1 // Copyright 2017 Google Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink.aead; 18 19 import static com.google.common.truth.Truth.assertThat; 20 import static org.junit.Assert.assertEquals; 21 import static org.junit.Assert.assertTrue; 22 23 import com.google.crypto.tink.TinkProtoParametersFormat; 24 import com.google.crypto.tink.proto.AesCtrHmacAeadKeyFormat; 25 import com.google.crypto.tink.proto.AesEaxKeyFormat; 26 import com.google.crypto.tink.proto.AesGcmKeyFormat; 27 import com.google.crypto.tink.proto.HashType; 28 import com.google.crypto.tink.proto.KeyTemplate; 29 import com.google.crypto.tink.proto.KmsEnvelopeAeadKeyFormat; 30 import com.google.crypto.tink.proto.OutputPrefixType; 31 import com.google.protobuf.ExtensionRegistryLite; 32 import org.junit.BeforeClass; 33 import org.junit.Test; 34 import org.junit.experimental.theories.DataPoints; 35 import org.junit.experimental.theories.FromDataPoints; 36 import org.junit.experimental.theories.Theories; 37 import org.junit.experimental.theories.Theory; 38 import org.junit.runner.RunWith; 39 40 /** Tests for AeadKeyTemplates. */ 41 @RunWith(Theories.class) 42 public class AeadKeyTemplatesTest { 43 @BeforeClass setUp()44 public static void setUp() throws Exception { 45 AeadConfig.register(); 46 } 47 48 @Test aes128Gcm()49 public void aes128Gcm() throws Exception { 50 KeyTemplate template = AeadKeyTemplates.AES128_GCM; 51 assertEquals(AesGcmKeyManager.getKeyType(), template.getTypeUrl()); 52 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 53 AesGcmKeyFormat format = 54 AesGcmKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 55 assertEquals(16, format.getKeySize()); 56 } 57 58 @Test aes256Gcm()59 public void aes256Gcm() throws Exception { 60 KeyTemplate template = AeadKeyTemplates.AES256_GCM; 61 assertEquals(AesGcmKeyManager.getKeyType(), template.getTypeUrl()); 62 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 63 AesGcmKeyFormat format = 64 AesGcmKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 65 assertEquals(32, format.getKeySize()); 66 } 67 68 @Test testCreateAesGcmKeyTemplate()69 public void testCreateAesGcmKeyTemplate() throws Exception { 70 // Intentionally using "weird" or invalid values for parameters, 71 // to test that the function correctly puts them in the resulting template. 72 int keySize = 42; 73 KeyTemplate template = AeadKeyTemplates.createAesGcmKeyTemplate(keySize); 74 assertEquals(AesGcmKeyManager.getKeyType(), template.getTypeUrl()); 75 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 76 77 AesGcmKeyFormat format = 78 AesGcmKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 79 assertEquals(keySize, format.getKeySize()); 80 } 81 82 @Test aes128Eax()83 public void aes128Eax() throws Exception { 84 KeyTemplate template = AeadKeyTemplates.AES128_EAX; 85 assertEquals(AesEaxKeyManager.getKeyType(), template.getTypeUrl()); 86 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 87 AesEaxKeyFormat format = 88 AesEaxKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 89 assertEquals(16, format.getKeySize()); 90 assertTrue(format.hasParams()); 91 assertEquals(16, format.getParams().getIvSize()); 92 } 93 94 @Test aes256Eax()95 public void aes256Eax() throws Exception { 96 KeyTemplate template = AeadKeyTemplates.AES256_EAX; 97 assertEquals(AesEaxKeyManager.getKeyType(), template.getTypeUrl()); 98 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 99 AesEaxKeyFormat format = 100 AesEaxKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 101 assertEquals(32, format.getKeySize()); 102 assertTrue(format.hasParams()); 103 assertEquals(16, format.getParams().getIvSize()); 104 } 105 106 @Test testCreateAesEaxKeyTemplate()107 public void testCreateAesEaxKeyTemplate() throws Exception { 108 // Intentionally using "weird" or invalid values for parameters, 109 // to test that the function correctly puts them in the resulting template. 110 int keySize = 42; 111 int ivSize = 72; 112 KeyTemplate template = AeadKeyTemplates.createAesEaxKeyTemplate(keySize, ivSize); 113 assertEquals(AesEaxKeyManager.getKeyType(), template.getTypeUrl()); 114 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 115 116 AesEaxKeyFormat format = 117 AesEaxKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 118 assertEquals(keySize, format.getKeySize()); 119 assertTrue(format.hasParams()); 120 assertEquals(ivSize, format.getParams().getIvSize()); 121 } 122 123 @Test aes128CtrHmacSha256()124 public void aes128CtrHmacSha256() throws Exception { 125 KeyTemplate template = AeadKeyTemplates.AES128_CTR_HMAC_SHA256; 126 assertEquals(AesCtrHmacAeadKeyManager.getKeyType(), template.getTypeUrl()); 127 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 128 AesCtrHmacAeadKeyFormat format = 129 AesCtrHmacAeadKeyFormat.parseFrom( 130 template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 131 132 assertTrue(format.hasAesCtrKeyFormat()); 133 assertTrue(format.getAesCtrKeyFormat().hasParams()); 134 assertEquals(16, format.getAesCtrKeyFormat().getKeySize()); 135 assertEquals(16, format.getAesCtrKeyFormat().getParams().getIvSize()); 136 137 assertTrue(format.hasHmacKeyFormat()); 138 assertTrue(format.getHmacKeyFormat().hasParams()); 139 assertEquals(32, format.getHmacKeyFormat().getKeySize()); 140 assertEquals(16, format.getHmacKeyFormat().getParams().getTagSize()); 141 assertEquals(HashType.SHA256, format.getHmacKeyFormat().getParams().getHash()); 142 } 143 144 @Test aes256CtrHmacSha256()145 public void aes256CtrHmacSha256() throws Exception { 146 KeyTemplate template = AeadKeyTemplates.AES256_CTR_HMAC_SHA256; 147 assertEquals(AesCtrHmacAeadKeyManager.getKeyType(), template.getTypeUrl()); 148 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 149 AesCtrHmacAeadKeyFormat format = 150 AesCtrHmacAeadKeyFormat.parseFrom( 151 template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 152 153 assertTrue(format.hasAesCtrKeyFormat()); 154 assertTrue(format.getAesCtrKeyFormat().hasParams()); 155 assertEquals(32, format.getAesCtrKeyFormat().getKeySize()); 156 assertEquals(16, format.getAesCtrKeyFormat().getParams().getIvSize()); 157 158 assertTrue(format.hasHmacKeyFormat()); 159 assertTrue(format.getHmacKeyFormat().hasParams()); 160 assertEquals(32, format.getHmacKeyFormat().getKeySize()); 161 assertEquals(32, format.getHmacKeyFormat().getParams().getTagSize()); 162 assertEquals(HashType.SHA256, format.getHmacKeyFormat().getParams().getHash()); 163 } 164 165 @Test testCreateAesCtrHmacAeadKeyTemplate()166 public void testCreateAesCtrHmacAeadKeyTemplate() throws Exception { 167 // Intentionally using "weird" or invalid values for parameters, 168 // to test that the function correctly puts them in the resulting template. 169 int aesKeySize = 42; 170 int ivSize = 72; 171 int hmacKeySize = 24; 172 int tagSize = 27; 173 HashType hashType = HashType.UNKNOWN_HASH; 174 KeyTemplate template = 175 AeadKeyTemplates.createAesCtrHmacAeadKeyTemplate( 176 aesKeySize, ivSize, hmacKeySize, tagSize, hashType); 177 assertEquals(AesCtrHmacAeadKeyManager.getKeyType(), template.getTypeUrl()); 178 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 179 AesCtrHmacAeadKeyFormat format = 180 AesCtrHmacAeadKeyFormat.parseFrom( 181 template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 182 183 assertTrue(format.hasAesCtrKeyFormat()); 184 assertTrue(format.getAesCtrKeyFormat().hasParams()); 185 assertEquals(aesKeySize, format.getAesCtrKeyFormat().getKeySize()); 186 assertEquals(ivSize, format.getAesCtrKeyFormat().getParams().getIvSize()); 187 188 assertTrue(format.hasHmacKeyFormat()); 189 assertTrue(format.getHmacKeyFormat().hasParams()); 190 assertEquals(hmacKeySize, format.getHmacKeyFormat().getKeySize()); 191 assertEquals(tagSize, format.getHmacKeyFormat().getParams().getTagSize()); 192 assertEquals(hashType, format.getHmacKeyFormat().getParams().getHash()); 193 } 194 195 @Test chacha20Poly1305()196 public void chacha20Poly1305() throws Exception { 197 KeyTemplate template = AeadKeyTemplates.CHACHA20_POLY1305; 198 assertEquals(ChaCha20Poly1305KeyManager.getKeyType(), template.getTypeUrl()); 199 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 200 assertTrue(template.getValue().isEmpty()); // Empty format. 201 } 202 203 @Test xchacha20Poly1305()204 public void xchacha20Poly1305() throws Exception { 205 KeyTemplate template = AeadKeyTemplates.XCHACHA20_POLY1305; 206 assertEquals(XChaCha20Poly1305KeyManager.getKeyType(), template.getTypeUrl()); 207 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 208 assertTrue(template.getValue().isEmpty()); // Empty format. 209 } 210 211 @Test testCreateKmsEnvelopeAeadKeyTemplate()212 public void testCreateKmsEnvelopeAeadKeyTemplate() throws Exception { 213 // Intentionally using "weird" or invalid values for parameters, 214 // to test that the function correctly puts them in the resulting template. 215 String kekUri = "some example KEK URI"; 216 KeyTemplate dekTemplate = AeadKeyTemplates.AES256_GCM; 217 KeyTemplate template = AeadKeyTemplates.createKmsEnvelopeAeadKeyTemplate(kekUri, dekTemplate); 218 assertEquals(KmsEnvelopeAeadKeyManager.getKeyType(), template.getTypeUrl()); 219 assertEquals(OutputPrefixType.RAW, template.getOutputPrefixType()); 220 221 KmsEnvelopeAeadKeyFormat format = 222 KmsEnvelopeAeadKeyFormat.parseFrom( 223 template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 224 assertEquals(kekUri, format.getKekUri()); 225 assertEquals(dekTemplate.toString(), format.getDekTemplate().toString()); 226 } 227 228 public static class Pair { Pair(KeyTemplate template, AeadParameters parameters)229 public Pair(KeyTemplate template, AeadParameters parameters) { 230 this.template = template; 231 this.parameters = parameters; 232 } 233 234 KeyTemplate template; 235 AeadParameters parameters; 236 } 237 238 @DataPoints("EquivalentPairs") 239 public static final Pair[] TEMPLATES = 240 new Pair[] { 241 new Pair(AeadKeyTemplates.AES128_GCM, PredefinedAeadParameters.AES128_GCM), 242 new Pair(AeadKeyTemplates.AES256_GCM, PredefinedAeadParameters.AES256_GCM), 243 new Pair(AeadKeyTemplates.AES128_EAX, PredefinedAeadParameters.AES128_EAX), 244 new Pair(AeadKeyTemplates.AES256_EAX, PredefinedAeadParameters.AES256_EAX), 245 new Pair( 246 AeadKeyTemplates.AES128_CTR_HMAC_SHA256, 247 PredefinedAeadParameters.AES128_CTR_HMAC_SHA256), 248 new Pair( 249 AeadKeyTemplates.AES256_CTR_HMAC_SHA256, 250 PredefinedAeadParameters.AES256_CTR_HMAC_SHA256), 251 new Pair(AeadKeyTemplates.CHACHA20_POLY1305, PredefinedAeadParameters.CHACHA20_POLY1305), 252 new Pair(AeadKeyTemplates.XCHACHA20_POLY1305, PredefinedAeadParameters.XCHACHA20_POLY1305), 253 }; 254 255 @Theory testParametersEqualsKeyTemplate(@romDataPoints"EquivalentPairs") Pair p)256 public void testParametersEqualsKeyTemplate(@FromDataPoints("EquivalentPairs") Pair p) 257 throws Exception { 258 assertThat(TinkProtoParametersFormat.parse(p.template.toByteArray())).isEqualTo(p.parameters); 259 } 260 } 261