Example 81 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class KmsEnvelopeAeadTest method ciphertextTooShort_fails.
@Test
public void ciphertextTooShort_fails() throws GeneralSecurityException {
Aead remoteAead = this.generateNewRemoteAead();
KmsEnvelopeAead envAead = new KmsEnvelopeAead(KeyTemplateProtoConverter.toProto(KeyTemplates.get("AES128_EAX")), remoteAead);
assertThrows(GeneralSecurityException.class, () -> envAead.decrypt("foo".getBytes(UTF_8), "envelope_ad".getBytes(UTF_8)));
}Example 82 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class KmsEnvelopeAeadTest method corruptedCiphertext_fails.
@Test
public void corruptedCiphertext_fails() throws GeneralSecurityException {
Aead remoteAead = this.generateNewRemoteAead();
KmsEnvelopeAead envAead = new KmsEnvelopeAead(KeyTemplateProtoConverter.toProto(KeyTemplates.get("AES128_EAX")), remoteAead);
byte[] associatedData = "envelope_ad".getBytes(UTF_8);
byte[] plaintext = "helloworld".getBytes(UTF_8);
byte[] ciphertext = envAead.encrypt(plaintext, associatedData);
ciphertext[ciphertext.length - 1] = (byte) (ciphertext[ciphertext.length - 1] ^ 0x1);
byte[] corruptedCiphertext = ciphertext;
assertThrows(GeneralSecurityException.class, () -> envAead.decrypt(corruptedCiphertext, EMPTY_ADD));
}Example 83 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class TinkeyUtil method writeKeyset.
/**
* Writes the keyset managed by {@code handle} to {@code outputStream} with format {@code
* outFormat}. Maybe encrypt it with {@code masterKeyUri} and {@code credentialPath}.
*/
public static void writeKeyset(KeysetHandle handle, OutputStream outputStream, String outFormat, String masterKeyUri, String credentialPath) throws GeneralSecurityException, IOException {
KeysetWriter writer = createKeysetWriter(outputStream, outFormat);
if (masterKeyUri != null) {
Aead masterKey = KmsClients.getAutoLoaded(masterKeyUri).withCredentials(credentialPath).getAead(masterKeyUri);
handle.write(writer, masterKey);
} else {
CleartextKeysetHandle.write(handle, writer);
}
}
Also used :
JsonKeysetWriter(com.google.crypto.tink.JsonKeysetWriter)
KeysetWriter(com.google.crypto.tink.KeysetWriter)
BinaryKeysetWriter(com.google.crypto.tink.BinaryKeysetWriter)
Aead(com.google.crypto.tink.Aead)
Example 84 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AeadCli method main.
public static void main(String[] args) throws Exception {
if (args.length != 5) {
System.out.println("Usage: AeadCli keyset-file operation input-file associated-data-file output-file");
System.exit(1);
}
String keysetFilename = args[0];
String operation = args[1];
String inputFilename = args[2];
String associatedDataFile = args[3];
String outputFilename = args[4];
GcpKmsClient.register(Optional.empty(), Optional.of("../tink_base/" + TestUtil.SERVICE_ACCOUNT_FILE));
AwsKmsClient.register(Optional.of(TestUtil.AWS_CRYPTO_URI), Optional.of("../tink_base/" + TestUtil.AWS_CREDS));
AeadConfig.register();
if (!(operation.equals("encrypt") || operation.equals("decrypt"))) {
System.out.println("Unknown operation '" + operation + "'.\nExpected 'encrypt' or 'decrypt'.");
System.exit(1);
}
System.out.println("Using keyset from file " + keysetFilename + " to AEAD-" + operation + " file " + inputFilename + " with associated data from file " + associatedDataFile + ".");
System.out.println("The resulting output will be written to file " + outputFilename);
// Init Tink.
CliUtil.initTink();
// Read the keyset.
System.out.println("Reading the keyset...");
KeysetHandle keysetHandle = CliUtil.readKeyset(keysetFilename);
// Get the primitive.
System.out.println("Getting the primitive...");
Aead aead = keysetHandle.getPrimitive(Aead.class);
// Read the input.
byte[] input = CliUtil.read(inputFilename);
byte[] aad = CliUtil.read(associatedDataFile);
// Compute the output.
System.out.println(operation + "ing...");
byte[] output;
if (operation.equals("encrypt")) {
output = aead.encrypt(input, aad);
} else {
// operation.equals("decrypt")
output = aead.decrypt(input, aad);
}
// Write the output to the output file.
CliUtil.write(output, outputFilename);
System.out.println("All done.");
}
Also used :
KeysetHandle(com.google.crypto.tink.KeysetHandle)
Aead(com.google.crypto.tink.Aead)
Aggregations
Aead (com.google.crypto.tink.Aead)84
Test (org.junit.Test)67
GeneralSecurityException (java.security.GeneralSecurityException)25
KeysetHandle (com.google.crypto.tink.KeysetHandle)21
Key (com.google.crypto.tink.proto.Keyset.Key)9
CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)7
IOException (java.io.IOException)7
EncryptRequest (com.amazonaws.services.kms.model.EncryptRequest)6
KeyTemplate (com.google.crypto.tink.KeyTemplate)6
ByteString (com.google.protobuf.ByteString)6
DecryptRequest (com.amazonaws.services.kms.model.DecryptRequest)5
EncryptResult (com.amazonaws.services.kms.model.EncryptResult)5
KmsEnvelopeAeadKey (com.google.crypto.tink.proto.KmsEnvelopeAeadKey)5
File (java.io.File)5
FileOutputStream (java.io.FileOutputStream)5
DecryptResult (com.amazonaws.services.kms.model.DecryptResult)4
InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)4
ByteBuffer (java.nio.ByteBuffer)4
AesEaxKey (com.google.crypto.tink.proto.AesEaxKey)3
AesGcmKey (com.google.crypto.tink.proto.AesGcmKey)3
