Examples with KeysetHandle com.google.crypto.tink.KeysetHandle used on opensource projects

Example 6 with KeysetHandle

use of com.google.crypto.tink.KeysetHandle in project tink by google.

the class StreamingAeadFactoryTest method testBasicAesCtrHmacStreamingAead.

@Test
public void testBasicAesCtrHmacStreamingAead() throws Exception {
    byte[] keyValue = Random.randBytes(AES_KEY_SIZE);
    int derivedKeySize = AES_KEY_SIZE;
    int ciphertextSegmentSize = 128;
    KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createAesCtrHmacStreamingKeyData(keyValue, derivedKeySize, ciphertextSegmentSize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW)));
    StreamingAead streamingAead = StreamingAeadFactory.getPrimitive(keysetHandle);
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
}

Example 7 with KeysetHandle

use of com.google.crypto.tink.KeysetHandle in project tink by google.

the class PublicKeyVerifyCli method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        System.out.println("Usage: PublicKeyVerifyCli keyset-file signature-file message-file output-file");
        System.exit(1);
    }
    String keysetFilename = args[0];
    String signatureFilename = args[1];
    String messageFilename = args[2];
    String outputFilename = args[3];
    System.out.println("Using keyset from file " + keysetFilename + " to verify signature from file " + signatureFilename + " of the message from file " + messageFilename + ".");
    System.out.println("The verification result will be written to file " + outputFilename);
    // Init Tink.
    CliUtil.initTink();
    // Read the keyset.
    System.out.println("Reading the keyset...");
    KeysetHandle keysetHandle = CliUtil.readKeyset(keysetFilename);
    // Get the primitive.
    System.out.println("Getting the primitive...");
    PublicKeyVerify pkVerify = PublicKeyVerifyFactory.getPrimitive(keysetHandle);
    // Read the signature.
    byte[] signature = CliUtil.read(signatureFilename);
    // Read the message.
    byte[] message = CliUtil.read(messageFilename);
    // Verify the signature.
    System.out.println("Verifying...");
    String verificationResult;
    try {
        pkVerify.verify(signature, message);
        verificationResult = "valid";
    } catch (GeneralSecurityException e) {
        System.out.println("Verification failed: " + e);
        verificationResult = "invalid";
    }
    // Write the verification result to the output file.
    CliUtil.write(verificationResult.getBytes(CliUtil.UTF_8), outputFilename);
    System.out.println("All done.");
}

Example 8 with KeysetHandle

use of com.google.crypto.tink.KeysetHandle in project tink by google.

the class ConvertKeysetCommand method convert.

/**
 * Changes format, encrypts or decrypts a keyset.
 *
 * <p>The keyset is read from {@code inputStream}. Its format can be either <code>json</code>
 * or <code>binary</code>, and is specified by {@code inFormat}. The new key is generated
 * from template {@code keyTemplate}. If the input keyset is encrypted, use
 * {@code masterKeyUri} and {@code credentialPath} to decrypt. The output keyset
 * is written to {@code outputStream} in {@code outFormat}, and encrypted if the
 * input keyset is encrypted.
 *
 * @throws GeneralSecurityException if cannot encrypt/decrypt the keyset
 * @throws IOException if cannot read/write the keyset
 */
public static void convert(OutputStream outputStream, String outFormat, InputStream inputStream, String inFormat, String masterKeyUri, String credentialPath, String newMasterKeyUri, String newCredentialPath) throws GeneralSecurityException, IOException {
    KeysetHandle handle = TinkeyUtil.getKeysetHandle(inputStream, inFormat, masterKeyUri, credentialPath);
    TinkeyUtil.writeKeyset(handle, outputStream, outFormat, newMasterKeyUri, newCredentialPath);
}

Example 9 with KeysetHandle

use of com.google.crypto.tink.KeysetHandle in project tink by google.

the class CreatePublicKeysetCommand method create.

/**
 * Extracts public keys from {@code inputStream} (using {@code credentialPath} and
 * {@code masterKeyUri} to decrypt if it is encrypted) and writes public keys to
 * {@code outputStream}.
 */
public static void create(OutputStream outputStream, String outFormat, InputStream inputStream, String inFormat, String masterKeyUri, String credentialPath) throws Exception {
    KeysetHandle handle = TinkeyUtil.getKeysetHandle(inputStream, inFormat, masterKeyUri, credentialPath);
    KeysetWriter writer = TinkeyUtil.createKeysetWriter(outputStream, outFormat);
    CleartextKeysetHandle.write(handle.getPublicKeysetHandle(), writer);
}

Example 10 with KeysetHandle

use of com.google.crypto.tink.KeysetHandle in project tink by google.

the class AesEaxKeyManagerTest method testCiphertextSize.

@Test
public void testCiphertextSize() throws Exception {
    byte[] keyValue = Random.randBytes(AES_KEY_SIZE);
    KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createAesEaxKeyData(keyValue, 16), 42, KeyStatusType.ENABLED, OutputPrefixType.TINK)));
    Aead aead = AeadFactory.getPrimitive(keysetHandle);
    byte[] plaintext = "plaintext".getBytes("UTF-8");
    byte[] associatedData = "associatedData".getBytes("UTF-8");
    byte[] ciphertext = aead.encrypt(plaintext, associatedData);
    assertEquals(CryptoFormat.NON_RAW_PREFIX_SIZE + 16 + /* IV_SIZE */
    plaintext.length + 16, /* TAG_SIZE */
    ciphertext.length);
}