diff options
Diffstat (limited to 'java_src/src/test/java/com/google/crypto/tink/hybrid/internal/X25519HpkeKemTest.java')
-rw-r--r-- | java_src/src/test/java/com/google/crypto/tink/hybrid/internal/X25519HpkeKemTest.java | 181 |
1 files changed, 169 insertions, 12 deletions
diff --git a/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/X25519HpkeKemTest.java b/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/X25519HpkeKemTest.java index 69d8df002..d76f922a5 100644 --- a/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/X25519HpkeKemTest.java +++ b/java_src/src/test/java/com/google/crypto/tink/hybrid/internal/X25519HpkeKemTest.java @@ -58,9 +58,9 @@ public final class X25519HpkeKemTest { testVectors = HpkeTestUtil.parseTestVectors(Files.newReader(new File(path), UTF_8)); } - private HpkeTestId getDefaultTestId() { + private HpkeTestId getDefaultTestId(byte[] mode) { return new HpkeTestId( - HpkeUtil.BASE_MODE, + mode, HpkeUtil.X25519_HKDF_SHA256_KEM_ID, HpkeUtil.HKDF_SHA256_KDF_ID, HpkeUtil.AES_128_GCM_AEAD_ID); @@ -72,8 +72,18 @@ public final class X25519HpkeKemTest { HpkeTestSetup testSetup = testVectors.get(testId).getTestSetup(); X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf(MAC_ALGORITHM)); - HpkeKemEncapOutput result = - kem.encapsulate(testSetup.recipientPublicKey, testSetup.senderEphemeralPrivateKey); + HpkeKemEncapOutput result; + if (mode == HpkeUtil.BASE_MODE) { + result = kem.encapsulate(testSetup.recipientPublicKey, testSetup.senderEphemeralPrivateKey); + } else if (mode == HpkeUtil.AUTH_MODE) { + result = + kem.authEncapsulate( + testSetup.recipientPublicKey, + testSetup.senderEphemeralPrivateKey, + X25519HpkeKemPrivateKey.fromBytes(testSetup.senderPrivateKey)); + } else { + throw new IllegalArgumentException("Unsupported mode: " + mode[0]); + } expect.that(result.getSharedSecret()).isEqualTo(testSetup.sharedSecret); expect.that(result.getEncapsulatedKey()).isEqualTo(testSetup.encapsulatedKey); } @@ -84,10 +94,21 @@ public final class X25519HpkeKemTest { HpkeTestSetup testSetup = testVectors.get(testId).getTestSetup(); X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf(MAC_ALGORITHM)); - byte[] result = - kem.decapsulate( - testSetup.encapsulatedKey, - X25519HpkeKemPrivateKey.fromBytes(testSetup.recipientPrivateKey)); + byte[] result; + if (mode == HpkeUtil.BASE_MODE) { + result = + kem.decapsulate( + testSetup.encapsulatedKey, + X25519HpkeKemPrivateKey.fromBytes(testSetup.recipientPrivateKey)); + } else if (mode == HpkeUtil.AUTH_MODE) { + result = + kem.authDecapsulate( + testSetup.encapsulatedKey, + X25519HpkeKemPrivateKey.fromBytes(testSetup.recipientPrivateKey), + testSetup.senderPublicKey); + } else { + throw new IllegalArgumentException("Unsupported mode: " + mode[0]); + } expect.that(result).isEqualTo(testSetup.sharedSecret); } @@ -101,6 +122,16 @@ public final class X25519HpkeKemTest { } @Test + public void authEncapsulate_succeedsWithX25519HkdfSha256Aes128Gcm() + throws GeneralSecurityException { + encapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + HpkeUtil.AES_128_GCM_AEAD_ID); + } + + @Test public void encapsulate_succeedsWithX25519HkdfSha256Aes256Gcm() throws GeneralSecurityException { encapsulate( HpkeUtil.BASE_MODE, @@ -110,6 +141,16 @@ public final class X25519HpkeKemTest { } @Test + public void authEncapsulate_succeedsWithX25519HkdfSha256Aes256Gcm() + throws GeneralSecurityException { + encapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + HpkeUtil.AES_256_GCM_AEAD_ID); + } + + @Test public void encapsulate_succeedsWithX25519HkdfSha256ChaCha20Poly1305() throws GeneralSecurityException { encapsulate( @@ -120,6 +161,16 @@ public final class X25519HpkeKemTest { } @Test + public void authEncapsulate_succeedsWithX25519HkdfSha256ChaCha20Poly1305() + throws GeneralSecurityException { + encapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + HpkeUtil.CHACHA20_POLY1305_AEAD_ID); + } + + @Test public void encapsulate_succeedsWithX25519HkdfSha256ExportOnlyAead() throws GeneralSecurityException { encapsulate( @@ -130,23 +181,60 @@ public final class X25519HpkeKemTest { } @Test + public void authEncapsulate_succeedsWithX25519HkdfSha256ExportOnlyAead() + throws GeneralSecurityException { + encapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + EXPORT_ONLY_AEAD_ID); + } + + @Test public void encapsulate_failsWithInvalidMacAlgorithm() { X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf("BadMac")); - HpkeTestSetup testSetup = testVectors.get(getDefaultTestId()).getTestSetup(); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.BASE_MODE)).getTestSetup(); byte[] validRecipientPublicKey = testSetup.recipientPublicKey; assertThrows(NoSuchAlgorithmException.class, () -> kem.encapsulate(validRecipientPublicKey)); } @Test + public void authEncapsulate_failsWithInvalidMacAlgorithm() { + X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf("BadMac")); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.AUTH_MODE)).getTestSetup(); + byte[] validRecipientPublicKey = testSetup.recipientPublicKey; + byte[] senderPrivateKey = testSetup.senderPrivateKey; + assertThrows( + NoSuchAlgorithmException.class, + () -> + kem.authEncapsulate( + validRecipientPublicKey, X25519HpkeKemPrivateKey.fromBytes(senderPrivateKey))); + } + + @Test public void encapsulate_failsWithInvalidRecipientPublicKey() { X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf(MAC_ALGORITHM)); - HpkeTestSetup testSetup = testVectors.get(getDefaultTestId()).getTestSetup(); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.BASE_MODE)).getTestSetup(); byte[] invalidRecipientPublicKey = Arrays.copyOf(testSetup.recipientPublicKey, testSetup.recipientPublicKey.length + 2); assertThrows(InvalidKeyException.class, () -> kem.encapsulate(invalidRecipientPublicKey)); } @Test + public void authEncapsulate_failsWithInvalidRecipientPublicKey() { + X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf(MAC_ALGORITHM)); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.AUTH_MODE)).getTestSetup(); + byte[] invalidRecipientPublicKey = + Arrays.copyOf(testSetup.recipientPublicKey, testSetup.recipientPublicKey.length + 2); + byte[] senderPrivateKey = testSetup.senderPrivateKey; + assertThrows( + InvalidKeyException.class, + () -> + kem.authEncapsulate( + invalidRecipientPublicKey, X25519HpkeKemPrivateKey.fromBytes(senderPrivateKey))); + } + + @Test public void decapsulate_succeedsWithX25519HkdfSha256Aes128Gcm() throws GeneralSecurityException { decapsulate( HpkeUtil.BASE_MODE, @@ -156,6 +244,16 @@ public final class X25519HpkeKemTest { } @Test + public void authDecapsulate_succeedsWithX25519HkdfSha256Aes128Gcm() + throws GeneralSecurityException { + decapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + HpkeUtil.AES_128_GCM_AEAD_ID); + } + + @Test public void decapsulate_succeedsWithX25519HkdfSha256Aes256Gcm() throws GeneralSecurityException { decapsulate( HpkeUtil.BASE_MODE, @@ -165,6 +263,16 @@ public final class X25519HpkeKemTest { } @Test + public void authDecapsulate_succeedsWithX25519HkdfSha256Aes256Gcm() + throws GeneralSecurityException { + decapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + HpkeUtil.AES_256_GCM_AEAD_ID); + } + + @Test public void decapsulate_succeedsWithX25519HkdfSha256ChaCha20Poly1305() throws GeneralSecurityException { decapsulate( @@ -175,6 +283,16 @@ public final class X25519HpkeKemTest { } @Test + public void authDecapsulate_succeedsWithX25519HkdfSha256ChaCha20Poly1305() + throws GeneralSecurityException { + decapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + HpkeUtil.CHACHA20_POLY1305_AEAD_ID); + } + + @Test public void decapsulate_succeedsWithX25519HkdfSha256ExportOnlyAead() throws GeneralSecurityException { decapsulate( @@ -185,9 +303,19 @@ public final class X25519HpkeKemTest { } @Test + public void authDecapsulate_succeedsWithX25519HkdfSha256ExportOnlyAead() + throws GeneralSecurityException { + decapsulate( + HpkeUtil.AUTH_MODE, + HpkeUtil.X25519_HKDF_SHA256_KEM_ID, + HpkeUtil.HKDF_SHA256_KDF_ID, + EXPORT_ONLY_AEAD_ID); + } + + @Test public void decapsulate_failsWithInvalidMacAlgorithm() throws GeneralSecurityException { X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf("BadMac")); - HpkeTestSetup testSetup = testVectors.get(getDefaultTestId()).getTestSetup(); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.BASE_MODE)).getTestSetup(); byte[] validEncapsulatedKey = testSetup.encapsulatedKey; HpkeKemPrivateKey validRecipientPrivateKey = X25519HpkeKemPrivateKey.fromBytes(testSetup.recipientPrivateKey); @@ -197,9 +325,22 @@ public final class X25519HpkeKemTest { } @Test + public void authDecapsulate_failsWithInvalidMacAlgorithm() throws GeneralSecurityException { + X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf("BadMac")); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.AUTH_MODE)).getTestSetup(); + byte[] validEncapsulatedKey = testSetup.encapsulatedKey; + byte[] senderPublicKey = testSetup.senderPublicKey; + HpkeKemPrivateKey validRecipientPrivateKey = + X25519HpkeKemPrivateKey.fromBytes(testSetup.recipientPrivateKey); + assertThrows( + NoSuchAlgorithmException.class, + () -> kem.authDecapsulate(validEncapsulatedKey, validRecipientPrivateKey, senderPublicKey)); + } + + @Test public void decapsulate_failsWithInvalidEncapsulatedPublicKey() throws GeneralSecurityException { X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf(MAC_ALGORITHM)); - HpkeTestSetup testSetup = testVectors.get(getDefaultTestId()).getTestSetup(); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.BASE_MODE)).getTestSetup(); byte[] invalidEncapsulatedKey = Arrays.copyOf(testSetup.encapsulatedKey, testSetup.encapsulatedKey.length + 2); HpkeKemPrivateKey validRecipientPrivateKey = @@ -210,6 +351,22 @@ public final class X25519HpkeKemTest { } @Test + public void authDecapsulate_failsWithInvalidEncapsulatedPublicKey() + throws GeneralSecurityException { + X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf(MAC_ALGORITHM)); + HpkeTestSetup testSetup = testVectors.get(getDefaultTestId(HpkeUtil.AUTH_MODE)).getTestSetup(); + byte[] invalidEncapsulatedKey = + Arrays.copyOf(testSetup.encapsulatedKey, testSetup.encapsulatedKey.length + 2); + HpkeKemPrivateKey validRecipientPrivateKey = + X25519HpkeKemPrivateKey.fromBytes(testSetup.recipientPrivateKey); + byte[] senderPublicKey = testSetup.senderPublicKey; + assertThrows( + InvalidKeyException.class, + () -> + kem.authDecapsulate(invalidEncapsulatedKey, validRecipientPrivateKey, senderPublicKey)); + } + + @Test public void getKemId_succeeds() throws GeneralSecurityException { X25519HpkeKem kem = new X25519HpkeKem(new HkdfHpkeKdf(MAC_ALGORITHM)); expect.that(kem.getKemId()).isEqualTo(HpkeUtil.X25519_HKDF_SHA256_KEM_ID); |