1 // Copyright 2022 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink.internal; 18 19 import static com.google.common.truth.Truth.assertThat; 20 import static org.junit.Assert.assertThrows; 21 22 import com.google.crypto.tink.InsecureSecretKeyAccess; 23 import com.google.crypto.tink.SecretKeyAccess; 24 import com.google.crypto.tink.proto.KeyData.KeyMaterialType; 25 import com.google.crypto.tink.proto.OutputPrefixType; 26 import com.google.protobuf.ByteString; 27 import java.security.GeneralSecurityException; 28 import org.junit.Test; 29 import org.junit.runner.RunWith; 30 import org.junit.runners.JUnit4; 31 32 @RunWith(JUnit4.class) 33 public final class LegacyProtoKeyTest { 34 private static final SecretKeyAccess ACCESS = InsecureSecretKeyAccess.get(); 35 36 @Test testLegacyProtoKeyCreate()37 public void testLegacyProtoKeyCreate() throws Exception { 38 ProtoKeySerialization serialization = 39 ProtoKeySerialization.create( 40 "myTypeUrl", 41 ByteString.copyFrom(new byte[] {}), 42 KeyMaterialType.SYMMETRIC, 43 OutputPrefixType.RAW, 44 /*idRequirement = */ null); 45 LegacyProtoKey key = new LegacyProtoKey(serialization, ACCESS); 46 assertThat(key.getSerialization(ACCESS)).isSameInstanceAs(serialization); 47 } 48 49 @Test testLegacyProtoKey_getParameters()50 public void testLegacyProtoKey_getParameters() throws Exception { 51 ProtoKeySerialization serialization = 52 ProtoKeySerialization.create( 53 "myTypeUrl", 54 ByteString.EMPTY, 55 KeyMaterialType.SYMMETRIC, 56 OutputPrefixType.RAW, 57 /*idRequirement = */ null); 58 LegacyProtoKey key = new LegacyProtoKey(serialization, ACCESS); 59 assertThat(key.getSerialization(ACCESS)).isSameInstanceAs(serialization); 60 61 assertThat(key.getParameters().toString()).contains("typeUrl=myTypeUrl"); 62 assertThat(key.getParameters().toString()).contains("outputPrefixType=RAW"); 63 } 64 65 @Test testGetIdRequirementOrNull()66 public void testGetIdRequirementOrNull() throws Exception { 67 // RAW 68 LegacyProtoKey key = 69 new LegacyProtoKey( 70 ProtoKeySerialization.create( 71 "myTypeUrl", 72 ByteString.copyFrom(new byte[] {}), 73 KeyMaterialType.SYMMETRIC, 74 OutputPrefixType.RAW, 75 /*idRequirement = */ null), 76 ACCESS); 77 assertThat(key.getIdRequirementOrNull()).isNull(); 78 79 // TINK 80 key = 81 new LegacyProtoKey( 82 ProtoKeySerialization.create( 83 "myTypeUrl", 84 ByteString.copyFrom(new byte[] {}), 85 KeyMaterialType.SYMMETRIC, 86 OutputPrefixType.TINK, 87 123), 88 ACCESS); 89 assertThat(key.getIdRequirementOrNull()).isEqualTo(123); 90 91 // CRUNCHY 92 key = 93 new LegacyProtoKey( 94 ProtoKeySerialization.create( 95 "myTypeUrl", 96 ByteString.copyFrom(new byte[] {}), 97 KeyMaterialType.SYMMETRIC, 98 OutputPrefixType.CRUNCHY, 99 123), 100 ACCESS); 101 assertThat(key.getIdRequirementOrNull()).isEqualTo(123); 102 103 // LEGACY 104 key = 105 new LegacyProtoKey( 106 ProtoKeySerialization.create( 107 "myTypeUrl", 108 ByteString.EMPTY, 109 KeyMaterialType.SYMMETRIC, 110 OutputPrefixType.LEGACY, 111 123), 112 ACCESS); 113 assertThat(key.getIdRequirementOrNull()).isEqualTo(123); 114 } 115 116 @Test constructorAccessCheck_symmetric_throws()117 public void constructorAccessCheck_symmetric_throws() throws Exception { 118 ProtoKeySerialization serialization = 119 ProtoKeySerialization.create( 120 "myTypeUrl", 121 ByteString.EMPTY, 122 KeyMaterialType.SYMMETRIC, 123 OutputPrefixType.RAW, 124 /* idRequirement = */ null); 125 assertThrows( 126 GeneralSecurityException.class, 127 () -> new LegacyProtoKey(serialization, /* access = */ null)); 128 LegacyProtoKey key = new LegacyProtoKey(serialization, ACCESS); 129 assertThrows(GeneralSecurityException.class, () -> key.getSerialization(/* access = */ null)); 130 } 131 132 @Test constructorAccessCheck_asymmetricPrivate_throws()133 public void constructorAccessCheck_asymmetricPrivate_throws() throws Exception { 134 ProtoKeySerialization serialization = 135 ProtoKeySerialization.create( 136 "myTypeUrl", 137 ByteString.EMPTY, 138 KeyMaterialType.ASYMMETRIC_PRIVATE, 139 OutputPrefixType.RAW, 140 /* idRequirement = */ null); 141 assertThrows( 142 GeneralSecurityException.class, 143 () -> new LegacyProtoKey(serialization, /* access = */ null)); 144 LegacyProtoKey key = new LegacyProtoKey(serialization, ACCESS); 145 assertThrows(GeneralSecurityException.class, () -> key.getSerialization(/* access = */ null)); 146 } 147 148 @Test 149 @SuppressWarnings("CheckReturnValue") constructorAccessCheck_asymmetricPublic_works()150 public void constructorAccessCheck_asymmetricPublic_works() throws Exception { 151 ProtoKeySerialization serialization = 152 ProtoKeySerialization.create( 153 "myTypeUrl", 154 ByteString.EMPTY, 155 KeyMaterialType.ASYMMETRIC_PUBLIC, 156 OutputPrefixType.RAW, 157 /* idRequirement= */ null); 158 LegacyProtoKey key = new LegacyProtoKey(serialization, /* access = */ null); 159 key.getSerialization(/* access = */ null); 160 } 161 162 @Test 163 @SuppressWarnings("CheckReturnValue") constructorAccessCheck_remote_works()164 public void constructorAccessCheck_remote_works() throws Exception { 165 ProtoKeySerialization serialization = 166 ProtoKeySerialization.create( 167 "myTypeUrl", 168 ByteString.EMPTY, 169 KeyMaterialType.REMOTE, 170 OutputPrefixType.RAW, 171 /* idRequirement= */ null); 172 LegacyProtoKey key = new LegacyProtoKey(serialization, /* access = */ null); 173 key.getSerialization(/* access = */ null); 174 } 175 176 @Test testEquals()177 public void testEquals() throws Exception { 178 LegacyProtoKey key = 179 new LegacyProtoKey( 180 ProtoKeySerialization.create( 181 "myTypeUrl", 182 ByteString.EMPTY, 183 KeyMaterialType.SYMMETRIC, 184 OutputPrefixType.RAW, 185 /* idRequirement = */ null), 186 ACCESS); 187 assertThat( 188 key.equalsKey( 189 new LegacyProtoKey( 190 ProtoKeySerialization.create( 191 "myTypeUrl", 192 ByteString.EMPTY, 193 KeyMaterialType.SYMMETRIC, 194 OutputPrefixType.RAW, 195 /* idRequirement = */ null), 196 ACCESS))) 197 .isTrue(); 198 199 // Different type url: 200 assertThat( 201 key.equalsKey( 202 new LegacyProtoKey( 203 ProtoKeySerialization.create( 204 "myTypeUrl2", 205 ByteString.EMPTY, 206 KeyMaterialType.SYMMETRIC, 207 OutputPrefixType.RAW, 208 /* idRequirement = */ null), 209 ACCESS))) 210 .isFalse(); 211 212 // Different value: 213 assertThat( 214 key.equalsKey( 215 new LegacyProtoKey( 216 ProtoKeySerialization.create( 217 "myTypeUrl", 218 ByteString.copyFrom(new byte[] {1}), 219 KeyMaterialType.SYMMETRIC, 220 OutputPrefixType.RAW, 221 /* idRequirement = */ null), 222 ACCESS))) 223 .isFalse(); 224 225 // Different KeyMaterialType: 226 assertThat( 227 key.equalsKey( 228 new LegacyProtoKey( 229 ProtoKeySerialization.create( 230 "myTypeUrl", 231 ByteString.EMPTY, 232 KeyMaterialType.ASYMMETRIC_PRIVATE, 233 OutputPrefixType.RAW, 234 /* idRequirement = */ null), 235 ACCESS))) 236 .isFalse(); 237 238 // Different OutputPrefixType: 239 assertThat( 240 key.equalsKey( 241 new LegacyProtoKey( 242 ProtoKeySerialization.create( 243 "myTypeUrl", 244 ByteString.EMPTY, 245 KeyMaterialType.SYMMETRIC, 246 OutputPrefixType.TINK, 247 123), 248 ACCESS))) 249 .isFalse(); 250 } 251 252 @Test testEquals_differentIdRequirement()253 public void testEquals_differentIdRequirement() throws Exception { 254 LegacyProtoKey key123 = 255 new LegacyProtoKey( 256 ProtoKeySerialization.create( 257 "myTypeUrl", 258 ByteString.EMPTY, 259 KeyMaterialType.SYMMETRIC, 260 OutputPrefixType.TINK, 261 123), 262 ACCESS); 263 LegacyProtoKey key123b = 264 new LegacyProtoKey( 265 ProtoKeySerialization.create( 266 "myTypeUrl", 267 ByteString.EMPTY, 268 KeyMaterialType.SYMMETRIC, 269 OutputPrefixType.TINK, 270 123), 271 ACCESS); 272 LegacyProtoKey key124 = 273 new LegacyProtoKey( 274 ProtoKeySerialization.create( 275 "myTypeUrl", 276 ByteString.EMPTY, 277 KeyMaterialType.SYMMETRIC, 278 OutputPrefixType.TINK, 279 124), 280 ACCESS); 281 assertThat(key123.equalsKey(key123b)).isTrue(); 282 assertThat(key123.equalsKey(key124)).isFalse(); 283 } 284 } 285