Example 36 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class ChaCha20Poly1305Test method testLongMessages.
@Test
public /**
* BC had a bug, where GCM failed for messages of size > 8192
*/
void testLongMessages() throws Exception {
Assume.assumeFalse(TinkFips.useOnlyFips());
// Doesn't work on Android
Assume.assumeFalse(TestUtil.isAndroid());
int dataSize = 16;
while (dataSize <= (1 << 24)) {
byte[] plaintext = Random.randBytes(dataSize);
byte[] aad = Random.randBytes(dataSize / 3);
byte[] key = Random.randBytes(KEY_SIZE);
Aead aead = createInstance(key);
byte[] ciphertext = aead.encrypt(plaintext, aad);
byte[] decrypted = aead.decrypt(ciphertext, aad);
assertArrayEquals(plaintext, decrypted);
dataSize += 5 * dataSize / 11;
}
}Example 37 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class ChaCha20Poly1305Test method testEmptyAssociatedData.
@Test
public void testEmptyAssociatedData() throws Exception {
Assume.assumeFalse(TinkFips.useOnlyFips());
byte[] aad = new byte[0];
Aead aead = createInstance(Random.randBytes(KEY_SIZE));
for (int messageSize = 0; messageSize < 75; messageSize++) {
byte[] message = Random.randBytes(messageSize);
{
// encrypting with aad as a 0-length array
byte[] ciphertext = aead.encrypt(message, aad);
byte[] decrypted = aead.decrypt(ciphertext, aad);
assertArrayEquals(message, decrypted);
byte[] decrypted2 = aead.decrypt(ciphertext, null);
assertArrayEquals(message, decrypted2);
byte[] badAad = new byte[] { 1, 2, 3 };
assertThrows(AEADBadTagException.class, () -> {
byte[] unused = aead.decrypt(ciphertext, badAad);
});
}
{
// encrypting with aad equal to null
byte[] ciphertext = aead.encrypt(message, null);
byte[] decrypted = aead.decrypt(ciphertext, aad);
assertArrayEquals(message, decrypted);
byte[] decrypted2 = aead.decrypt(ciphertext, null);
assertArrayEquals(message, decrypted2);
byte[] badAad = new byte[] { 1, 2, 3 };
assertThrows(AEADBadTagException.class, () -> {
byte[] unused = aead.decrypt(ciphertext, badAad);
});
}
}
}
Also used :
Aead(com.google.crypto.tink.Aead)
AEADBadTagException(javax.crypto.AEADBadTagException)
Test(org.junit.Test)
Example 38 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class ChaCha20Poly1305Test method testWycheproofVectors.
@Test
public void testWycheproofVectors() throws Exception {
Assume.assumeFalse(TinkFips.useOnlyFips());
JsonObject json = WycheproofTestUtil.readJson("../wycheproof/testvectors/chacha20_poly1305_test.json");
int errors = 0;
JsonArray testGroups = json.getAsJsonArray("testGroups");
for (int i = 0; i < testGroups.size(); i++) {
JsonObject group = testGroups.get(i).getAsJsonObject();
JsonArray tests = group.getAsJsonArray("tests");
for (int j = 0; j < tests.size(); j++) {
JsonObject testcase = tests.get(j).getAsJsonObject();
String tcId = String.format("testcase %d (%s)", testcase.get("tcId").getAsInt(), testcase.get("comment").getAsString());
byte[] iv = Hex.decode(testcase.get("iv").getAsString());
byte[] key = Hex.decode(testcase.get("key").getAsString());
byte[] msg = Hex.decode(testcase.get("msg").getAsString());
byte[] aad = Hex.decode(testcase.get("aad").getAsString());
byte[] ct = Hex.decode(testcase.get("ct").getAsString());
byte[] tag = Hex.decode(testcase.get("tag").getAsString());
byte[] ciphertext = Bytes.concat(iv, ct, tag);
// Result is one of "valid", "invalid", "acceptable".
// "valid" are test vectors with matching plaintext, ciphertext and tag.
// "invalid" are test vectors with invalid parameters or invalid ciphertext and tag.
// "acceptable" are test vectors with weak parameters or legacy formats.
String result = testcase.get("result").getAsString();
try {
Aead aead = createInstance(key);
byte[] decrypted = aead.decrypt(ciphertext, aad);
boolean eq = TestUtil.arrayEquals(decrypted, msg);
if (result.equals("invalid")) {
System.out.printf("FAIL %s: accepting invalid ciphertext, cleartext: %s, decrypted: %s%n", tcId, Hex.encode(msg), Hex.encode(decrypted));
errors++;
} else {
if (!eq) {
System.out.printf("FAIL %s: incorrect decryption, result: %s, expected: %s%n", tcId, Hex.encode(decrypted), Hex.encode(msg));
errors++;
}
}
} catch (GeneralSecurityException ex) {
if (result.equals("valid")) {
System.out.printf("FAIL %s: cannot decrypt, exception %s%n", tcId, ex);
errors++;
}
}
}
}
assertEquals(0, errors);
}
Also used :
JsonArray(com.google.gson.JsonArray)
GeneralSecurityException(java.security.GeneralSecurityException)
Aead(com.google.crypto.tink.Aead)
JsonObject(com.google.gson.JsonObject)
Test(org.junit.Test)
Example 39 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class XChaCha20Poly1305Test method testRandomNonce.
/**
* This is a very simple test for the randomness of the nonce. The test simply checks that the
* multiple ciphertexts of the same message are distinct.
*/
@Test
public void testRandomNonce() throws Exception {
if (TestUtil.isTsan()) {
System.out.println("testRandomNonce takes too long under tsan, skipping");
return;
}
byte[] key = Random.randBytes(KEY_SIZE);
Aead aead = createInstance(key);
byte[] message = new byte[0];
byte[] aad = new byte[0];
HashSet<String> ciphertexts = new HashSet<>();
final int samples = 1 << 17;
for (int i = 0; i < samples; i++) {
byte[] ct = aead.encrypt(message, aad);
String ctHex = TestUtil.hexEncode(ct);
assertFalse(ciphertexts.contains(ctHex));
ciphertexts.add(ctHex);
}
assertEquals(samples, ciphertexts.size());
}Example 40 with Aead
use of com.google.crypto.tink.Aead in project tink by google.
the class XChaCha20Poly1305Test method testDecryptThrowsGeneralSecurityExpWhenCiphertextIsTooShort.
@Test
public void testDecryptThrowsGeneralSecurityExpWhenCiphertextIsTooShort() throws GeneralSecurityException {
Aead cipher = createInstance(new byte[KEY_SIZE]);
GeneralSecurityException e = assertThrows(GeneralSecurityException.class, () -> cipher.decrypt(new byte[27], new byte[1]));
assertThat(e).hasMessageThat().containsMatch("ciphertext too short");
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
Aead(com.google.crypto.tink.Aead)
Test(org.junit.Test)
Aggregations
Aead (com.google.crypto.tink.Aead)84
Test (org.junit.Test)67
GeneralSecurityException (java.security.GeneralSecurityException)25
KeysetHandle (com.google.crypto.tink.KeysetHandle)21
Key (com.google.crypto.tink.proto.Keyset.Key)9
CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)7
IOException (java.io.IOException)7
EncryptRequest (com.amazonaws.services.kms.model.EncryptRequest)6
KeyTemplate (com.google.crypto.tink.KeyTemplate)6
ByteString (com.google.protobuf.ByteString)6
DecryptRequest (com.amazonaws.services.kms.model.DecryptRequest)5
EncryptResult (com.amazonaws.services.kms.model.EncryptResult)5
KmsEnvelopeAeadKey (com.google.crypto.tink.proto.KmsEnvelopeAeadKey)5
File (java.io.File)5
FileOutputStream (java.io.FileOutputStream)5
DecryptResult (com.amazonaws.services.kms.model.DecryptResult)4
InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)4
ByteBuffer (java.nio.ByteBuffer)4
AesEaxKey (com.google.crypto.tink.proto.AesEaxKey)3
AesGcmKey (com.google.crypto.tink.proto.AesGcmKey)3
