blob: 941b5182e1b1fef44dd01f102959cbb738a7fc73 [file] [log] [blame]
// Copyright 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
////////////////////////////////////////////////////////////////////////////////
package hybrid_test
import (
"bytes"
"testing"
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
"google.golang.org/protobuf/proto"
"github.com/google/tink/go/aead"
"github.com/google/tink/go/core/cryptofmt"
"github.com/google/tink/go/hybrid"
"github.com/google/tink/go/insecurecleartextkeyset"
"github.com/google/tink/go/internal/internalregistry"
"github.com/google/tink/go/keyset"
"github.com/google/tink/go/monitoring"
"github.com/google/tink/go/signature"
"github.com/google/tink/go/subtle/random"
"github.com/google/tink/go/testing/fakemonitoring"
"github.com/google/tink/go/testkeyset"
"github.com/google/tink/go/testutil"
commonpb "github.com/google/tink/go/proto/common_go_proto"
tinkpb "github.com/google/tink/go/proto/tink_go_proto"
)
const eciesAEADHKDFPrivateKeyTypeURL = "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey"
func TestHybridFactoryTest(t *testing.T) {
c := commonpb.EllipticCurveType_NIST_P256
ht := commonpb.HashType_SHA256
primaryPtFmt := commonpb.EcPointFormat_UNCOMPRESSED
rawPtFmt := commonpb.EcPointFormat_COMPRESSED
primaryDek := aead.AES128CTRHMACSHA256KeyTemplate()
rawDek := aead.AES128CTRHMACSHA256KeyTemplate()
primarySalt := []byte("some salt")
rawSalt := []byte("other salt")
primaryPrivProto, err := testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, primaryPtFmt, primaryDek, primarySalt)
if err != nil {
t.Fatalf("testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, primaryPtFmt, primaryDek, primarySalt) err = %v, want nil", err)
}
sPrimaryPriv, err := proto.Marshal(primaryPrivProto)
if err != nil {
t.Fatalf("proto.Marshal(primaryPrivProto) err = %v, want nil", err)
}
primaryPrivKey := testutil.NewKey(
testutil.NewKeyData(eciesAEADHKDFPrivateKeyTypeURL, sPrimaryPriv, tinkpb.KeyData_ASYMMETRIC_PRIVATE),
tinkpb.KeyStatusType_ENABLED, 8, tinkpb.OutputPrefixType_RAW)
rawPrivProto, err := testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, rawPtFmt, rawDek, rawSalt)
if err != nil {
t.Fatalf("testutil.GenerateECIESAEADHKDFPrivateKey(c, ht, rawPtFmt, rawDek, rawSalt) err = %v, want nil", err)
}
sRawPriv, err := proto.Marshal(rawPrivProto)
if err != nil {
t.Fatalf("proto.Marshal(rawPrivProto) err = %v, want nil", err)
}
rawPrivKey := testutil.NewKey(
testutil.NewKeyData(eciesAEADHKDFPrivateKeyTypeURL, sRawPriv, tinkpb.KeyData_ASYMMETRIC_PRIVATE),
tinkpb.KeyStatusType_ENABLED, 11, tinkpb.OutputPrefixType_RAW)
privKeys := []*tinkpb.Keyset_Key{primaryPrivKey, rawPrivKey}
privKeyset := testutil.NewKeyset(privKeys[0].KeyId, privKeys)
khPriv, err := testkeyset.NewHandle(privKeyset)
if err != nil {
t.Fatalf("testkeyset.NewHandle(privKeyset) err = %v, want nil", err)
}
khPub, err := khPriv.Public()
if err != nil {
t.Fatalf("khPriv.Public() err = %v, want nil", err)
}
e, err := hybrid.NewHybridEncrypt(khPub)
if err != nil {
t.Fatalf("hybrid.NewHybridEncrypt(khPub) err = %v, want nil", err)
}
d, err := hybrid.NewHybridDecrypt(khPriv)
if err != nil {
t.Fatalf("hybrid.NewHybridDecrypt(khPriv) err = %v, want nil", err)
}
for i := 0; i < 1000; i++ {
pt := random.GetRandomBytes(20)
ci := random.GetRandomBytes(20)
ct, err := e.Encrypt(pt, ci)
if err != nil {
t.Fatalf("e.Encrypt(pt, ci) err = %v, want nil", err)
}
gotpt, err := d.Decrypt(ct, ci)
if err != nil {
t.Fatalf("d.Decrypt(ct, ci) err = %v, want nil", err)
}
if !bytes.Equal(pt, gotpt) {
t.Errorf("got plaintext %q, want %q", gotpt, pt)
}
}
}
func TestFactoryWithInvalidPrimitiveSetType(t *testing.T) {
wrongKH, err := keyset.NewHandle(signature.ECDSAP256KeyTemplate())
if err != nil {
t.Fatalf("keyset.NewHandle(signature.ECDSAP256KeyTemplate()) err = %v, want nil", err)
}
_, err = hybrid.NewHybridEncrypt(wrongKH)
if err == nil {
t.Error("hybrid.NewHybridEncrypt(wrongKH) err = nil, want not nil")
}
_, err = hybrid.NewHybridDecrypt(wrongKH)
if err == nil {
t.Error("hybrid.NewHybridDecrypt(wrongKH) err = nil, want not nil")
}
}
func TestFactoryWithValidPrimitiveSetType(t *testing.T) {
goodKH, err := keyset.NewHandle(hybrid.ECIESHKDFAES128GCMKeyTemplate())
if err != nil {
t.Fatalf("keyset.NewHandle(hybrid.ECIESHKDFAES128GCMKeyTemplate()) err = %v, want nil", err)
}
goodPublicKH, err := goodKH.Public()
if err != nil {
t.Fatalf("goodKH.Public() err = %v, want nil", err)
}
_, err = hybrid.NewHybridEncrypt(goodPublicKH)
if err != nil {
t.Errorf("hybrid.NewHybridEncrypt(goodPublicKH) err = %v, want nil", err)
}
_, err = hybrid.NewHybridDecrypt(goodKH)
if err != nil {
t.Errorf("hybrid.NewHybridDecrypt(goodKH) err = %v, want nil", err)
}
}
func TestPrimitiveFactoryFailsWhenKeysetHasNoPrimary(t *testing.T) {
curve := commonpb.EllipticCurveType_NIST_P256
hash := commonpb.HashType_SHA256
format := commonpb.EcPointFormat_UNCOMPRESSED
dek := aead.AES128CTRHMACSHA256KeyTemplate()
salt := []byte("some salt")
privProto, err := testutil.GenerateECIESAEADHKDFPrivateKey(curve, hash, format, dek, salt)
if err != nil {
t.Fatalf("testutil.GenerateECIESAEADHKDFPrivateKey(curve, hash, format, dek, salt) failed: %s", err)
}
serialized, err := proto.Marshal(privProto)
if err != nil {
t.Fatalf("proto.Marshal(privateProto) err = %v, want nil", err)
}
privKey := testutil.NewKey(
testutil.NewKeyData(eciesAEADHKDFPrivateKeyTypeURL, serialized, tinkpb.KeyData_ASYMMETRIC_PRIVATE),
tinkpb.KeyStatusType_ENABLED, 8, tinkpb.OutputPrefixType_RAW)
privKeysetWithoutPrimary := &tinkpb.Keyset{
Key: []*tinkpb.Keyset_Key{privKey},
}
privHandleWithoutPrimary, err := testkeyset.NewHandle(privKeysetWithoutPrimary)
if err != nil {
t.Fatalf("testkeyset.NewHandle(privKeysetWithoutPrimary) err = %v, want nil", err)
}
pubHandleWithoutPrimary, err := privHandleWithoutPrimary.Public()
if err != nil {
t.Fatalf("privateHandleWithoutPrimary.Public() err = %v, want nil", err)
}
if _, err = hybrid.NewHybridEncrypt(pubHandleWithoutPrimary); err == nil {
t.Errorf("NewHybridEncrypt(pubHandleWithoutPrimary) err = nil, want not nil")
}
if _, err = hybrid.NewHybridDecrypt(privHandleWithoutPrimary); err == nil {
t.Errorf("NewHybridDecrypt(privHandleWithoutPrimary) err = nil, want not nil")
}
}
func TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptWithPrefix(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err)
}
handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template())
if err != nil {
t.Fatalf("keyset.NewHandle() err = %v, want nil", err)
}
buff := &bytes.Buffer{}
if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
pubHandle, err := privHandle.Public()
if err != nil {
t.Fatalf("privHandle.Public() err = %v, want nil", err)
}
buff.Reset()
if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
e, err := hybrid.NewHybridEncrypt(pubHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err)
}
d, err := hybrid.NewHybridDecrypt(privHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err)
}
data := []byte("some_secret_piece_of_data")
aad := []byte("some_non_secret_piece_of_data")
ct, err := e.Encrypt(data, aad)
if err != nil {
t.Fatalf("e.Encrypt() err = %v, want nil", err)
}
if _, err := d.Decrypt(ct, aad); err != nil {
t.Fatalf("d.Decrypt() err = %v, want nil", err)
}
got := client.Events()
wantEncryptKeysetInfo := &monitoring.KeysetInfo{
Annotations: annotations,
PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Entries: []*monitoring.Entry{
{
KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.HpkePublicKey",
KeyPrefix: "TINK",
},
},
}
wantDecryptKeysetInfo := &monitoring.KeysetInfo{
Annotations: annotations,
PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Entries: []*monitoring.Entry{
{
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.HpkePrivateKey",
KeyPrefix: "TINK",
},
},
}
want := []*fakemonitoring.LogEvent{
{
Context: monitoring.NewContext("hybrid_encrypt", "encrypt", wantEncryptKeysetInfo),
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(data),
},
{
Context: monitoring.NewContext("hybrid_decrypt", "decrypt", wantDecryptKeysetInfo),
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
// ciphertext was encrypted with a key that has a TINK output prefix. This adds a
// 5-byte prefix to the ciphertext. This prefix is not included in the `Log` call.
NumBytes: len(ct) - cryptofmt.NonRawPrefixSize,
},
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("%v", diff)
}
}
func TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptWithoutPrefix(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err)
}
handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Raw_Key_Template())
if err != nil {
t.Fatalf("keyset.NewHandle() err = %v, want nil", err)
}
buff := &bytes.Buffer{}
if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
pubHandle, err := privHandle.Public()
if err != nil {
t.Fatalf("privHandle.Public() err = %v, want nil", err)
}
buff.Reset()
if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
e, err := hybrid.NewHybridEncrypt(pubHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err)
}
d, err := hybrid.NewHybridDecrypt(privHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err)
}
data := []byte("some_secret_piece_of_data")
aad := []byte("some_non_secret_piece_of_data")
ct, err := e.Encrypt(data, aad)
if err != nil {
t.Fatalf("e.Encrypt() err = %v, want nil", err)
}
if _, err := d.Decrypt(ct, aad); err != nil {
t.Fatalf("d.Decrypt() err = %v, want nil", err)
}
got := client.Events()
wantEncryptKeysetInfo := &monitoring.KeysetInfo{
Annotations: annotations,
PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Entries: []*monitoring.Entry{
{
KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.HpkePublicKey",
KeyPrefix: "RAW",
},
},
}
wantDecryptKeysetInfo := &monitoring.KeysetInfo{
Annotations: annotations,
PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Entries: []*monitoring.Entry{
{
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.HpkePrivateKey",
KeyPrefix: "RAW",
},
},
}
want := []*fakemonitoring.LogEvent{
{
Context: monitoring.NewContext("hybrid_encrypt", "encrypt", wantEncryptKeysetInfo),
KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(data),
},
{
Context: monitoring.NewContext("hybrid_decrypt", "decrypt", wantDecryptKeysetInfo),
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(ct),
},
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("%v", diff)
}
}
func TestPrimitiveFactoryWithMonitoringWithMultipleKeysLogsEncryptionDecryption(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
manager := keyset.NewManager()
templates := []*tinkpb.KeyTemplate{
hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template(),
hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Raw_Key_Template(),
hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_Key_Template(),
hybrid.ECIESHKDFAES128GCMKeyTemplate(),
}
keyIDs := make([]uint32, 4, 4)
var err error
for i, tm := range templates {
keyIDs[i], err = manager.Add(tm)
if err != nil {
t.Fatalf("manager.Add() err = %v, want nil", err)
}
}
if err := manager.SetPrimary(keyIDs[1]); err != nil {
t.Fatalf("manager.SetPrimary(%d) err = %v, want nil", keyIDs[1], err)
}
if err := manager.Disable(keyIDs[0]); err != nil {
t.Fatalf("manager.Disable(%d) err = %v, want nil", keyIDs[0], err)
}
handle, err := manager.Handle()
if err != nil {
t.Fatalf("manager.Handle() err = %v, want nil", err)
}
buff := &bytes.Buffer{}
if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
pubHandle, err := privHandle.Public()
if err != nil {
t.Fatalf("privHandle.Public() err = %v, want nil", err)
}
buff.Reset()
if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
e, err := hybrid.NewHybridEncrypt(pubHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err)
}
d, err := hybrid.NewHybridDecrypt(privHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err)
}
data := []byte("some_secret_piece_of_data")
aad := []byte("some_non_secret_piece_of_data")
ct, err := e.Encrypt(data, aad)
if err != nil {
t.Fatalf("e.Encrypt() err = %v, want nil", err)
}
if _, err := d.Decrypt(ct, aad); err != nil {
t.Fatalf("d.Decrypt() err = %v, want nil", err)
}
failures := len(client.Failures())
if failures != 0 {
t.Errorf("len(client.Failures()) = %d, want 0", failures)
}
got := client.Events()
wantEncryptKeysetInfo := &monitoring.KeysetInfo{
Annotations: annotations,
PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Entries: []*monitoring.Entry{
{
KeyID: pubHandle.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.HpkePublicKey",
KeyPrefix: "RAW",
},
{
KeyID: keyIDs[2],
Status: monitoring.Enabled,
KeyType: "tink.HpkePublicKey",
KeyPrefix: "TINK",
},
{
KeyID: keyIDs[3],
Status: monitoring.Enabled,
KeyType: "tink.EciesAeadHkdfPublicKey",
KeyPrefix: "TINK",
},
},
}
wantDecryptKeysetInfo := &monitoring.KeysetInfo{
Annotations: annotations,
PrimaryKeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Entries: []*monitoring.Entry{
{
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.HpkePrivateKey",
KeyPrefix: "RAW",
},
{
KeyID: keyIDs[2],
Status: monitoring.Enabled,
KeyType: "tink.HpkePrivateKey",
KeyPrefix: "TINK",
},
{
KeyID: keyIDs[3],
Status: monitoring.Enabled,
KeyType: "tink.EciesAeadHkdfPrivateKey",
KeyPrefix: "TINK",
},
},
}
want := []*fakemonitoring.LogEvent{
{
Context: monitoring.NewContext("hybrid_encrypt", "encrypt", wantEncryptKeysetInfo),
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(data),
},
{
Context: monitoring.NewContext("hybrid_decrypt", "decrypt", wantDecryptKeysetInfo),
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(ct),
},
}
// sort by keyID to avoid non deterministic order.
entryLessFunc := func(a, b *monitoring.Entry) bool {
return a.KeyID < b.KeyID
}
if diff := cmp.Diff(want, got, cmpopts.SortSlices(entryLessFunc)); diff != "" {
t.Errorf("%v", diff)
}
}
func TestPrimitiveFactoryMonitoringWithAnnotationsEncryptFailureIsLogged(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template())
if err != nil {
t.Fatalf("keyset.NewHandle() err = %v, want nil", err)
}
buff := &bytes.Buffer{}
if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
buff.Reset()
pubHandle, err := privHandle.Public()
if err != nil {
t.Fatalf("privHandle.Public() err = %v, want nil", err)
}
if err := insecurecleartextkeyset.Write(pubHandle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
pubHandle, err = insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
e, err := hybrid.NewHybridEncrypt(pubHandle)
if err != nil {
t.Fatalf("NewHybridEncrypt() err = %v, want nil", err)
}
d, err := hybrid.NewHybridDecrypt(privHandle)
if err != nil {
t.Fatalf("NewHybridDecrypt() err = %v, want nil", err)
}
ct, err := e.Encrypt([]byte("plaintext"), []byte("info"))
if err != nil {
t.Fatalf("Encrypt() err = nil, want non-nil")
}
if _, err := d.Decrypt(ct, []byte("wrong info")); err == nil {
t.Fatalf("Decrypt() err = nil, want non-nil")
}
got := client.Failures()
primaryKeyID := privHandle.KeysetInfo().GetPrimaryKeyId()
want := []*fakemonitoring.LogFailure{
{
Context: monitoring.NewContext(
"hybrid_decrypt",
"decrypt",
monitoring.NewKeysetInfo(
annotations,
primaryKeyID,
[]*monitoring.Entry{
{
KeyID: primaryKeyID,
Status: monitoring.Enabled,
KeyType: "tink.HpkePrivateKey",
KeyPrefix: "TINK",
},
},
),
),
},
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("%v", diff)
}
}
func TestPrimitiveFactoryMonitoringWithAnnotationsDecryptFailureIsLogged(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err)
}
handle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template())
if err != nil {
t.Fatalf("keyset.NewHandle() err = %v, want nil", err)
}
buff := &bytes.Buffer{}
if err := insecurecleartextkeyset.Write(handle, keyset.NewBinaryWriter(buff)); err != nil {
t.Fatalf("insecurecleartextkeyset.Write() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
privHandle, err := insecurecleartextkeyset.Read(keyset.NewBinaryReader(buff), keyset.WithAnnotations(annotations))
if err != nil {
t.Fatalf("insecurecleartextkeyset.Read() err = %v, want nil", err)
}
e, err := hybrid.NewHybridDecrypt(privHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err)
}
if _, err := e.Decrypt([]byte("invalid_data"), nil); err == nil {
t.Fatalf("e.Decrypt() err = nil, want non-nil error")
}
got := client.Failures()
want := []*fakemonitoring.LogFailure{
{
Context: monitoring.NewContext(
"hybrid_decrypt",
"decrypt",
monitoring.NewKeysetInfo(
annotations,
privHandle.KeysetInfo().GetPrimaryKeyId(),
[]*monitoring.Entry{
{
KeyID: privHandle.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.HpkePrivateKey",
KeyPrefix: "TINK",
},
},
),
),
},
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("%v", diff)
}
}
func TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNotMonitor(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err)
}
privHandle, err := keyset.NewHandle(hybrid.DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template())
if err != nil {
t.Fatalf("keyset.NewHandle() err = %v, want nil", err)
}
pubHandle, err := privHandle.Public()
if err != nil {
t.Fatalf("privHandle.Public() err = %v, want nil", err)
}
e, err := hybrid.NewHybridEncrypt(pubHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridEncrypt() err = %v, want nil", err)
}
d, err := hybrid.NewHybridDecrypt(privHandle)
if err != nil {
t.Fatalf("hybrid.NewHybridDecrypt() err = %v, want nil", err)
}
data := []byte("some_secret_piece_of_data")
aad := []byte("some_non_secret_piece_of_data")
ct, err := e.Encrypt(data, aad)
if err != nil {
t.Fatalf("e.Encrypt() err = %v, want nil", err)
}
if _, err := d.Decrypt(ct, aad); err != nil {
t.Fatalf("d.Decrypt() err = %v, want nil", err)
}
if len(client.Events()) != 0 {
t.Errorf("len(client.Events()) = %d, want 0", len(client.Events()))
}
if len(client.Failures()) != 0 {
t.Errorf("len(client.Failures()) = %d, want 0", len(client.Failures()))
}
}