1 // Copyright 2023 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink.prf; 18 19 import static com.google.common.truth.Truth.assertThat; 20 import static org.junit.Assert.assertThrows; 21 22 import com.google.crypto.tink.InsecureSecretKeyAccess; 23 import com.google.crypto.tink.internal.KeyTester; 24 import com.google.crypto.tink.mac.HmacKey; 25 import com.google.crypto.tink.mac.HmacParameters; 26 import com.google.crypto.tink.subtle.Hex; 27 import com.google.crypto.tink.util.Bytes; 28 import com.google.crypto.tink.util.SecretBytes; 29 import java.security.GeneralSecurityException; 30 import org.junit.BeforeClass; 31 import org.junit.Test; 32 import org.junit.experimental.theories.DataPoints; 33 import org.junit.experimental.theories.FromDataPoints; 34 import org.junit.experimental.theories.Theories; 35 import org.junit.experimental.theories.Theory; 36 import org.junit.runner.RunWith; 37 38 @RunWith(Theories.class) 39 public final class HkdfPrfKeyTest { 40 41 private static final Bytes SALT = Bytes.copyFrom(Hex.decode("2023af")); 42 private static HkdfPrfParameters parameters16; 43 44 @BeforeClass setUpParameters()45 public static void setUpParameters() throws Exception { 46 parameters16 = 47 HkdfPrfParameters.builder() 48 .setKeySizeBytes(16) 49 .setHashType(HkdfPrfParameters.HashType.SHA256) 50 .setSalt(SALT) 51 .build(); 52 } 53 54 @DataPoints("keySizes") 55 public static final int[] KEY_SIZES = new int[] {16, 32}; 56 57 @Theory build_succeeds(@romDataPoints"keySizes") int keySize)58 public void build_succeeds(@FromDataPoints("keySizes") int keySize) throws Exception { 59 HkdfPrfParameters parameters = 60 HkdfPrfParameters.builder() 61 .setKeySizeBytes(keySize) 62 .setHashType(HkdfPrfParameters.HashType.SHA256) 63 .setSalt(SALT) 64 .build(); 65 Object unused = 66 HkdfPrfKey.builder() 67 .setParameters(parameters) 68 .setKeyBytes(SecretBytes.randomBytes(keySize)) 69 .build(); 70 } 71 72 @Test buildWithoutSettingParameters_fails()73 public void buildWithoutSettingParameters_fails() throws Exception { 74 assertThrows( 75 GeneralSecurityException.class, 76 () -> HkdfPrfKey.builder().setKeyBytes(SecretBytes.randomBytes(16)).build()); 77 } 78 79 @Test buildWithoutSettingKeyBytes_fails()80 public void buildWithoutSettingKeyBytes_fails() throws Exception { 81 assertThrows( 82 GeneralSecurityException.class, 83 () -> HkdfPrfKey.builder().setParameters(parameters16).build()); 84 } 85 86 @Test buildWithKeySizeMismatch_fails()87 public void buildWithKeySizeMismatch_fails() throws Exception { 88 assertThrows( 89 GeneralSecurityException.class, 90 () -> 91 HkdfPrfKey.builder() 92 .setParameters(parameters16) 93 .setKeyBytes(SecretBytes.randomBytes(32)) 94 .build()); 95 } 96 97 @Test getKeyBytes()98 public void getKeyBytes() throws Exception { 99 SecretBytes keyBytes = SecretBytes.randomBytes(16); 100 assertThat( 101 HkdfPrfKey.builder() 102 .setParameters(parameters16) 103 .setKeyBytes(keyBytes) 104 .build() 105 .getKeyBytes()) 106 .isEqualTo(keyBytes); 107 } 108 109 @Test getParameters()110 public void getParameters() throws Exception { 111 assertThat( 112 HkdfPrfKey.builder() 113 .setParameters(parameters16) 114 .setKeyBytes(SecretBytes.randomBytes(16)) 115 .build() 116 .getParameters()) 117 .isEqualTo(parameters16); 118 } 119 120 @Test getIdRequirementOrNull()121 public void getIdRequirementOrNull() throws Exception { 122 assertThat( 123 HkdfPrfKey.builder() 124 .setParameters(parameters16) 125 .setKeyBytes(SecretBytes.randomBytes(16)) 126 .build() 127 .getIdRequirementOrNull()) 128 .isNull(); 129 } 130 131 @Test equals()132 public void equals() throws Exception { 133 SecretBytes keyBytes = SecretBytes.randomBytes(16); 134 SecretBytes keyBytesCopy = 135 SecretBytes.copyFrom( 136 keyBytes.toByteArray(InsecureSecretKeyAccess.get()), InsecureSecretKeyAccess.get()); 137 HkdfPrfParameters parameters32 = 138 HkdfPrfParameters.builder() 139 .setKeySizeBytes(32) 140 .setHashType(HkdfPrfParameters.HashType.SHA256) 141 .setSalt(SALT) 142 .build(); 143 144 new KeyTester() 145 .addEqualityGroup( 146 "16-byte set key bytes", 147 HkdfPrfKey.builder().setParameters(parameters16).setKeyBytes(keyBytes).build(), 148 HkdfPrfKey.builder().setParameters(parameters16).setKeyBytes(keyBytesCopy).build()) 149 .addEqualityGroup( 150 "16-byte random key bytes", 151 HkdfPrfKey.builder() 152 .setParameters(parameters16) 153 .setKeyBytes(SecretBytes.randomBytes(16)) 154 .build()) 155 .addEqualityGroup( 156 "32-byte random key bytes", 157 HkdfPrfKey.builder() 158 .setParameters(parameters32) 159 .setKeyBytes(SecretBytes.randomBytes(32)) 160 .build()) 161 .addEqualityGroup( 162 "different key class", 163 HmacKey.builder() 164 .setParameters( 165 HmacParameters.builder() 166 .setKeySizeBytes(16) 167 .setTagSizeBytes(10) 168 .setHashType(HmacParameters.HashType.SHA256) 169 .setVariant(HmacParameters.Variant.NO_PREFIX) 170 .build()) 171 .setKeyBytes(SecretBytes.randomBytes(16)) 172 .build()) 173 .doTests(); 174 } 175 } 176