1 // Copyright 2024 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink.aead; 18 19 import static com.google.common.truth.Truth.assertThat; 20 import static org.junit.Assert.assertThrows; 21 22 import com.google.crypto.tink.Aead; 23 import com.google.crypto.tink.KeysetHandle; 24 import com.google.crypto.tink.aead.internal.AesCtrHmacAeadProtoSerialization; 25 import com.google.crypto.tink.aead.internal.AesEaxProtoSerialization; 26 import com.google.crypto.tink.aead.internal.AesGcmProtoSerialization; 27 import com.google.crypto.tink.aead.internal.AesGcmSivProtoSerialization; 28 import com.google.crypto.tink.aead.internal.ChaCha20Poly1305ProtoSerialization; 29 import com.google.crypto.tink.aead.internal.XAesGcmProtoSerialization; 30 import com.google.crypto.tink.aead.internal.XChaCha20Poly1305ProtoSerialization; 31 import com.google.crypto.tink.config.internal.TinkFipsUtil; 32 import com.google.crypto.tink.util.SecretBytes; 33 import java.security.GeneralSecurityException; 34 import org.junit.Assume; 35 import org.junit.Test; 36 import org.junit.runner.RunWith; 37 import org.junit.runners.JUnit4; 38 39 @RunWith(JUnit4.class) 40 public class AeadConfigurationV0Test { 41 @Test config_throwsIfInFipsMode()42 public void config_throwsIfInFipsMode() throws Exception { 43 Assume.assumeTrue(TinkFipsUtil.useOnlyFips()); 44 45 assertThrows(GeneralSecurityException.class, AeadConfigurationV0::get); 46 } 47 48 @Test config_containsAesCtrHmacAead()49 public void config_containsAesCtrHmacAead() throws Exception { 50 Assume.assumeFalse(TinkFipsUtil.useOnlyFips()); 51 AesCtrHmacAeadProtoSerialization.register(); 52 53 AesCtrHmacAeadParameters parameters = 54 AesCtrHmacAeadParameters.builder() 55 .setAesKeySizeBytes(32) 56 .setIvSizeBytes(12) 57 .setHmacKeySizeBytes(32) 58 .setTagSizeBytes(12) 59 .setHashType(AesCtrHmacAeadParameters.HashType.SHA256) 60 .setVariant(AesCtrHmacAeadParameters.Variant.TINK) 61 .build(); 62 AesCtrHmacAeadKey key = 63 AesCtrHmacAeadKey.builder() 64 .setParameters(parameters) 65 .setAesKeyBytes(SecretBytes.randomBytes(32)) 66 .setHmacKeyBytes(SecretBytes.randomBytes(32)) 67 .setIdRequirement(42) 68 .build(); 69 KeysetHandle keysetHandle = 70 KeysetHandle.newBuilder() 71 .addEntry(KeysetHandle.importKey(key).withFixedId(42).makePrimary()) 72 .build(); 73 74 assertThat(keysetHandle.getPrimitive(AeadConfigurationV0.get(), Aead.class)).isNotNull(); 75 } 76 77 @Test config_containsAesGcmAead()78 public void config_containsAesGcmAead() throws Exception { 79 Assume.assumeFalse(TinkFipsUtil.useOnlyFips()); 80 AesGcmProtoSerialization.register(); 81 82 AesGcmParameters parameters = 83 AesGcmParameters.builder() 84 .setKeySizeBytes(32) 85 .setIvSizeBytes(12) 86 .setTagSizeBytes(16) 87 .setVariant(AesGcmParameters.Variant.TINK) 88 .build(); 89 AesGcmKey key = 90 AesGcmKey.builder() 91 .setParameters(parameters) 92 .setKeyBytes(SecretBytes.randomBytes(32)) 93 .setIdRequirement(42) 94 .build(); 95 KeysetHandle keysetHandle = 96 KeysetHandle.newBuilder() 97 .addEntry(KeysetHandle.importKey(key).withFixedId(42).makePrimary()) 98 .build(); 99 100 assertThat(keysetHandle.getPrimitive(AeadConfigurationV0.get(), Aead.class)).isNotNull(); 101 } 102 103 @Test config_containsAesGcmSivAead()104 public void config_containsAesGcmSivAead() throws Exception { 105 Assume.assumeFalse(TinkFipsUtil.useOnlyFips()); 106 AesGcmSivProtoSerialization.register(); 107 108 AesGcmSivParameters parameters = 109 AesGcmSivParameters.builder() 110 .setKeySizeBytes(32) 111 .setVariant(AesGcmSivParameters.Variant.TINK) 112 .build(); 113 AesGcmSivKey key = 114 AesGcmSivKey.builder() 115 .setParameters(parameters) 116 .setKeyBytes(SecretBytes.randomBytes(32)) 117 .setIdRequirement(42) 118 .build(); 119 KeysetHandle keysetHandle = 120 KeysetHandle.newBuilder() 121 .addEntry(KeysetHandle.importKey(key).withFixedId(42).makePrimary()) 122 .build(); 123 124 assertThat(keysetHandle.getPrimitive(AeadConfigurationV0.get(), Aead.class)).isNotNull(); 125 } 126 127 @Test config_containsAesEaxAead()128 public void config_containsAesEaxAead() throws Exception { 129 Assume.assumeFalse(TinkFipsUtil.useOnlyFips()); 130 AesEaxProtoSerialization.register(); 131 132 AesEaxParameters parameters = 133 AesEaxParameters.builder() 134 .setKeySizeBytes(32) 135 .setIvSizeBytes(12) 136 .setTagSizeBytes(16) 137 .setVariant(AesEaxParameters.Variant.TINK) 138 .build(); 139 AesEaxKey key = 140 AesEaxKey.builder() 141 .setParameters(parameters) 142 .setKeyBytes(SecretBytes.randomBytes(32)) 143 .setIdRequirement(42) 144 .build(); 145 KeysetHandle keysetHandle = 146 KeysetHandle.newBuilder() 147 .addEntry(KeysetHandle.importKey(key).withFixedId(42).makePrimary()) 148 .build(); 149 150 assertThat(keysetHandle.getPrimitive(AeadConfigurationV0.get(), Aead.class)).isNotNull(); 151 } 152 153 @Test config_containsChaCha20Poly1305Aead()154 public void config_containsChaCha20Poly1305Aead() throws Exception { 155 Assume.assumeFalse(TinkFipsUtil.useOnlyFips()); 156 ChaCha20Poly1305ProtoSerialization.register(); 157 158 ChaCha20Poly1305Key key = 159 ChaCha20Poly1305Key.create( 160 ChaCha20Poly1305Parameters.Variant.TINK, SecretBytes.randomBytes(32), 42); 161 KeysetHandle keysetHandle = 162 KeysetHandle.newBuilder() 163 .addEntry(KeysetHandle.importKey(key).withFixedId(42).makePrimary()) 164 .build(); 165 166 assertThat(keysetHandle.getPrimitive(AeadConfigurationV0.get(), Aead.class)).isNotNull(); 167 } 168 169 @Test config_containsXChaCha20Poly1305Aead()170 public void config_containsXChaCha20Poly1305Aead() throws Exception { 171 Assume.assumeFalse(TinkFipsUtil.useOnlyFips()); 172 XChaCha20Poly1305ProtoSerialization.register(); 173 174 XChaCha20Poly1305Key key = 175 XChaCha20Poly1305Key.create( 176 XChaCha20Poly1305Parameters.Variant.TINK, SecretBytes.randomBytes(32), 42); 177 KeysetHandle keysetHandle = 178 KeysetHandle.newBuilder() 179 .addEntry(KeysetHandle.importKey(key).withFixedId(42).makePrimary()) 180 .build(); 181 182 assertThat(keysetHandle.getPrimitive(AeadConfigurationV0.get(), Aead.class)).isNotNull(); 183 } 184 185 @Test config_containsXAesGcmAead()186 public void config_containsXAesGcmAead() throws Exception { 187 Assume.assumeFalse(TinkFipsUtil.useOnlyFips()); 188 XAesGcmProtoSerialization.register(); 189 190 XAesGcmKey key = 191 XAesGcmKey.create( 192 XAesGcmParameters.create(XAesGcmParameters.Variant.TINK, 10), 193 SecretBytes.randomBytes(32), 194 42); 195 KeysetHandle keysetHandle = 196 KeysetHandle.newBuilder().addEntry(KeysetHandle.importKey(key).makePrimary()).build(); 197 198 assertThat(keysetHandle.getPrimitive(AeadConfigurationV0.get(), Aead.class)).isNotNull(); 199 } 200 } 201