Example 71 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AeadIntegrationTest method testSmallPlaintextWithRawKey.
@Test
public void testSmallPlaintextWithRawKey() throws Exception {
byte[] aesCtrKeyValue = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue = Random.randBytes(HMAC_KEY_SIZE);
int ivSize = 12;
int tagSize = 16;
Key primary = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primary));
Aead aead = keysetHandle.getPrimitive(Aead.class);
byte[] plaintext = Random.randBytes(1);
byte[] associatedData = Random.randBytes(20);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
assertEquals(CryptoFormat.RAW_PREFIX_SIZE + plaintext.length + ivSize + tagSize, ciphertext.length);
}
Also used :
KeysetHandle(com.google.crypto.tink.KeysetHandle)
Aead(com.google.crypto.tink.Aead)
Key(com.google.crypto.tink.proto.Keyset.Key)
Test(org.junit.Test)
Example 72 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AeadIntegrationTest method testMultipleKeys.
@Test
public void testMultipleKeys() throws Exception {
byte[] aesCtrKeyValue = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue = Random.randBytes(HMAC_KEY_SIZE);
int ivSize = 12;
int tagSize = 16;
Key primary = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 42, KeyStatusType.ENABLED, OutputPrefixType.TINK);
Key raw = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
Key legacy = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 44, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
Key tink = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 45, KeyStatusType.ENABLED, OutputPrefixType.TINK);
KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primary, raw, legacy, tink));
Aead aead = keysetHandle.getPrimitive(Aead.class);
byte[] plaintext = Random.randBytes(20);
byte[] associatedData = Random.randBytes(20);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
byte[] prefix = Arrays.copyOfRange(ciphertext, 0, CryptoFormat.NON_RAW_PREFIX_SIZE);
assertArrayEquals(prefix, CryptoFormat.getOutputPrefix(primary));
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
assertEquals(CryptoFormat.NON_RAW_PREFIX_SIZE + plaintext.length + ivSize + tagSize, ciphertext.length);
// encrypt with a non-primary RAW key and decrypt with the keyset
KeysetHandle keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(raw, legacy, tink));
Aead aead2 = keysetHandle2.getPrimitive(Aead.class);
ciphertext = aead2.encrypt(plaintext, associatedData);
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
// encrypt with a random key not in the keyset, decrypt with the keyset should fail
byte[] aesCtrKeyValue2 = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue2 = Random.randBytes(HMAC_KEY_SIZE);
Key random = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue2, ivSize, hmacKeyValue2, tagSize), 44, KeyStatusType.ENABLED, OutputPrefixType.TINK);
keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(random));
aead2 = keysetHandle2.getPrimitive(Aead.class);
final byte[] ciphertext2 = aead2.encrypt(plaintext, associatedData);
GeneralSecurityException e = assertThrows(GeneralSecurityException.class, () -> aead.decrypt(ciphertext2, associatedData));
assertExceptionContains(e, "decryption failed");
}
Also used :
KeysetHandle(com.google.crypto.tink.KeysetHandle)
GeneralSecurityException(java.security.GeneralSecurityException)
Aead(com.google.crypto.tink.Aead)
Key(com.google.crypto.tink.proto.Keyset.Key)
Test(org.junit.Test)
Example 73 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AeadWrapperTest method testSmallPlaintextWithRawKey.
@Test
public void testSmallPlaintextWithRawKey() throws Exception {
byte[] aesCtrKeyValue = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue = Random.randBytes(HMAC_KEY_SIZE);
int ivSize = 12;
int tagSize = 16;
Key primary = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
Aead aead = new AeadWrapper().wrap(TestUtil.createPrimitiveSet(TestUtil.createKeyset(primary), Aead.class));
byte[] plaintext = Random.randBytes(1);
byte[] associatedData = Random.randBytes(20);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
assertEquals(CryptoFormat.RAW_PREFIX_SIZE + plaintext.length + ivSize + tagSize, ciphertext.length);
}Example 74 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AeadWrapperTest method testRawKeyAsPrimary.
@Test
public void testRawKeyAsPrimary() throws Exception {
byte[] aesCtrKeyValue = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue = Random.randBytes(HMAC_KEY_SIZE);
int ivSize = 12;
int tagSize = 16;
Key primary = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
Key raw = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
Key legacy = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 44, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
Aead aead = new AeadWrapper().wrap(TestUtil.createPrimitiveSet(TestUtil.createKeyset(primary, raw, legacy), Aead.class));
byte[] plaintext = Random.randBytes(20);
byte[] associatedData = Random.randBytes(20);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
assertEquals(CryptoFormat.RAW_PREFIX_SIZE + plaintext.length + ivSize + tagSize, ciphertext.length);
}Example 75 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AesGcmKeyManagerTest method testCiphertextSize.
@Test
public void testCiphertextSize() throws Exception {
AesGcmKey key = factory.createKey(AesGcmKeyFormat.newBuilder().setKeySize(32).build());
Aead aead = new AesGcmKeyManager().getPrimitive(key, Aead.class);
byte[] plaintext = "plaintext".getBytes(UTF_8);
byte[] associatedData = "associatedData".getBytes(UTF_8);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
assertThat(ciphertext.length).isEqualTo(12 + /* IV_SIZE */
plaintext.length + 16);
}Aggregations
Aead (com.google.crypto.tink.Aead)84
Test (org.junit.Test)67
GeneralSecurityException (java.security.GeneralSecurityException)25
KeysetHandle (com.google.crypto.tink.KeysetHandle)21
Key (com.google.crypto.tink.proto.Keyset.Key)9
CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)7
IOException (java.io.IOException)7
EncryptRequest (com.amazonaws.services.kms.model.EncryptRequest)6
KeyTemplate (com.google.crypto.tink.KeyTemplate)6
ByteString (com.google.protobuf.ByteString)6
DecryptRequest (com.amazonaws.services.kms.model.DecryptRequest)5
EncryptResult (com.amazonaws.services.kms.model.EncryptResult)5
KmsEnvelopeAeadKey (com.google.crypto.tink.proto.KmsEnvelopeAeadKey)5
File (java.io.File)5
FileOutputStream (java.io.FileOutputStream)5
DecryptResult (com.amazonaws.services.kms.model.DecryptResult)4
InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)4
ByteBuffer (java.nio.ByteBuffer)4
AesEaxKey (com.google.crypto.tink.proto.AesEaxKey)3
AesGcmKey (com.google.crypto.tink.proto.AesGcmKey)3
