Examples with KeyTemplate com.google.crypto.tink.KeyTemplate used on opensource projects

Search in sources :

Example 46 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtPublicKeySignVerifyWrappersTest method wrongIssuer_throwsInvalidException.

@Test
public void wrongIssuer_throwsInvalidException() throws Exception {
    KeyTemplate template = KeyTemplates.get("JWT_ES256");
    KeysetHandle keysetHandle = KeysetHandle.generateNew(template);
    JwtPublicKeySign jwtSigner = keysetHandle.getPrimitive(JwtPublicKeySign.class);
    KeysetHandle publicHandle = keysetHandle.getPublicKeysetHandle();
    JwtPublicKeyVerify jwtVerifier = publicHandle.getPrimitive(JwtPublicKeyVerify.class);
    RawJwt rawJwt = RawJwt.newBuilder().setIssuer("Justus").withoutExpiration().build();
    String compact = jwtSigner.signAndEncode(rawJwt);
    JwtValidator validator = JwtValidator.newBuilder().expectIssuer("Peter").allowMissingExpiration().build();
    assertThrows(JwtInvalidException.class, () -> jwtVerifier.verifyAndDecode(compact, validator));
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) KeyTemplate(com.google.crypto.tink.KeyTemplate) Test(org.junit.Test)

Example 47 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtPublicKeySignVerifyWrappersTest method test_wrapLegacy_throws.

@Test
public void test_wrapLegacy_throws() throws Exception {
    KeyTemplate rawTemplate = KeyTemplates.get("JWT_ES256_RAW");
    // Convert the normal, raw template into a template with output prefix type LEGACY
    KeyTemplate tinkTemplate = KeyTemplate.create(rawTemplate.getTypeUrl(), rawTemplate.getValue(), KeyTemplate.OutputPrefixType.LEGACY);
    KeysetHandle handle = KeysetHandle.generateNew(tinkTemplate);
    assertThrows(GeneralSecurityException.class, () -> handle.getPrimitive(JwtPublicKeySign.class));
    KeysetHandle publicHandle = handle.getPublicKeysetHandle();
    assertThrows(GeneralSecurityException.class, () -> publicHandle.getPrimitive(JwtPublicKeyVerify.class));
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) KeyTemplate(com.google.crypto.tink.KeyTemplate) Test(org.junit.Test)

Example 48 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtPublicKeySignVerifyWrappersTest method test_wrapSingleTinkKey_works.

@Test
public void test_wrapSingleTinkKey_works() throws Exception {
    KeyTemplate tinkTemplate = KeyTemplates.get("JWT_ES256");
    KeysetHandle handle = KeysetHandle.generateNew(tinkTemplate);
    JwtPublicKeySign signer = handle.getPrimitive(JwtPublicKeySign.class);
    JwtPublicKeyVerify verifier = handle.getPublicKeysetHandle().getPrimitive(JwtPublicKeyVerify.class);
    RawJwt rawToken = RawJwt.newBuilder().setJwtId("blah").withoutExpiration().build();
    String signedCompact = signer.signAndEncode(rawToken);
    JwtValidator validator = JwtValidator.newBuilder().allowMissingExpiration().build();
    VerifiedJwt verifiedToken = verifier.verifyAndDecode(signedCompact, validator);
    assertThat(verifiedToken.getJwtId()).isEqualTo("blah");
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) KeyTemplate(com.google.crypto.tink.KeyTemplate) Test(org.junit.Test)

Example 49 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtPublicKeySignVerifyWrappersTest method wrongKey_throwsInvalidSignatureException.

// Note: we use Theory as a parametrized test -- different from what the Theory framework intends.
@Theory
public void wrongKey_throwsInvalidSignatureException(@FromDataPoints("templateNames") String templateName) throws Exception {
    if (TestUtil.isTsan()) {
        // We do not use assume because Theories expects to find something which is not skipped.
        return;
    }
    KeyTemplate template = KeyTemplates.get(templateName);
    KeysetHandle keysetHandle = KeysetHandle.generateNew(template);
    JwtPublicKeySign jwtSign = keysetHandle.getPrimitive(JwtPublicKeySign.class);
    RawJwt rawJwt = RawJwt.newBuilder().withoutExpiration().build();
    String compact = jwtSign.signAndEncode(rawJwt);
    JwtValidator validator = JwtValidator.newBuilder().allowMissingExpiration().build();
    KeysetHandle wrongKeysetHandle = KeysetHandle.generateNew(template);
    KeysetHandle wrongPublicKeysetHandle = wrongKeysetHandle.getPublicKeysetHandle();
    JwtPublicKeyVerify wrongJwtVerify = wrongPublicKeysetHandle.getPrimitive(JwtPublicKeyVerify.class);
    assertThrows(GeneralSecurityException.class, () -> wrongJwtVerify.verifyAndDecode(compact, validator));
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) KeyTemplate(com.google.crypto.tink.KeyTemplate) Theory(org.junit.experimental.theories.Theory)

Example 50 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtRsaSsaPkcs1SignKeyManagerTest method signAndVerifyWithWrongCustomKid_fails.

@Test
public void signAndVerifyWithWrongCustomKid_fails() throws Exception {
    if (TestUtil.isTsan()) {
        // We do not use assume because Theories expects to find something which is not skipped.
        return;
    }
    KeyTemplate template = KeyTemplates.get("JWT_RS256_2048_F4_RAW");
    KeysetHandle handleWithoutKid = KeysetHandle.generateNew(template);
    KeysetHandle handleWithKid = withCustomKid(handleWithoutKid, "kid");
    KeysetHandle handleWithWrongKid = withCustomKid(handleWithoutKid, "wrong kid");
    JwtPublicKeySign signerWithKid = handleWithKid.getPrimitive(JwtPublicKeySign.class);
    RawJwt rawToken = RawJwt.newBuilder().setJwtId("jwtId").withoutExpiration().build();
    String signedCompactWithKid = signerWithKid.signAndEncode(rawToken);
    JwtValidator validator = JwtValidator.newBuilder().allowMissingExpiration().build();
    JwtPublicKeyVerify verifierWithWrongKid = handleWithWrongKid.getPublicKeysetHandle().getPrimitive(JwtPublicKeyVerify.class);
    assertThrows(JwtInvalidException.class, () -> verifierWithWrongKid.verifyAndDecode(signedCompactWithKid, validator));
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) CleartextKeysetHandle(com.google.crypto.tink.CleartextKeysetHandle) ByteString(com.google.protobuf.ByteString) KeyTemplate(com.google.crypto.tink.KeyTemplate) Test(org.junit.Test)

Aggregations

KeyTemplate (com.google.crypto.tink.KeyTemplate)143 Test (org.junit.Test)135 KeysetHandle (com.google.crypto.tink.KeysetHandle)56 ByteString (com.google.protobuf.ByteString)39 CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)37 KeyData (com.google.crypto.tink.proto.KeyData)16 Keyset (com.google.crypto.tink.proto.Keyset)12 JsonObject (com.google.gson.JsonObject)8 KeysetManager (com.google.crypto.tink.KeysetManager)7 BigInteger (java.math.BigInteger)7 Instant (java.time.Instant)7 Aead (com.google.crypto.tink.Aead)6 Enums (com.google.crypto.tink.subtle.Enums)6 Clock (java.time.Clock)6 AesEaxKeyFormat (com.google.crypto.tink.proto.AesEaxKeyFormat)5 AesCtrHmacStreamingKeyFormat (com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat)4 AesGcmHkdfStreamingKeyFormat (com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat)4 AesGcmKeyFormat (com.google.crypto.tink.proto.AesGcmKeyFormat)4 AesGcmSivKeyFormat (com.google.crypto.tink.proto.AesGcmSivKeyFormat)4 EciesAeadHkdfKeyFormat (com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial