Examples with HybridEncrypt com.google.crypto.tink.HybridEncrypt used on opensource projects

Example 11 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class CreatePublicKeysetCommandTest method assertHybrid.

private void assertHybrid(KeysetReader privateReader, KeysetReader publicReader) throws Exception {
    HybridDecrypt decrypter = HybridDecryptFactory.getPrimitive(CleartextKeysetHandle.read(privateReader));
    HybridEncrypt encrypter = HybridEncryptFactory.getPrimitive(CleartextKeysetHandle.read(publicReader));
    byte[] message = Random.randBytes(10);
    byte[] contextInfo = Random.randBytes(20);
    assertThat(decrypter.decrypt(encrypter.encrypt(message, contextInfo), contextInfo)).isEqualTo(message);
}

Example 12 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class PaymentMethodTokenHybridDecryptTest method testModifyDecrypt.

@Test
public void testModifyDecrypt() throws Exception {
    ECParameterSpec spec = EllipticCurves.getNistP256Params();
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
    keyGen.initialize(spec);
    KeyPair recipientKey = keyGen.generateKeyPair();
    ECPublicKey recipientPublicKey = (ECPublicKey) recipientKey.getPublic();
    ECPrivateKey recipientPrivateKey = (ECPrivateKey) recipientKey.getPrivate();
    HybridEncrypt hybridEncrypt = new PaymentMethodTokenHybridEncrypt(recipientPublicKey, ProtocolVersionConfig.EC_V1);
    HybridDecrypt hybridDecrypt = new PaymentMethodTokenHybridDecrypt(recipientPrivateKey, ProtocolVersionConfig.EC_V1);
    testModifyDecrypt(hybridEncrypt, hybridDecrypt);
}

Example 13 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class EciesAeadHkdfHybridEncryptTest method testBasicMultipleEncrypts.

private void testBasicMultipleEncrypts(CurveType curveType, KeyTemplate keyTemplate) throws Exception {
    KeyPair recipientKey = EllipticCurves.generateKeyPair(curveType);
    ECPublicKey recipientPublicKey = (ECPublicKey) recipientKey.getPublic();
    ECPrivateKey recipientPrivateKey = (ECPrivateKey) recipientKey.getPrivate();
    byte[] salt = "some salt".getBytes("UTF-8");
    byte[] plaintext = Random.randBytes(20);
    byte[] context = "context info".getBytes("UTF-8");
    String hmacAlgo = HybridUtil.toHmacAlgo(HashType.SHA256);
    HybridEncrypt hybridEncrypt = new EciesAeadHkdfHybridEncrypt(recipientPublicKey, salt, hmacAlgo, EllipticCurves.PointFormatType.UNCOMPRESSED, new RegistryEciesAeadHkdfDemHelper(keyTemplate));
    HybridDecrypt hybridDecrypt = new EciesAeadHkdfHybridDecrypt(recipientPrivateKey, salt, hmacAlgo, EllipticCurves.PointFormatType.UNCOMPRESSED, new RegistryEciesAeadHkdfDemHelper(keyTemplate));
    // Makes sure that the encryption is randomized.
    Set<String> ciphertexts = new TreeSet<String>();
    for (int j = 0; j < 8; j++) {
        byte[] ciphertext = hybridEncrypt.encrypt(plaintext, context);
        if (ciphertexts.contains(new String(ciphertext, "UTF-8"))) {
            throw new GeneralSecurityException("Encryption is not randomized");
        }
        ciphertexts.add(new String(ciphertext, "UTF-8"));
        byte[] decrypted = hybridDecrypt.decrypt(ciphertext, context);
        assertArrayEquals(plaintext, decrypted);
    }
    assertEquals(8, ciphertexts.size());
}

Example 14 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class HybridEncryptCli method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        System.out.println("Usage: HybridEncryptCli keyset-file plaintext-file context-info output-file");
        System.exit(1);
    }
    String keysetFilename = args[0];
    String plaintextFilename = args[1];
    String contextInfo = args[2];
    String outputFilename = args[3];
    System.out.println("Using keyset from file " + keysetFilename + " to encrypt file " + plaintextFilename + " with context info '" + contextInfo + "'.");
    System.out.println("The resulting ciphertext will be written to file " + outputFilename);
    // Init Tink.
    CliUtil.initTink();
    // Read the keyset.
    System.out.println("Reading the keyset...");
    KeysetHandle keysetHandle = CliUtil.readKeyset(keysetFilename);
    // Get the primitive.
    System.out.println("Getting the primitive...");
    HybridEncrypt hybridEncrypt = HybridEncryptFactory.getPrimitive(keysetHandle);
    // Read the plaintext.
    byte[] plaintext = CliUtil.read(plaintextFilename);
    // Compute the ciphertext.
    System.out.println("Encrypting...");
    byte[] ciphertext = hybridEncrypt.encrypt(plaintext, contextInfo.getBytes(CliUtil.UTF_8));
    // Write the ciphertext to the output file.
    CliUtil.write(ciphertext, outputFilename);
    System.out.println("All done.");
}

Example 15 with HybridEncrypt

use of com.google.crypto.tink.HybridEncrypt in project tink by google.

the class WebPushHybridEncryptTest method testEncryptDecrypt.

@Test
public void testEncryptDecrypt() throws Exception {
    for (int i = 0; i < 10; i++) {
        KeyPair uaKeyPair = EllipticCurves.generateKeyPair(WebPushConstants.NIST_P256_CURVE_TYPE);
        ECPrivateKey uaPrivateKey = (ECPrivateKey) uaKeyPair.getPrivate();
        ECPublicKey uaPublicKey = (ECPublicKey) uaKeyPair.getPublic();
        byte[] uaPublicKeyBytes = EllipticCurves.pointEncode(WebPushConstants.NIST_P256_CURVE_TYPE, WebPushConstants.UNCOMPRESSED_POINT_FORMAT, uaPublicKey.getW());
        byte[] authSecret = Random.randBytes(16);
        HybridEncrypt hybridEncrypt = new WebPushHybridEncrypt.Builder().withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKeyBytes).build();
        HybridDecrypt hybridDecrypt = new WebPushHybridDecrypt.Builder().withAuthSecret(authSecret).withRecipientPublicKey(uaPublicKeyBytes).withRecipientPrivateKey(uaPrivateKey).build();
        Set<String> salts = new TreeSet<String>();
        Set<String> ephemeralPublicKeys = new TreeSet<String>();
        Set<String> payloads = new TreeSet<String>();
        int numTests = 50;
        for (int j = 0; j < numTests; j++) {
            byte[] plaintext = Random.randBytes(j);
            byte[] ciphertext = hybridEncrypt.encrypt(plaintext, null);
            assertEquals(ciphertext.length, plaintext.length + WebPushConstants.CIPHERTEXT_OVERHEAD);
            assertArrayEquals(plaintext, hybridDecrypt.decrypt(ciphertext, null));
            // Checks that the encryption is randomized.
            ByteBuffer record = ByteBuffer.wrap(ciphertext);
            byte[] salt = new byte[WebPushConstants.SALT_SIZE];
            record.get(salt);
            salts.add(Hex.encode(salt));
            int unused1 = record.getInt();
            int unused2 = (int) record.get();
            byte[] ephemeralPublicKey = new byte[WebPushConstants.PUBLIC_KEY_SIZE];
            record.get(ephemeralPublicKey);
            ephemeralPublicKeys.add(Hex.encode(ephemeralPublicKey));
            byte[] payload = new byte[ciphertext.length - WebPushConstants.CONTENT_CODING_HEADER_SIZE];
            record.get(payload);
            payloads.add(Hex.encode(payload));
        }
        assertEquals(numTests, salts.size());
        assertEquals(numTests, ephemeralPublicKeys.size());
        assertEquals(numTests, payloads.size());
    }
}