Examples with DeterministicAead com.google.crypto.tink.DeterministicAead used on opensource projects

Example 6 with DeterministicAead

use of com.google.crypto.tink.DeterministicAead in project tink by google.

the class DeterministicAeadFactoryTest method testRawKeyAsPrimary.

private static void testRawKeyAsPrimary(int keySize) throws Exception {
    Key primary = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    Key raw = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    Key legacy = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 44, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
    KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primary, raw, legacy));
    DeterministicAead daead = DeterministicAeadFactory.getPrimitive(keysetHandle);
    byte[] plaintext = Random.randBytes(20);
    byte[] associatedData = Random.randBytes(20);
    byte[] ciphertext = daead.encryptDeterministically(plaintext, associatedData);
    assertArrayEquals(plaintext, daead.decryptDeterministically(ciphertext, associatedData));
    assertEquals(CryptoFormat.RAW_PREFIX_SIZE + plaintext.length + 16, ciphertext.length);
}

Example 7 with DeterministicAead

use of com.google.crypto.tink.DeterministicAead in project tink by google.

the class DeterministicAeadFactoryTest method testMultipleKeys.

private static void testMultipleKeys(int keySize) throws Exception {
    Key primary = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 42, KeyStatusType.ENABLED, OutputPrefixType.TINK);
    Key raw = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    Key legacy = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 44, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
    Key tink = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 45, KeyStatusType.ENABLED, OutputPrefixType.TINK);
    KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primary, raw, legacy, tink));
    DeterministicAead daead = DeterministicAeadFactory.getPrimitive(keysetHandle);
    byte[] plaintext = Random.randBytes(20);
    byte[] associatedData = Random.randBytes(20);
    byte[] ciphertext = daead.encryptDeterministically(plaintext, associatedData);
    byte[] prefix = Arrays.copyOfRange(ciphertext, 0, CryptoFormat.NON_RAW_PREFIX_SIZE);
    assertArrayEquals(prefix, CryptoFormat.getOutputPrefix(primary));
    assertArrayEquals(plaintext, daead.decryptDeterministically(ciphertext, associatedData));
    assertEquals(CryptoFormat.NON_RAW_PREFIX_SIZE + plaintext.length + 16, ciphertext.length);
    // encrypt with a non-primary RAW key and decrypt with the keyset
    KeysetHandle keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(raw, legacy, tink));
    DeterministicAead daead2 = DeterministicAeadFactory.getPrimitive(keysetHandle2);
    ciphertext = daead2.encryptDeterministically(plaintext, associatedData);
    assertArrayEquals(plaintext, daead.decryptDeterministically(ciphertext, associatedData));
    // encrypt with a random key not in the keyset, decrypt with the keyset should fail
    Key random = TestUtil.createKey(TestUtil.createAesSivKeyData(keySize), 44, KeyStatusType.ENABLED, OutputPrefixType.TINK);
    keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(random));
    daead2 = DeterministicAeadFactory.getPrimitive(keysetHandle2);
    ciphertext = daead2.encryptDeterministically(plaintext, associatedData);
    try {
        daead.decryptDeterministically(ciphertext, associatedData);
        fail("Expected GeneralSecurityException");
    } catch (GeneralSecurityException e) {
        assertExceptionContains(e, "decryption failed");
    }
}

Example 8 with DeterministicAead

use of com.google.crypto.tink.DeterministicAead in project tink by google.

the class AesSivTest method testWycheproofVectors.

@Test
public void testWycheproofVectors() throws Exception {
    JSONObject json = WycheproofTestUtil.readJson("testdata/wycheproof/aes_siv_cmac_test.json");
    JSONArray testGroups = json.getJSONArray("testGroups");
    int cntSkippedTests = 0;
    for (int i = 0; i < testGroups.length(); i++) {
        JSONObject group = testGroups.getJSONObject(i);
        int keySize = group.getInt("keySize");
        JSONArray tests = group.getJSONArray("tests");
        if (!Arrays.asList(keySizeInBytes).contains(keySize / 8)) {
            cntSkippedTests += tests.length();
            continue;
        }
        for (int j = 0; j < tests.length(); j++) {
            JSONObject testcase = tests.getJSONObject(j);
            String tcId = String.format("testcase %d (%s)", testcase.getInt("tcId"), testcase.getString("comment"));
            byte[] key = Hex.decode(testcase.getString("key"));
            byte[] msg = Hex.decode(testcase.getString("msg"));
            byte[] aad = Hex.decode(testcase.getString("aad"));
            byte[] ct = Hex.decode(testcase.getString("ct"));
            // Result is one of "valid" and "invalid".
            // "valid" are test vectors with matching plaintext and ciphertext.
            // "invalid" are test vectors with invalid parameters or invalid ciphertext.
            String result = testcase.getString("result");
            DeterministicAead daead = new AesSiv(key);
            if (result.equals("valid")) {
                byte[] ciphertext = daead.encryptDeterministically(msg, aad);
                assertEquals(tcId, Hex.encode(ct), Hex.encode(ciphertext));
                byte[] plaintext = daead.decryptDeterministically(ct, aad);
                assertEquals(tcId, Hex.encode(msg), Hex.encode(plaintext));
            } else {
                try {
                    byte[] plaintext = daead.decryptDeterministically(ct, aad);
                    fail(String.format("FAIL %s: decrypted invalid ciphertext as %s", tcId, Hex.encode(plaintext)));
                } catch (GeneralSecurityException ex) {
                // This is expected
                }
            }
        }
    }
    System.out.printf("Number of tests skipped: %d", cntSkippedTests);
}

Example 9 with DeterministicAead

use of com.google.crypto.tink.DeterministicAead in project tink by google.

the class AesSivTest method testEncryptDecryptWithEmptyPlaintext.

@Test
public void testEncryptDecryptWithEmptyPlaintext() throws GeneralSecurityException {
    for (int keySize : keySizeInBytes) {
        DeterministicAead dead = new AesSiv(Random.randBytes(keySize));
        for (int triesPlaintext = 0; triesPlaintext < 100; triesPlaintext++) {
            byte[] plaintext = new byte[0];
            byte[] aad = Random.randBytes(Random.randInt(128) + 1);
            byte[] ciphertext = dead.encryptDeterministically(plaintext, aad);
            byte[] rebuiltPlaintext = dead.decryptDeterministically(ciphertext, aad);
            assertEquals(AesUtil.BLOCK_SIZE, ciphertext.length);
            assertEquals(Hex.encode(plaintext), Hex.encode(rebuiltPlaintext));
        }
    }
}

Example 10 with DeterministicAead

use of com.google.crypto.tink.DeterministicAead in project tink by google.

the class AesSivTest method testEncryptDecryptWithEmptyAssociatedData.

@Test
public void testEncryptDecryptWithEmptyAssociatedData() throws GeneralSecurityException {
    for (int keySize : keySizeInBytes) {
        DeterministicAead dead = new AesSiv(Random.randBytes(keySize));
        for (int triesPlaintext = 0; triesPlaintext < 100; triesPlaintext++) {
            byte[] plaintext = Random.randBytes(Random.randInt(1024) + 1);
            byte[] aad = new byte[0];
            byte[] rebuiltPlaintext = dead.decryptDeterministically(dead.encryptDeterministically(plaintext, aad), aad);
            assertEquals(Hex.encode(plaintext), Hex.encode(rebuiltPlaintext));
        }
    }
}