Examples with KeyTemplate com.google.crypto.tink.KeyTemplate used on opensource projects

Example 86 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtEcdsaSignKeyManagerTest method testJwtES512Template_ok.

@Test
public void testJwtES512Template_ok() throws Exception {
    KeyTemplate template = KeyTemplates.get("JWT_ES512_RAW");
    checkTemplate(template, JwtEcdsaAlgorithm.ES512);
}

Example 87 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtEcdsaSignKeyManagerTest method signWithTinkKeyAndCustomKid_fails.

@Test
public void signWithTinkKeyAndCustomKid_fails() throws Exception {
    // KeysetHandle.generateNew is too slow in Tsan.
    assumeFalse(TestUtil.isTsan());
    KeyTemplate template = KeyTemplates.get("JWT_ES256");
    KeysetHandle handleWithoutKid = KeysetHandle.generateNew(template);
    KeysetHandle handleWithKid = withCustomKid(handleWithoutKid, "Lorem ipsum dolor sit amet, consectetur adipiscing elit");
    JwtPublicKeySign signerWithKid = handleWithKid.getPrimitive(JwtPublicKeySign.class);
    RawJwt rawToken = RawJwt.newBuilder().setJwtId("jwtId").withoutExpiration().build();
    assertThrows(JwtInvalidException.class, () -> signerWithKid.signAndEncode(rawToken));
}

Example 88 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtEcdsaSignKeyManagerTest method testJwtES256Template_ok.

@Test
public void testJwtES256Template_ok() throws Exception {
    KeyTemplate template = KeyTemplates.get("JWT_ES256_RAW");
    checkTemplate(template, JwtEcdsaAlgorithm.ES256);
}

Example 89 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtMacWrapperTest method test_wrapMultipleTinkKeys.

@Test
public void test_wrapMultipleTinkKeys() throws Exception {
    KeyTemplate tinkTemplate = KeyTemplates.get("JWT_HS256");
    KeysetManager manager = KeysetManager.withEmptyKeyset();
    manager.addNewKey(KeyTemplateProtoConverter.toProto(tinkTemplate), /*asPrimary=*/
    true);
    KeysetHandle oldHandle = manager.getKeysetHandle();
    manager.addNewKey(KeyTemplateProtoConverter.toProto(tinkTemplate), /*asPrimary=*/
    true);
    KeysetHandle newHandle = manager.getKeysetHandle();
    JwtMac oldJwtMac = oldHandle.getPrimitive(JwtMac.class);
    JwtMac newJwtMac = newHandle.getPrimitive(JwtMac.class);
    RawJwt rawToken = RawJwt.newBuilder().setJwtId("jwtId").withoutExpiration().build();
    String oldSignedCompact = oldJwtMac.computeMacAndEncode(rawToken);
    String newSignedCompact = newJwtMac.computeMacAndEncode(rawToken);
    JwtValidator validator = JwtValidator.newBuilder().allowMissingExpiration().build();
    assertThat(oldJwtMac.verifyMacAndDecode(oldSignedCompact, validator).getJwtId()).isEqualTo("jwtId");
    assertThat(newJwtMac.verifyMacAndDecode(oldSignedCompact, validator).getJwtId()).isEqualTo("jwtId");
    assertThat(newJwtMac.verifyMacAndDecode(newSignedCompact, validator).getJwtId()).isEqualTo("jwtId");
    assertThrows(GeneralSecurityException.class, () -> oldJwtMac.verifyMacAndDecode(newSignedCompact, validator));
}

Example 90 with KeyTemplate

use of com.google.crypto.tink.KeyTemplate in project tink by google.

the class JwtMacWrapperTest method test_wrapNoPrimary_throws.

@Test
public void test_wrapNoPrimary_throws() throws Exception {
    KeyTemplate template = KeyTemplates.get("JWT_HS256");
    KeysetManager manager = KeysetManager.withEmptyKeyset().add(template);
    KeysetHandle handle = manager.getKeysetHandle();
    assertThrows(GeneralSecurityException.class, () -> handle.getPrimitive(JwtMac.class));
}