cc/experimental/pqcrypto/signature/signature_config_util_test.cc - third_party/tink - Git at Google

 // Copyright 2021 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ///////////////////////////////////////////////////////////////////////////////

 #include "tink/experimental/pqcrypto/signature/signature_config.h"

 #include <string>
 #include <utility>

 #include "gmock/gmock.h"
 #include "gtest/gtest.h"
 #include "tink/config/tink_fips.h"
 #include "tink/experimental/pqcrypto/signature/dilithium_sign_key_manager.h"
 #include "tink/experimental/pqcrypto/signature/dilithium_verify_key_manager.h"
 #include "tink/public_key_sign.h"
 #include "tink/public_key_verify.h"
 #include "tink/registry.h"
 #include "tink/util/status.h"
 #include "tink/util/test_matchers.h"
 #include "tink/util/test_util.h"

 namespace crypto {
 namespace tink {
 namespace {

 using ::crypto::tink::test::DummyPublicKeySign;
 using ::crypto::tink::test::DummyPublicKeyVerify;
 using ::crypto::tink::test::IsOk;

 class PcqSignatureConfigTest : public ::testing::Test {
  protected:
   void SetUp() override { Registry::Reset(); }
 };

 TEST_F(PcqSignatureConfigTest, CheckStatus) {
   if (IsFipsModeEnabled() && !FIPS_mode()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }

   EXPECT_THAT(PqSignatureConfigRegister(), IsOk());
 }

 // Tests that the PublicKeySignWrapper has been properly registered and we
 // can wrap primitives.
 TEST_F(PcqSignatureConfigTest, PublicKeySignWrapperRegistered) {
   if (IsFipsModeEnabled() && !FIPS_mode()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }

   ASSERT_THAT(PqSignatureConfigRegister(), IsOk());

   google::crypto::tink::KeysetInfo::KeyInfo key_info;
   key_info.set_status(google::crypto::tink::KeyStatusType::ENABLED);
   key_info.set_key_id(1234);
   key_info.set_output_prefix_type(google::crypto::tink::OutputPrefixType::TINK);

   auto primitive_set = absl::make_unique<PrimitiveSet<PublicKeySign>>();
   auto add_primitive = primitive_set->AddPrimitive(
       absl::make_unique<DummyPublicKeySign>("dummy"), key_info);
   ASSERT_THAT(add_primitive, IsOk());
   ASSERT_THAT(primitive_set->set_primary(*add_primitive), IsOk());

   util::StatusOr<std::unique_ptr<crypto::tink::PublicKeySign>> wrapped =
       Registry::Wrap(std::move(primitive_set));
   ASSERT_THAT(wrapped, IsOk());

   util::StatusOr<std::string> signature_result = (*wrapped)->Sign("message");
   ASSERT_THAT(signature_result, IsOk());

   util::StatusOr<std::string> prefix = CryptoFormat::GetOutputPrefix(key_info);
   ASSERT_THAT(prefix, IsOk());
   util::StatusOr<std::string> signature =
       DummyPublicKeySign("dummy").Sign("message");
   ASSERT_THAT(signature, IsOk());

   EXPECT_EQ(*signature_result, absl::StrCat(*prefix, *signature));
 }

 // Tests that the PublicKeyVerifyWrapper has been properly registered and we
 // can wrap primitives.
 TEST_F(PcqSignatureConfigTest, PublicKeyVerifyWrapperRegistered) {
   if (IsFipsModeEnabled() && !FIPS_mode()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }

   ASSERT_THAT(PqSignatureConfigRegister(), IsOk());

   google::crypto::tink::KeysetInfo::KeyInfo key_info;
   key_info.set_status(google::crypto::tink::KeyStatusType::ENABLED);
   key_info.set_key_id(1234);
   key_info.set_output_prefix_type(google::crypto::tink::OutputPrefixType::TINK);

   auto primitive_set = absl::make_unique<PrimitiveSet<PublicKeyVerify>>();
   auto add_primitive = primitive_set->AddPrimitive(
       absl::make_unique<DummyPublicKeyVerify>("dummy"), key_info);
   ASSERT_THAT(add_primitive, IsOk());
   ASSERT_THAT(primitive_set->set_primary(*add_primitive), IsOk());

   util::StatusOr<std::unique_ptr<crypto::tink::PublicKeyVerify>> wrapped =
       Registry::Wrap(std::move(primitive_set));
   ASSERT_THAT(wrapped, IsOk());

   util::StatusOr<std::string> prefix = CryptoFormat::GetOutputPrefix(key_info);
   ASSERT_THAT(prefix, IsOk());
   util::StatusOr<std::string> signature =
       DummyPublicKeySign("dummy").Sign("message");
   ASSERT_THAT(signature, IsOk());

   ASSERT_THAT((*wrapped)->Verify(absl::StrCat(*prefix, *signature), "message"),
               IsOk());
 }


 }  // namespace
 }  // namespace tink
 }  // namespace crypto
	// Copyright 2021 Google LLC
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	///////////////////////////////////////////////////////////////////////////////

	#include "tink/experimental/pqcrypto/signature/signature_config.h"

	#include <string>
	#include <utility>

	#include "gmock/gmock.h"
	#include "gtest/gtest.h"
	#include "tink/config/tink_fips.h"
	#include "tink/experimental/pqcrypto/signature/dilithium_sign_key_manager.h"
	#include "tink/experimental/pqcrypto/signature/dilithium_verify_key_manager.h"
	#include "tink/public_key_sign.h"
	#include "tink/public_key_verify.h"
	#include "tink/registry.h"
	#include "tink/util/status.h"
	#include "tink/util/test_matchers.h"
	#include "tink/util/test_util.h"

	namespace crypto {
	namespace tink {
	namespace {

	using ::crypto::tink::test::DummyPublicKeySign;
	using ::crypto::tink::test::DummyPublicKeyVerify;
	using ::crypto::tink::test::IsOk;

	class PcqSignatureConfigTest : public ::testing::Test {
	protected:
	void SetUp() override { Registry::Reset(); }
	};

	TEST_F(PcqSignatureConfigTest, CheckStatus) {
	if (IsFipsModeEnabled() && !FIPS_mode()) {
	GTEST_SKIP() << "Not supported if FIPS-mode is used";
	}

	EXPECT_THAT(PqSignatureConfigRegister(), IsOk());
	}

	// Tests that the PublicKeySignWrapper has been properly registered and we
	// can wrap primitives.
	TEST_F(PcqSignatureConfigTest, PublicKeySignWrapperRegistered) {
	if (IsFipsModeEnabled() && !FIPS_mode()) {
	GTEST_SKIP() << "Not supported if FIPS-mode is used";
	}

	ASSERT_THAT(PqSignatureConfigRegister(), IsOk());

	google::crypto::tink::KeysetInfo::KeyInfo key_info;
	key_info.set_status(google::crypto::tink::KeyStatusType::ENABLED);
	key_info.set_key_id(1234);
	key_info.set_output_prefix_type(google::crypto::tink::OutputPrefixType::TINK);

	auto primitive_set = absl::make_unique<PrimitiveSet<PublicKeySign>>();
	auto add_primitive = primitive_set->AddPrimitive(
	absl::make_unique<DummyPublicKeySign>("dummy"), key_info);
	ASSERT_THAT(add_primitive, IsOk());
	ASSERT_THAT(primitive_set->set_primary(*add_primitive), IsOk());

	util::StatusOr<std::unique_ptr<crypto::tink::PublicKeySign>> wrapped =
	Registry::Wrap(std::move(primitive_set));
	ASSERT_THAT(wrapped, IsOk());

	util::StatusOr<std::string> signature_result = (*wrapped)->Sign("message");
	ASSERT_THAT(signature_result, IsOk());

	util::StatusOr<std::string> prefix = CryptoFormat::GetOutputPrefix(key_info);
	ASSERT_THAT(prefix, IsOk());
	util::StatusOr<std::string> signature =
	DummyPublicKeySign("dummy").Sign("message");
	ASSERT_THAT(signature, IsOk());

	EXPECT_EQ(signature_result, absl::StrCat(prefix, *signature));
	}

	// Tests that the PublicKeyVerifyWrapper has been properly registered and we
	// can wrap primitives.
	TEST_F(PcqSignatureConfigTest, PublicKeyVerifyWrapperRegistered) {
	if (IsFipsModeEnabled() && !FIPS_mode()) {
	GTEST_SKIP() << "Not supported if FIPS-mode is used";
	}

	ASSERT_THAT(PqSignatureConfigRegister(), IsOk());

	google::crypto::tink::KeysetInfo::KeyInfo key_info;
	key_info.set_status(google::crypto::tink::KeyStatusType::ENABLED);
	key_info.set_key_id(1234);
	key_info.set_output_prefix_type(google::crypto::tink::OutputPrefixType::TINK);

	auto primitive_set = absl::make_unique<PrimitiveSet<PublicKeyVerify>>();
	auto add_primitive = primitive_set->AddPrimitive(
	absl::make_unique<DummyPublicKeyVerify>("dummy"), key_info);
	ASSERT_THAT(add_primitive, IsOk());
	ASSERT_THAT(primitive_set->set_primary(*add_primitive), IsOk());

	util::StatusOr<std::unique_ptr<crypto::tink::PublicKeyVerify>> wrapped =
	Registry::Wrap(std::move(primitive_set));
	ASSERT_THAT(wrapped, IsOk());

	util::StatusOr<std::string> prefix = CryptoFormat::GetOutputPrefix(key_info);
	ASSERT_THAT(prefix, IsOk());
	util::StatusOr<std::string> signature =
	DummyPublicKeySign("dummy").Sign("message");
	ASSERT_THAT(signature, IsOk());

	ASSERT_THAT((wrapped)->Verify(absl::StrCat(prefix, *signature), "message"),
	IsOk());
	}


	} // namespace
	} // namespace tink
	} // namespace crypto