Examples with Mac com.google.crypto.tink.Mac used on opensource projects

Example 16 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class PrfAesCmacTest method testMacTestVectors.

@Test
public void testMacTestVectors() throws Exception {
    Assume.assumeFalse(TinkFips.useOnlyFips());
    for (MacTestVector t : CMAC_TEST_VECTORS) {
        Mac mac = new PrfMac(new PrfAesCmac(t.key), t.tag.length);
        assertArrayEquals(t.tag, mac.computeMac(t.message));
        try {
            mac.verifyMac(t.tag, t.message);
        } catch (GeneralSecurityException e) {
            throw new AssertionError("Valid MAC, should not throw exception", e);
        }
    }
}

Example 17 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class PrfAesCmacTest method testTagTruncation.

@Test
public void testTagTruncation() throws Exception {
    Assume.assumeFalse(TinkFips.useOnlyFips());
    for (MacTestVector t : CMAC_TEST_VECTORS) {
        Mac mac = new PrfMac(new PrfAesCmac(t.key), t.tag.length);
        for (int j = 1; j < t.tag.length; j++) {
            byte[] modifiedTag = Arrays.copyOf(t.tag, t.tag.length - j);
            assertThrows(GeneralSecurityException.class, () -> mac.verifyMac(modifiedTag, t.message));
        }
    }
    // Test with random keys.
    for (MacTestVector t : CMAC_TEST_VECTORS) {
        Mac mac = new PrfMac(new PrfAesCmac(Random.randBytes(t.key.length)), t.tag.length);
        for (int j = 1; j < t.tag.length; j++) {
            byte[] modifiedTag = Arrays.copyOf(t.tag, t.tag.length - j);
            assertThrows(GeneralSecurityException.class, () -> mac.verifyMac(modifiedTag, t.message));
        }
    }
}

Example 18 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class AesCmacTest method testBitFlipMessage.

@Test
public void testBitFlipMessage() throws Exception {
    for (MacTestVector t : CMAC_TEST_VECTORS) {
        Mac mac = new AesCmac(t.key, t.tag.length);
        for (int b = 0; b < t.message.length; b++) {
            for (int bit = 0; bit < 8; bit++) {
                byte[] modifiedMessage = Arrays.copyOf(t.message, t.message.length);
                modifiedMessage[b] = (byte) (modifiedMessage[b] ^ (1 << bit));
                try {
                    mac.verifyMac(t.tag, modifiedMessage);
                    fail("Invalid MAC, should have thrown exception");
                } catch (GeneralSecurityException expected) {
                // Expected
                }
            }
        }
    }
    // Test with random keys.
    for (MacTestVector t : CMAC_TEST_VECTORS) {
        Mac mac = new AesCmac(Random.randBytes(t.key.length), t.tag.length);
        for (int j = 1; j < t.tag.length; j++) {
            byte[] modifiedTag = Arrays.copyOf(t.tag, t.tag.length - j);
            try {
                mac.verifyMac(modifiedTag, t.message);
                fail("Invalid MAC, should have thrown exception");
            } catch (GeneralSecurityException expected) {
            // Expected
            }
        }
    }
}

Example 19 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class MacCatalogueTest method testBasic.

@Test
public void testBasic() throws Exception {
    MacCatalogue catalogue = new MacCatalogue();
    // Check a single key type, incl. case-insensitve primitive name.
    String keyType = "type.googleapis.com/google.crypto.tink.HmacKey";
    {
        KeyManager<Mac> manager = catalogue.getKeyManager(keyType, "Mac", 0);
        assertThat(manager.doesSupport(keyType)).isTrue();
    }
    {
        KeyManager<Mac> manager = catalogue.getKeyManager(keyType, "MaC", 0);
        assertThat(manager.doesSupport(keyType)).isTrue();
    }
    {
        KeyManager<Mac> manager = catalogue.getKeyManager(keyType, "mAC", 0);
        assertThat(manager.doesSupport(keyType)).isTrue();
    }
    // Check all entries from the current MacConfig.
    RegistryConfig config = MacConfig.TINK_1_0_0;
    int count = 0;
    for (KeyTypeEntry entry : config.getEntryList()) {
        if ("Mac".equals(entry.getPrimitiveName())) {
            count = count + 1;
            KeyManager<Mac> manager = catalogue.getKeyManager(entry.getTypeUrl(), "mac", entry.getKeyManagerVersion());
            assertThat(manager.doesSupport(entry.getTypeUrl())).isTrue();
        }
    }
    assertEquals(1, count);
}

Example 20 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class MacJceTest method testBitFlipMessage.

@Test
public void testBitFlipMessage() throws Exception {
    for (MacTestVector t : HMAC_TEST_VECTORS) {
        Mac mac = new MacJce(t.algName, new SecretKeySpec(t.key, "HMAC"), t.tag.length);
        for (int b = 0; b < t.message.length; b++) {
            for (int bit = 0; bit < 8; bit++) {
                byte[] modifiedMessage = Arrays.copyOf(t.message, t.message.length);
                modifiedMessage[b] = (byte) (modifiedMessage[b] ^ (1 << bit));
                try {
                    mac.verifyMac(t.tag, modifiedMessage);
                    fail("Invalid MAC, should have thrown exception");
                } catch (GeneralSecurityException expected) {
                // Expected
                }
            }
        }
    }
    // Test with random keys.
    for (MacTestVector t : HMAC_TEST_VECTORS) {
        Mac mac = new MacJce(t.algName, new SecretKeySpec(Random.randBytes(t.key.length), "HMAC"), t.tag.length);
        for (int j = 1; j < t.tag.length; j++) {
            byte[] modifiedTag = Arrays.copyOf(t.tag, t.tag.length - j);
            try {
                mac.verifyMac(modifiedTag, t.message);
                fail("Invalid MAC, should have thrown exception");
            } catch (GeneralSecurityException expected) {
            // Expected
            }
        }
    }
}