cc/config/tink_config_test.cc - third_party/tink - Git at Google

 // Copyright 2017 Google Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////

 #include "tink/config/tink_config.h"

 #include "gtest/gtest.h"
 #include "tink/aead.h"
 #include "tink/catalogue.h"
 #include "tink/config.h"
 #include "tink/deterministic_aead.h"
 #include "tink/hybrid_decrypt.h"
 #include "tink/hybrid_encrypt.h"
 #include "tink/mac.h"
 #include "tink/public_key_sign.h"
 #include "tink/public_key_verify.h"
 #include "tink/registry.h"
 #include "tink/util/status.h"

 namespace crypto {
 namespace tink {
 namespace {

 class DummyHybridDecryptCatalogue : public Catalogue<HybridDecrypt> {
  public:
   DummyHybridDecryptCatalogue() {}

   crypto::tink::util::StatusOr<std::unique_ptr<KeyManager<HybridDecrypt>>>
   GetKeyManager(const std::string& type_url, const std::string& primitive_name,
                 uint32_t min_version) const override {
     return util::Status::UNKNOWN;
   }
 };

 class TinkConfigTest : public ::testing::Test {
  protected:
   void SetUp() override { Registry::Reset(); }
 };

 typedef struct KeyTypeEntry {
   std::string catalogue_name;
   std::string primitive_name;
   std::string type_url;
   bool new_key_allowed;
   int key_manager_version;
 } KeyTypeEntry;

 TEST_F(TinkConfigTest, testBasic) {
   std::vector<KeyTypeEntry> all_key_type_entries;

   std::vector<KeyTypeEntry> mac_key_type_entries;
   mac_key_type_entries.push_back(
       {"TinkMac", "Mac", "type.googleapis.com/google.crypto.tink.HmacKey", true,
        0});
   all_key_type_entries.insert(std::end(all_key_type_entries),
                               std::begin(mac_key_type_entries),
                               std::end(mac_key_type_entries));

   std::vector<KeyTypeEntry> aead_key_type_entries;
   aead_key_type_entries.push_back(
       {"TinkAead", "Aead",
        "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", true, 0});
   aead_key_type_entries.push_back(
       {"TinkAead", "Aead", "type.googleapis.com/google.crypto.tink.AesGcmKey",
        true, 0});
   aead_key_type_entries.push_back(
       {"TinkAead", "Aead", "type.googleapis.com/google.crypto.tink.AesEaxKey",
        true, 0});
   aead_key_type_entries.push_back(
       {"TinkAead", "Aead",
        "type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key", true, 0});
   all_key_type_entries.insert(std::end(all_key_type_entries),
                               std::begin(aead_key_type_entries),
                               std::end(aead_key_type_entries));

   std::vector<KeyTypeEntry> hybrid_key_type_entries;
   hybrid_key_type_entries.push_back(
       {"TinkHybridDecrypt", "HybridDecrypt",
        "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey", true,
        0});
   hybrid_key_type_entries.push_back(
       {"TinkHybridEncrypt", "HybridEncrypt",
        "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey", true,
        0});
   all_key_type_entries.insert(std::end(all_key_type_entries),
                               std::begin(hybrid_key_type_entries),
                               std::end(hybrid_key_type_entries));

   std::vector<KeyTypeEntry> signature_key_type_entries;
   signature_key_type_entries.push_back(
       {"TinkPublicKeySign", "PublicKeySign",
        "type.googleapis.com/google.crypto.tink.EcdsaPrivateKey", true, 0});
   signature_key_type_entries.push_back(
       {"TinkPublicKeyVerify", "PublicKeyVerify",
        "type.googleapis.com/google.crypto.tink.EcdsaPublicKey", true, 0});
   signature_key_type_entries.push_back(
       {"TinkPublicKeySign", "PublicKeySign",
        "type.googleapis.com/google.crypto.tink.Ed25519PrivateKey", true, 0});
   signature_key_type_entries.push_back(
       {"TinkPublicKeyVerify", "PublicKeyVerify",
        "type.googleapis.com/google.crypto.tink.Ed25519PublicKey", true, 0});
   signature_key_type_entries.push_back(
       {"TinkPublicKeySign", "PublicKeySign",
        "type.googleapis.com/google.crypto.tink.RsaSsaPssPrivateKey", true, 0});
   signature_key_type_entries.push_back(
       {"TinkPublicKeyVerify", "PublicKeyVerify",
        "type.googleapis.com/google.crypto.tink.RsaSsaPssPublicKey", true, 0});
   signature_key_type_entries.push_back(
       {"TinkPublicKeySign", "PublicKeySign",
        "type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey", true,
        0});
   signature_key_type_entries.push_back(
       {"TinkPublicKeyVerify", "PublicKeyVerify",
        "type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PublicKey", true, 0});
   all_key_type_entries.insert(std::end(all_key_type_entries),
                               std::begin(signature_key_type_entries),
                               std::end(signature_key_type_entries));

   std::vector<KeyTypeEntry> daead_key_type_entries;
   daead_key_type_entries.push_back(
       {"TinkDeterministicAead", "DeterministicAead",
        "type.googleapis.com/google.crypto.tink.AesSivKey", true, 0});
   all_key_type_entries.insert(std::end(all_key_type_entries),
                               std::begin(daead_key_type_entries),
                               std::end(daead_key_type_entries));

   auto& config = TinkConfig::Latest();

   EXPECT_EQ(all_key_type_entries.size(), TinkConfig::Latest().entry_size());

   int i = 0;
   for (const auto& key_type_entry : all_key_type_entries) {
     EXPECT_EQ(key_type_entry.catalogue_name, config.entry(i).catalogue_name());
     EXPECT_EQ(key_type_entry.primitive_name, config.entry(i).primitive_name());
     EXPECT_EQ(key_type_entry.type_url, config.entry(i).type_url());
     EXPECT_EQ(key_type_entry.new_key_allowed,
               config.entry(i).new_key_allowed());
     EXPECT_EQ(key_type_entry.key_manager_version,
               config.entry(i).key_manager_version());
     i++;
   }

   // No key manager before registration.
   for (const auto& key_type_entry : aead_key_type_entries) {
     auto manager_result =
         Registry::get_key_manager<Aead>(key_type_entry.type_url);
     EXPECT_FALSE(manager_result.ok());
     EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
   }
   for (const auto& key_type_entry : mac_key_type_entries) {
     auto manager_result =
         Registry::get_key_manager<Mac>(key_type_entry.type_url);
     EXPECT_FALSE(manager_result.ok());
     EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
   }
   for (const auto& key_type_entry : hybrid_key_type_entries) {
     if (key_type_entry.catalogue_name == "TinkHybridEncrypt") {
       // HybridEncrypt
       auto manager_result =
           Registry::get_key_manager<HybridEncrypt>(key_type_entry.type_url);
       EXPECT_FALSE(manager_result.ok());
       EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
     } else {
       // HybridDecrypt
       auto manager_result =
           Registry::get_key_manager<HybridDecrypt>(key_type_entry.type_url);
       EXPECT_FALSE(manager_result.ok());
       EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
     }
   }
   for (const auto& key_type_entry : signature_key_type_entries) {
     if (key_type_entry.catalogue_name == "TinkPublicKeySign") {
       // PublicKeySign
       auto manager_result =
           Registry::get_key_manager<PublicKeySign>(key_type_entry.type_url);
       EXPECT_FALSE(manager_result.ok());
       EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
     } else {
       // PublicKeyVerify
       auto manager_result =
           Registry::get_key_manager<PublicKeyVerify>(key_type_entry.type_url);
       EXPECT_FALSE(manager_result.ok());
       EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
     }
   }
   for (const auto& key_type_entry : daead_key_type_entries) {
     auto manager_result =
         Registry::get_key_manager<DeterministicAead>(key_type_entry.type_url);
     EXPECT_FALSE(manager_result.ok());
     EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
   }

   // Registration of standard key types works.
   auto status = TinkConfig::Register();
   EXPECT_TRUE(status.ok()) << status;
   for (const auto& key_type_entry : aead_key_type_entries) {
     auto manager_result =
         Registry::get_key_manager<Aead>(key_type_entry.type_url);
     EXPECT_TRUE(manager_result.ok()) << manager_result.status();
     EXPECT_TRUE(
         manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
   }

   for (const auto& key_type_entry : mac_key_type_entries) {
     auto manager_result =
         Registry::get_key_manager<Mac>(key_type_entry.type_url);
     EXPECT_TRUE(manager_result.ok()) << manager_result.status();
     EXPECT_TRUE(
         manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
   }

   for (const auto& key_type_entry : hybrid_key_type_entries) {
     if (key_type_entry.catalogue_name == "TinkHybridEncrypt") {
       auto manager_result =
           Registry::get_key_manager<HybridEncrypt>(key_type_entry.type_url);
       EXPECT_TRUE(manager_result.ok()) << manager_result.status();
       EXPECT_TRUE(
           manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
     } else {
       auto manager_result =
           Registry::get_key_manager<HybridDecrypt>(key_type_entry.type_url);
       EXPECT_TRUE(manager_result.ok()) << manager_result.status();
       EXPECT_TRUE(
           manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
     }
   }

   for (const auto& key_type_entry : signature_key_type_entries) {
     if (key_type_entry.catalogue_name == "TinkPublicKeySign") {
       auto manager_result =
           Registry::get_key_manager<PublicKeySign>(key_type_entry.type_url);
       EXPECT_TRUE(manager_result.ok()) << manager_result.status();
       EXPECT_TRUE(
           manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
     } else {
       auto manager_result =
           Registry::get_key_manager<PublicKeyVerify>(key_type_entry.type_url);
       EXPECT_TRUE(manager_result.ok()) << manager_result.status();
       EXPECT_TRUE(
           manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
     }
   }

   for (const auto& key_type_entry : daead_key_type_entries) {
     auto manager_result =
         Registry::get_key_manager<DeterministicAead>(key_type_entry.type_url);
     EXPECT_TRUE(manager_result.ok()) << manager_result.status();
     EXPECT_TRUE(
         manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
   }
 }  // namespace

 TEST_F(TinkConfigTest, testRegister) {
   std::string key_type = "type.googleapis.com/google.crypto.tink.AesGcmKey";

   // Try on empty registry.
   auto status = Config::Register(TinkConfig::Latest());
   EXPECT_FALSE(status.ok());
   EXPECT_EQ(util::error::NOT_FOUND, status.error_code());
   auto manager_result = Registry::get_key_manager<Aead>(key_type);
   EXPECT_FALSE(manager_result.ok());

   // Register and try again.
   status = TinkConfig::Register();
   EXPECT_TRUE(status.ok()) << status;
   manager_result = Registry::get_key_manager<Aead>(key_type);
   EXPECT_TRUE(manager_result.ok()) << manager_result.status();

   // Try Register() again, should succeed (idempotence).
   status = TinkConfig::Register();
   EXPECT_TRUE(status.ok()) << status;

   // Reset the registry, and try overriding a catalogue with a different one.
   Registry::Reset();
   status = Registry::AddCatalogue("TinkHybridDecrypt",
                                   new DummyHybridDecryptCatalogue());
   EXPECT_TRUE(status.ok()) << status;
   status = TinkConfig::Register();
   EXPECT_FALSE(status.ok());
   EXPECT_EQ(util::error::ALREADY_EXISTS, status.error_code());
 }

 }  // namespace
 }  // namespace tink
 }  // namespace crypto
	// Copyright 2017 Google Inc.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	////////////////////////////////////////////////////////////////////////////////

	#include "tink/config/tink_config.h"

	#include "gtest/gtest.h"
	#include "tink/aead.h"
	#include "tink/catalogue.h"
	#include "tink/config.h"
	#include "tink/deterministic_aead.h"
	#include "tink/hybrid_decrypt.h"
	#include "tink/hybrid_encrypt.h"
	#include "tink/mac.h"
	#include "tink/public_key_sign.h"
	#include "tink/public_key_verify.h"
	#include "tink/registry.h"
	#include "tink/util/status.h"

	namespace crypto {
	namespace tink {
	namespace {

	class DummyHybridDecryptCatalogue : public Catalogue<HybridDecrypt> {
	public:
	DummyHybridDecryptCatalogue() {}

	crypto::tink::util::StatusOr<std::unique_ptr<KeyManager<HybridDecrypt>>>
	GetKeyManager(const std::string& type_url, const std::string& primitive_name,
	uint32_t min_version) const override {
	return util::Status::UNKNOWN;
	}
	};

	class TinkConfigTest : public ::testing::Test {
	protected:
	void SetUp() override { Registry::Reset(); }
	};

	typedef struct KeyTypeEntry {
	std::string catalogue_name;
	std::string primitive_name;
	std::string type_url;
	bool new_key_allowed;
	int key_manager_version;
	} KeyTypeEntry;

	TEST_F(TinkConfigTest, testBasic) {
	std::vector<KeyTypeEntry> all_key_type_entries;

	std::vector<KeyTypeEntry> mac_key_type_entries;
	mac_key_type_entries.push_back(
	{"TinkMac", "Mac", "type.googleapis.com/google.crypto.tink.HmacKey", true,
	0});
	all_key_type_entries.insert(std::end(all_key_type_entries),
	std::begin(mac_key_type_entries),
	std::end(mac_key_type_entries));

	std::vector<KeyTypeEntry> aead_key_type_entries;
	aead_key_type_entries.push_back(
	{"TinkAead", "Aead",
	"type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", true, 0});
	aead_key_type_entries.push_back(
	{"TinkAead", "Aead", "type.googleapis.com/google.crypto.tink.AesGcmKey",
	true, 0});
	aead_key_type_entries.push_back(
	{"TinkAead", "Aead", "type.googleapis.com/google.crypto.tink.AesEaxKey",
	true, 0});
	aead_key_type_entries.push_back(
	{"TinkAead", "Aead",
	"type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key", true, 0});
	all_key_type_entries.insert(std::end(all_key_type_entries),
	std::begin(aead_key_type_entries),
	std::end(aead_key_type_entries));

	std::vector<KeyTypeEntry> hybrid_key_type_entries;
	hybrid_key_type_entries.push_back(
	{"TinkHybridDecrypt", "HybridDecrypt",
	"type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey", true,
	0});
	hybrid_key_type_entries.push_back(
	{"TinkHybridEncrypt", "HybridEncrypt",
	"type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey", true,
	0});
	all_key_type_entries.insert(std::end(all_key_type_entries),
	std::begin(hybrid_key_type_entries),
	std::end(hybrid_key_type_entries));

	std::vector<KeyTypeEntry> signature_key_type_entries;
	signature_key_type_entries.push_back(
	{"TinkPublicKeySign", "PublicKeySign",
	"type.googleapis.com/google.crypto.tink.EcdsaPrivateKey", true, 0});
	signature_key_type_entries.push_back(
	{"TinkPublicKeyVerify", "PublicKeyVerify",
	"type.googleapis.com/google.crypto.tink.EcdsaPublicKey", true, 0});
	signature_key_type_entries.push_back(
	{"TinkPublicKeySign", "PublicKeySign",
	"type.googleapis.com/google.crypto.tink.Ed25519PrivateKey", true, 0});
	signature_key_type_entries.push_back(
	{"TinkPublicKeyVerify", "PublicKeyVerify",
	"type.googleapis.com/google.crypto.tink.Ed25519PublicKey", true, 0});
	signature_key_type_entries.push_back(
	{"TinkPublicKeySign", "PublicKeySign",
	"type.googleapis.com/google.crypto.tink.RsaSsaPssPrivateKey", true, 0});
	signature_key_type_entries.push_back(
	{"TinkPublicKeyVerify", "PublicKeyVerify",
	"type.googleapis.com/google.crypto.tink.RsaSsaPssPublicKey", true, 0});
	signature_key_type_entries.push_back(
	{"TinkPublicKeySign", "PublicKeySign",
	"type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey", true,
	0});
	signature_key_type_entries.push_back(
	{"TinkPublicKeyVerify", "PublicKeyVerify",
	"type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PublicKey", true, 0});
	all_key_type_entries.insert(std::end(all_key_type_entries),
	std::begin(signature_key_type_entries),
	std::end(signature_key_type_entries));

	std::vector<KeyTypeEntry> daead_key_type_entries;
	daead_key_type_entries.push_back(
	{"TinkDeterministicAead", "DeterministicAead",
	"type.googleapis.com/google.crypto.tink.AesSivKey", true, 0});
	all_key_type_entries.insert(std::end(all_key_type_entries),
	std::begin(daead_key_type_entries),
	std::end(daead_key_type_entries));

	auto& config = TinkConfig::Latest();

	EXPECT_EQ(all_key_type_entries.size(), TinkConfig::Latest().entry_size());

	int i = 0;
	for (const auto& key_type_entry : all_key_type_entries) {
	EXPECT_EQ(key_type_entry.catalogue_name, config.entry(i).catalogue_name());
	EXPECT_EQ(key_type_entry.primitive_name, config.entry(i).primitive_name());
	EXPECT_EQ(key_type_entry.type_url, config.entry(i).type_url());
	EXPECT_EQ(key_type_entry.new_key_allowed,
	config.entry(i).new_key_allowed());
	EXPECT_EQ(key_type_entry.key_manager_version,
	config.entry(i).key_manager_version());
	i++;
	}

	// No key manager before registration.
	for (const auto& key_type_entry : aead_key_type_entries) {
	auto manager_result =
	Registry::get_key_manager<Aead>(key_type_entry.type_url);
	EXPECT_FALSE(manager_result.ok());
	EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
	}
	for (const auto& key_type_entry : mac_key_type_entries) {
	auto manager_result =
	Registry::get_key_manager<Mac>(key_type_entry.type_url);
	EXPECT_FALSE(manager_result.ok());
	EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
	}
	for (const auto& key_type_entry : hybrid_key_type_entries) {
	if (key_type_entry.catalogue_name == "TinkHybridEncrypt") {
	// HybridEncrypt
	auto manager_result =
	Registry::get_key_manager<HybridEncrypt>(key_type_entry.type_url);
	EXPECT_FALSE(manager_result.ok());
	EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
	} else {
	// HybridDecrypt
	auto manager_result =
	Registry::get_key_manager<HybridDecrypt>(key_type_entry.type_url);
	EXPECT_FALSE(manager_result.ok());
	EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
	}
	}
	for (const auto& key_type_entry : signature_key_type_entries) {
	if (key_type_entry.catalogue_name == "TinkPublicKeySign") {
	// PublicKeySign
	auto manager_result =
	Registry::get_key_manager<PublicKeySign>(key_type_entry.type_url);
	EXPECT_FALSE(manager_result.ok());
	EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
	} else {
	// PublicKeyVerify
	auto manager_result =
	Registry::get_key_manager<PublicKeyVerify>(key_type_entry.type_url);
	EXPECT_FALSE(manager_result.ok());
	EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
	}
	}
	for (const auto& key_type_entry : daead_key_type_entries) {
	auto manager_result =
	Registry::get_key_manager<DeterministicAead>(key_type_entry.type_url);
	EXPECT_FALSE(manager_result.ok());
	EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
	}

	// Registration of standard key types works.
	auto status = TinkConfig::Register();
	EXPECT_TRUE(status.ok()) << status;
	for (const auto& key_type_entry : aead_key_type_entries) {
	auto manager_result =
	Registry::get_key_manager<Aead>(key_type_entry.type_url);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();
	EXPECT_TRUE(
	manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
	}

	for (const auto& key_type_entry : mac_key_type_entries) {
	auto manager_result =
	Registry::get_key_manager<Mac>(key_type_entry.type_url);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();
	EXPECT_TRUE(
	manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
	}

	for (const auto& key_type_entry : hybrid_key_type_entries) {
	if (key_type_entry.catalogue_name == "TinkHybridEncrypt") {
	auto manager_result =
	Registry::get_key_manager<HybridEncrypt>(key_type_entry.type_url);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();
	EXPECT_TRUE(
	manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
	} else {
	auto manager_result =
	Registry::get_key_manager<HybridDecrypt>(key_type_entry.type_url);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();
	EXPECT_TRUE(
	manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
	}
	}

	for (const auto& key_type_entry : signature_key_type_entries) {
	if (key_type_entry.catalogue_name == "TinkPublicKeySign") {
	auto manager_result =
	Registry::get_key_manager<PublicKeySign>(key_type_entry.type_url);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();
	EXPECT_TRUE(
	manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
	} else {
	auto manager_result =
	Registry::get_key_manager<PublicKeyVerify>(key_type_entry.type_url);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();
	EXPECT_TRUE(
	manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
	}
	}

	for (const auto& key_type_entry : daead_key_type_entries) {
	auto manager_result =
	Registry::get_key_manager<DeterministicAead>(key_type_entry.type_url);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();
	EXPECT_TRUE(
	manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url));
	}
	} // namespace

	TEST_F(TinkConfigTest, testRegister) {
	std::string key_type = "type.googleapis.com/google.crypto.tink.AesGcmKey";

	// Try on empty registry.
	auto status = Config::Register(TinkConfig::Latest());
	EXPECT_FALSE(status.ok());
	EXPECT_EQ(util::error::NOT_FOUND, status.error_code());
	auto manager_result = Registry::get_key_manager<Aead>(key_type);
	EXPECT_FALSE(manager_result.ok());

	// Register and try again.
	status = TinkConfig::Register();
	EXPECT_TRUE(status.ok()) << status;
	manager_result = Registry::get_key_manager<Aead>(key_type);
	EXPECT_TRUE(manager_result.ok()) << manager_result.status();

	// Try Register() again, should succeed (idempotence).
	status = TinkConfig::Register();
	EXPECT_TRUE(status.ok()) << status;

	// Reset the registry, and try overriding a catalogue with a different one.
	Registry::Reset();
	status = Registry::AddCatalogue("TinkHybridDecrypt",
	new DummyHybridDecryptCatalogue());
	EXPECT_TRUE(status.ok()) << status;
	status = TinkConfig::Register();
	EXPECT_FALSE(status.ok());
	EXPECT_EQ(util::error::ALREADY_EXISTS, status.error_code());
	}

	} // namespace
	} // namespace tink
	} // namespace crypto