| // Copyright 2019 Google LLC |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| // |
| //////////////////////////////////////////////////////////////////////////////// |
| |
| package hybrid_test |
| |
| import ( |
| "bytes" |
| "testing" |
| |
| "github.com/google/go-cmp/cmp" |
| "github.com/google/go-cmp/cmp/cmpopts" |
| "google.golang.org/protobuf/proto" |
| "github.com/google/tink/go/aead" |
| "github.com/google/tink/go/core/cryptofmt" |
| "github.com/google/tink/go/hybrid" |
| "github.com/google/tink/go/insecurecleartextkeyset" |
| "github.com/google/tink/go/internal/internalregistry" |
| "github.com/google/tink/go/keyset" |
| "github.com/google/tink/go/monitoring" |
| "github.com/google/tink/go/signature" |
| "github.com/google/tink/go/subtle/random" |
| "github.com/google/tink/go/testing/fakemonitoring" |
| "github.com/google/tink/go/testkeyset" |
| "github.com/google/tink/go/testutil" |
| commonpb "github.com/google/tink/go/proto/common_go_proto" |
| tinkpb "github.com/google/tink/go/proto/tink_go_proto" |
| ) |
| |
| const eciesAEADHKDFPrivateKeyTypeURL = "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey" |
| |
| func TestHybridFactoryTest(t *testing.T) { |
| c := commonpb.EllipticCurveType_NIST_P256 |
| ht := commonpb.HashType_SHA256 |
| primaryPtFmt := commonpb.EcPointFormat_UNCOMPRESSED |
| rawPtFmt := commonpb.EcPointFormat_COMPRESSED |
| primaryDek := aead.AES128CTRHMACSHA256KeyTemplate() |
| rawDek := aead.AES128CTRHMACSHA256KeyTemplate() |
| primarySalt := []byte("some salt") |
| rawSalt := []byte("other salt") |
| |
| primaryPrivProto, err := testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, primaryPtFmt, primaryDek, primarySalt) |
| if err != nil { |
| t.Fatalf("testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, primaryPtFmt, primaryDek, primarySalt) err = %v, want nil", err) |
| } |
| sPrimaryPriv, err := proto.Marshal(primaryPrivProto) |
| if err != nil { |
| t.Fatalf("proto.Marshal(primaryPrivProto) err = %v, want nil", err) |
| } |
| |
| primaryPrivKey := testutil.NewKey( |
| testutil.NewKeyData(eciesAEADHKDFPrivateKeyTypeURL, sPrimaryPriv, tinkpb.KeyData_ASYMMETRIC_PRIVATE), |
| tinkpb.KeyStatusType_ENABLED, 8, tinkpb.OutputPrefixType_RAW) |
| |
| rawPrivProto, err := testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, rawPtFmt, rawDek, rawSalt) |
| if err != nil { |
| t.Fatalf("testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, rawPtFmt, rawDek, rawSalt) err = %v, want nil", err) |
| } |
| sRawPriv, err := proto.Marshal(rawPrivProto) |
| if err != nil { |
| t.Fatalf("proto.Marshal(rawPrivProto) err = %v, want nil", err) |
| } |
| rawPrivKey := testutil.NewKey( |
| testutil.NewKeyData(eciesAEADHKDFPrivateKeyTypeURL, sRawPriv, tinkpb.KeyData_ASYMMETRIC_PRIVATE), |
| tinkpb.KeyStatusType_ENABLED, 11, tinkpb.OutputPrefixType_RAW) |
| |
| privKeys := []*tinkpb.Keyset_Key{primaryPrivKey, rawPrivKey} |
| privKeyset := testutil.NewKeyset(privKeys[0].KeyId, privKeys) |
| khPriv, err := testkeyset.NewHandle(privKeyset) |
| if err != nil { |
| t.Fatalf("testkeyset.NewHandle(privKeyset) err = %v, want nil", err) |
| } |
| |
| khPub, err := khPriv.Public() |
| if err != nil { |
| t.Fatalf("khPriv.Public() err = %v, want nil", err) |
| } |
| |
| e, err := hybrid.NewHybridEncrypt(khPub) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridEncrypt(khPub) err = %v, want nil", err) |
| } |
| d, err := hybrid.NewHybridDecrypt(khPriv) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridDecrypt(khPriv) err = %v, want nil", err) |
| } |
| |
| for i := 0; i < 1000; i++ { |
| pt := random.GetRandomBytes(20) |
| ci := random.GetRandomBytes(20) |
| ct, err := e.Encrypt(pt, ci) |
| if err != nil { |
| t.Fatalf("e.Encrypt(pt, ci) err = %v, want nil", err) |
| } |
| gotpt, err := d.Decrypt(ct, ci) |
| if err != nil { |
| t.Fatalf("d.Decrypt(ct, ci) err = %v, want nil", err) |
| } |
| if !bytes.Equal(pt, gotpt) { |
| t.Errorf("got plaintext %q, want %q", gotpt, pt) |
| } |
| } |
| } |
| |
| func TestFactoryWithInvalidPrimitiveSetType(t *testing.T) { |
| wrongKH, err := keyset.NewHandle(signature.ECDSAP256KeyTemplate()) |
| if err != nil { |
| t.Fatalf("keyset.NewHandle(signature.ECDSAP256KeyTemplate()) err = %v, want nil", err) |
| } |
| |
| _, err = hybrid.NewHybridEncrypt(wrongKH) |
| if err == nil { |
| t.Error("hybrid.NewHybridEncrypt(wrongKH) err = nil, want not nil") |
| } |
| |
| _, err = hybrid.NewHybridDecrypt(wrongKH) |
| if err == nil { |
| t.Error("hybrid.NewHybridDecrypt(wrongKH) err = nil, want not nil") |
| } |
| } |
| |
| func TestFactoryWithValidPrimitiveSetType(t *testing.T) { |
| goodKH, err := keyset.NewHandle(hybrid.ECIESHKDFAES128GCMKeyTemplate()) |
| if err != nil { |
| t.Fatalf("keyset.NewHandle(hybrid.ECIESHKDFAES128GCMKeyTemplate()) err = %v, want nil", err) |
| } |
| |
| goodPublicKH, err := goodKH.Public() |
| if err != nil { |
| t.Fatalf("goodKH.Public() err = %v, want nil", err) |
| } |
| _, err = hybrid.NewHybridEncrypt(goodPublicKH) |
| if err != nil { |
| t.Errorf("hybrid.NewHybridEncrypt(goodPublicKH) err = %v, want nil", err) |
| } |
| |
| _, err = hybrid.NewHybridDecrypt(goodKH) |
| if err != nil { |
| t.Errorf("hybrid.NewHybridDecrypt(goodKH) err = %v, want nil", err) |
| } |
| } |
| |
| func TestPrimitiveFactoryFailsWhenKeysetHasNoPrimary(t *testing.T) { |
| curve := commonpb.EllipticCurveType_NIST_P256 |
| hash := commonpb.HashType_SHA256 |
| format := commonpb.EcPointFormat_UNCOMPRESSED |
| dek := aead.AES128CTRHMACSHA256KeyTemplate() |
| salt := []byte("some salt") |
| privProto, err := testutil.GenerateECIESAEADHKDFPrivateKey(curve, hash, format, dek, salt) |
| if err != nil { |
| t.Fatalf("testutil.GenerateECIESAEADHKDFPrivateKey(curve, hash, format, dek, salt) failed: %s", err) |
| } |
| serialized, err := proto.Marshal(privProto) |
| if err != nil { |
| t.Fatalf("proto.Marshal(privateProto) err = %v, want nil", err) |
| } |
| privKey := testutil.NewKey( |
| testutil.NewKeyData(eciesAEADHKDFPrivateKeyTypeURL, serialized, tinkpb.KeyData_ASYMMETRIC_PRIVATE), |
| tinkpb.KeyStatusType_ENABLED, 8, tinkpb.OutputPrefixType_RAW) |
| privKeysetWithoutPrimary := &tinkpb.Keyset{ |
| Key: []*tinkpb.Keyset_Key{privKey}, |
| } |
| privHandleWithoutPrimary, err := testkeyset.NewHandle(privKeysetWithoutPrimary) |
| if err != nil { |
| t.Fatalf("testkeyset.NewHandle(privKeysetWithoutPrimary) err = %v, want nil", err) |
| } |
| pubHandleWithoutPrimary, err := privHandleWithoutPrimary.Public() |
| if err != nil { |
| t.Fatalf("privateHandleWithoutPrimary.Public() err = %v, want nil", err) |
| } |
| |
| if _, err = hybrid.NewHybridEncrypt(pubHandleWithoutPrimary); err == nil { |
| t.Errorf("NewHybridEncrypt(pubHandleWithoutPrimary) err = nil, want not nil") |
| } |
| |
| if _, err = hybrid.NewHybridDecrypt(privHandleWithoutPrimary); err == nil { |
| t.Errorf("NewHybridDecrypt(privHandleWithoutPrimary) err = nil, want not nil") |
| } |
| } |
| |
| func TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptWithPrefix(t *testing.T) { |
| defer internalregistry.ClearMonitoringClient() |
| client := fakemonitoring.NewClient("fake-client") |
| if err := internalregistry.RegisterMonitoringClient(client); err != nil { |
| t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err) |
| } |
| handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template()) |
| if err != nil { |
| t.Fatalf("keyset.NewHandle() err = %v, want nil", err) |
| } |
| buff := &bytes.Buffer{} |
| if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| annotations := map[string]string{"foo": "bar"} |
| privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| pubHandle, err := privHandle.Public() |
| if err != nil { |
| t.Fatalf("privHandle.Public() err = %v, want nil", err) |
| } |
| buff.Reset() |
| if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| e, err := hybrid.NewHybridEncrypt(pubHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err) |
| } |
| d, err := hybrid.NewHybridDecrypt(privHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err) |
| } |
| data := []byte("some_secret_piece_of_data") |
| aad := []byte("some_non_secret_piece_of_data") |
| ct, err := e.Encrypt(data, aad) |
| if err != nil { |
| t.Fatalf("e.Encrypt() err = %v, want nil", err) |
| } |
| if _, err := d.Decrypt(ct, aad); err != nil { |
| t.Fatalf("d.Decrypt() err = %v, want nil", err) |
| } |
| got := client.Events() |
| wantEncryptKeysetInfo := &monitoring.KeysetInfo{ |
| Annotations: annotations, |
| PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Entries: []*monitoring.Entry{ |
| { |
| KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(), |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePublicKey", |
| KeyPrefix: "TINK", |
| }, |
| }, |
| } |
| wantDecryptKeysetInfo := &monitoring.KeysetInfo{ |
| Annotations: annotations, |
| PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Entries: []*monitoring.Entry{ |
| { |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePrivateKey", |
| KeyPrefix: "TINK", |
| }, |
| }, |
| } |
| want := []*fakemonitoring.LogEvent{ |
| { |
| Context: monitoring.NewContext("hybrid_encrypt", "encrypt", wantEncryptKeysetInfo), |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| NumBytes: len(data), |
| }, |
| { |
| Context: monitoring.NewContext("hybrid_decrypt", "decrypt", wantDecryptKeysetInfo), |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| // ciphertext was encrypted with a key that has a TINK output prefix. This adds a |
| // 5-byte prefix to the ciphertext. This prefix is not included in the `Log` call. |
| NumBytes: len(ct) - cryptofmt.NonRawPrefixSize, |
| }, |
| } |
| if diff := cmp.Diff(want, got); diff != "" { |
| t.Errorf("%v", diff) |
| } |
| } |
| |
| func TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptWithoutPrefix(t *testing.T) { |
| defer internalregistry.ClearMonitoringClient() |
| client := fakemonitoring.NewClient("fake-client") |
| if err := internalregistry.RegisterMonitoringClient(client); err != nil { |
| t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err) |
| } |
| handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Raw_Key_Template()) |
| if err != nil { |
| t.Fatalf("keyset.NewHandle() err = %v, want nil", err) |
| } |
| buff := &bytes.Buffer{} |
| if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| annotations := map[string]string{"foo": "bar"} |
| privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| pubHandle, err := privHandle.Public() |
| if err != nil { |
| t.Fatalf("privHandle.Public() err = %v, want nil", err) |
| } |
| buff.Reset() |
| if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| e, err := hybrid.NewHybridEncrypt(pubHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err) |
| } |
| d, err := hybrid.NewHybridDecrypt(privHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err) |
| } |
| data := []byte("some_secret_piece_of_data") |
| aad := []byte("some_non_secret_piece_of_data") |
| ct, err := e.Encrypt(data, aad) |
| if err != nil { |
| t.Fatalf("e.Encrypt() err = %v, want nil", err) |
| } |
| if _, err := d.Decrypt(ct, aad); err != nil { |
| t.Fatalf("d.Decrypt() err = %v, want nil", err) |
| } |
| got := client.Events() |
| wantEncryptKeysetInfo := &monitoring.KeysetInfo{ |
| Annotations: annotations, |
| PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Entries: []*monitoring.Entry{ |
| { |
| KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(), |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePublicKey", |
| KeyPrefix: "RAW", |
| }, |
| }, |
| } |
| wantDecryptKeysetInfo := &monitoring.KeysetInfo{ |
| Annotations: annotations, |
| PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Entries: []*monitoring.Entry{ |
| { |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePrivateKey", |
| KeyPrefix: "RAW", |
| }, |
| }, |
| } |
| want := []*fakemonitoring.LogEvent{ |
| { |
| Context: monitoring.NewContext("hybrid_encrypt", "encrypt", wantEncryptKeysetInfo), |
| KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(), |
| NumBytes: len(data), |
| }, |
| { |
| Context: monitoring.NewContext("hybrid_decrypt", "decrypt", wantDecryptKeysetInfo), |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| NumBytes: len(ct), |
| }, |
| } |
| if diff := cmp.Diff(want, got); diff != "" { |
| t.Errorf("%v", diff) |
| } |
| } |
| |
| func TestPrimitiveFactoryWithMonitoringWithMultipleKeysLogsEncryptionDecryption(t *testing.T) { |
| defer internalregistry.ClearMonitoringClient() |
| client := fakemonitoring.NewClient("fake-client") |
| if err := internalregistry.RegisterMonitoringClient(client); err != nil { |
| t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err) |
| } |
| manager := keyset.NewManager() |
| templates := []*tinkpb.KeyTemplate{ |
| hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template(), |
| hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Raw_Key_Template(), |
| hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_Key_Template(), |
| hybrid.ECIESHKDFAES128GCMKeyTemplate(), |
| } |
| keyIDs := make([]uint32, 4, 4) |
| var err error |
| for i, tm := range templates { |
| keyIDs[i], err = manager.Add(tm) |
| if err != nil { |
| t.Fatalf("manager.Add() err = %v, want nil", err) |
| } |
| } |
| if err := manager.SetPrimary(keyIDs[1]); err != nil { |
| t.Fatalf("manager.SetPrimary(%d) err = %v, want nil", keyIDs[1], err) |
| } |
| if err := manager.Disable(keyIDs[0]); err != nil { |
| t.Fatalf("manager.Disable(%d) err = %v, want nil", keyIDs[0], err) |
| } |
| handle, err := manager.Handle() |
| if err != nil { |
| t.Fatalf("manager.Handle() err = %v, want nil", err) |
| } |
| buff := &bytes.Buffer{} |
| if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| annotations := map[string]string{"foo": "bar"} |
| privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| pubHandle, err := privHandle.Public() |
| if err != nil { |
| t.Fatalf("privHandle.Public() err = %v, want nil", err) |
| } |
| buff.Reset() |
| if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| e, err := hybrid.NewHybridEncrypt(pubHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err) |
| } |
| d, err := hybrid.NewHybridDecrypt(privHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err) |
| } |
| data := []byte("some_secret_piece_of_data") |
| aad := []byte("some_non_secret_piece_of_data") |
| ct, err := e.Encrypt(data, aad) |
| if err != nil { |
| t.Fatalf("e.Encrypt() err = %v, want nil", err) |
| } |
| if _, err := d.Decrypt(ct, aad); err != nil { |
| t.Fatalf("d.Decrypt() err = %v, want nil", err) |
| } |
| failures := len(client.Failures()) |
| if failures != 0 { |
| t.Errorf("len(client.Failures()) = %d, want 0", failures) |
| } |
| got := client.Events() |
| wantEncryptKeysetInfo := &monitoring.KeysetInfo{ |
| Annotations: annotations, |
| PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Entries: []*monitoring.Entry{ |
| { |
| KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(), |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePublicKey", |
| KeyPrefix: "RAW", |
| }, |
| { |
| KeyID: keyIDs[2], |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePublicKey", |
| KeyPrefix: "TINK", |
| }, |
| { |
| KeyID: keyIDs[3], |
| Status: monitoring.Enabled, |
| KeyType: "tink.EciesAeadHkdfPublicKey", |
| KeyPrefix: "TINK", |
| }, |
| }, |
| } |
| wantDecryptKeysetInfo := &monitoring.KeysetInfo{ |
| Annotations: annotations, |
| PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Entries: []*monitoring.Entry{ |
| { |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePrivateKey", |
| KeyPrefix: "RAW", |
| }, |
| { |
| KeyID: keyIDs[2], |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePrivateKey", |
| KeyPrefix: "TINK", |
| }, |
| { |
| KeyID: keyIDs[3], |
| Status: monitoring.Enabled, |
| KeyType: "tink.EciesAeadHkdfPrivateKey", |
| KeyPrefix: "TINK", |
| }, |
| }, |
| } |
| want := []*fakemonitoring.LogEvent{ |
| { |
| Context: monitoring.NewContext("hybrid_encrypt", "encrypt", wantEncryptKeysetInfo), |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| NumBytes: len(data), |
| }, |
| { |
| Context: monitoring.NewContext("hybrid_decrypt", "decrypt", wantDecryptKeysetInfo), |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| NumBytes: len(ct), |
| }, |
| } |
| // sort by keyID to avoid non deterministic order. |
| entryLessFunc := func(a, b *monitoring.Entry) bool { |
| return a.KeyID < b.KeyID |
| } |
| if diff := cmp.Diff(want, got, cmpopts.SortSlices(entryLessFunc)); diff != "" { |
| t.Errorf("%v", diff) |
| } |
| } |
| |
| func TestPrimitiveFactoryMonitoringWithAnnotationsEncryptFailureIsLogged(t *testing.T) { |
| defer internalregistry.ClearMonitoringClient() |
| client := fakemonitoring.NewClient("fake-client") |
| if err := internalregistry.RegisterMonitoringClient(client); err != nil { |
| t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err) |
| } |
| |
| handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template()) |
| if err != nil { |
| t.Fatalf("keyset.NewHandle() err = %v, want nil", err) |
| } |
| buff := &bytes.Buffer{} |
| if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| annotations := map[string]string{"foo": "bar"} |
| privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| buff.Reset() |
| |
| pubHandle, err := privHandle.Public() |
| if err != nil { |
| t.Fatalf("privHandle.Public() err = %v, want nil", err) |
| } |
| if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| |
| e, err := hybrid.NewHybridEncrypt(pubHandle) |
| if err != nil { |
| t.Fatalf("NewHybridEncrypt() err = %v, want nil", err) |
| } |
| d, err := hybrid.NewHybridDecrypt(privHandle) |
| if err != nil { |
| t.Fatalf("NewHybridDecrypt() err = %v, want nil", err) |
| } |
| |
| ct, err := e.Encrypt([]byte("plaintext"), []byte("info")) |
| if err != nil { |
| t.Fatalf("Encrypt() err = nil, want non-nil") |
| } |
| if _, err := d.Decrypt(ct, []byte("wrong info")); err == nil { |
| t.Fatalf("Decrypt() err = nil, want non-nil") |
| } |
| |
| got := client.Failures() |
| primaryKeyID := privHandle.KeysetInfo().GetPrimaryKeyId() |
| want := []*fakemonitoring.LogFailure{ |
| { |
| Context: monitoring.NewContext( |
| "hybrid_decrypt", |
| "decrypt", |
| monitoring.NewKeysetInfo( |
| annotations, |
| primaryKeyID, |
| []*monitoring.Entry{ |
| { |
| KeyID: primaryKeyID, |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePrivateKey", |
| KeyPrefix: "TINK", |
| }, |
| }, |
| ), |
| ), |
| }, |
| } |
| if diff := cmp.Diff(want, got); diff != "" { |
| t.Errorf("%v", diff) |
| } |
| } |
| |
| func TestPrimitiveFactoryMonitoringWithAnnotationsDecryptFailureIsLogged(t *testing.T) { |
| defer internalregistry.ClearMonitoringClient() |
| client := fakemonitoring.NewClient("fake-client") |
| if err := internalregistry.RegisterMonitoringClient(client); err != nil { |
| t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err) |
| } |
| handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template()) |
| if err != nil { |
| t.Fatalf("keyset.NewHandle() err = %v, want nil", err) |
| } |
| buff := &bytes.Buffer{} |
| if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil { |
| t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err) |
| } |
| annotations := map[string]string{"foo": "bar"} |
| privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations)) |
| if err != nil { |
| t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err) |
| } |
| e, err := hybrid.NewHybridDecrypt(privHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err) |
| } |
| if _, err := e.Decrypt([]byte("invalid_data"), nil); err == nil { |
| t.Fatalf("e.Decrypt() err = nil, want non-nil error") |
| } |
| got := client.Failures() |
| want := []*fakemonitoring.LogFailure{ |
| { |
| Context: monitoring.NewContext( |
| "hybrid_decrypt", |
| "decrypt", |
| monitoring.NewKeysetInfo( |
| annotations, |
| privHandle.KeysetInfo().GetPrimaryKeyId(), |
| []*monitoring.Entry{ |
| { |
| KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(), |
| Status: monitoring.Enabled, |
| KeyType: "tink.HpkePrivateKey", |
| KeyPrefix: "TINK", |
| }, |
| }, |
| ), |
| ), |
| }, |
| } |
| if diff := cmp.Diff(want, got); diff != "" { |
| t.Errorf("%v", diff) |
| } |
| } |
| |
| func TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNotMonitor(t *testing.T) { |
| defer internalregistry.ClearMonitoringClient() |
| client := fakemonitoring.NewClient("fake-client") |
| if err := internalregistry.RegisterMonitoringClient(client); err != nil { |
| t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err) |
| } |
| privHandle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template()) |
| if err != nil { |
| t.Fatalf("keyset.NewHandle() err = %v, want nil", err) |
| } |
| pubHandle, err := privHandle.Public() |
| if err != nil { |
| t.Fatalf("privHandle.Public() err = %v, want nil", err) |
| } |
| e, err := hybrid.NewHybridEncrypt(pubHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err) |
| } |
| d, err := hybrid.NewHybridDecrypt(privHandle) |
| if err != nil { |
| t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err) |
| } |
| data := []byte("some_secret_piece_of_data") |
| aad := []byte("some_non_secret_piece_of_data") |
| ct, err := e.Encrypt(data, aad) |
| if err != nil { |
| t.Fatalf("e.Encrypt() err = %v, want nil", err) |
| } |
| if _, err := d.Decrypt(ct, aad); err != nil { |
| t.Fatalf("d.Decrypt() err = %v, want nil", err) |
| } |
| if len(client.Events()) != 0 { |
| t.Errorf("len(client.Events()) = %d, want 0", len(client.Events())) |
| } |
| if len(client.Failures()) != 0 { |
| t.Errorf("len(client.Failures()) = %d, want 0", len(client.Failures())) |
| } |
| } |