xref: /aosp_15_r20/external/tink/testing/cross_language/util/utilities.py (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7#      http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15"""Various utility functions for the cross language tests.
16"""
17
18from typing import Any, Iterable, List
19
20from tink import aead
21from tink import daead
22from tink import hybrid
23from tink import jwt
24from tink import mac
25from tink import prf
26from tink import signature
27from tink import streaming_aead
28
29from tink.proto import tink_pb2
30import tink_config
31
32# All languages supported by cross-language tests.
33ALL_LANGUAGES = ['cc', 'java', 'go', 'python']
34
35
36# For each KeyType, a list of Tinkey KeyTemplate names.
37# TODO(juerg): Add missing key template names, and remove deprecated names.
38# TODO(tholenst): Change this to a function
39KEY_TEMPLATE_NAMES = {
40    'AesEaxKey': [
41        'AES128_EAX', 'AES128_EAX_RAW', 'AES256_EAX', 'AES256_EAX_RAW'
42    ],
43    'AesGcmKey': [
44        'AES128_GCM', 'AES128_GCM_RAW', 'AES256_GCM', 'AES256_GCM_RAW'
45    ],
46    'AesGcmSivKey': [
47        'AES128_GCM_SIV', 'AES128_GCM_SIV_RAW', 'AES256_GCM_SIV',
48        'AES256_GCM_SIV_RAW'
49    ],
50    'AesCtrHmacAeadKey': [
51        'AES128_CTR_HMAC_SHA256', 'AES128_CTR_HMAC_SHA256_RAW',
52        'AES256_CTR_HMAC_SHA256', 'AES256_CTR_HMAC_SHA256_RAW'
53    ],
54    'ChaCha20Poly1305Key': ['CHACHA20_POLY1305', 'CHACHA20_POLY1305_RAW'],
55    'XChaCha20Poly1305Key': ['XCHACHA20_POLY1305', 'XCHACHA20_POLY1305_RAW'],
56    'KmsAeadKey': [],
57    'KmsEnvelopeAeadKey': [],
58    'AesSivKey': ['AES256_SIV'],
59    'AesCtrHmacStreamingKey': [
60        'AES128_CTR_HMAC_SHA256_4KB',
61        'AES128_CTR_HMAC_SHA256_1MB',
62        'AES256_CTR_HMAC_SHA256_4KB',
63        'AES256_CTR_HMAC_SHA256_1MB',
64    ],
65    'AesGcmHkdfStreamingKey': [
66        'AES128_GCM_HKDF_4KB',
67        'AES128_GCM_HKDF_1MB',
68        'AES256_GCM_HKDF_4KB',
69        'AES256_GCM_HKDF_1MB',
70    ],
71    'EciesAeadHkdfPrivateKey': [
72        'ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM',
73        'ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_GCM',
74        'ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256',
75        'ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256',
76    ],
77    'HpkePrivateKey': [
78        'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM',
79        'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_RAW',
80        'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM',
81        'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_RAW',
82        'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305',
83        'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_RAW',
84    ],
85    'AesCmacKey': ['AES_CMAC'],
86    'HmacKey': [
87        'HMAC_SHA256_128BITTAG', 'HMAC_SHA256_256BITTAG',
88        'HMAC_SHA512_256BITTAG', 'HMAC_SHA512_512BITTAG'
89    ],
90    'EcdsaPrivateKey': [
91        'ECDSA_P256', 'ECDSA_P256_RAW', 'ECDSA_P384', 'ECDSA_P384_SHA384',
92        'ECDSA_P384_SHA512', 'ECDSA_P521', 'ECDSA_P256_IEEE_P1363',
93        'ECDSA_P384_IEEE_P1363', 'ECDSA_P384_SHA384_IEEE_P1363',
94        'ECDSA_P521_IEEE_P1363'
95    ],
96    'Ed25519PrivateKey': ['ED25519'],
97    'RsaSsaPkcs1PrivateKey': [
98        'RSA_SSA_PKCS1_3072_SHA256_F4', 'RSA_SSA_PKCS1_4096_SHA512_F4'
99    ],
100    'RsaSsaPssPrivateKey': [
101        'RSA_SSA_PSS_3072_SHA256_SHA256_32_F4',
102        'RSA_SSA_PSS_4096_SHA512_SHA512_64_F4'
103    ],
104    'AesCmacPrfKey': ['AES_CMAC_PRF'],
105    'HmacPrfKey': ['HMAC_SHA256_PRF', 'HMAC_SHA512_PRF'],
106    'HkdfPrfKey': ['HKDF_SHA256'],
107    'JwtHmacKey': [
108        'JWT_HS256', 'JWT_HS256_RAW', 'JWT_HS384', 'JWT_HS384_RAW', 'JWT_HS512',
109        'JWT_HS512_RAW'
110    ],
111    'JwtEcdsaPrivateKey': [
112        'JWT_ES256', 'JWT_ES256_RAW', 'JWT_ES384', 'JWT_ES384_RAW', 'JWT_ES512',
113        'JWT_ES512_RAW'
114    ],
115    'JwtRsaSsaPkcs1PrivateKey': [
116        'JWT_RS256_2048_F4', 'JWT_RS256_2048_F4_RAW', 'JWT_RS256_3072_F4',
117        'JWT_RS256_3072_F4_RAW', 'JWT_RS384_3072_F4', 'JWT_RS384_3072_F4_RAW',
118        'JWT_RS512_4096_F4', 'JWT_RS512_4096_F4_RAW'
119    ],
120    'JwtRsaSsaPssPrivateKey': [
121        'JWT_PS256_2048_F4', 'JWT_PS256_2048_F4_RAW', 'JWT_PS256_3072_F4',
122        'JWT_PS256_3072_F4_RAW', 'JWT_PS384_3072_F4', 'JWT_PS384_3072_F4_RAW',
123        'JWT_PS512_4096_F4', 'JWT_PS512_4096_F4_RAW'
124    ],
125}
126
127# KeyTemplate (as Protobuf) for each KeyTemplate name.
128KEY_TEMPLATE = {
129    'AES128_EAX':
130        aead.aead_key_templates.AES128_EAX,
131    'AES128_EAX_RAW':
132        aead.aead_key_templates.AES128_EAX_RAW,
133    'AES256_EAX':
134        aead.aead_key_templates.AES256_EAX,
135    'AES256_EAX_RAW':
136        aead.aead_key_templates.AES256_EAX_RAW,
137    'AES128_GCM':
138        aead.aead_key_templates.AES128_GCM,
139    'AES128_GCM_RAW':
140        aead.aead_key_templates.AES128_GCM_RAW,
141    'AES256_GCM':
142        aead.aead_key_templates.AES256_GCM,
143    'AES256_GCM_RAW':
144        aead.aead_key_templates.AES256_GCM_RAW,
145    'AES128_GCM_SIV':
146        aead.aead_key_templates.AES128_GCM_SIV,
147    'AES128_GCM_SIV_RAW':
148        aead.aead_key_templates.AES128_GCM_SIV_RAW,
149    'AES256_GCM_SIV':
150        aead.aead_key_templates.AES256_GCM_SIV,
151    'AES256_GCM_SIV_RAW':
152        aead.aead_key_templates.AES256_GCM_SIV_RAW,
153    'AES128_CTR_HMAC_SHA256':
154        aead.aead_key_templates.AES128_CTR_HMAC_SHA256,
155    'AES128_CTR_HMAC_SHA256_RAW':
156        aead.aead_key_templates.AES128_CTR_HMAC_SHA256_RAW,
157    'AES256_CTR_HMAC_SHA256':
158        aead.aead_key_templates.AES256_CTR_HMAC_SHA256,
159    'AES256_CTR_HMAC_SHA256_RAW':
160        aead.aead_key_templates.AES256_CTR_HMAC_SHA256_RAW,
161    'CHACHA20_POLY1305':
162        tink_pb2.KeyTemplate(
163            type_url=('type.googleapis.com/google.crypto.tink.' +
164                      'ChaCha20Poly1305Key'),
165            output_prefix_type=tink_pb2.TINK),
166    'CHACHA20_POLY1305_RAW':
167        tink_pb2.KeyTemplate(
168            type_url=('type.googleapis.com/google.crypto.tink.' +
169                      'ChaCha20Poly1305Key'),
170            output_prefix_type=tink_pb2.RAW),
171    'XCHACHA20_POLY1305':
172        aead.aead_key_templates.XCHACHA20_POLY1305,
173    'XCHACHA20_POLY1305_RAW':
174        aead.aead_key_templates.XCHACHA20_POLY1305_RAW,
175    'AES256_SIV':
176        daead.deterministic_aead_key_templates.AES256_SIV,
177    'AES128_CTR_HMAC_SHA256_4KB':
178        streaming_aead.streaming_aead_key_templates.AES128_CTR_HMAC_SHA256_4KB,
179    'AES128_CTR_HMAC_SHA256_1MB':
180        streaming_aead.streaming_aead_key_templates.AES128_CTR_HMAC_SHA256_1MB,
181    'AES256_CTR_HMAC_SHA256_4KB':
182        streaming_aead.streaming_aead_key_templates.AES256_CTR_HMAC_SHA256_4KB,
183    'AES256_CTR_HMAC_SHA256_1MB':
184        streaming_aead.streaming_aead_key_templates.AES256_CTR_HMAC_SHA256_1MB,
185    'AES128_GCM_HKDF_4KB':
186        streaming_aead.streaming_aead_key_templates.AES128_GCM_HKDF_4KB,
187    'AES128_GCM_HKDF_1MB':
188        streaming_aead.streaming_aead_key_templates.AES128_GCM_HKDF_1MB,
189    'AES256_GCM_HKDF_4KB':
190        streaming_aead.streaming_aead_key_templates.AES256_GCM_HKDF_4KB,
191    'AES256_GCM_HKDF_1MB':
192        streaming_aead.streaming_aead_key_templates.AES256_GCM_HKDF_1MB,
193    'ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM':
194        hybrid.hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM,
195    'ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_GCM':
196        hybrid.hybrid_key_templates
197        .ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_GCM,
198    'ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256':
199        hybrid.hybrid_key_templates
200        .ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256,
201    'ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256':
202        hybrid.hybrid_key_templates
203        .ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256,
204    'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM':
205        hybrid.hybrid_key_templates
206        .DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM,
207    'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_RAW':
208        hybrid.hybrid_key_templates
209        .DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_RAW,
210    'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM':
211        hybrid.hybrid_key_templates
212        .DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM,
213    'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_RAW':
214        hybrid.hybrid_key_templates
215        .DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_RAW,
216    'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305':
217        hybrid.hybrid_key_templates
218        .DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305,
219    'DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_RAW':
220        hybrid.hybrid_key_templates
221        .DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_RAW,
222    'AES_CMAC':
223        mac.mac_key_templates.AES_CMAC,
224    'HMAC_SHA256_128BITTAG':
225        mac.mac_key_templates.HMAC_SHA256_128BITTAG,
226    'HMAC_SHA256_256BITTAG':
227        mac.mac_key_templates.HMAC_SHA256_256BITTAG,
228    'HMAC_SHA512_256BITTAG':
229        mac.mac_key_templates.HMAC_SHA512_256BITTAG,
230    'HMAC_SHA512_512BITTAG':
231        mac.mac_key_templates.HMAC_SHA512_512BITTAG,
232    'ECDSA_P256':
233        signature.signature_key_templates.ECDSA_P256,
234    'ECDSA_P256_RAW':
235        signature.signature_key_templates.ECDSA_P256_RAW,
236    'ECDSA_P384':
237        signature.signature_key_templates.ECDSA_P384,
238    'ECDSA_P384_SHA384':
239        signature.signature_key_templates.ECDSA_P384_SHA384,
240    'ECDSA_P384_SHA512':
241        signature.signature_key_templates.ECDSA_P384_SHA512,
242    'ECDSA_P521':
243        signature.signature_key_templates.ECDSA_P521,
244    'ECDSA_P256_IEEE_P1363':
245        signature.signature_key_templates.ECDSA_P256_IEEE_P1363,
246    'ECDSA_P384_IEEE_P1363':
247        signature.signature_key_templates.ECDSA_P384_IEEE_P1363,
248    'ECDSA_P384_SHA384_IEEE_P1363':
249        signature.signature_key_templates.ECDSA_P384_SHA384_IEEE_P1363,
250    'ECDSA_P521_IEEE_P1363':
251        signature.signature_key_templates.ECDSA_P521_IEEE_P1363,
252    'ED25519':
253        signature.signature_key_templates.ED25519,
254    'RSA_SSA_PKCS1_3072_SHA256_F4':
255        signature.signature_key_templates.RSA_SSA_PKCS1_3072_SHA256_F4,
256    'RSA_SSA_PKCS1_4096_SHA512_F4':
257        signature.signature_key_templates.RSA_SSA_PKCS1_4096_SHA512_F4,
258    'RSA_SSA_PSS_3072_SHA256_SHA256_32_F4':
259        signature.signature_key_templates.RSA_SSA_PSS_3072_SHA256_SHA256_32_F4,
260    'RSA_SSA_PSS_4096_SHA512_SHA512_64_F4':
261        signature.signature_key_templates.RSA_SSA_PSS_4096_SHA512_SHA512_64_F4,
262    'AES_CMAC_PRF':
263        prf.prf_key_templates.AES_CMAC,
264    'HMAC_SHA256_PRF':
265        prf.prf_key_templates.HMAC_SHA256,
266    'HMAC_SHA512_PRF':
267        prf.prf_key_templates.HMAC_SHA512,
268    'HKDF_SHA256':
269        prf.prf_key_templates.HKDF_SHA256,
270    'JWT_HS256':
271        jwt.jwt_hs256_template(),
272    'JWT_HS256_RAW':
273        jwt.raw_jwt_hs256_template(),
274    'JWT_HS384':
275        jwt.jwt_hs384_template(),
276    'JWT_HS384_RAW':
277        jwt.raw_jwt_hs384_template(),
278    'JWT_HS512':
279        jwt.jwt_hs512_template(),
280    'JWT_HS512_RAW':
281        jwt.raw_jwt_hs512_template(),
282    'JWT_ES256':
283        jwt.jwt_es256_template(),
284    'JWT_ES256_RAW':
285        jwt.raw_jwt_es256_template(),
286    'JWT_ES384':
287        jwt.jwt_es384_template(),
288    'JWT_ES384_RAW':
289        jwt.raw_jwt_es384_template(),
290    'JWT_ES512':
291        jwt.jwt_es512_template(),
292    'JWT_ES512_RAW':
293        jwt.raw_jwt_es512_template(),
294    'JWT_RS256_2048_F4':
295        jwt.jwt_rs256_2048_f4_template(),
296    'JWT_RS256_2048_F4_RAW':
297        jwt.raw_jwt_rs256_2048_f4_template(),
298    'JWT_RS256_3072_F4':
299        jwt.jwt_rs256_3072_f4_template(),
300    'JWT_RS256_3072_F4_RAW':
301        jwt.raw_jwt_rs256_3072_f4_template(),
302    'JWT_RS384_3072_F4':
303        jwt.jwt_rs384_3072_f4_template(),
304    'JWT_RS384_3072_F4_RAW':
305        jwt.raw_jwt_rs384_3072_f4_template(),
306    'JWT_RS512_4096_F4':
307        jwt.jwt_rs512_4096_f4_template(),
308    'JWT_RS512_4096_F4_RAW':
309        jwt.raw_jwt_rs512_4096_f4_template(),
310    'JWT_PS256_2048_F4':
311        jwt.jwt_ps256_2048_f4_template(),
312    'JWT_PS256_2048_F4_RAW':
313        jwt.raw_jwt_ps256_2048_f4_template(),
314    'JWT_PS256_3072_F4':
315        jwt.jwt_ps256_3072_f4_template(),
316    'JWT_PS256_3072_F4_RAW':
317        jwt.raw_jwt_ps256_3072_f4_template(),
318    'JWT_PS384_3072_F4':
319        jwt.jwt_ps384_3072_f4_template(),
320    'JWT_PS384_3072_F4_RAW':
321        jwt.raw_jwt_ps384_3072_f4_template(),
322    'JWT_PS512_4096_F4':
323        jwt.jwt_ps512_4096_f4_template(),
324    'JWT_PS512_4096_F4_RAW':
325        jwt.raw_jwt_ps512_4096_f4_template(),
326}
327
328
329# Key template names for which the list of supported languages is different from
330# the list of supported languages of the whole key type.
331_CUSTOM_SUPPORTED_LANGUAGES_BY_TEMPLATE_NAME = {
332    # currently empty.
333}
334
335
336def _supported_languages_by_template(
337    template_name: str, key_type: str) -> List[str]:
338  if template_name in _CUSTOM_SUPPORTED_LANGUAGES_BY_TEMPLATE_NAME:
339    return _CUSTOM_SUPPORTED_LANGUAGES_BY_TEMPLATE_NAME[template_name]
340  return tink_config.supported_languages_for_key_type(key_type)
341
342
343def _all_key_template_names_with_key_type():
344  for key_type, template_names in KEY_TEMPLATE_NAMES.items():
345    for template_name in template_names:
346      yield (template_name, key_type)
347
348
349def tinkey_template_names_for(primitive_class: Any) -> Iterable[str]:
350  """Returns all the key template names for the given primitive type."""
351  for key_type in tink_config.key_types_for_primitive(primitive_class):
352    for template_name in KEY_TEMPLATE_NAMES[key_type]:
353      yield template_name
354
355
356SUPPORTED_LANGUAGES_BY_TEMPLATE_NAME = {
357    name: _supported_languages_by_template(name, template)
358    for name, template in _all_key_template_names_with_key_type()
359}
360
361
362def key_types_in_keyset(keyset: bytes) -> List[str]:
363  """Returns a list containing all key types in a keyset, in order."""
364  parsed_keyset = tink_pb2.Keyset.FromString(keyset)
365  type_urls = [k.key_data.type_url for k in parsed_keyset.key]
366  return [tink_config.key_type_from_type_url(t) for t in type_urls]
367