use of com.google.crypto.tink.Aead in project tink by google.
the class AeadWrapperTest method testBasicAesCtrHmacAead.
@Test
public void testBasicAesCtrHmacAead() throws Exception {
byte[] aesCtrKeyValue = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue = Random.randBytes(HMAC_KEY_SIZE);
int ivSize = 12;
int tagSize = 16;
PrimitiveSet<Aead> primitives = TestUtil.createPrimitiveSet(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 42, KeyStatusType.ENABLED, OutputPrefixType.TINK)), Aead.class);
Aead aead = new AeadWrapper().wrap(primitives);
byte[] plaintext = Random.randBytes(20);
byte[] associatedData = Random.randBytes(20);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
byte[] decrypted = aead.decrypt(ciphertext, associatedData);
assertArrayEquals(plaintext, decrypted);
}
use of com.google.crypto.tink.Aead in project tink by google.
the class AesGcmKeyManagerTest method testNistVectors.
@Test
public void testNistVectors() throws Exception {
for (NistTestVector t : nistTestVectors) {
if (TestUtil.shouldSkipTestWithAesKeySize(t.keyValue.length)) {
continue;
}
if (t.iv.length != 12 || t.tag.length != 16) {
// We support only 12-byte IV and 16-byte tag.
continue;
}
AesGcmKey key = AesGcmKey.newBuilder().setKeyValue(ByteString.copyFrom(t.keyValue)).build();
Aead aead = manager.getPrimitive(key, Aead.class);
try {
byte[] ciphertext = Bytes.concat(t.iv, t.ciphertext, t.tag);
byte[] plaintext = aead.decrypt(ciphertext, t.aad);
assertArrayEquals(plaintext, t.plaintext);
} catch (GeneralSecurityException e) {
fail("Should not fail at " + t.name + ", but thrown exception " + e);
}
}
}
use of com.google.crypto.tink.Aead in project tink by google.
the class AesGcmKeyManagerTest method getPrimitive.
@Test
public void getPrimitive() throws Exception {
AesGcmKey key = factory.createKey(AesGcmKeyFormat.newBuilder().setKeySize(16).build());
Aead managerAead = manager.getPrimitive(key, Aead.class);
Aead directAead = new AesGcmJce(key.getKeyValue().toByteArray());
byte[] plaintext = Random.randBytes(20);
byte[] associatedData = Random.randBytes(20);
assertThat(directAead.decrypt(managerAead.encrypt(plaintext, associatedData), associatedData)).isEqualTo(plaintext);
}
use of com.google.crypto.tink.Aead in project tink by google.
the class AeadFactoryTest method testMultipleKeys.
@Test
public void testMultipleKeys() throws Exception {
byte[] aesCtrKeyValue = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue = Random.randBytes(HMAC_KEY_SIZE);
int ivSize = 12;
int tagSize = 16;
Key primary = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 42, KeyStatusType.ENABLED, OutputPrefixType.TINK);
Key raw = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
Key legacy = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 44, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
Key tink = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 45, KeyStatusType.ENABLED, OutputPrefixType.TINK);
KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primary, raw, legacy, tink));
Aead aead = keysetHandle.getPrimitive(Aead.class);
byte[] plaintext = Random.randBytes(20);
byte[] associatedData = Random.randBytes(20);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
byte[] prefix = Arrays.copyOfRange(ciphertext, 0, CryptoFormat.NON_RAW_PREFIX_SIZE);
assertArrayEquals(prefix, CryptoFormat.getOutputPrefix(primary));
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
assertEquals(CryptoFormat.NON_RAW_PREFIX_SIZE + plaintext.length + ivSize + tagSize, ciphertext.length);
// encrypt with a non-primary RAW key and decrypt with the keyset
KeysetHandle keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(raw, legacy, tink));
Aead aead2 = keysetHandle2.getPrimitive(Aead.class);
ciphertext = aead2.encrypt(plaintext, associatedData);
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
// encrypt with a random key not in the keyset, decrypt with the keyset should fail
byte[] aesCtrKeyValue2 = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue2 = Random.randBytes(HMAC_KEY_SIZE);
Key random = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue2, ivSize, hmacKeyValue2, tagSize), 44, KeyStatusType.ENABLED, OutputPrefixType.TINK);
keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(random));
aead2 = keysetHandle2.getPrimitive(Aead.class);
final byte[] ciphertext2 = aead2.encrypt(plaintext, associatedData);
GeneralSecurityException e = assertThrows(GeneralSecurityException.class, () -> aead.decrypt(ciphertext2, associatedData));
assertExceptionContains(e, "decryption failed");
}
use of com.google.crypto.tink.Aead in project tink by google.
the class AeadFactoryTest method testSmallPlaintextWithRawKey.
@Test
public void testSmallPlaintextWithRawKey() throws Exception {
byte[] aesCtrKeyValue = Random.randBytes(AES_KEY_SIZE);
byte[] hmacKeyValue = Random.randBytes(HMAC_KEY_SIZE);
int ivSize = 12;
int tagSize = 16;
Key primary = TestUtil.createKey(TestUtil.createAesCtrHmacAeadKeyData(aesCtrKeyValue, ivSize, hmacKeyValue, tagSize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primary));
Aead aead = keysetHandle.getPrimitive(Aead.class);
byte[] plaintext = Random.randBytes(1);
byte[] associatedData = Random.randBytes(20);
byte[] ciphertext = aead.encrypt(plaintext, associatedData);
assertArrayEquals(plaintext, aead.decrypt(ciphertext, associatedData));
assertEquals(CryptoFormat.RAW_PREFIX_SIZE + plaintext.length + ivSize + tagSize, ciphertext.length);
}
Aggregations