• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright 2019 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7#      http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15"""Tests for tink.python.tink.deterministic_aead_key_manager."""
16
17from absl.testing import absltest
18
19from tink.proto import aes_siv_pb2
20from tink.proto import tink_pb2
21import tink
22from tink import core
23from tink import daead
24
25
26def setUpModule():
27  daead.register()
28
29
30class DeterministicAeadKeyManagerTest(absltest.TestCase):
31
32  def test_new_key_data(self):
33    key_template = daead.deterministic_aead_key_templates.AES256_SIV
34    key_manager = core.Registry.key_manager(key_template.type_url)
35    key_data = key_manager.new_key_data(key_template)
36    self.assertEqual(key_data.type_url, key_manager.key_type())
37    self.assertEqual(key_data.key_material_type, tink_pb2.KeyData.SYMMETRIC)
38    key = aes_siv_pb2.AesSivKey.FromString(key_data.value)
39    self.assertEqual(key.version, 0)
40    self.assertLen(key.key_value, 64)
41
42  def test_invalid_params_throw_exception(self):
43    key_template = (daead.deterministic_aead_key_templates
44                    .create_aes_siv_key_template(63))
45    with self.assertRaises(core.TinkError):
46      tink.new_keyset_handle(key_template)
47
48  def test_encrypt_decrypt(self):
49    keyset_handle = tink.new_keyset_handle(
50        daead.deterministic_aead_key_templates.AES256_SIV)
51    daead_primitive = keyset_handle.primitive(daead.DeterministicAead)
52    plaintext = b'plaintext'
53    associated_data = b'associated_data'
54    ciphertext = daead_primitive.encrypt_deterministically(
55        plaintext, associated_data)
56    self.assertEqual(
57        daead_primitive.decrypt_deterministically(ciphertext, associated_data),
58        plaintext)
59
60  def test_invalid_decrypt_raises_error(self):
61    keyset_handle = tink.new_keyset_handle(
62        daead.deterministic_aead_key_templates.AES256_SIV)
63    daead_primitive = keyset_handle.primitive(daead.DeterministicAead)
64    with self.assertRaises(core.TinkError):
65      daead_primitive.decrypt_deterministically(
66          b'bad ciphertext', b'associated_data')
67
68
69if __name__ == '__main__':
70  absltest.main()
71