Add a way to create Macs from LegacyProtoKeys.

PiperOrigin-RevId: 549266939

2 files changed, 117 insertions, 0 deletions

diff --git a/java_src/src/test/java/com/google/crypto/tink/mac/internal/BUILD.bazel b/java_src/src/test/java/com/google/crypto/tink/mac/internal/BUILD.bazel
index e43888cbb..34660fda5 100644
--- a/java_src/src/test/java/com/google/crypto/tink/mac/internal/BUILD.bazel
+++ b/java_src/src/test/java/com/google/crypto/tink/mac/internal/BUILD.bazel
@@ -65,3 +65,22 @@ java_test(
         "@maven//:org_conscrypt_conscrypt_openjdk_uber",
     ],
 )
+
+java_test(
+    name = "LegacyFullMacTest",
+    size = "small",
+    srcs = ["LegacyFullMacTest.java"],
+    deps = [
+        "//src/main/java/com/google/crypto/tink:insecure_secret_key_access",
+        "//src/main/java/com/google/crypto/tink:mac",
+        "//src/main/java/com/google/crypto/tink/internal:legacy_proto_key",
+        "//src/main/java/com/google/crypto/tink/internal:mutable_serialization_registry",
+        "//src/main/java/com/google/crypto/tink/internal:proto_key_serialization",
+        "//src/main/java/com/google/crypto/tink/mac:hmac_key",
+        "//src/main/java/com/google/crypto/tink/mac/internal:hmac_test_util",
+        "//src/main/java/com/google/crypto/tink/mac/internal:legacy_full_mac",
+        "//src/main/java/com/google/crypto/tink/mac/internal:legacy_hmac_test_key_manager",
+        "@maven//:com_google_truth_truth",
+        "@maven//:junit_junit",
+    ],
+)
diff --git a/java_src/src/test/java/com/google/crypto/tink/mac/internal/LegacyFullMacTest.java b/java_src/src/test/java/com/google/crypto/tink/mac/internal/LegacyFullMacTest.java
new file mode 100644
index 000000000..d6730ba7b
--- /dev/null
+++ b/java_src/src/test/java/com/google/crypto/tink/mac/internal/LegacyFullMacTest.java
@@ -0,0 +1,98 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+package com.google.crypto.tink.mac.internal;
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.junit.Assert.assertThrows;
+
+import com.google.crypto.tink.InsecureSecretKeyAccess;
+import com.google.crypto.tink.Mac;
+import com.google.crypto.tink.internal.LegacyProtoKey;
+import com.google.crypto.tink.internal.MutableSerializationRegistry;
+import com.google.crypto.tink.internal.ProtoKeySerialization;
+import com.google.crypto.tink.mac.HmacKey;
+import com.google.crypto.tink.mac.internal.HmacTestUtil.HmacTestVector;
+import java.security.GeneralSecurityException;
+import java.util.Arrays;
+import org.junit.BeforeClass;
+import org.junit.experimental.theories.DataPoints;
+import org.junit.experimental.theories.FromDataPoints;
+import org.junit.experimental.theories.Theories;
+import org.junit.experimental.theories.Theory;
+import org.junit.runner.RunWith;
+
+@RunWith(Theories.class)
+public class LegacyFullMacTest {
+  @BeforeClass
+  public static void setUp() throws Exception {
+    LegacyHmacTestKeyManager.register();
+
+    hmacImplementationTestVectors =
+        Arrays.copyOf(
+            HmacTestUtil.HMAC_TEST_VECTORS,
+            HmacTestUtil.HMAC_TEST_VECTORS.length + HmacTestUtil.PREFIXED_KEY_TYPES.length);
+    System.arraycopy(
+        HmacTestUtil.PREFIXED_KEY_TYPES,
+        0,
+        hmacImplementationTestVectors,
+        HmacTestUtil.HMAC_TEST_VECTORS.length,
+        HmacTestUtil.PREFIXED_KEY_TYPES.length);
+  }
+
+  @DataPoints("failingHmacTestVectors")
+  public static final HmacTestVector[] HMAC_FAILING_TEST_VECTORS =
+      HmacTestUtil.CREATE_VERIFICATION_FAILS_FAST;
+
+  public static final String TYPE_URL = "LegacyHmacTestKey";
+
+  @DataPoints("allHmacTestVectors")
+  public static HmacTestVector[] hmacImplementationTestVectors;
+
+  @Theory
+  public void computeHmac_isCorrect(@FromDataPoints("allHmacTestVectors") HmacTestVector t)
+      throws Exception {
+    LegacyProtoKey key = getLegacyProtoKey(t.key);
+    Mac hmac = LegacyFullMac.create(key);
+
+    assertThat(hmac.computeMac(t.message)).isEqualTo(t.tag);
+  }
+
+  @Theory
+  public void verifyHmac_isCorrect(@FromDataPoints("allHmacTestVectors") HmacTestVector t)
+      throws Exception {
+    LegacyProtoKey key = getLegacyProtoKey(t.key);
+    Mac hmac = LegacyFullMac.create(key);
+
+    hmac.verifyMac(t.tag, t.message);
+  }
+
+  @Theory
+  public void verifyHmac_throwsOnWrongTag(
+      @FromDataPoints("failingHmacTestVectors") HmacTestVector t) throws Exception {
+    LegacyProtoKey key = getLegacyProtoKey(t.key);
+    Mac hmac = LegacyFullMac.create(key);
+
+    assertThrows(GeneralSecurityException.class, () -> hmac.verifyMac(t.tag, t.message));
+  }
+
+  private static LegacyProtoKey getLegacyProtoKey(HmacKey hmacKey) throws GeneralSecurityException {
+    return new LegacyProtoKey(
+        MutableSerializationRegistry.globalInstance()
+            .serializeKey(hmacKey, ProtoKeySerialization.class, InsecureSecretKeyAccess.get()),
+        InsecureSecretKeyAccess.get());
+  }
+}