cc/core/json_keyset_writer_test.cc - third_party/tink - Git at Google

 // Copyright 2018 Google Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////

 #include "tink/json_keyset_writer.h"

 #include <ostream>
 #include <sstream>

 #include "absl/strings/escaping.h"
 #include "include/rapidjson/document.h"
 #include "include/rapidjson/error/en.h"
 #include "tink/json_keyset_reader.h"
 #include "tink/util/protobuf_helper.h"
 #include "tink/util/test_util.h"
 #include "gtest/gtest.h"
 #include "proto/aes_eax.pb.h"
 #include "proto/aes_gcm.pb.h"
 #include "proto/tink.pb.h"

 namespace crypto {
 namespace tink {

 using crypto::tink::test::AddRawKey;
 using crypto::tink::test::AddTinkKey;

 using google::crypto::tink::AesEaxKey;
 using google::crypto::tink::AesGcmKey;
 using google::crypto::tink::EncryptedKeyset;
 using google::crypto::tink::KeyData;
 using google::crypto::tink::Keyset;
 using google::crypto::tink::KeyStatusType;
 using google::crypto::tink::OutputPrefixType;

 namespace {

 class JsonKeysetWriterTest : public ::testing::Test {
  protected:
   void SetUp() {
     AesGcmKey gcm_key;
     gcm_key.set_key_value("some gcm key value");
     gcm_key.set_version(0);
     std::string gcm_key_base64;
     absl::Base64Escape(gcm_key.SerializeAsString(), &gcm_key_base64);

     AesEaxKey eax_key;
     eax_key.set_key_value("some eax key value");
     eax_key.set_version(0);
     eax_key.mutable_params()->set_iv_size(16);
     std::string eax_key_base64;
     absl::Base64Escape(eax_key.SerializeAsString(), &eax_key_base64);

     AddTinkKey("type.googleapis.com/google.crypto.tink.AesGcmKey",
                42, gcm_key, KeyStatusType::ENABLED,
                KeyData::SYMMETRIC, &keyset_);
     AddRawKey("type.googleapis.com/google.crypto.tink.AesEaxKey",
               711, eax_key, KeyStatusType::ENABLED,
               KeyData::SYMMETRIC, &keyset_);
     keyset_.set_primary_key_id(42);
     std::string json_string = "{"
            "\"primaryKeyId\": 42,"
            "\"key\": ["
            "  {"
            "    \"keyData\": {"
            "      \"typeUrl\":"
            "        \"type.googleapis.com/google.crypto.tink.AesGcmKey\","
            "      \"keyMaterialType\": \"SYMMETRIC\","
            "      \"value\": \"" + gcm_key_base64 + "\""
            "    },"
            "    \"outputPrefixType\": \"TINK\","
            "    \"keyId\": 42,"
            "    \"status\": \"ENABLED\""
            "  },"
            "  {"
            "    \"keyData\": {"
            "      \"typeUrl\":"
            "        \"type.googleapis.com/google.crypto.tink.AesEaxKey\","
            "      \"keyMaterialType\": \"SYMMETRIC\","
            "      \"value\": \"" + eax_key_base64 + "\""
            "    },"
            "    \"outputPrefixType\": \"RAW\","
            "    \"keyId\": 711,"
            "    \"status\": \"ENABLED\""
            "  }"
            "]}";
     ASSERT_FALSE(good_json_keyset_.Parse(json_string.c_str()).HasParseError());

     std::string enc_keyset = "some ciphertext with keyset";
     encrypted_keyset_.set_encrypted_keyset(enc_keyset);
     std::string enc_keyset_base64;
     absl::Base64Escape(enc_keyset, &enc_keyset_base64);
     auto keyset_info = encrypted_keyset_.mutable_keyset_info();
     keyset_info->set_primary_key_id(42);
     auto key_info = keyset_info->add_key_info();
     key_info->set_type_url("type.googleapis.com/google.crypto.tink.AesGcmKey");
     key_info->set_key_id(42);
     key_info->set_output_prefix_type(OutputPrefixType::TINK);
     key_info->set_status(KeyStatusType::ENABLED);
     good_json_encrypted_keyset_string_ = "{"
            "\"encryptedKeyset\": \"" + enc_keyset_base64 + "\", "
            "\"keysetInfo\": {"
            "  \"primaryKeyId\": 42,"
            "  \"keyInfo\": ["
            "    {"
            "      \"typeUrl\":"
            "        \"type.googleapis.com/google.crypto.tink.AesGcmKey\","
            "      \"outputPrefixType\": \"TINK\","
            "      \"keyId\": 42,"
            "      \"status\": \"ENABLED\""
            "    }"
            "  ]"
            "}}";
     ASSERT_FALSE(good_json_encrypted_keyset_.Parse(
         good_json_encrypted_keyset_string_.c_str()).HasParseError());
   }

   EncryptedKeyset encrypted_keyset_;
   Keyset keyset_;
   rapidjson::Document good_json_keyset_;
   rapidjson::Document good_json_encrypted_keyset_;
   std::string good_json_encrypted_keyset_string_;
 };

 TEST_F(JsonKeysetWriterTest, testWriterCreation) {
   {  // Input stream is null.
     std::unique_ptr<std::ostream> null_stream(nullptr);
     auto writer_result = JsonKeysetWriter::New(std::move(null_stream));
     EXPECT_FALSE(writer_result.ok());
     EXPECT_EQ(util::error::INVALID_ARGUMENT,
               writer_result.status().error_code());
   }

   {  // Stream with good keyset.
     std::unique_ptr<std::ostream> destination_stream(new std::stringstream());
     auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
     EXPECT_TRUE(writer_result.ok()) << writer_result.status();
   }
 }

 TEST_F(JsonKeysetWriterTest, testWriteKeyset) {
   std::stringbuf buffer;
   std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
   auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
   ASSERT_TRUE(writer_result.ok()) << writer_result.status();
   auto writer = std::move(writer_result.ValueOrDie());
   auto status = writer->Write(keyset_);
   EXPECT_TRUE(status.ok()) << status;
   rapidjson::Document json_keyset(rapidjson::kObjectType);
   EXPECT_FALSE(json_keyset.Parse(buffer.str().c_str()).HasParseError());
   EXPECT_TRUE(good_json_keyset_ == json_keyset);
 }

 TEST_F(JsonKeysetWriterTest, testWriteAndReadKeyset) {
   std::stringbuf buffer;
   std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
   auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
   ASSERT_TRUE(writer_result.ok()) << writer_result.status();
   auto writer = std::move(writer_result.ValueOrDie());
   auto status = writer->Write(keyset_);
   EXPECT_TRUE(status.ok()) << status;

   auto reader_result = JsonKeysetReader::New(buffer.str());
   EXPECT_TRUE(reader_result.ok()) << reader_result.status();
   auto reader = std::move(reader_result.ValueOrDie());
   auto read_result = reader->Read();
   EXPECT_TRUE(read_result.ok()) << read_result.status();
   auto keyset = std::move(read_result.ValueOrDie());
   EXPECT_EQ(keyset_.SerializeAsString(), keyset->SerializeAsString());
 }

 TEST_F(JsonKeysetWriterTest, testWriteEncryptedKeyset) {
   std::stringbuf buffer;
   std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
   auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
   ASSERT_TRUE(writer_result.ok()) << writer_result.status();
   auto writer = std::move(writer_result.ValueOrDie());
   auto status = writer->Write(encrypted_keyset_);
   EXPECT_TRUE(status.ok()) << status;
   rapidjson::Document json_encrypted_keyset(rapidjson::kObjectType);
   EXPECT_FALSE(
       json_encrypted_keyset.Parse(buffer.str().c_str()).HasParseError())
       << "Parsing error at position "
       << (unsigned)json_encrypted_keyset.GetErrorOffset()
       << " of JSON string\n"
       << buffer.str() << "\n"
       << rapidjson::GetParseError_En(json_encrypted_keyset.GetParseError());
   EXPECT_TRUE(good_json_encrypted_keyset_ == json_encrypted_keyset)
       << "Expected JSON:\n" << good_json_encrypted_keyset_string_ << "\n"
       << "Got JSON:\n" << buffer.str();
 }

 TEST_F(JsonKeysetWriterTest, testWriteAndReadEncryptedKeyset) {
   std::stringbuf buffer;
   std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
   auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
   ASSERT_TRUE(writer_result.ok()) << writer_result.status();
   auto writer = std::move(writer_result.ValueOrDie());
   auto status = writer->Write(encrypted_keyset_);
   EXPECT_TRUE(status.ok()) << status;

   auto reader_result = JsonKeysetReader::New(buffer.str());
   EXPECT_TRUE(reader_result.ok()) << reader_result.status();
   auto reader = std::move(reader_result.ValueOrDie());
   auto read_result = reader->ReadEncrypted();
   EXPECT_TRUE(read_result.ok()) << read_result.status();
   auto encrypted_keyset = std::move(read_result.ValueOrDie());
   EXPECT_EQ(encrypted_keyset_.SerializeAsString(),
             encrypted_keyset->SerializeAsString());
 }

 TEST_F(JsonKeysetWriterTest, testDestinationStreamErrors) {
   std::stringbuf buffer;
   std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
   destination_stream->setstate(std::ostream::badbit);
   auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
   ASSERT_TRUE(writer_result.ok()) << writer_result.status();
   auto writer = std::move(writer_result.ValueOrDie());
   {  // Write keyset.
     auto status = writer->Write(keyset_);
     EXPECT_FALSE(status.ok()) << status;
     EXPECT_EQ(util::error::UNKNOWN, status.error_code());
   }
   {  // Write encrypted keyset.
     auto status = writer->Write(encrypted_keyset_);
     EXPECT_FALSE(status.ok()) << status;
     EXPECT_EQ(util::error::UNKNOWN, status.error_code());
   }
 }

 }  // namespace
 }  // namespace tink
 }  // namespace crypto
	// Copyright 2018 Google Inc.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	////////////////////////////////////////////////////////////////////////////////

	#include "tink/json_keyset_writer.h"

	#include <ostream>
	#include <sstream>

	#include "absl/strings/escaping.h"
	#include "include/rapidjson/document.h"
	#include "include/rapidjson/error/en.h"
	#include "tink/json_keyset_reader.h"
	#include "tink/util/protobuf_helper.h"
	#include "tink/util/test_util.h"
	#include "gtest/gtest.h"
	#include "proto/aes_eax.pb.h"
	#include "proto/aes_gcm.pb.h"
	#include "proto/tink.pb.h"

	namespace crypto {
	namespace tink {

	using crypto::tink::test::AddRawKey;
	using crypto::tink::test::AddTinkKey;

	using google::crypto::tink::AesEaxKey;
	using google::crypto::tink::AesGcmKey;
	using google::crypto::tink::EncryptedKeyset;
	using google::crypto::tink::KeyData;
	using google::crypto::tink::Keyset;
	using google::crypto::tink::KeyStatusType;
	using google::crypto::tink::OutputPrefixType;

	namespace {

	class JsonKeysetWriterTest : public ::testing::Test {
	protected:
	void SetUp() {
	AesGcmKey gcm_key;
	gcm_key.set_key_value("some gcm key value");
	gcm_key.set_version(0);
	std::string gcm_key_base64;
	absl::Base64Escape(gcm_key.SerializeAsString(), &gcm_key_base64);

	AesEaxKey eax_key;
	eax_key.set_key_value("some eax key value");
	eax_key.set_version(0);
	eax_key.mutable_params()->set_iv_size(16);
	std::string eax_key_base64;
	absl::Base64Escape(eax_key.SerializeAsString(), &eax_key_base64);

	AddTinkKey("type.googleapis.com/google.crypto.tink.AesGcmKey",
	42, gcm_key, KeyStatusType::ENABLED,
	KeyData::SYMMETRIC, &keyset_);
	AddRawKey("type.googleapis.com/google.crypto.tink.AesEaxKey",
	711, eax_key, KeyStatusType::ENABLED,
	KeyData::SYMMETRIC, &keyset_);
	keyset_.set_primary_key_id(42);
	std::string json_string = "{"
	"\"primaryKeyId\": 42,"
	"\"key\": ["
	" {"
	" \"keyData\": {"
	" \"typeUrl\":"
	" \"type.googleapis.com/google.crypto.tink.AesGcmKey\","
	" \"keyMaterialType\": \"SYMMETRIC\","
	" \"value\": \"" + gcm_key_base64 + "\""
	" },"
	" \"outputPrefixType\": \"TINK\","
	" \"keyId\": 42,"
	" \"status\": \"ENABLED\""
	" },"
	" {"
	" \"keyData\": {"
	" \"typeUrl\":"
	" \"type.googleapis.com/google.crypto.tink.AesEaxKey\","
	" \"keyMaterialType\": \"SYMMETRIC\","
	" \"value\": \"" + eax_key_base64 + "\""
	" },"
	" \"outputPrefixType\": \"RAW\","
	" \"keyId\": 711,"
	" \"status\": \"ENABLED\""
	" }"
	"]}";
	ASSERT_FALSE(good_json_keyset_.Parse(json_string.c_str()).HasParseError());

	std::string enc_keyset = "some ciphertext with keyset";
	encrypted_keyset_.set_encrypted_keyset(enc_keyset);
	std::string enc_keyset_base64;
	absl::Base64Escape(enc_keyset, &enc_keyset_base64);
	auto keyset_info = encrypted_keyset_.mutable_keyset_info();
	keyset_info->set_primary_key_id(42);
	auto key_info = keyset_info->add_key_info();
	key_info->set_type_url("type.googleapis.com/google.crypto.tink.AesGcmKey");
	key_info->set_key_id(42);
	key_info->set_output_prefix_type(OutputPrefixType::TINK);
	key_info->set_status(KeyStatusType::ENABLED);
	good_json_encrypted_keyset_string_ = "{"
	"\"encryptedKeyset\": \"" + enc_keyset_base64 + "\", "
	"\"keysetInfo\": {"
	" \"primaryKeyId\": 42,"
	" \"keyInfo\": ["
	" {"
	" \"typeUrl\":"
	" \"type.googleapis.com/google.crypto.tink.AesGcmKey\","
	" \"outputPrefixType\": \"TINK\","
	" \"keyId\": 42,"
	" \"status\": \"ENABLED\""
	" }"
	" ]"
	"}}";
	ASSERT_FALSE(good_json_encrypted_keyset_.Parse(
	good_json_encrypted_keyset_string_.c_str()).HasParseError());
	}

	EncryptedKeyset encrypted_keyset_;
	Keyset keyset_;
	rapidjson::Document good_json_keyset_;
	rapidjson::Document good_json_encrypted_keyset_;
	std::string good_json_encrypted_keyset_string_;
	};

	TEST_F(JsonKeysetWriterTest, testWriterCreation) {
	{ // Input stream is null.
	std::unique_ptr<std::ostream> null_stream(nullptr);
	auto writer_result = JsonKeysetWriter::New(std::move(null_stream));
	EXPECT_FALSE(writer_result.ok());
	EXPECT_EQ(util::error::INVALID_ARGUMENT,
	writer_result.status().error_code());
	}

	{ // Stream with good keyset.
	std::unique_ptr<std::ostream> destination_stream(new std::stringstream());
	auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
	EXPECT_TRUE(writer_result.ok()) << writer_result.status();
	}
	}

	TEST_F(JsonKeysetWriterTest, testWriteKeyset) {
	std::stringbuf buffer;
	std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
	auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
	ASSERT_TRUE(writer_result.ok()) << writer_result.status();
	auto writer = std::move(writer_result.ValueOrDie());
	auto status = writer->Write(keyset_);
	EXPECT_TRUE(status.ok()) << status;
	rapidjson::Document json_keyset(rapidjson::kObjectType);
	EXPECT_FALSE(json_keyset.Parse(buffer.str().c_str()).HasParseError());
	EXPECT_TRUE(good_json_keyset_ == json_keyset);
	}

	TEST_F(JsonKeysetWriterTest, testWriteAndReadKeyset) {
	std::stringbuf buffer;
	std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
	auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
	ASSERT_TRUE(writer_result.ok()) << writer_result.status();
	auto writer = std::move(writer_result.ValueOrDie());
	auto status = writer->Write(keyset_);
	EXPECT_TRUE(status.ok()) << status;

	auto reader_result = JsonKeysetReader::New(buffer.str());
	EXPECT_TRUE(reader_result.ok()) << reader_result.status();
	auto reader = std::move(reader_result.ValueOrDie());
	auto read_result = reader->Read();
	EXPECT_TRUE(read_result.ok()) << read_result.status();
	auto keyset = std::move(read_result.ValueOrDie());
	EXPECT_EQ(keyset_.SerializeAsString(), keyset->SerializeAsString());
	}

	TEST_F(JsonKeysetWriterTest, testWriteEncryptedKeyset) {
	std::stringbuf buffer;
	std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
	auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
	ASSERT_TRUE(writer_result.ok()) << writer_result.status();
	auto writer = std::move(writer_result.ValueOrDie());
	auto status = writer->Write(encrypted_keyset_);
	EXPECT_TRUE(status.ok()) << status;
	rapidjson::Document json_encrypted_keyset(rapidjson::kObjectType);
	EXPECT_FALSE(
	json_encrypted_keyset.Parse(buffer.str().c_str()).HasParseError())
	<< "Parsing error at position "
	<< (unsigned)json_encrypted_keyset.GetErrorOffset()
	<< " of JSON string\n"
	<< buffer.str() << "\n"
	<< rapidjson::GetParseError_En(json_encrypted_keyset.GetParseError());
	EXPECT_TRUE(good_json_encrypted_keyset_ == json_encrypted_keyset)
	<< "Expected JSON:\n" << good_json_encrypted_keyset_string_ << "\n"
	<< "Got JSON:\n" << buffer.str();
	}

	TEST_F(JsonKeysetWriterTest, testWriteAndReadEncryptedKeyset) {
	std::stringbuf buffer;
	std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
	auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
	ASSERT_TRUE(writer_result.ok()) << writer_result.status();
	auto writer = std::move(writer_result.ValueOrDie());
	auto status = writer->Write(encrypted_keyset_);
	EXPECT_TRUE(status.ok()) << status;

	auto reader_result = JsonKeysetReader::New(buffer.str());
	EXPECT_TRUE(reader_result.ok()) << reader_result.status();
	auto reader = std::move(reader_result.ValueOrDie());
	auto read_result = reader->ReadEncrypted();
	EXPECT_TRUE(read_result.ok()) << read_result.status();
	auto encrypted_keyset = std::move(read_result.ValueOrDie());
	EXPECT_EQ(encrypted_keyset_.SerializeAsString(),
	encrypted_keyset->SerializeAsString());
	}

	TEST_F(JsonKeysetWriterTest, testDestinationStreamErrors) {
	std::stringbuf buffer;
	std::unique_ptr<std::ostream> destination_stream(new std::ostream(&buffer));
	destination_stream->setstate(std::ostream::badbit);
	auto writer_result = JsonKeysetWriter::New(std::move(destination_stream));
	ASSERT_TRUE(writer_result.ok()) << writer_result.status();
	auto writer = std::move(writer_result.ValueOrDie());
	{ // Write keyset.
	auto status = writer->Write(keyset_);
	EXPECT_FALSE(status.ok()) << status;
	EXPECT_EQ(util::error::UNKNOWN, status.error_code());
	}
	{ // Write encrypted keyset.
	auto status = writer->Write(encrypted_keyset_);
	EXPECT_FALSE(status.ok()) << status;
	EXPECT_EQ(util::error::UNKNOWN, status.error_code());
	}
	}

	} // namespace
	} // namespace tink
	} // namespace crypto