python/tink/aead/_aead_wrapper_test.py

# Copyright 2019 Google LLC.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""Tests for tink.python.tink.aead_wrapper."""

from __future__ import absolute_import
from __future__ import division
# Placeholder for import for type annotations
from __future__ import print_function

from absl.testing import absltest
from absl.testing import parameterized
import tink
from tink import aead
from tink.testing import keyset_builder


AEAD_TEMPLATE = aead.aead_key_templates.AES128_EAX
RAW_AEAD_TEMPLATE = keyset_builder.raw_template(AEAD_TEMPLATE)


def setUpModule():
  aead.register()


class AeadWrapperTest(parameterized.TestCase):

  @parameterized.parameters([AEAD_TEMPLATE, RAW_AEAD_TEMPLATE])
  def test_encrypt_decrypt(self, template):
    keyset_handle = tink.new_keyset_handle(template)
    primitive = keyset_handle.primitive(aead.Aead)
    ciphertext = primitive.encrypt(b'plaintext', b'associated_data')
    self.assertEqual(primitive.decrypt(ciphertext, b'associated_data'),
                     b'plaintext')

  @parameterized.parameters([AEAD_TEMPLATE, RAW_AEAD_TEMPLATE])
  def test_decrypt_unknown_ciphertext_fails(self, template):
    unknown_handle = tink.new_keyset_handle(template)
    unknown_primitive = unknown_handle.primitive(aead.Aead)
    unknown_ciphertext = unknown_primitive.encrypt(b'plaintext',
                                                   b'associated_data')

    keyset_handle = tink.new_keyset_handle(template)
    primitive = keyset_handle.primitive(aead.Aead)

    with self.assertRaises(tink.TinkError):
      primitive.decrypt(unknown_ciphertext, b'associated_data')

  @parameterized.parameters([AEAD_TEMPLATE, RAW_AEAD_TEMPLATE])
  def test_decrypt_wrong_associated_data_fails(self, template):
    keyset_handle = tink.new_keyset_handle(template)
    primitive = keyset_handle.primitive(aead.Aead)

    ciphertext = primitive.encrypt(b'plaintext', b'associated_data')
    with self.assertRaises(tink.TinkError):
      primitive.decrypt(ciphertext, b'wrong_associated_data')

  @parameterized.parameters([(AEAD_TEMPLATE, AEAD_TEMPLATE),
                             (RAW_AEAD_TEMPLATE, AEAD_TEMPLATE),
                             (AEAD_TEMPLATE, RAW_AEAD_TEMPLATE),
                             (RAW_AEAD_TEMPLATE, RAW_AEAD_TEMPLATE)])
  def test_encrypt_decrypt_with_key_rotation(self, template1, template2):
    builder = keyset_builder.new_keyset_builder()
    older_key_id = builder.add_new_key(template1)
    builder.set_primary_key(older_key_id)
    p1 = builder.keyset_handle().primitive(aead.Aead)

    newer_key_id = builder.add_new_key(template2)
    p2 = builder.keyset_handle().primitive(aead.Aead)

    builder.set_primary_key(newer_key_id)
    p3 = builder.keyset_handle().primitive(aead.Aead)

    builder.disable_key(older_key_id)
    p4 = builder.keyset_handle().primitive(aead.Aead)

    self.assertNotEqual(older_key_id, newer_key_id)
    # p1 encrypts with the older key. So p1, p2 and p3 can decrypt it,
    # but not p4.
    ciphertext1 = p1.encrypt(b'plaintext', b'ad')
    self.assertEqual(p1.decrypt(ciphertext1, b'ad'), b'plaintext')
    self.assertEqual(p2.decrypt(ciphertext1, b'ad'), b'plaintext')
    self.assertEqual(p3.decrypt(ciphertext1, b'ad'), b'plaintext')
    with self.assertRaises(tink.TinkError):
      _ = p4.decrypt(ciphertext1, b'ad')

    # p2 encrypts with the older key. So p1, p2 and p3 can decrypt it,
    # but not p4.
    ciphertext2 = p2.encrypt(b'plaintext', b'ad')
    self.assertEqual(p1.decrypt(ciphertext2, b'ad'), b'plaintext')
    self.assertEqual(p2.decrypt(ciphertext2, b'ad'), b'plaintext')
    self.assertEqual(p3.decrypt(ciphertext2, b'ad'), b'plaintext')
    with self.assertRaises(tink.TinkError):
      _ = p4.decrypt(ciphertext2, b'ad')

    # p3 encrypts with the newer key. So p2, p3 and p4 can decrypt it,
    # but not p1.
    ciphertext3 = p3.encrypt(b'plaintext', b'ad')
    with self.assertRaises(tink.TinkError):
      _ = p1.decrypt(ciphertext3, b'ad')
    self.assertEqual(p2.decrypt(ciphertext3, b'ad'), b'plaintext')
    self.assertEqual(p3.decrypt(ciphertext3, b'ad'), b'plaintext')
    self.assertEqual(p4.decrypt(ciphertext3, b'ad'), b'plaintext')

    # p4 encrypts with the newer key. So p2, p3 and p4 can decrypt it,
    # but not p1.
    ciphertext4 = p4.encrypt(b'plaintext', b'ad')
    with self.assertRaises(tink.TinkError):
      _ = p1.decrypt(ciphertext4, b'ad')
    self.assertEqual(p2.decrypt(ciphertext4, b'ad'), b'plaintext')
    self.assertEqual(p3.decrypt(ciphertext4, b'ad'), b'plaintext')
    self.assertEqual(p4.decrypt(ciphertext4, b'ad'), b'plaintext')


if __name__ == '__main__':
  absltest.main()