Google Git
Sign in
android / platform / external / tink / refs/heads/sdk-release / . / python / tink / tink_config_test.py
blob: 3332f98118189ffb171cd5f7698955bc8b2b9b3c [file] [log] [blame]
# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Tests for tink.python.tink.tink_config."""
import os
import tempfile
from absl.testing import absltest
import tink
from tink import aead
from tink import daead
from tink import hybrid
from tink import mac
from tink import prf
from tink import signature
from tink import streaming_aead
from tink import tink_config
def setUpModule():
tink_config.register()
class TinkConfigTest(absltest.TestCase):
def test_aead_encrypt_decrypt(self):
keyset_handle = tink.new_keyset_handle(aead.aead_key_templates.AES256_GCM)
primitive = keyset_handle.primitive(aead.Aead)
self.assertEqual(
primitive.decrypt(primitive.encrypt(b'plaintext', b'ad'), b'ad'),
b'plaintext')
def test_mac_compute_verify(self):
keyset_handle = tink.new_keyset_handle(
mac.mac_key_templates.HMAC_SHA256_128BITTAG)
primitive = keyset_handle.primitive(mac.Mac)
mac_value = primitive.compute_mac(b'data')
self.assertIsNone(primitive.verify_mac(mac_value, b'data'))
self.assertEqual(primitive.compute_mac(b'data'), mac_value)
def test_deterministic_aead_wrapper_is_correctly_registered(self):
keyset_handle = tink.new_keyset_handle(
daead.deterministic_aead_key_templates.AES256_SIV)
primitive = keyset_handle.primitive(daead.DeterministicAead)
ciphertext = primitive.encrypt_deterministically(b'plaintext', b'ad')
self.assertEqual(
primitive.decrypt_deterministically(ciphertext, b'ad'), b'plaintext')
self.assertEqual(
primitive.encrypt_deterministically(b'plaintext', b'ad'), ciphertext)
def test_hybrid_encrypt_decrypt(self):
keyset_handle = tink.new_keyset_handle(
hybrid.hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM)
decrypt = keyset_handle.primitive(hybrid.HybridDecrypt)
public_keyset_handle = keyset_handle.public_keyset_handle()
encrypt = public_keyset_handle.primitive(hybrid.HybridEncrypt)
self.assertEqual(
decrypt.decrypt(encrypt.encrypt(b'plaintext', b'ad'), b'ad'),
b'plaintext')
def test_signatures_sign_verify(self):
keyset_handle = tink.new_keyset_handle(
signature.signature_key_templates.ECDSA_P256)
sign = keyset_handle.primitive(signature.PublicKeySign)
public_keyset_handle = keyset_handle.public_keyset_handle()
verify = public_keyset_handle.primitive(signature.PublicKeyVerify)
sig = sign.sign(b'data')
verify.verify(sig, b'data')
def test_prf_compute(self):
keyset_handle = tink.new_keyset_handle(prf.prf_key_templates.HMAC_SHA256)
primitive = keyset_handle.primitive(prf.PrfSet)
output = primitive.primary().compute(b'input_data', output_length=15)
self.assertLen(output, 15)
self.assertEqual(
primitive.all()[primitive.primary_id()].compute(
b'input_data', output_length=15), output)
def test_streaming_aead_encrypt_decrypt(self):
key_template = streaming_aead.streaming_aead_key_templates.AES128_GCM_HKDF_4KB
keyset_handle = tink.new_keyset_handle(key_template)
primitive = keyset_handle.primitive(streaming_aead.StreamingAead)
plaintext = b'plaintext'
associated_data = b'associated_data'
with tempfile.TemporaryDirectory() as tmpdirname:
filename = os.path.join(tmpdirname, 'encrypted_file')
dest = open(filename, 'wb')
with primitive.new_encrypting_stream(dest, associated_data) as es:
es.write(plaintext)
src = open(filename, 'rb')
with primitive.new_decrypting_stream(src, associated_data) as ds:
output = ds.read()
self.assertEqual(output, plaintext)
if __name__ == '__main__':
absltest.main()