def test_primitive_wrapper_reset(self):
self.reg.register_primitive_wrapper(mac.MacWrapper())
self.reg.reset()
with self.assertRaisesRegex(
core.TinkError,
'No PrimitiveWrapper registered for primitive Mac.'):
self.reg.wrap(_mac_set([helper.FakeMac()]))
def test_wrap_success(self):
self.reg.register_primitive_wrapper(mac.MacWrapper())
mac1 = helper.FakeMac('FakeMac1')
mac2 = helper.FakeMac('FakeMac2')
wrapped_mac = self.reg.wrap(_mac_set([mac1, mac2]))
wrapped_mac.verify_mac(mac1.compute_mac(b'data1'), b'data1')
wrapped_mac.verify_mac(mac2.compute_mac(b'data2'), b'data2')
wrapped_mac.verify_mac(wrapped_mac.compute_mac(b'data'), b'data')
def test_verify_legacy_mac(self):
primitive, key = self.new_primitive_key_pair(1234, tink_pb2.LEGACY)
pset = core.new_primitive_set(mac.Mac)
pset.set_primary(pset.add_primitive(primitive, key))
wrapped_mac = mac.MacWrapper().wrap(pset)
tag = wrapped_mac.compute_mac(b'data')
# No exception raised, no return value.
self.assertIsNone(wrapped_mac.verify_mac(tag, b'data'))
def test_verify_old_raw_mac_with_new_key(self):
primitive, key = self.new_primitive_key_pair(1234, tink_pb2.RAW)
tag = primitive.compute_mac(b'data')
pset = core.new_primitive_set(mac.Mac)
pset.add_primitive(primitive, key)
new_primitive, new_key = self.new_primitive_key_pair(5678, tink_pb2.TINK)
pset.set_primary(pset.add_primitive(new_primitive, new_key))
wrapped_mac = mac.MacWrapper().wrap(pset)
self.assertIsNone(wrapped_mac.verify_mac(tag, b'data'))
def _register_primitive_wrappers():
"""Registers all primitive wrappers."""
register_primitive_wrapper = core.Registry.register_primitive_wrapper
register_primitive_wrapper(aead.AeadWrapper())
register_primitive_wrapper(daead.DeterministicAeadWrapper())
register_primitive_wrapper(hybrid.HybridDecryptWrapper())
register_primitive_wrapper(hybrid.HybridEncryptWrapper())
register_primitive_wrapper(mac.MacWrapper())
register_primitive_wrapper(signature.PublicKeySignWrapper())
register_primitive_wrapper(signature.PublicKeyVerifyWrapper())
def test_verify_unknown_mac_fails(self):
unknown_tag = helper.FakeMac('UnknownfakeMac').compute_mac(b'data')
pset = core.new_primitive_set(mac.Mac)
primitive, raw_key = self.new_primitive_key_pair(1234, tink_pb2.RAW)
new_primitive, new_key = self.new_primitive_key_pair(5678, tink_pb2.TINK)
pset.add_primitive(primitive, raw_key)
new_entry = pset.add_primitive(new_primitive, new_key)
pset.set_primary(new_entry)
wrapped_mac = mac.MacWrapper().wrap(pset)
with self.assertRaisesRegex(core.TinkError, 'invalid MAC'):
wrapped_mac.verify_mac(unknown_tag, b'data')
def test_verify_macs_from_two_raw_keys(self):
primitive1, raw_key1 = self.new_primitive_key_pair(1234, tink_pb2.RAW)
primitive2, raw_key2 = self.new_primitive_key_pair(5678, tink_pb2.RAW)
tag1 = primitive1.compute_mac(b'data1')
tag2 = primitive2.compute_mac(b'data2')
pset = core.new_primitive_set(mac.Mac)
pset.add_primitive(primitive1, raw_key1)
pset.set_primary(pset.add_primitive(primitive2, raw_key2))
wrapped_mac = mac.MacWrapper().wrap(pset)
self.assertIsNone(wrapped_mac.verify_mac(tag1, b'data1'))
self.assertIsNone(wrapped_mac.verify_mac(tag2, b'data2'))
self.assertIsNone(
wrapped_mac.verify_mac(wrapped_mac.compute_mac(b'data'), b'data'))
def test_register_different_primitive_wrappers_twice_fails(self):
self.reg.register_primitive_wrapper(mac.MacWrapper())
with self.assertRaisesRegex(
core.TinkError,
'A wrapper for primitive Mac has already been added.'):
self.reg.register_primitive_wrapper(DummyMacWrapper())
def test_register_same_primitive_wrapper_twice(self):
self.reg.register_primitive_wrapper(mac.MacWrapper())
self.reg.register_primitive_wrapper(mac.MacWrapper())
def _register_primitive_wrappers():
"""Registers all primitive wrappers."""
register_primitive_wrapper = core.Registry.register_primitive_wrapper
register_primitive_wrapper(mac.MacWrapper())
register_primitive_wrapper(signature.PublicKeySignWrapper())
register_primitive_wrapper(signature.PublicKeyVerifyWrapper())