diff options
author | cinlin <cinlin@google.com> | 2023-07-13 12:49:17 -0700 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2023-07-13 12:51:20 -0700 |
commit | d26ed0209a33cd88a951ed9c2e17dd330baa9696 (patch) | |
tree | 722c3a3a01e921a569640d21c34bb05c6fddeea7 /cc | |
parent | 3ad75effea2c8b6b734e3416d07044c7de0f87f0 (diff) | |
download | tink-d26ed0209a33cd88a951ed9c2e17dd330baa9696.tar.gz |
Extend C++ config tests.
PiperOrigin-RevId: 547890095
Diffstat (limited to 'cc')
-rw-r--r-- | cc/config/BUILD.bazel | 21 | ||||
-rw-r--r-- | cc/config/CMakeLists.txt | 21 | ||||
-rw-r--r-- | cc/config/fips_140_2_test.cc | 28 | ||||
-rw-r--r-- | cc/config/key_gen_fips_140_2_test.cc | 4 | ||||
-rw-r--r-- | cc/config/key_gen_v0_test.cc | 10 | ||||
-rw-r--r-- | cc/config/v0_test.cc | 54 |
6 files changed, 131 insertions, 7 deletions
diff --git a/cc/config/BUILD.bazel b/cc/config/BUILD.bazel index 549b1c6c7..a760eea84 100644 --- a/cc/config/BUILD.bazel +++ b/cc/config/BUILD.bazel @@ -251,7 +251,12 @@ cc_test( deps = [ ":fips_140_2", ":key_gen_fips_140_2", + "//:aead", + "//:chunked_mac", "//:keyset_handle", + "//:mac", + "//:public_key_sign", + "//:public_key_verify", "//aead:aead_key_templates", "//aead:aes_ctr_hmac_aead_key_manager", "//aead:aes_gcm_key_manager", @@ -296,8 +301,20 @@ cc_test( srcs = ["v0_test.cc"], tags = ["requires_boringcrypto_update"], deps = [ + ":key_gen_v0", ":v0", + "//:aead", + "//:chunked_mac", "//:configuration", + "//:deterministic_aead", + "//:hybrid_decrypt", + "//:hybrid_encrypt", + "//:keyset_handle", + "//:mac", + "//:public_key_sign", + "//:public_key_verify", + "//:streaming_aead", + "//aead:aead_key_templates", "//aead:aes_ctr_hmac_aead_key_manager", "//aead:aes_eax_key_manager", "//aead:aes_gcm_key_manager", @@ -307,11 +324,13 @@ cc_test( "//hybrid:ecies_aead_hkdf_public_key_manager", "//hybrid/internal:hpke_public_key_manager", "//internal:configuration_impl", + "//internal:keyset_wrapper_store", "//mac:aes_cmac_key_manager", "//mac:hmac_key_manager", "//prf:aes_cmac_prf_key_manager", "//prf:hkdf_prf_key_manager", "//prf:hmac_prf_key_manager", + "//prf:prf_set", "//signature:ecdsa_verify_key_manager", "//signature:ed25519_verify_key_manager", "//signature:rsa_ssa_pkcs1_verify_key_manager", @@ -330,6 +349,8 @@ cc_test( deps = [ ":key_gen_v0", "//:key_gen_configuration", + "//:keyset_handle", + "//aead:aead_key_templates", "//aead:aes_ctr_hmac_aead_key_manager", "//aead:aes_eax_key_manager", "//aead:aes_gcm_key_manager", diff --git a/cc/config/CMakeLists.txt b/cc/config/CMakeLists.txt index 80f34c4b9..58e9f5435 100644 --- a/cc/config/CMakeLists.txt +++ b/cc/config/CMakeLists.txt @@ -235,7 +235,12 @@ tink_cc_test( tink::config::fips_140_2 tink::config::key_gen_fips_140_2 gmock + tink::core::aead + tink::core::chunked_mac tink::core::keyset_handle + tink::core::mac + tink::core::public_key_sign + tink::core::public_key_verify tink::aead::aead_key_templates tink::aead::aes_ctr_hmac_aead_key_manager tink::aead::aes_gcm_key_manager @@ -278,9 +283,21 @@ tink_cc_test( SRCS v0_test.cc DEPS + tink::config::key_gen_v0 tink::config::v0 gmock + tink::core::aead + tink::core::chunked_mac tink::core::configuration + tink::core::deterministic_aead + tink::core::hybrid_decrypt + tink::core::hybrid_encrypt + tink::core::keyset_handle + tink::core::mac + tink::core::public_key_sign + tink::core::public_key_verify + tink::core::streaming_aead + tink::aead::aead_key_templates tink::aead::aes_ctr_hmac_aead_key_manager tink::aead::aes_eax_key_manager tink::aead::aes_gcm_key_manager @@ -290,11 +307,13 @@ tink_cc_test( tink::hybrid::ecies_aead_hkdf_public_key_manager tink::hybrid::internal::hpke_public_key_manager tink::internal::configuration_impl + tink::internal::keyset_wrapper_store tink::mac::aes_cmac_key_manager tink::mac::hmac_key_manager tink::prf::aes_cmac_prf_key_manager tink::prf::hkdf_prf_key_manager tink::prf::hmac_prf_key_manager + tink::prf::prf_set tink::signature::ecdsa_verify_key_manager tink::signature::ed25519_verify_key_manager tink::signature::rsa_ssa_pkcs1_verify_key_manager @@ -314,6 +333,8 @@ tink_cc_test( tink::config::key_gen_v0 gmock tink::core::key_gen_configuration + tink::core::keyset_handle + tink::aead::aead_key_templates tink::aead::aes_ctr_hmac_aead_key_manager tink::aead::aes_eax_key_manager tink::aead::aes_gcm_key_manager diff --git a/cc/config/fips_140_2_test.cc b/cc/config/fips_140_2_test.cc index c897b38a2..a5a9a4dc6 100644 --- a/cc/config/fips_140_2_test.cc +++ b/cc/config/fips_140_2_test.cc @@ -21,17 +21,22 @@ #include "gmock/gmock.h" #include "gtest/gtest.h" +#include "tink/aead.h" #include "tink/aead/aead_key_templates.h" #include "tink/aead/aes_ctr_hmac_aead_key_manager.h" #include "tink/aead/aes_gcm_key_manager.h" +#include "tink/chunked_mac.h" #include "tink/config/key_gen_fips_140_2.h" #include "tink/internal/configuration_impl.h" #include "tink/internal/fips_utils.h" #include "tink/internal/key_type_info_store.h" #include "tink/keyset_handle.h" +#include "tink/mac.h" #include "tink/mac/aes_cmac_key_manager.h" #include "tink/mac/hmac_key_manager.h" #include "tink/prf/hmac_prf_key_manager.h" +#include "tink/public_key_sign.h" +#include "tink/public_key_verify.h" #include "tink/signature/ecdsa_verify_key_manager.h" #include "tink/signature/rsa_ssa_pkcs1_verify_key_manager.h" #include "tink/signature/rsa_ssa_pss_verify_key_manager.h" @@ -50,7 +55,24 @@ class Fips1402Test : public ::testing::Test { void TearDown() override { internal::UnSetFipsRestricted(); } }; -TEST_F(Fips1402Test, ConfigFips1402) { +TEST_F(Fips1402Test, PrimitiveWrappers) { + if (!internal::IsFipsEnabledInSsl()) { + GTEST_SKIP() << "Only test in FIPS mode"; + } + + util::StatusOr<const internal::KeysetWrapperStore*> store = + internal::ConfigurationImpl::GetKeysetWrapperStore(ConfigFips140_2()); + ASSERT_THAT(store, IsOk()); + + EXPECT_THAT((*store)->Get<Mac>(), IsOk()); + EXPECT_THAT((*store)->Get<ChunkedMac>(), IsOk()); + EXPECT_THAT((*store)->Get<Aead>(), IsOk()); + EXPECT_THAT((*store)->Get<PrfSet>(), IsOk()); + EXPECT_THAT((*store)->Get<PublicKeySign>(), IsOk()); + EXPECT_THAT((*store)->Get<PublicKeyVerify>(), IsOk()); +} + +TEST_F(Fips1402Test, KeyManagers) { if (!internal::IsFipsEnabledInSsl()) { GTEST_SKIP() << "Only test in FIPS mode"; } @@ -70,7 +92,7 @@ TEST_F(Fips1402Test, ConfigFips1402) { IsOk()); } -TEST_F(Fips1402Test, ConfigFips1402FailsInNonFipsMode) { +TEST_F(Fips1402Test, FailsInNonFipsMode) { if (internal::IsFipsEnabledInSsl()) { GTEST_SKIP() << "Only test in non-FIPS mode"; } @@ -91,7 +113,7 @@ TEST_F(Fips1402Test, NonFipsTypeNotPresent) { StatusIs(absl::StatusCode::kNotFound)); } -TEST_F(Fips1402Test, GenerateNewKeysetHandleAndGetPrimitive) { +TEST_F(Fips1402Test, GetPrimitive) { if (!internal::IsFipsEnabledInSsl()) { GTEST_SKIP() << "Only test in FIPS mode"; } diff --git a/cc/config/key_gen_fips_140_2_test.cc b/cc/config/key_gen_fips_140_2_test.cc index 1afb144c4..f1558d47c 100644 --- a/cc/config/key_gen_fips_140_2_test.cc +++ b/cc/config/key_gen_fips_140_2_test.cc @@ -44,7 +44,7 @@ class KeyGenFips1402Test : public testing::Test { void TearDown() override { internal::UnSetFipsRestricted(); } }; -TEST_F(KeyGenFips1402Test, KeyGenConfigFips1402) { +TEST_F(KeyGenFips1402Test, KeyManagers) { if (!internal::IsFipsEnabledInSsl()) { GTEST_SKIP() << "Only test in FIPS mode"; } @@ -65,7 +65,7 @@ TEST_F(KeyGenFips1402Test, KeyGenConfigFips1402) { IsOk()); } -TEST_F(KeyGenFips1402Test, KeyGenConfigFips1402FailsInNonFipsMode) { +TEST_F(KeyGenFips1402Test, FailsInNonFipsMode) { if (internal::IsFipsEnabledInSsl()) { GTEST_SKIP() << "Only test in non-FIPS mode"; } diff --git a/cc/config/key_gen_v0_test.cc b/cc/config/key_gen_v0_test.cc index 670903be7..1d8705b5a 100644 --- a/cc/config/key_gen_v0_test.cc +++ b/cc/config/key_gen_v0_test.cc @@ -18,6 +18,7 @@ #include "gmock/gmock.h" #include "gtest/gtest.h" +#include "tink/aead/aead_key_templates.h" #include "tink/aead/aes_ctr_hmac_aead_key_manager.h" #include "tink/aead/aes_eax_key_manager.h" #include "tink/aead/aes_gcm_key_manager.h" @@ -28,6 +29,7 @@ #include "tink/hybrid/internal/hpke_public_key_manager.h" #include "tink/internal/key_gen_configuration_impl.h" #include "tink/key_gen_configuration.h" +#include "tink/keyset_handle.h" #include "tink/mac/aes_cmac_key_manager.h" #include "tink/mac/hmac_key_manager.h" #include "tink/prf/aes_cmac_prf_key_manager.h" @@ -47,7 +49,7 @@ namespace { using ::crypto::tink::test::IsOk; -TEST(KeyGenV0Test, KeyGenConfigV0) { +TEST(KeyGenV0Test, KeyManagers) { util::StatusOr<const internal::KeyTypeInfoStore*> store = internal::KeyGenConfigurationImpl::GetKeyTypeInfoStore(KeyGenConfigV0()); ASSERT_THAT(store, IsOk()); @@ -80,6 +82,12 @@ TEST(KeyGenV0Test, KeyGenConfigV0) { EXPECT_THAT((*store)->Get(Ed25519VerifyKeyManager().get_key_type()), IsOk()); } +TEST(KeyGenV0Test, GenerateNewKeysetHandle) { + EXPECT_THAT(KeysetHandle::GenerateNew(AeadKeyTemplates::Aes128Gcm(), + KeyGenConfigV0()), + IsOk()); +} + } // namespace } // namespace tink } // namespace crypto diff --git a/cc/config/v0_test.cc b/cc/config/v0_test.cc index e5dc3ef59..6df490c41 100644 --- a/cc/config/v0_test.cc +++ b/cc/config/v0_test.cc @@ -16,27 +16,44 @@ #include "tink/config/v0.h" +#include <memory> +#include <string> + #include "gmock/gmock.h" #include "gtest/gtest.h" +#include "tink/aead.h" +#include "tink/aead/aead_key_templates.h" #include "tink/aead/aes_ctr_hmac_aead_key_manager.h" #include "tink/aead/aes_eax_key_manager.h" #include "tink/aead/aes_gcm_key_manager.h" #include "tink/aead/aes_gcm_siv_key_manager.h" #include "tink/aead/xchacha20_poly1305_key_manager.h" +#include "tink/chunked_mac.h" +#include "tink/config/key_gen_v0.h" #include "tink/configuration.h" #include "tink/daead/aes_siv_key_manager.h" +#include "tink/deterministic_aead.h" #include "tink/hybrid/ecies_aead_hkdf_public_key_manager.h" #include "tink/hybrid/internal/hpke_public_key_manager.h" +#include "tink/hybrid_decrypt.h" +#include "tink/hybrid_encrypt.h" #include "tink/internal/configuration_impl.h" +#include "tink/internal/keyset_wrapper_store.h" +#include "tink/keyset_handle.h" +#include "tink/mac.h" #include "tink/mac/aes_cmac_key_manager.h" #include "tink/mac/hmac_key_manager.h" #include "tink/prf/aes_cmac_prf_key_manager.h" #include "tink/prf/hkdf_prf_key_manager.h" #include "tink/prf/hmac_prf_key_manager.h" +#include "tink/prf/prf_set.h" +#include "tink/public_key_sign.h" +#include "tink/public_key_verify.h" #include "tink/signature/ecdsa_verify_key_manager.h" #include "tink/signature/ed25519_verify_key_manager.h" #include "tink/signature/rsa_ssa_pkcs1_verify_key_manager.h" #include "tink/signature/rsa_ssa_pss_verify_key_manager.h" +#include "tink/streaming_aead.h" #include "tink/streamingaead/aes_ctr_hmac_streaming_key_manager.h" #include "tink/streamingaead/aes_gcm_hkdf_streaming_key_manager.h" #include "tink/util/test_matchers.h" @@ -46,8 +63,26 @@ namespace tink { namespace { using ::crypto::tink::test::IsOk; +using ::crypto::tink::test::IsOkAndHolds; + +TEST(V0Test, PrimitiveWrappers) { + util::StatusOr<const internal::KeysetWrapperStore*> store = + internal::ConfigurationImpl::GetKeysetWrapperStore(ConfigV0()); + ASSERT_THAT(store, IsOk()); + + EXPECT_THAT((*store)->Get<Mac>(), IsOk()); + EXPECT_THAT((*store)->Get<ChunkedMac>(), IsOk()); + EXPECT_THAT((*store)->Get<Aead>(), IsOk()); + EXPECT_THAT((*store)->Get<DeterministicAead>(), IsOk()); + EXPECT_THAT((*store)->Get<StreamingAead>(), IsOk()); + EXPECT_THAT((*store)->Get<HybridEncrypt>(), IsOk()); + EXPECT_THAT((*store)->Get<HybridDecrypt>(), IsOk()); + EXPECT_THAT((*store)->Get<PrfSet>(), IsOk()); + EXPECT_THAT((*store)->Get<PublicKeySign>(), IsOk()); + EXPECT_THAT((*store)->Get<PublicKeyVerify>(), IsOk()); +} -TEST(V0Test, ConfigV0) { +TEST(V0Test, KeyManagers) { util::StatusOr<const internal::KeyTypeInfoStore*> store = internal::ConfigurationImpl::GetKeyTypeInfoStore(ConfigV0()); ASSERT_THAT(store, IsOk()); @@ -80,6 +115,23 @@ TEST(V0Test, ConfigV0) { EXPECT_THAT((*store)->Get(Ed25519VerifyKeyManager().get_key_type()), IsOk()); } +TEST(V0Test, GetPrimitive) { + util::StatusOr<std::unique_ptr<KeysetHandle>> handle = + KeysetHandle::GenerateNew(AeadKeyTemplates::Aes128Gcm(), + KeyGenConfigV0()); + ASSERT_THAT(handle, IsOk()); + + util::StatusOr<std::unique_ptr<Aead>> aead = + (*handle)->GetPrimitive<Aead>(ConfigV0()); + ASSERT_THAT(aead, IsOk()); + + std::string plaintext = "plaintext"; + std::string ad = "ad"; + util::StatusOr<std::string> ciphertext = (*aead)->Encrypt(plaintext, ad); + ASSERT_THAT(ciphertext, IsOk()); + EXPECT_THAT((*aead)->Decrypt(*ciphertext, ad), IsOkAndHolds(plaintext)); +} + } // namespace } // namespace tink } // namespace crypto |