Example 61 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class EncryptThenAuthenticateTest method testBitFlipCiphertext.
@Test
public void testBitFlipCiphertext() throws Exception {
Aead aead = getAead(Random.randBytes(16), Random.randBytes(16), 16, 16, "HMACSHA256");
byte[] plaintext = Random.randBytes(1001);
byte[] aad = Random.randBytes(13);
byte[] ciphertext = aead.encrypt(plaintext, aad);
for (int i = 0; i < ciphertext.length; i++) {
for (int j = 0; j < 8; j++) {
byte[] c1 = Arrays.copyOf(ciphertext, ciphertext.length);
c1[i] = (byte) (c1[i] ^ (1 << j));
assertThrows(GeneralSecurityException.class, () -> aead.decrypt(c1, aad));
}
}
}Example 62 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class EncryptThenAuthenticateTest method testRFCVectors.
@Test
public void testRFCVectors() throws Exception {
for (int i = 0; i < rfcTestVectors.length; i++) {
RFCTestVector t = rfcTestVectors[i];
if (Cipher.getMaxAllowedKeyLength("AES") < 256 && t.encKey.length > 16) {
System.out.println("Unlimited Strength Jurisdiction Policy Files are required" + " but not installed. Skip tests with keys larger than 128 bits.");
continue;
}
Aead aead = getAead(t.macKey, t.encKey, t.ivSize, t.tagLength, t.macAlg);
try {
aead.decrypt(t.ciphertext, t.aad);
} catch (GeneralSecurityException e) {
fail("Ciphertext and aad are valid, shouldn't reach here: " + i + " " + e);
}
}
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
Aead(com.google.crypto.tink.Aead)
Test(org.junit.Test)
Example 63 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class XChaCha20Poly1305Test method testModifyCiphertext.
@Test
public void testModifyCiphertext() throws Exception {
byte[] key = Random.randBytes(KEY_SIZE);
Aead aead = createInstance(key);
byte[] aad = Random.randBytes(16);
byte[] message = Random.randBytes(32);
byte[] ciphertext = aead.encrypt(message, aad);
// Flipping bits
for (int b = 0; b < ciphertext.length; b++) {
for (int bit = 0; bit < 8; bit++) {
byte[] modified = Arrays.copyOf(ciphertext, ciphertext.length);
modified[b] ^= (byte) (1 << bit);
assertThrows(AEADBadTagException.class, () -> {
byte[] unused = aead.decrypt(modified, aad);
});
}
}
// Truncate the message.
for (int length = 0; length < ciphertext.length; length++) {
byte[] modified = Arrays.copyOf(ciphertext, length);
assertThrows(GeneralSecurityException.class, () -> {
byte[] unused = aead.decrypt(modified, aad);
});
}
// Modify AAD
for (int b = 0; b < aad.length; b++) {
for (int bit = 0; bit < 8; bit++) {
byte[] modified = Arrays.copyOf(aad, aad.length);
modified[b] ^= (byte) (1 << bit);
assertThrows(AEADBadTagException.class, () -> {
byte[] unused = aead.decrypt(ciphertext, modified);
});
}
}
}Example 64 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class XChaCha20Poly1305Test method testEncryptDecrypt.
@Test
public void testEncryptDecrypt() throws Exception {
Aead aead = createInstance(Random.randBytes(KEY_SIZE));
for (int i = 0; i < 100; i++) {
byte[] message = Random.randBytes(i);
byte[] aad = Random.randBytes(i);
byte[] ciphertext = aead.encrypt(message, aad);
byte[] decrypted = aead.decrypt(ciphertext, aad);
assertArrayEquals(message, decrypted);
}
}Example 65 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AwsKmsAeadTest method testEncryptShouldThrowExceptionIfRequestFailed.
@Test
public void testEncryptShouldThrowExceptionIfRequestFailed() throws Exception {
AmazonServiceException exception = mock(AmazonServiceException.class);
when(mockKms.encrypt(isA(EncryptRequest.class))).thenThrow(exception);
Aead aead = new AwsKmsAead(mockKms, KEY_ARN);
byte[] aad = Random.randBytes(20);
byte[] message = Random.randBytes(20);
assertThrows(GeneralSecurityException.class, () -> aead.encrypt(message, aad));
}
Also used :
AmazonServiceException(com.amazonaws.AmazonServiceException)
Aead(com.google.crypto.tink.Aead)
EncryptRequest(com.amazonaws.services.kms.model.EncryptRequest)
Test(org.junit.Test)
Aggregations
Aead (com.google.crypto.tink.Aead)84
Test (org.junit.Test)67
GeneralSecurityException (java.security.GeneralSecurityException)25
KeysetHandle (com.google.crypto.tink.KeysetHandle)21
Key (com.google.crypto.tink.proto.Keyset.Key)9
CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)7
IOException (java.io.IOException)7
EncryptRequest (com.amazonaws.services.kms.model.EncryptRequest)6
KeyTemplate (com.google.crypto.tink.KeyTemplate)6
ByteString (com.google.protobuf.ByteString)6
DecryptRequest (com.amazonaws.services.kms.model.DecryptRequest)5
EncryptResult (com.amazonaws.services.kms.model.EncryptResult)5
KmsEnvelopeAeadKey (com.google.crypto.tink.proto.KmsEnvelopeAeadKey)5
File (java.io.File)5
FileOutputStream (java.io.FileOutputStream)5
DecryptResult (com.amazonaws.services.kms.model.DecryptResult)4
InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)4
ByteBuffer (java.nio.ByteBuffer)4
AesEaxKey (com.google.crypto.tink.proto.AesEaxKey)3
AesGcmKey (com.google.crypto.tink.proto.AesGcmKey)3
