Example 11 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class KmsEnvelopeAeadTest method encryptDecrypt_works.
@Test
public void encryptDecrypt_works() throws GeneralSecurityException {
Aead remoteAead = this.generateNewRemoteAead();
KmsEnvelopeAead envAead = new KmsEnvelopeAead(KeyTemplateProtoConverter.toProto(KeyTemplates.get("AES128_EAX")), remoteAead);
byte[] plaintext = "helloworld".getBytes(UTF_8);
byte[] ciphertext = envAead.encrypt(plaintext, EMPTY_ADD);
assertArrayEquals(plaintext, envAead.decrypt(ciphertext, EMPTY_ADD));
}Example 12 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class KmsEnvelopeAeadTest method malformedDekLength_fails.
@Test
public void malformedDekLength_fails() throws GeneralSecurityException {
Aead remoteAead = this.generateNewRemoteAead();
KmsEnvelopeAead envAead = new KmsEnvelopeAead(KeyTemplateProtoConverter.toProto(KeyTemplates.get("AES128_EAX")), remoteAead);
byte[] plaintext = "helloworld".getBytes(UTF_8);
byte[] associatedData = "envelope_ad".getBytes(UTF_8);
byte[] ciphertext = envAead.encrypt(plaintext, associatedData);
for (int i = 0; i <= 3; i++) {
ciphertext[i] = (byte) 0xff;
}
byte[] corruptedCiphertext1 = ciphertext;
assertThrows(GeneralSecurityException.class, () -> envAead.decrypt(corruptedCiphertext1, associatedData));
for (int i = 0; i <= 3; i++) {
ciphertext[i] = 0;
}
byte[] corruptedCiphertext2 = ciphertext;
assertThrows(GeneralSecurityException.class, () -> envAead.decrypt(corruptedCiphertext2, associatedData));
}Example 13 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class KmsEnvelopeAeadTest method corruptedDek_fails.
@Test
public void corruptedDek_fails() throws GeneralSecurityException {
Aead remoteAead = this.generateNewRemoteAead();
KmsEnvelopeAead envAead = new KmsEnvelopeAead(KeyTemplateProtoConverter.toProto(KeyTemplates.get("AES128_EAX")), remoteAead);
byte[] plaintext = "helloworld".getBytes(UTF_8);
byte[] associatedData = "envelope_ad".getBytes(UTF_8);
byte[] ciphertext = envAead.encrypt(plaintext, associatedData);
ciphertext[4] = (byte) (ciphertext[4] ^ 0x1);
byte[] corruptedCiphertext = ciphertext;
assertThrows(GeneralSecurityException.class, () -> envAead.decrypt(corruptedCiphertext, EMPTY_ADD));
}Example 14 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AesCtrHmacAeadKeyManagerTest method getPrimitive.
@Test
public void getPrimitive() throws Exception {
AesCtrHmacAeadKey key = factory.createKey(createKeyFormat().setHmacKeyFormat(createHmacKeyFormat().setParams(createHmacParams().setHash(HashType.SHA512))).build());
Aead managerAead = manager.getPrimitive(key, Aead.class);
Aead directAead = EncryptThenAuthenticate.newAesCtrHmac(key.getAesCtrKey().getKeyValue().toByteArray(), key.getAesCtrKey().getParams().getIvSize(), "HMACSHA512", key.getHmacKey().getKeyValue().toByteArray(), key.getHmacKey().getParams().getTagSize());
byte[] plaintext = Random.randBytes(20);
byte[] associatedData = Random.randBytes(20);
assertThat(directAead.decrypt(managerAead.encrypt(plaintext, associatedData), associatedData)).isEqualTo(plaintext);
}
Also used :
Aead(com.google.crypto.tink.Aead)
AesCtrHmacAeadKey(com.google.crypto.tink.proto.AesCtrHmacAeadKey)
Test(org.junit.Test)
Example 15 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class AesEaxKeyManagerTest method testPublicTestVectors.
@Test
public void testPublicTestVectors() throws Exception {
for (PublicTestVector t : publicTestVectors) {
if (TestUtil.shouldSkipTestWithAesKeySize(t.keyValue.length)) {
continue;
}
AesEaxKey key = AesEaxKey.newBuilder().setKeyValue(ByteString.copyFrom(t.keyValue)).setParams(AesEaxParams.newBuilder().setIvSize(t.iv.length)).build();
Aead aead = manager.getPrimitive(key, Aead.class);
try {
byte[] ciphertext = Bytes.concat(t.iv, t.ciphertext, t.tag);
byte[] plaintext = aead.decrypt(ciphertext, t.aad);
assertArrayEquals(plaintext, t.plaintext);
} catch (GeneralSecurityException e) {
fail("Should not fail at " + t.name + ", but thrown exception " + e);
}
}
}
Also used :
AesEaxKey(com.google.crypto.tink.proto.AesEaxKey)
GeneralSecurityException(java.security.GeneralSecurityException)
Aead(com.google.crypto.tink.Aead)
Test(org.junit.Test)
Aggregations
Aead (com.google.crypto.tink.Aead)84
Test (org.junit.Test)67
GeneralSecurityException (java.security.GeneralSecurityException)25
KeysetHandle (com.google.crypto.tink.KeysetHandle)21
Key (com.google.crypto.tink.proto.Keyset.Key)9
CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)7
IOException (java.io.IOException)7
EncryptRequest (com.amazonaws.services.kms.model.EncryptRequest)6
KeyTemplate (com.google.crypto.tink.KeyTemplate)6
ByteString (com.google.protobuf.ByteString)6
DecryptRequest (com.amazonaws.services.kms.model.DecryptRequest)5
EncryptResult (com.amazonaws.services.kms.model.EncryptResult)5
KmsEnvelopeAeadKey (com.google.crypto.tink.proto.KmsEnvelopeAeadKey)5
File (java.io.File)5
FileOutputStream (java.io.FileOutputStream)5
DecryptResult (com.amazonaws.services.kms.model.DecryptResult)4
InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)4
ByteBuffer (java.nio.ByteBuffer)4
AesEaxKey (com.google.crypto.tink.proto.AesEaxKey)3
AesGcmKey (com.google.crypto.tink.proto.AesGcmKey)3
