBytes32);
57 absl::StatusOr<std::string> mask_0_bytes = GenerateMask(public_key);
58
59 EXPECT_EQ(mask_32_bytes.status().code(), absl::StatusCode::kInvalidArgument);
60 EXPECT_EQ(mask_0_bytes.status().code(), absl::StatusCode::kInvalidArgument);
61 EXPECT_THAT(mask_32_bytes.status().message(),
62 ::testing::HasSubstr("invalid message mask size"));
63 EXPECT_THAT(mask_0_bytes.status().message(),
64 ::testing::HasSubstr("invalid message mask size"));
65 }
66
TEST(AnonymousTokensPbOpensslConvertersTests,GenerateMaskTestSuccess)67 TEST(AnonymousTokensPbOpensslConvertersTests, GenerateMaskTestSuccess) {
68 RSABlindSignaturePublicKey public_key;
69 public_key.set_message_mask_type(AT_MESSAGE_MASK_CONCAT);
70 public_key.set_message_mask_size(kRsaMessageMaskSizeInBytes32);
71 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string mask_32_bytes,
72 GenerateMask(public_key));
73 // Longer mask.
74 public_key.set_message_mask_size(kRsaMessageMaskSizeInBytes32 * 2);
75 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string mask_64_bytes,
76 GenerateMask(public_key));
77
78 // No mask.
79 public_key.set_message_mask_type(AT_MESSAGE_MASK_NO_MASK);
80 public_key.set_message_mask_size(0);
81 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string mask_0_bytes,
82 GenerateMask(public_key));
83
84 EXPECT_FALSE(mask_32_bytes.empty());
85 EXPECT_FALSE(mask_64_bytes.empty());
86 EXPECT_TRUE(mask_0_bytes.empty());
87 EXPECT_EQ(mask_32_bytes.size(), kRsaMessageMaskSizeInBytes32);
88 EXPECT_EQ(mask_64_bytes.size(), kRsaMessageMaskSizeInBytes32 * 2);
89 EXPECT_EQ(mask_0_bytes.size(), 0);
90 }
91
TEST(AnonymousTokensPbOpensslConvertersTests,HashTypeConverterTestInvalidType)92 TEST(AnonymousTokensPbOpensslConvertersTests,
93 HashTypeConverterTestInvalidType) {
94 absl::StatusOr<const EVP_MD *> evp =
95 ProtoHashTypeToEVPDigest(AT_HASH_TYPE_UNDEFINED);
96 EXPECT_EQ(evp.status().code(), absl::StatusCode::kInvalidArgument);
97 EXPECT_THAT(evp.status().message(),
98 ::testing::HasSubstr("Unknown hash type"));
99 }
100
TEST(AnonymousTokensPbOpensslConvertersTests,HashTypeConverterTestSuccess)101 TEST(AnonymousTokensPbOpensslConvertersTests, HashTypeConverterTestSuccess) {
102 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
103 const EVP_MD *evp_256, ProtoHashTypeToEVPDigest(AT_HASH_TYPE_SHA256));
104 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
105 const EVP_MD *evp_384, ProtoHashTypeToEVPDigest(AT_HASH_TYPE_SHA384));
106 EXPECT_EQ(evp_256, EVP_sha256());
107 EXPECT_EQ(evp_384, EVP_sha384());
108 }
109
TEST(AnonymousTokensPbOpensslConvertersStrongTests,MaskGenFunctionConverterStrongTestInvalidType)110 TEST(AnonymousTokensPbOpensslConvertersStrongTests,
111 MaskGenFunctionConverterStrongTestInvalidType) {
112 absl::StatusOr<const EVP_MD *> evp =
113 ProtoMaskGenFunctionToEVPDigest(AT_MGF_UNDEFINED);
114 EXPECT_EQ(evp.status().code(), absl::StatusCode::kInvalidArgument);
115 EXPECT_THAT(evp.status().message(),
116 ::testing::HasSubstr(
117 "Unknown hash type for mask generation hash function"));
118 }
119
TEST(AnonymousTokensPbOpensslConvertersTests,MaskGenFunctionConverterTestSuccess)120 TEST(AnonymousTokensPbOpensslConvertersTests,
121 MaskGenFunctionConverterTestSuccess) {
122 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
123 const EVP_MD *evp_256, ProtoMaskGenFunctionToEVPDigest(AT_MGF_SHA256));
124 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
125 const EVP_MD *evp_384, ProtoMaskGenFunctionToEVPDigest(AT_MGF_SHA384));
126 EXPECT_EQ(evp_256, EVP_sha256());
127 EXPECT_EQ(evp_384, EVP_sha384());
128 }
129
130 using CreateTestKeyPairFunction =
131 absl::StatusOr<std::pair<RSAPublicKey, RSAPrivateKey>>();
132
133 class AnonymousTokensRsaKeyPairConverterTest
134 : public testing::TestWithParam<CreateTestKeyPairFunction *> {
135 protected:
SetUp()136 void SetUp() override {
137 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(auto keys_pair, (*GetParam())());
138 public_key_ = std::move(keys_pair.first);
139 private_key_ = std::move(keys_pair.second);
140
141 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_modulus_,
142 StringToBignum(private_key_.n()));
143 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_e_, StringToBignum(private_key_.e()));
144 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_d_, StringToBignum(private_key_.d()));
145 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_p_, StringToBignum(private_key_.p()));
146 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_q_, StringToBignum(private_key_.q()));
147 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_dp_,
148 StringToBignum(private_key_.dp()));
149 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_dq_,
150 StringToBignum(private_key_.dq()));
151 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(rsa_crt_,
152 StringToBignum(private_key_.crt()));
153 }
154
155 bssl::UniquePtr<BIGNUM> rsa_modulus_;
156 bssl::UniquePtr<BIGNUM> rsa_e_;
157 bssl::UniquePtr<BIGNUM> rsa_d_;
158 bssl::UniquePtr<BIGNUM> rsa_p_;
159 bssl::UniquePtr<BIGNUM> rsa_q_;
160 bssl::UniquePtr<BIGNUM> rsa_dp_;
161 bssl::UniquePtr<BIGNUM> rsa_dq_;
162 bssl::UniquePtr<BIGNUM> rsa_crt_;
163
164 RSAPublicKey public_key_;
165 RSAPrivateKey private_key_;
166 };
167
TEST_P(AnonymousTokensRsaKeyPairConverterTest,PublicKeyTest)168 TEST_P(AnonymousTokensRsaKeyPairConverterTest, PublicKeyTest) {
169 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
170 bssl::UniquePtr<RSA> rsa_public_key,
171 AnonymousTokensRSAPublicKeyToRSA(public_key_));
172
173 EXPECT_EQ(BN_cmp(RSA_get0_n(rsa_public_key.get()), rsa_modulus_.get()), 0);
174 EXPECT_EQ(BN_cmp(RSA_get0_e(rsa_public_key.get()), rsa_e_.get()), 0);
175 }
176
TEST_P(AnonymousTokensRsaKeyPairConverterTest,PrivateKeyTest)177 TEST_P(AnonymousTokensRsaKeyPairConverterTest, PrivateKeyTest) {
178 ANON_TOKENS_ASSERT_OK_AND_ASSIGN(
179 bssl::UniquePtr<RSA> rsa_private_key,
180 AnonymousTokensRSAPrivateKeyToRSA(private_key_));
181
182 EXPECT_EQ(BN_cmp(RSA_get0_n(rsa_private_key.get()), rsa_modulus_.get()), 0);
183 EXPECT_EQ(BN_cmp(RSA_get0_e(rsa_private_key.get()), rsa_e_.get()), 0);
184 EXPECT_EQ(BN_cmp(RSA_get0_d(rsa_private_key.get()), rsa_d_.get()), 0);
185 EXPECT_EQ(BN_cmp(RSA_get0_p(rsa_private_key.get()), rsa_p_.get()), 0);
186 EXPECT_EQ(BN_cmp(RSA_get0_q(rsa_private_key.get()), rsa_q_.get()), 0);
187 EXPECT_EQ(BN_cmp(RSA_get0_dmp1(rsa_private_key.get()), rsa_dp_.get()), 0);
188 EXPECT_EQ(BN_cmp(RSA_get0_dmq1(rsa_private_key.get()), rsa_dq_.get()), 0);
189 EXPECT_EQ(BN_cmp(RSA_get0_iqmp(rsa_private_key.get()), rsa_crt_.get()), 0);
190 }
191
192 INSTANTIATE_TEST_SUITE_P(AnonymousTokensRsaKeyPairConverterTest,
193 AnonymousTokensRsaKeyPairConverterTest,
194 testing::Values(&GetStrongRsaKeys2048,
195 &GetAnotherStrongRsaKeys2048,
196 &GetStrongRsaKeys3072,
197 &GetStrongRsaKeys4096));
198
199 } // namespace
200 } // namespace anonymous_tokens
201
202