testing/cc/signature_impl_test.cc - platform/external/tink - Git at Google

 // Copyright 2020 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ///////////////////////////////////////////////////////////////////////////////

 #include "signature_impl.h"

 #include <memory>
 #include <ostream>
 #include <sstream>
 #include <string>

 #include "gmock/gmock.h"
 #include "gtest/gtest.h"
 #include "tink/binary_keyset_writer.h"
 #include "tink/cleartext_keyset_handle.h"
 #include "tink/signature/signature_config.h"
 #include "tink/signature/signature_key_templates.h"

 namespace crypto {
 namespace tink {
 namespace {

 using ::crypto::tink::BinaryKeysetWriter;
 using ::crypto::tink::CleartextKeysetHandle;
 using ::crypto::tink::SignatureKeyTemplates;

 using ::testing::IsEmpty;
 using ::tink_testing_api::CreationRequest;
 using ::tink_testing_api::CreationResponse;
 using ::tink_testing_api::SignatureSignRequest;
 using ::tink_testing_api::SignatureSignResponse;
 using ::tink_testing_api::SignatureVerifyRequest;
 using ::tink_testing_api::SignatureVerifyResponse;

 using crypto::tink::KeysetHandle;
 using google::crypto::tink::KeyTemplate;

 std::string KeysetBytes(const KeysetHandle& keyset_handle) {
   std::stringbuf keyset;
   auto writer_result =
       BinaryKeysetWriter::New(absl::make_unique<std::ostream>(&keyset));
   EXPECT_TRUE(writer_result.ok());
   auto status =
       CleartextKeysetHandle::Write(writer_result.value().get(), keyset_handle);
   EXPECT_TRUE(status.ok());
   return keyset.str();
 }

 class SignatureImplTest : public ::testing::Test {
  protected:
   static void SetUpTestSuite() {
     ASSERT_TRUE(SignatureConfig::Register().ok());
   }
 };

 TEST_F(SignatureImplTest, CreatePublicKeySignSuccess) {
   tink_testing_api::SignatureImpl signature;
   const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
   ::crypto::tink::util::StatusOr<std::unique_ptr<KeysetHandle>>
       private_keyset_handle = KeysetHandle::GenerateNew(key_template);
   ASSERT_TRUE(private_keyset_handle.status().ok())
       << private_keyset_handle.status();

   CreationRequest request;
   request.mutable_annotated_keyset()->set_serialized_keyset(
       KeysetBytes(**private_keyset_handle));
   CreationResponse response;

   EXPECT_TRUE(signature.CreatePublicKeySign(nullptr, &request, &response).ok());
   EXPECT_THAT(response.err(), IsEmpty());
 }

 TEST_F(SignatureImplTest, CreatePublicKeySignFailure) {
   tink_testing_api::SignatureImpl signature;

   CreationRequest request;
   request.mutable_annotated_keyset()->set_serialized_keyset("\x80");
   CreationResponse response;

   EXPECT_TRUE(signature.CreatePublicKeySign(nullptr, &request, &response).ok());
   EXPECT_THAT(response.err(), Not(IsEmpty()));
 }

 TEST_F(SignatureImplTest, CreatePublicKeyVerifySuccess) {
   tink_testing_api::SignatureImpl signature;
   const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
   ::crypto::tink::util::StatusOr<std::unique_ptr<KeysetHandle>>
       private_keyset_handle = KeysetHandle::GenerateNew(key_template);
   ASSERT_TRUE(private_keyset_handle.status().ok())
       << private_keyset_handle.status();
   ::crypto::tink::util::StatusOr<std::unique_ptr<KeysetHandle>>
       public_keyset_handle = (*private_keyset_handle)->GetPublicKeysetHandle();
   ASSERT_TRUE(public_keyset_handle.status().ok())
       << public_keyset_handle.status();

   CreationRequest request;
   request.mutable_annotated_keyset()->set_serialized_keyset(
       KeysetBytes(**public_keyset_handle));
   CreationResponse response;

   EXPECT_TRUE(
       signature.CreatePublicKeyVerify(nullptr, &request, &response).ok());
   EXPECT_THAT(response.err(), IsEmpty());
 }

 TEST_F(SignatureImplTest, CreatePublicKeyVerifyFailure) {
   tink_testing_api::SignatureImpl signature;

   CreationRequest request;
   request.mutable_annotated_keyset()->set_serialized_keyset("\x80");
   CreationResponse response;

   EXPECT_TRUE(
       signature.CreatePublicKeyVerify(nullptr, &request, &response).ok());
   EXPECT_THAT(response.err(), Not(IsEmpty()));
 }

 TEST_F(SignatureImplTest, SignVerifySuccess) {
   tink_testing_api::SignatureImpl signature;
   const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
   auto private_handle_result = KeysetHandle::GenerateNew(key_template);
   EXPECT_TRUE(private_handle_result.ok());
   auto public_handle_result =
       private_handle_result.value()->GetPublicKeysetHandle();
   EXPECT_TRUE(public_handle_result.ok());

   SignatureSignRequest sign_request;
   sign_request.mutable_private_annotated_keyset()->set_serialized_keyset(
       KeysetBytes(*private_handle_result.value()));
   sign_request.set_data("some data");
   SignatureSignResponse sign_response;

   EXPECT_TRUE(signature.Sign(nullptr, &sign_request, &sign_response).ok());
   EXPECT_THAT(sign_response.err(), IsEmpty());

   SignatureVerifyRequest verify_request;
   verify_request.mutable_public_annotated_keyset()->set_serialized_keyset(
       KeysetBytes(*public_handle_result.value()));
   verify_request.set_signature(sign_response.signature());
   verify_request.set_data("some data");
   SignatureVerifyResponse verify_response;

   EXPECT_TRUE(
       signature.Verify(nullptr, &verify_request, &verify_response).ok());
   EXPECT_THAT(verify_response.err(), IsEmpty());
 }

 TEST_F(SignatureImplTest, SignBadKeysetFail) {
   tink_testing_api::SignatureImpl signature;
   SignatureSignRequest sign_request;
   sign_request.mutable_private_annotated_keyset()->set_serialized_keyset(
       "bad private keyset");
   sign_request.set_data("some data");
   SignatureSignResponse sign_response;

   EXPECT_TRUE(signature.Sign(nullptr, &sign_request, &sign_response).ok());
   EXPECT_THAT(sign_response.err(), Not(IsEmpty()));
 }

 TEST_F(SignatureImplTest, VerifyBadCiphertextFail) {
   tink_testing_api::SignatureImpl signature;
   const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
   auto private_handle_result = KeysetHandle::GenerateNew(key_template);
   EXPECT_TRUE(private_handle_result.ok());
   auto public_handle_result =
       private_handle_result.value()->GetPublicKeysetHandle();
   EXPECT_TRUE(public_handle_result.ok());

   SignatureVerifyRequest verify_request;
   verify_request.mutable_public_annotated_keyset()->set_serialized_keyset(
       KeysetBytes(*public_handle_result.value()));
   verify_request.set_signature("bad signature");
   verify_request.set_data("some data");
   SignatureVerifyResponse verify_response;

   EXPECT_TRUE(
       signature.Verify(nullptr, &verify_request, &verify_response).ok());
   EXPECT_THAT(verify_response.err(), Not(IsEmpty()));
 }

 }  // namespace
 }  // namespace tink
 }  // namespace crypto
	// Copyright 2020 Google LLC
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	///////////////////////////////////////////////////////////////////////////////

	#include "signature_impl.h"

	#include <memory>
	#include <ostream>
	#include <sstream>
	#include <string>

	#include "gmock/gmock.h"
	#include "gtest/gtest.h"
	#include "tink/binary_keyset_writer.h"
	#include "tink/cleartext_keyset_handle.h"
	#include "tink/signature/signature_config.h"
	#include "tink/signature/signature_key_templates.h"

	namespace crypto {
	namespace tink {
	namespace {

	using ::crypto::tink::BinaryKeysetWriter;
	using ::crypto::tink::CleartextKeysetHandle;
	using ::crypto::tink::SignatureKeyTemplates;

	using ::testing::IsEmpty;
	using ::tink_testing_api::CreationRequest;
	using ::tink_testing_api::CreationResponse;
	using ::tink_testing_api::SignatureSignRequest;
	using ::tink_testing_api::SignatureSignResponse;
	using ::tink_testing_api::SignatureVerifyRequest;
	using ::tink_testing_api::SignatureVerifyResponse;

	using crypto::tink::KeysetHandle;
	using google::crypto::tink::KeyTemplate;

	std::string KeysetBytes(const KeysetHandle& keyset_handle) {
	std::stringbuf keyset;
	auto writer_result =
	BinaryKeysetWriter::New(absl::make_unique<std::ostream>(&keyset));
	EXPECT_TRUE(writer_result.ok());
	auto status =
	CleartextKeysetHandle::Write(writer_result.value().get(), keyset_handle);
	EXPECT_TRUE(status.ok());
	return keyset.str();
	}

	class SignatureImplTest : public ::testing::Test {
	protected:
	static void SetUpTestSuite() {
	ASSERT_TRUE(SignatureConfig::Register().ok());
	}
	};

	TEST_F(SignatureImplTest, CreatePublicKeySignSuccess) {
	tink_testing_api::SignatureImpl signature;
	const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
	::crypto::tink::util::StatusOr<std::unique_ptr<KeysetHandle>>
	private_keyset_handle = KeysetHandle::GenerateNew(key_template);
	ASSERT_TRUE(private_keyset_handle.status().ok())
	<< private_keyset_handle.status();

	CreationRequest request;
	request.mutable_annotated_keyset()->set_serialized_keyset(
	KeysetBytes(**private_keyset_handle));
	CreationResponse response;

	EXPECT_TRUE(signature.CreatePublicKeySign(nullptr, &request, &response).ok());
	EXPECT_THAT(response.err(), IsEmpty());
	}

	TEST_F(SignatureImplTest, CreatePublicKeySignFailure) {
	tink_testing_api::SignatureImpl signature;

	CreationRequest request;
	request.mutable_annotated_keyset()->set_serialized_keyset("\x80");
	CreationResponse response;

	EXPECT_TRUE(signature.CreatePublicKeySign(nullptr, &request, &response).ok());
	EXPECT_THAT(response.err(), Not(IsEmpty()));
	}

	TEST_F(SignatureImplTest, CreatePublicKeyVerifySuccess) {
	tink_testing_api::SignatureImpl signature;
	const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
	::crypto::tink::util::StatusOr<std::unique_ptr<KeysetHandle>>
	private_keyset_handle = KeysetHandle::GenerateNew(key_template);
	ASSERT_TRUE(private_keyset_handle.status().ok())
	<< private_keyset_handle.status();
	::crypto::tink::util::StatusOr<std::unique_ptr<KeysetHandle>>
	public_keyset_handle = (*private_keyset_handle)->GetPublicKeysetHandle();
	ASSERT_TRUE(public_keyset_handle.status().ok())
	<< public_keyset_handle.status();

	CreationRequest request;
	request.mutable_annotated_keyset()->set_serialized_keyset(
	KeysetBytes(**public_keyset_handle));
	CreationResponse response;

	EXPECT_TRUE(
	signature.CreatePublicKeyVerify(nullptr, &request, &response).ok());
	EXPECT_THAT(response.err(), IsEmpty());
	}

	TEST_F(SignatureImplTest, CreatePublicKeyVerifyFailure) {
	tink_testing_api::SignatureImpl signature;

	CreationRequest request;
	request.mutable_annotated_keyset()->set_serialized_keyset("\x80");
	CreationResponse response;

	EXPECT_TRUE(
	signature.CreatePublicKeyVerify(nullptr, &request, &response).ok());
	EXPECT_THAT(response.err(), Not(IsEmpty()));
	}

	TEST_F(SignatureImplTest, SignVerifySuccess) {
	tink_testing_api::SignatureImpl signature;
	const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
	auto private_handle_result = KeysetHandle::GenerateNew(key_template);
	EXPECT_TRUE(private_handle_result.ok());
	auto public_handle_result =
	private_handle_result.value()->GetPublicKeysetHandle();
	EXPECT_TRUE(public_handle_result.ok());

	SignatureSignRequest sign_request;
	sign_request.mutable_private_annotated_keyset()->set_serialized_keyset(
	KeysetBytes(*private_handle_result.value()));
	sign_request.set_data("some data");
	SignatureSignResponse sign_response;

	EXPECT_TRUE(signature.Sign(nullptr, &sign_request, &sign_response).ok());
	EXPECT_THAT(sign_response.err(), IsEmpty());

	SignatureVerifyRequest verify_request;
	verify_request.mutable_public_annotated_keyset()->set_serialized_keyset(
	KeysetBytes(*public_handle_result.value()));
	verify_request.set_signature(sign_response.signature());
	verify_request.set_data("some data");
	SignatureVerifyResponse verify_response;

	EXPECT_TRUE(
	signature.Verify(nullptr, &verify_request, &verify_response).ok());
	EXPECT_THAT(verify_response.err(), IsEmpty());
	}

	TEST_F(SignatureImplTest, SignBadKeysetFail) {
	tink_testing_api::SignatureImpl signature;
	SignatureSignRequest sign_request;
	sign_request.mutable_private_annotated_keyset()->set_serialized_keyset(
	"bad private keyset");
	sign_request.set_data("some data");
	SignatureSignResponse sign_response;

	EXPECT_TRUE(signature.Sign(nullptr, &sign_request, &sign_response).ok());
	EXPECT_THAT(sign_response.err(), Not(IsEmpty()));
	}

	TEST_F(SignatureImplTest, VerifyBadCiphertextFail) {
	tink_testing_api::SignatureImpl signature;
	const KeyTemplate& key_template = SignatureKeyTemplates::EcdsaP256();
	auto private_handle_result = KeysetHandle::GenerateNew(key_template);
	EXPECT_TRUE(private_handle_result.ok());
	auto public_handle_result =
	private_handle_result.value()->GetPublicKeysetHandle();
	EXPECT_TRUE(public_handle_result.ok());

	SignatureVerifyRequest verify_request;
	verify_request.mutable_public_annotated_keyset()->set_serialized_keyset(
	KeysetBytes(*public_handle_result.value()));
	verify_request.set_signature("bad signature");
	verify_request.set_data("some data");
	SignatureVerifyResponse verify_response;

	EXPECT_TRUE(
	signature.Verify(nullptr, &verify_request, &verify_response).ok());
	EXPECT_THAT(verify_response.err(), Not(IsEmpty()));
	}

	} // namespace
	} // namespace tink
	} // namespace crypto