From 337fd980095d9027e2aab1b7d93a5c27b521ee1d Mon Sep 17 00:00:00 2001
From: tholenst <tholenst@google.com>
Date: Fri, 30 Aug 2019 05:16:41 -0700
Subject: [PATCH] Migrate the AesEaxKeyManagerTest to directly test on the
KeyTypeManager interface.
PiperOrigin-RevId: 266357537
---
.../tink/aead/AesEaxKeyManagerTest.java | 376 +++++++++---------
.../tink/aead/AesGcmKeyManagerTest.java | 11 +-
2 files changed, 207 insertions(+), 180 deletions(-)
diff --git a/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java b/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java
index 120276a45..d9cc16e3c 100644
--- a/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java
+++ b/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java
@@ -16,99 +16,140 @@
package com.google.crypto.tink.aead;
+import static com.google.common.truth.Truth.assertThat;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import com.google.crypto.tink.Aead;
-import com.google.crypto.tink.CryptoFormat;
-import com.google.crypto.tink.KeyManager;
-import com.google.crypto.tink.KeyManagerImpl;
-import com.google.crypto.tink.KeysetHandle;
import com.google.crypto.tink.TestUtil;
import com.google.crypto.tink.proto.AesEaxKey;
import com.google.crypto.tink.proto.AesEaxKeyFormat;
import com.google.crypto.tink.proto.AesEaxParams;
-import com.google.crypto.tink.proto.KeyData;
-import com.google.crypto.tink.proto.KeyStatusType;
-import com.google.crypto.tink.proto.KeyTemplate;
-import com.google.crypto.tink.proto.OutputPrefixType;
+import com.google.crypto.tink.proto.KeyData.KeyMaterialType;
+import com.google.crypto.tink.subtle.AesEaxJce;
import com.google.crypto.tink.subtle.Bytes;
import com.google.crypto.tink.subtle.Random;
import com.google.protobuf.ByteString;
import java.security.GeneralSecurityException;
import java.util.Set;
import java.util.TreeSet;
-import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
-/**
- * Test for AesEaxJce and its key manager.
- */
+/** Test for AesEaxJce and its key manager. */
@RunWith(JUnit4.class)
public class AesEaxKeyManagerTest {
- @BeforeClass
- public static void setUp() throws GeneralSecurityException {
- AeadConfig.register();
- }
+ private final AesEaxKeyManager manager = new AesEaxKeyManager();
+ private final AesEaxKeyManager.KeyFactory<AesEaxKeyFormat, AesEaxKey> factory =
+ manager.keyFactory();
@Test
- public void testNewKeyMultipleTimes() throws Exception {
- AesEaxKeyFormat eaxKeyFormat = AesEaxKeyFormat.newBuilder()
- .setParams(AesEaxParams.newBuilder().setIvSize(16).build())
- .setKeySize(16)
- .build();
- ByteString serialized = ByteString.copyFrom(eaxKeyFormat.toByteArray());
- KeyTemplate keyTemplate = KeyTemplate.newBuilder()
- .setTypeUrl(new AesEaxKeyManager().getKeyType())
- .setValue(serialized)
+ public void basics() throws Exception {
+ assertThat(manager.getKeyType()).isEqualTo("type.googleapis.com/google.crypto.tink.AesEaxKey");
+ assertThat(manager.getVersion()).isEqualTo(0);
+ assertThat(manager.keyMaterialType()).isEqualTo(KeyMaterialType.SYMMETRIC);
+ }
+
+ private static AesEaxKeyFormat createKeyFormat(int keySize, int ivSize) {
+ return AesEaxKeyFormat.newBuilder()
+ .setParams(AesEaxParams.newBuilder().setIvSize(ivSize))
+ .setKeySize(keySize)
.build();
- KeyManager<Aead> keyManager = new KeyManagerImpl<>(new AesEaxKeyManager(), Aead.class);
- Set<String> keys = new TreeSet<String>();
- // Calls newKey multiple times and make sure that they generate different keys.
- int numTests = 27;
- for (int i = 0; i < numTests / 3; i++) {
- AesEaxKey key = (AesEaxKey) keyManager.newKey(eaxKeyFormat);
- keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
- assertEquals(16, key.getKeyValue().toByteArray().length);
+ }
- key = (AesEaxKey) keyManager.newKey(serialized);
- keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
- assertEquals(16, key.getKeyValue().toByteArray().length);
+ @Test
+ public void validateKeyFormat_empty() throws Exception {
+ try {
+ factory.validateKeyFormat(AesEaxKeyFormat.getDefaultInstance());
+ fail();
+ } catch (GeneralSecurityException e) {
+ // expected.
+ }
+ }
- KeyData keyData = keyManager.newKeyData(keyTemplate.getValue());
- key = AesEaxKey.parseFrom(keyData.getValue());
- keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
- assertEquals(16, key.getKeyValue().toByteArray().length);
+ @Test
+ public void validateKeyFormat_valid() throws Exception {
+ factory.validateKeyFormat(createKeyFormat(16, 12));
+ factory.validateKeyFormat(createKeyFormat(16, 16));
+ factory.validateKeyFormat(createKeyFormat(32, 12));
+ factory.validateKeyFormat(createKeyFormat(32, 16));
+ }
+
+ @Test
+ public void validateKeyFormat_keySize() throws Exception {
+ for (int len = 0; len < 200; ++len) {
+ AesEaxKeyFormat format = createKeyFormat(len, 16);
+ if (len == 16 || len == 32) {
+ factory.validateKeyFormat(format);
+ } else {
+ try {
+ factory.validateKeyFormat(format);
+ fail();
+ } catch (GeneralSecurityException e) {
+ // expected
+ }
+ }
}
- assertEquals(numTests, keys.size());
}
@Test
- public void testNewKeyWithCorruptedFormat() throws Exception {
- ByteString serialized = ByteString.copyFrom(new byte[128]);
- KeyTemplate keyTemplate = KeyTemplate.newBuilder()
- .setTypeUrl(new AesEaxKeyManager().getKeyType())
- .setValue(serialized)
- .build();
- KeyManager<Aead> keyManager = new KeyManagerImpl<>(new AesEaxKeyManager(), Aead.class);
- try {
- keyManager.newKey(serialized);
- fail("Corrupted format, should have thrown exception");
- } catch (GeneralSecurityException expected) {
- // Expected
+ public void validateKeyFormat_ivSize() throws Exception {
+ for (int ivSize = 0; ivSize < 200; ++ivSize) {
+ AesEaxKeyFormat format = createKeyFormat(32, ivSize);
+ if (ivSize == 12 || ivSize == 16) {
+ factory.validateKeyFormat(format);
+ } else {
+ try {
+ factory.validateKeyFormat(format);
+ fail();
+ } catch (GeneralSecurityException e) {
+ // expected
+ }
+ }
}
- try {
- keyManager.newKeyData(keyTemplate.getValue());
- fail("Corrupted format, should have thrown exception");
- } catch (GeneralSecurityException expected) {
- // Expected
+ }
+
+ @Test
+ public void createKey_checkValues() throws Exception {
+ AesEaxKeyFormat format = createKeyFormat(32, 16);
+ AesEaxKey key = factory.createKey(format);
+ assertThat(key.getKeyValue()).hasSize(format.getKeySize());
+ assertThat(key.getParams()).isEqualTo(format.getParams());
+ }
+
+ @Test
+ public void createKey_checkValues_variant2() throws Exception {
+ AesEaxKeyFormat format = createKeyFormat(16, 12);
+ AesEaxKey key = factory.createKey(format);
+ assertThat(key.getKeyValue()).hasSize(format.getKeySize());
+ assertThat(key.getParams()).isEqualTo(format.getParams());
+ }
+
+ @Test
+ public void createKey_multipleTimes() throws Exception {
+ AesEaxKeyFormat format = createKeyFormat(32, 16);
+ Set<String> keys = new TreeSet<>();
+ // Calls newKey multiple times and make sure that they generate different keys.
+ int numTests = 50;
+ for (int i = 0; i < numTests; i++) {
+ keys.add(TestUtil.hexEncode(factory.createKey(format).getKeyValue().toByteArray()));
}
+ assertThat(keys).hasSize(numTests);
}
- private static final int AES_KEY_SIZE = 16;
+ @Test
+ public void getPrimitive() throws Exception {
+ AesEaxKey key = factory.createKey(createKeyFormat(32, 16));
+ Aead managerAead = manager.getPrimitive(key, Aead.class);
+ Aead directAead = new AesEaxJce(key.getKeyValue().toByteArray(), key.getParams().getIvSize());
+
+ byte[] plaintext = Random.randBytes(20);
+ byte[] associatedData = Random.randBytes(20);
+ assertThat(directAead.decrypt(managerAead.encrypt(plaintext, associatedData), associatedData))
+ .isEqualTo(plaintext);
+ }
private static class PublicTestVector {
String name;
@@ -118,8 +159,15 @@ public class AesEaxKeyManagerTest {
public byte[] iv;
public byte[] ciphertext;
public byte[] tag;
- public PublicTestVector(String name, String keyValue, String plaintext, String aad,
- String iv, String ciphertext, String tag) {
+
+ public PublicTestVector(
+ String name,
+ String keyValue,
+ String plaintext,
+ String aad,
+ String iv,
+ String ciphertext,
+ String tag) {
try {
this.name = name;
this.keyValue = TestUtil.hexDecode(keyValue);
@@ -137,86 +185,86 @@ public class AesEaxKeyManagerTest {
// Test vectors from
// http://web.cs.ucdavis.edu/~rogaway/papers/eax.pdf.
PublicTestVector[] publicTestVectors = {
- new PublicTestVector(
- "Test Case 1",
- "233952dee4d5ed5f9b9c6d6ff80ff478",
- "",
- "6bfb914fd07eae6b",
- "62ec67f9c3a4a407fcb2a8c49031a8b3",
- "",
- "e037830e8389f27b025a2d6527e79d01"),
- new PublicTestVector(
- "Test Case 2",
- "91945d3f4dcbee0bf45ef52255f095a4",
- "f7fb",
- "fa3bfd4806eb53fa",
- "becaf043b0a23d843194ba972c66debd",
- "19dd",
- "5c4c9331049d0bdab0277408f67967e5"),
- new PublicTestVector(
- "Test Case 3",
- "01f74ad64077f2e704c0f60ada3dd523",
- "1a47cb4933",
- "234a3463c1264ac6",
- "70c3db4f0d26368400a10ed05d2bff5e",
- "d851d5bae0",
- "3a59f238a23e39199dc9266626c40f80"),
- new PublicTestVector(
- "Test Case 4",
- "d07cf6cbb7f313bdde66b727afd3c5e8",
- "481c9e39b1",
- "33cce2eabff5a79d",
- "8408dfff3c1a2b1292dc199e46b7d617",
- "632a9d131a",
- "d4c168a4225d8e1ff755939974a7bede"),
- new PublicTestVector(
- "Test Case 5",
- "35b6d0580005bbc12b0587124557d2c2",
- "40d0c07da5e4",
- "aeb96eaebe2970e9",
- "fdb6b06676eedc5c61d74276e1f8e816",
- "071dfe16c675",
- "cb0677e536f73afe6a14b74ee49844dd"),
- new PublicTestVector(
- "Test Case 6",
- "bd8e6e11475e60b268784c38c62feb22",
- "4de3b35c3fc039245bd1fb7d",
- "d4482d1ca78dce0f",
- "6eac5c93072d8e8513f750935e46da1b",
- "835bb4f15d743e350e728414",
- "abb8644fd6ccb86947c5e10590210a4f"),
- new PublicTestVector(
- "Test Case 7",
- "7c77d6e813bed5ac98baa417477a2e7d",
- "8b0a79306c9ce7ed99dae4f87f8dd61636",
- "65d2017990d62528",
- "1a8c98dcd73d38393b2bf1569deefc19",
- "02083e3979da014812f59f11d52630da30",
- "137327d10649b0aa6e1c181db617d7f2"),
- new PublicTestVector(
- "Test Case 8",
- "5fff20cafab119ca2fc73549e20f5b0d",
- "1bda122bce8a8dbaf1877d962b8592dd2d56",
- "54b9f04e6a09189a",
- "dde59b97d722156d4d9aff2bc7559826",
- "2ec47b2c4954a489afc7ba4897edcdae8cc3",
- "3b60450599bd02c96382902aef7f832a"),
- new PublicTestVector(
- "Test Case 9",
- "a4a4782bcffd3ec5e7ef6d8c34a56123",
- "6cf36720872b8513f6eab1a8a44438d5ef11",
- "899a175897561d7e",
- "b781fcf2f75fa5a8de97a9ca48e522ec",
- "0de18fd0fdd91e7af19f1d8ee8733938b1e8",
- "e7f6d2231618102fdb7fe55ff1991700"),
- new PublicTestVector(
- "Test Case 10",
- "8395fcf1e95bebd697bd010bc766aac3",
- "ca40d7446e545ffaed3bd12a740a659ffbbb3ceab7",
- "126735fcc320d25a",
- "22e7add93cfc6393c57ec0b3c17d6b44",
- "cb8920f87a6c75cff39627b56e3ed197c552d295a7",
- "cfc46afc253b4652b1af3795b124ab6e"),
+ new PublicTestVector(
+ "Test Case 1",
+ "233952dee4d5ed5f9b9c6d6ff80ff478",
+ "",
+ "6bfb914fd07eae6b",
+ "62ec67f9c3a4a407fcb2a8c49031a8b3",
+ "",
+ "e037830e8389f27b025a2d6527e79d01"),
+ new PublicTestVector(
+ "Test Case 2",
+ "91945d3f4dcbee0bf45ef52255f095a4",
+ "f7fb",
+ "fa3bfd4806eb53fa",
+ "becaf043b0a23d843194ba972c66debd",
+ "19dd",
+ "5c4c9331049d0bdab0277408f67967e5"),
+ new PublicTestVector(
+ "Test Case 3",
+ "01f74ad64077f2e704c0f60ada3dd523",
+ "1a47cb4933",
+ "234a3463c1264ac6",
+ "70c3db4f0d26368400a10ed05d2bff5e",
+ "d851d5bae0",
+ "3a59f238a23e39199dc9266626c40f80"),
+ new PublicTestVector(
+ "Test Case 4",
+ "d07cf6cbb7f313bdde66b727afd3c5e8",
+ "481c9e39b1",
+ "33cce2eabff5a79d",
+ "8408dfff3c1a2b1292dc199e46b7d617",
+ "632a9d131a",
+ "d4c168a4225d8e1ff755939974a7bede"),
+ new PublicTestVector(
+ "Test Case 5",
+ "35b6d0580005bbc12b0587124557d2c2",
+ "40d0c07da5e4",
+ "aeb96eaebe2970e9",
+ "fdb6b06676eedc5c61d74276e1f8e816",
+ "071dfe16c675",
+ "cb0677e536f73afe6a14b74ee49844dd"),
+ new PublicTestVector(
+ "Test Case 6",
+ "bd8e6e11475e60b268784c38c62feb22",
+ "4de3b35c3fc039245bd1fb7d",
+ "d4482d1ca78dce0f",
+ "6eac5c93072d8e8513f750935e46da1b",
+ "835bb4f15d743e350e728414",
+ "abb8644fd6ccb86947c5e10590210a4f"),
+ new PublicTestVector(
+ "Test Case 7",
+ "7c77d6e813bed5ac98baa417477a2e7d",
+ "8b0a79306c9ce7ed99dae4f87f8dd61636",
+ "65d2017990d62528",
+ "1a8c98dcd73d38393b2bf1569deefc19",
+ "02083e3979da014812f59f11d52630da30",
+ "137327d10649b0aa6e1c181db617d7f2"),
+ new PublicTestVector(
+ "Test Case 8",
+ "5fff20cafab119ca2fc73549e20f5b0d",
+ "1bda122bce8a8dbaf1877d962b8592dd2d56",
+ "54b9f04e6a09189a",
+ "dde59b97d722156d4d9aff2bc7559826",
+ "2ec47b2c4954a489afc7ba4897edcdae8cc3",
+ "3b60450599bd02c96382902aef7f832a"),
+ new PublicTestVector(
+ "Test Case 9",
+ "a4a4782bcffd3ec5e7ef6d8c34a56123",
+ "6cf36720872b8513f6eab1a8a44438d5ef11",
+ "899a175897561d7e",
+ "b781fcf2f75fa5a8de97a9ca48e522ec",
+ "0de18fd0fdd91e7af19f1d8ee8733938b1e8",
+ "e7f6d2231618102fdb7fe55ff1991700"),
+ new PublicTestVector(
+ "Test Case 10",
+ "8395fcf1e95bebd697bd010bc766aac3",
+ "ca40d7446e545ffaed3bd12a740a659ffbbb3ceab7",
+ "126735fcc320d25a",
+ "22e7add93cfc6393c57ec0b3c17d6b44",
+ "cb8920f87a6c75cff39627b56e3ed197c552d295a7",
+ "cfc46afc253b4652b1af3795b124ab6e"),
};
@Test
@@ -225,7 +273,12 @@ public class AesEaxKeyManagerTest {
if (TestUtil.shouldSkipTestWithAesKeySize(t.keyValue.length)) {
continue;
}
- Aead aead = getRawAesEax(t.keyValue, t.iv.length);
+ AesEaxKey key =
+ AesEaxKey.newBuilder()
+ .setKeyValue(ByteString.copyFrom(t.keyValue))
+ .setParams(AesEaxParams.newBuilder().setIvSize(t.iv.length))
+ .build();
+ Aead aead = manager.getPrimitive(key, Aead.class);
try {
byte[] ciphertext = Bytes.concat(t.iv, t.ciphertext, t.tag);
byte[] plaintext = aead.decrypt(ciphertext, t.aad);
@@ -236,46 +289,13 @@ public class AesEaxKeyManagerTest {
}
}
- private Aead getRawAesEax(byte[] keyValue, int ivSizeInBytes) throws Exception {
- KeysetHandle keysetHandle = TestUtil.createKeysetHandle(
- TestUtil.createKeyset(
- TestUtil.createKey(
- TestUtil.createAesEaxKeyData(keyValue, ivSizeInBytes),
- 42,
- KeyStatusType.ENABLED,
- OutputPrefixType.RAW)));
- return keysetHandle.getPrimitive(Aead.class);
- }
-
- @Test
- public void testBasic() throws Exception {
- byte[] keyValue = Random.randBytes(AES_KEY_SIZE);
- KeysetHandle keysetHandle = TestUtil.createKeysetHandle(
- TestUtil.createKeyset(
- TestUtil.createKey(
- TestUtil.createAesEaxKeyData(keyValue, 12),
- 42,
- KeyStatusType.ENABLED,
- OutputPrefixType.TINK)));
- TestUtil.runBasicAeadTests(keysetHandle.getPrimitive(Aead.class));
- }
-
@Test
public void testCiphertextSize() throws Exception {
- byte[] keyValue = Random.randBytes(AES_KEY_SIZE);
- KeysetHandle keysetHandle = TestUtil.createKeysetHandle(
- TestUtil.createKeyset(
- TestUtil.createKey(
- TestUtil.createAesEaxKeyData(keyValue, 16),
- 42,
- KeyStatusType.ENABLED,
- OutputPrefixType.TINK)));
- Aead aead = keysetHandle.getPrimitive(Aead.class);
+ AesEaxKey key = factory.createKey(createKeyFormat(32, 16));
+ Aead aead = manager.getPrimitive(key, Aead.class);
byte[] plaintext = "plaintext".getBytes("UTF-8");
byte[] associatedData = "associatedData".getBytes("UTF-8");
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
- assertEquals(
- CryptoFormat.NON_RAW_PREFIX_SIZE + 16 /* IV_SIZE */ + plaintext.length + 16 /* TAG_SIZE */,
- ciphertext.length);
+ assertEquals(16 /* IV_SIZE */ + plaintext.length + 16 /* TAG_SIZE */, ciphertext.length);
}
}
diff --git a/java/src/test/java/com/google/crypto/tink/aead/AesGcmKeyManagerTest.java b/java/src/test/java/com/google/crypto/tink/aead/AesGcmKeyManagerTest.java
index cc6d46c2c..2ef88c86b 100644
--- a/java/src/test/java/com/google/crypto/tink/aead/AesGcmKeyManagerTest.java
+++ b/java/src/test/java/com/google/crypto/tink/aead/AesGcmKeyManagerTest.java
@@ -18,13 +18,13 @@ package com.google.crypto.tink.aead;
import static com.google.common.truth.Truth.assertThat;
import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import com.google.crypto.tink.Aead;
import com.google.crypto.tink.TestUtil;
import com.google.crypto.tink.proto.AesGcmKey;
import com.google.crypto.tink.proto.AesGcmKeyFormat;
+import com.google.crypto.tink.proto.KeyData.KeyMaterialType;
import com.google.crypto.tink.subtle.AesGcmJce;
import com.google.crypto.tink.subtle.Bytes;
import com.google.crypto.tink.subtle.Random;
@@ -43,6 +43,13 @@ public class AesGcmKeyManagerTest {
private final AesGcmKeyManager.KeyFactory<AesGcmKeyFormat, AesGcmKey> factory =
manager.keyFactory();
+ @Test
+ public void basics() throws Exception {
+ assertThat(manager.getKeyType()).isEqualTo("type.googleapis.com/google.crypto.tink.AesGcmKey");
+ assertThat(manager.getVersion()).isEqualTo(0);
+ assertThat(manager.keyMaterialType()).isEqualTo(KeyMaterialType.SYMMETRIC);
+ }
+
@Test
public void validateKeyFormat_empty() throws Exception {
try {
@@ -120,7 +127,7 @@ public class AesGcmKeyManagerTest {
for (int i = 0; i < numTests; i++) {
keys.add(TestUtil.hexEncode(factory.createKey(format).getKeyValue().toByteArray()));
}
- assertEquals(numTests, keys.size());
+ assertThat(keys).hasSize(numTests);
}
@Test
--
GitLab