Examples with HybridEncrypt com.google.crypto.tink.HybridEncrypt used on opensource projects

Search in sources :

Example 1 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class WebPushHybridDecryptTest method testEncryptDecryptWithInvalidRecordSizes.

@Test
public void testEncryptDecryptWithInvalidRecordSizes() throws Exception {
    KeyPair uaKeyPair = EllipticCurves.generateKeyPair(WebPushConstants.NIST_P256_CURVE_TYPE);
    ECPrivateKey uaPrivateKey = (ECPrivateKey) uaKeyPair.getPrivate();
    ECPublicKey uaPublicKey = (ECPublicKey) uaKeyPair.getPublic();
    byte[] authSecret = Random.randBytes(16);
    // Test with out of range record sizes.
    {
        try {
            new WebPushHybridDecrypt.Builder().withRecordSize(WebPushConstants.MAX_CIPHERTEXT_SIZE + 1).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).withRecipientPrivateKey(uaPrivateKey).build();
            fail("Expected IllegalArgumentException");
        } catch (IllegalArgumentException ex) {
        // expected.
        }
        try {
            new WebPushHybridDecrypt.Builder().withRecordSize(WebPushConstants.CIPHERTEXT_OVERHEAD - 1).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).withRecipientPrivateKey(uaPrivateKey).build();
        } catch (IllegalArgumentException ex) {
        // expected.
        }
    }
    // Test with random mismatched record size.
    {
        for (int i = 0; i < 50; i++) {
            int recordSize = WebPushConstants.CIPHERTEXT_OVERHEAD + Random.randInt(WebPushConstants.MAX_CIPHERTEXT_SIZE - WebPushConstants.CIPHERTEXT_OVERHEAD - 1);
            HybridEncrypt hybridEncrypt = new WebPushHybridEncrypt.Builder().withRecordSize(recordSize).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
            HybridDecrypt hybridDecrypt = new WebPushHybridDecrypt.Builder().withRecordSize(recordSize + 1).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).withRecipientPrivateKey(uaPrivateKey).build();
            byte[] plaintext = Random.randBytes(recordSize - WebPushConstants.CIPHERTEXT_OVERHEAD);
            byte[] ciphertext = hybridEncrypt.encrypt(plaintext, null);
            try {
                hybridDecrypt.decrypt(ciphertext, null);
                fail("Expected GeneralSecurityException");
            } catch (GeneralSecurityException ex) {
            // expected.
            }
        }
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) HybridDecrypt(com.google.crypto.tink.HybridDecrypt) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) Test(org.junit.Test)

Example 2 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class WebPushHybridEncryptTest method testEncryptDecryptWithVaryingRecordSizes.

@Test
public void testEncryptDecryptWithVaryingRecordSizes() throws Exception {
    KeyPair uaKeyPair = EllipticCurves.generateKeyPair(WebPushConstants.NIST_P256_CURVE_TYPE);
    ECPrivateKey uaPrivateKey = (ECPrivateKey) uaKeyPair.getPrivate();
    ECPublicKey uaPublicKey = (ECPublicKey) uaKeyPair.getPublic();
    byte[] authSecret = Random.randBytes(16);
    // Test with random, valid record sizes.
    {
        for (int i = 0; i < 100; i++) {
            int recordSize = WebPushConstants.CIPHERTEXT_OVERHEAD + Random.randInt(WebPushConstants.MAX_CIPHERTEXT_SIZE - WebPushConstants.CIPHERTEXT_OVERHEAD);
            HybridEncrypt hybridEncrypt = new WebPushHybridEncrypt.Builder().withRecordSize(recordSize).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
            HybridDecrypt hybridDecrypt = new WebPushHybridDecrypt.Builder().withRecordSize(recordSize).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).withRecipientPrivateKey(uaPrivateKey).build();
            byte[] plaintext = Random.randBytes(recordSize - WebPushConstants.CIPHERTEXT_OVERHEAD);
            byte[] ciphertext = hybridEncrypt.encrypt(plaintext, null);
            assertEquals(ciphertext.length, plaintext.length + WebPushConstants.CIPHERTEXT_OVERHEAD);
            assertArrayEquals(plaintext, hybridDecrypt.decrypt(ciphertext, null));
        }
    }
    // Test with largest possible record size.
    {
        HybridEncrypt hybridEncrypt = new WebPushHybridEncrypt.Builder().withRecordSize(WebPushConstants.MAX_CIPHERTEXT_SIZE).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
        HybridDecrypt hybridDecrypt = new WebPushHybridDecrypt.Builder().withRecordSize(WebPushConstants.MAX_CIPHERTEXT_SIZE).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).withRecipientPrivateKey(uaPrivateKey).build();
        byte[] plaintext = Random.randBytes(WebPushConstants.MAX_CIPHERTEXT_SIZE - WebPushConstants.CIPHERTEXT_OVERHEAD);
        byte[] ciphertext = hybridEncrypt.encrypt(plaintext, null);
        assertEquals(ciphertext.length, plaintext.length + WebPushConstants.CIPHERTEXT_OVERHEAD);
        assertArrayEquals(plaintext, hybridDecrypt.decrypt(ciphertext, null));
    }
    // Test with smallest possible record size.
    {
        HybridEncrypt hybridEncrypt = new WebPushHybridEncrypt.Builder().withRecordSize(WebPushConstants.CIPHERTEXT_OVERHEAD).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
        HybridDecrypt hybridDecrypt = new WebPushHybridDecrypt.Builder().withRecordSize(WebPushConstants.CIPHERTEXT_OVERHEAD).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).withRecipientPrivateKey(uaPrivateKey).build();
        byte[] plaintext = new byte[0];
        byte[] ciphertext = hybridEncrypt.encrypt(plaintext, null);
        assertEquals(ciphertext.length, plaintext.length + WebPushConstants.CIPHERTEXT_OVERHEAD);
        assertArrayEquals(plaintext, hybridDecrypt.decrypt(ciphertext, null));
    }
    // Test with out of range record sizes.
    {
        try {
            new WebPushHybridEncrypt.Builder().withRecordSize(WebPushConstants.MAX_CIPHERTEXT_SIZE + 1).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
            fail("Expected IllegalArgumentException");
        } catch (IllegalArgumentException ex) {
        // expected.
        }
        try {
            new WebPushHybridEncrypt.Builder().withRecordSize(WebPushConstants.CIPHERTEXT_OVERHEAD - 1).withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
            fail("Expected IllegalArgumentException");
        } catch (IllegalArgumentException ex) {
        // expected.
        }
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) HybridDecrypt(com.google.crypto.tink.HybridDecrypt) ECPublicKey(java.security.interfaces.ECPublicKey) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) Test(org.junit.Test)

Example 3 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class WebPushHybridEncryptTest method testNonNullContextInfo.

@Test
public void testNonNullContextInfo() throws Exception {
    KeyPair uaKeyPair = EllipticCurves.generateKeyPair(WebPushConstants.NIST_P256_CURVE_TYPE);
    ECPublicKey uaPublicKey = (ECPublicKey) uaKeyPair.getPublic();
    byte[] authSecret = Random.randBytes(16);
    HybridEncrypt hybridEncrypt = new WebPushHybridEncrypt.Builder().withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
    byte[] plaintext = Random.randBytes(20);
    byte[] contextInfo = new byte[0];
    try {
        byte[] unusedCiphertext = hybridEncrypt.encrypt(plaintext, contextInfo);
        fail("Expected GeneralSecurityException");
    } catch (GeneralSecurityException ex) {
    // expected;
    }
}
Also used : KeyPair(java.security.KeyPair) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) Test(org.junit.Test)

Example 4 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class WebPushHybridDecryptTest method testNonNullContextInfo.

@Test
public void testNonNullContextInfo() throws Exception {
    KeyPair uaKeyPair = EllipticCurves.generateKeyPair(WebPushConstants.NIST_P256_CURVE_TYPE);
    ECPrivateKey uaPrivateKey = (ECPrivateKey) uaKeyPair.getPrivate();
    ECPublicKey uaPublicKey = (ECPublicKey) uaKeyPair.getPublic();
    byte[] authSecret = Random.randBytes(16);
    HybridEncrypt hybridEncrypt = new WebPushHybridEncrypt.Builder().withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).build();
    HybridDecrypt hybridDecrypt = new WebPushHybridDecrypt.Builder().withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKey).withRecipientPrivateKey(uaPrivateKey).build();
    byte[] plaintext = Random.randBytes(20);
    byte[] ciphertext = hybridEncrypt.encrypt(plaintext, null);
    try {
        byte[] contextInfo = new byte[0];
        hybridDecrypt.decrypt(ciphertext, contextInfo);
        fail("Expected GeneralSecurityException");
    } catch (GeneralSecurityException ex) {
    // expected;
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) HybridDecrypt(com.google.crypto.tink.HybridDecrypt) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) Test(org.junit.Test)

Example 5 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class EciesAeadHkdfPrivateKeyManagerTest method testNewKey.

@Test
public void testNewKey() throws Exception {
    EllipticCurveType curve = EllipticCurveType.NIST_P384;
    HashType hashType = HashType.SHA256;
    EcPointFormat pointFormat = EcPointFormat.UNCOMPRESSED;
    KeyTemplate demKeyTemplate = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
    byte[] salt = "some salt".getBytes("UTF-8");
    EciesAeadHkdfParams params = HybridKeyTemplates.createEciesAeadHkdfParams(curve, hashType, pointFormat, demKeyTemplate, salt);
    EciesAeadHkdfPrivateKeyManager manager = new EciesAeadHkdfPrivateKeyManager();
    EciesAeadHkdfPrivateKey keyProto = (EciesAeadHkdfPrivateKey) manager.newKey(EciesAeadHkdfKeyFormat.newBuilder().setParams(params).build());
    assertEquals(params, keyProto.getPublicKey().getParams());
    Key primaryPriv = TestUtil.createKey(TestUtil.createKeyData(keyProto, EciesAeadHkdfPrivateKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PRIVATE), 8, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    Key primaryPub = TestUtil.createKey(TestUtil.createKeyData(keyProto.getPublicKey(), EciesAeadHkdfPublicKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    KeysetHandle keysetHandlePub = TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryPub));
    KeysetHandle keysetHandlePriv = TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryPriv));
    HybridEncrypt hybridEncrypt = HybridEncryptFactory.getPrimitive(keysetHandlePub);
    HybridDecrypt hybridDecrypt = HybridDecryptFactory.getPrimitive(keysetHandlePriv);
    byte[] plaintext = Random.randBytes(20);
    byte[] contextInfo = Random.randBytes(20);
    byte[] ciphertext = hybridEncrypt.encrypt(plaintext, contextInfo);
    assertArrayEquals(plaintext, hybridDecrypt.decrypt(ciphertext, contextInfo));
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) EciesAeadHkdfParams(com.google.crypto.tink.proto.EciesAeadHkdfParams) HybridDecrypt(com.google.crypto.tink.HybridDecrypt) HashType(com.google.crypto.tink.proto.HashType) EcPointFormat(com.google.crypto.tink.proto.EcPointFormat) EciesAeadHkdfPrivateKey(com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) EciesAeadHkdfPrivateKey(com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey) Key(com.google.crypto.tink.proto.Keyset.Key) Test(org.junit.Test)

Aggregations

HybridEncrypt (com.google.crypto.tink.HybridEncrypt)16 HybridDecrypt (com.google.crypto.tink.HybridDecrypt)13 Test (org.junit.Test)12 KeyPair (java.security.KeyPair)10 ECPublicKey (java.security.interfaces.ECPublicKey)10 ECPrivateKey (java.security.interfaces.ECPrivateKey)9 GeneralSecurityException (java.security.GeneralSecurityException)6 KeysetHandle (com.google.crypto.tink.KeysetHandle)4 EciesAeadHkdfPrivateKey (com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)3 EcPointFormat (com.google.crypto.tink.proto.EcPointFormat)2 EllipticCurveType (com.google.crypto.tink.proto.EllipticCurveType)2 HashType (com.google.crypto.tink.proto.HashType)2 KeyTemplate (com.google.crypto.tink.proto.KeyTemplate)2 Key (com.google.crypto.tink.proto.Keyset.Key)2 EciesAeadHkdfHybridDecrypt (com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt)2 EciesAeadHkdfHybridEncrypt (com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt)2 KeyPairGenerator (java.security.KeyPairGenerator)2 ECParameterSpec (java.security.spec.ECParameterSpec)2 TreeSet (java.util.TreeSet)2 KeyManager (com.google.crypto.tink.KeyManager)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial