diff options
| author | juerg <juerg@google.com> | 2023-07-05 00:08:24 -0700 |
|---|---|---|
| committer | Copybara-Service <copybara-worker@google.com> | 2023-07-05 00:09:30 -0700 |
| commit | d14920fb36ff6c5183b510cc6c396498d1280956 (patch) | |
| tree | 57f0181588fec7ae932337c02cdf17ae2483608f /java_src/src/test/java/com/google/crypto/tink | |
| parent | 3abb457a0dcbec333badcf584db92e771973eaa3 (diff) | |
| download | tink-d14920fb36ff6c5183b510cc6c396498d1280956.tar.gz | |
If available, use Conscrypt generate randomness.
Also, we want to provide an additional internal function "validateUsesConscrypt" that lets us enforce to only use Conscrypt to generate randomness. For this, we move the "Random" class to internal, and add this function. The subtle class forwards calls to the internal class.
PiperOrigin-RevId: 545581282
Diffstat (limited to 'java_src/src/test/java/com/google/crypto/tink')
5 files changed, 271 insertions, 0 deletions
diff --git a/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel b/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel index 828dd3b95..5f6b30d6c 100644 --- a/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel +++ b/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel @@ -489,3 +489,28 @@ java_test( "@maven//:junit_junit", ], ) + +java_test( + name = "RandomTest", + size = "small", + srcs = ["RandomTest.java"], + deps = [ + "//src/main/java/com/google/crypto/tink/internal:random", + "//src/main/java/com/google/crypto/tink/testing:test_util", + "@maven//:com_google_truth_truth", + "@maven//:junit_junit", + "@maven//:org_conscrypt_conscrypt_openjdk_uber", + ], +) + +java_test( + name = "RandomWithoutConscryptTest", + size = "small", + srcs = ["RandomWithoutConscryptTest.java"], + deps = [ + "//src/main/java/com/google/crypto/tink/internal:random", + "//src/main/java/com/google/crypto/tink/testing:test_util", + "@maven//:com_google_truth_truth", + "@maven//:junit_junit", + ], +) diff --git a/java_src/src/test/java/com/google/crypto/tink/internal/RandomTest.java b/java_src/src/test/java/com/google/crypto/tink/internal/RandomTest.java new file mode 100644 index 000000000..2ce54db27 --- /dev/null +++ b/java_src/src/test/java/com/google/crypto/tink/internal/RandomTest.java @@ -0,0 +1,104 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +package com.google.crypto.tink.internal; + +import static com.google.common.truth.Truth.assertThat; + +import com.google.crypto.tink.testing.TestUtil; +import java.security.Security; +import java.util.ArrayList; +import org.conscrypt.Conscrypt; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +@RunWith(JUnit4.class) +public final class RandomTest { + + static boolean conscryptProviderAdded; + + @BeforeClass + public static void setUp() { + try { + Conscrypt.checkAvailability(); + Security.addProvider(Conscrypt.newProvider()); + conscryptProviderAdded = true; + } catch (Exception | UnsatisfiedLinkError e) { + conscryptProviderAdded = false; + } + } + + @Test + public void validateUsesConscrypt_doesNotThrowIfConscryptProviderIsAdded() throws Exception { + if (TestUtil.isAndroid()) { + // Android uses Conscrypt by default, but trying to add it manually fails. + assertThat(conscryptProviderAdded).isFalse(); + } else { + assertThat(conscryptProviderAdded).isTrue(); + } + Random.validateUsesConscrypt(); + } + + @Test + public void randBytes_works() throws Exception { + assertThat(Random.randBytes(10)).hasLength(10); + } + + @Test + public void randIntWithMax_works() throws Exception { + assertThat(Random.randInt(5)).isLessThan(5); + } + + @Test + public void randInt_works() throws Exception { + int unused = Random.randInt(); + } + + @Test + public void randBytes_areDifferent() throws Exception { + assertThat(Random.randBytes(32)).isNotEqualTo(Random.randBytes(32)); + } + + @Test + public void randomBytesInDifferentThreads_areDifferent() throws Exception { + ArrayList<Thread> threads = new ArrayList<>(); + final byte[] b0 = new byte[10]; + final byte[] b1 = new byte[10]; + threads.add( + new Thread() { + @Override + public void run() { + System.arraycopy(Random.randBytes(10), 0, b0, 0, 10); + } + }); + threads.add( + new Thread() { + @Override + public void run() { + System.arraycopy(Random.randBytes(10), 0, b1, 0, 10); + } + }); + for (Thread thread : threads) { + thread.start(); + } + for (Thread thread : threads) { + thread.join(); + } + assertThat(b0).isNotEqualTo(b1); + } +} diff --git a/java_src/src/test/java/com/google/crypto/tink/internal/RandomWithoutConscryptTest.java b/java_src/src/test/java/com/google/crypto/tink/internal/RandomWithoutConscryptTest.java new file mode 100644 index 000000000..bcbc7748f --- /dev/null +++ b/java_src/src/test/java/com/google/crypto/tink/internal/RandomWithoutConscryptTest.java @@ -0,0 +1,89 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +package com.google.crypto.tink.internal; + +import static com.google.common.truth.Truth.assertThat; +import static org.junit.Assert.assertThrows; + +import com.google.crypto.tink.testing.TestUtil; +import java.security.GeneralSecurityException; +import java.util.ArrayList; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +@RunWith(JUnit4.class) +public final class RandomWithoutConscryptTest { + + @Test + public void validateUsesConscrypt_onlyWorksOnAndroid() throws Exception { + if (TestUtil.isAndroid()) { + // Android uses Conscrypt by default. + Random.validateUsesConscrypt(); + } else { + assertThrows(GeneralSecurityException.class, Random::validateUsesConscrypt); + } + } + + @Test + public void randBytes_works() throws Exception { + assertThat(Random.randBytes(10)).hasLength(10); + } + + @Test + public void randIntWithMax_works() throws Exception { + assertThat(Random.randInt(5)).isLessThan(5); + } + + @Test + public void randInt_works() throws Exception { + int unused = Random.randInt(); + } + + @Test + public void randBytes_areDifferent() throws Exception { + assertThat(Random.randBytes(10)).isNotEqualTo(Random.randBytes(10)); + } + + @Test + public void randdomBytesInDifferentThreads_areDifferent() throws Exception { + ArrayList<Thread> threads = new ArrayList<>(); + final byte[] b0 = new byte[10]; + final byte[] b1 = new byte[10]; + threads.add( + new Thread() { + @Override + public void run() { + System.arraycopy(Random.randBytes(10), 0, b0, 0, 10); + } + }); + threads.add( + new Thread() { + @Override + public void run() { + System.arraycopy(Random.randBytes(10), 0, b1, 0, 10); + } + }); + for (Thread thread : threads) { + thread.start(); + } + for (Thread thread : threads) { + thread.join(); + } + assertThat(b0).isNotEqualTo(b1); + } +} diff --git a/java_src/src/test/java/com/google/crypto/tink/subtle/BUILD.bazel b/java_src/src/test/java/com/google/crypto/tink/subtle/BUILD.bazel index 3d91eaf5d..07ff7a4d4 100644 --- a/java_src/src/test/java/com/google/crypto/tink/subtle/BUILD.bazel +++ b/java_src/src/test/java/com/google/crypto/tink/subtle/BUILD.bazel @@ -636,3 +636,14 @@ java_test( "@maven//:org_conscrypt_conscrypt_openjdk_uber", ], ) + +java_test( + name = "RandomTest", + size = "small", + srcs = ["RandomTest.java"], + deps = [ + "//src/main/java/com/google/crypto/tink/subtle:random", + "@maven//:com_google_truth_truth", + "@maven//:junit_junit", + ], +) diff --git a/java_src/src/test/java/com/google/crypto/tink/subtle/RandomTest.java b/java_src/src/test/java/com/google/crypto/tink/subtle/RandomTest.java new file mode 100644 index 000000000..dc264d126 --- /dev/null +++ b/java_src/src/test/java/com/google/crypto/tink/subtle/RandomTest.java @@ -0,0 +1,42 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +package com.google.crypto.tink.subtle; + +import static com.google.common.truth.Truth.assertThat; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +@RunWith(JUnit4.class) +public final class RandomTest { + + @Test + public void randdomBytes_areDifferent() throws Exception { + assertThat(Random.randBytes(10)).isNotEqualTo(Random.randBytes(10)); + } + + @Test + public void randIntWithMax_works() throws Exception { + assertThat(Random.randInt(5)).isLessThan(5); + } + + @Test + public void randInt_works() throws Exception { + int unused = Random.randInt(); + } +} |