Examples with Mac com.google.crypto.tink.Mac used on opensource projects

Example 31 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class MacFactoryTest method testSmallPlaintextWithRawKey.

@Test
public void testSmallPlaintextWithRawKey() throws Exception {
    byte[] keyValue = Random.randBytes(HMAC_KEY_SIZE);
    Key primary = TestUtil.createKey(TestUtil.createHmacKeyData(keyValue, 16), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primary));
    Mac mac = MacFactory.getPrimitive(keysetHandle);
    byte[] plaintext = "blah".getBytes("UTF-8");
    byte[] tag = mac.computeMac(plaintext);
    // no prefix
    assertEquals(16, /* TAG */
    tag.length);
    try {
        mac.verifyMac(tag, plaintext);
    } catch (GeneralSecurityException e) {
        fail("Valid MAC, should not throw exception");
    }
}

Example 32 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class HmacKeyManagerTest method getPrimitive_worksForSha1.

@Test
public void getPrimitive_worksForSha1() throws Exception {
    HmacKey validKey = factory.createKey(makeHmacKeyFormat(16, 19, HashType.SHA1));
    Mac managerMac = manager.getPrimitive(validKey, Mac.class);
    Mac directMac = new PrfMac(new PrfHmacJce("HMACSHA1", new SecretKeySpec(validKey.getKeyValue().toByteArray(), "HMAC")), 19);
    byte[] message = Random.randBytes(50);
    managerMac.verifyMac(directMac.computeMac(message), message);
}

Example 33 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class HmacKeyManagerTest method getPrimitive_worksForSha256.

@Test
public void getPrimitive_worksForSha256() throws Exception {
    HmacKey validKey = factory.createKey(makeHmacKeyFormat(16, 29, HashType.SHA256));
    Mac managerMac = manager.getPrimitive(validKey, Mac.class);
    Mac directMac = new PrfMac(new PrfHmacJce("HMACSHA256", new SecretKeySpec(validKey.getKeyValue().toByteArray(), "HMAC")), 29);
    byte[] message = Random.randBytes(50);
    managerMac.verifyMac(directMac.computeMac(message), message);
}

Example 34 with Mac

use of com.google.crypto.tink.Mac in project tink by google.

the class MacFactoryTest method testMultipleKeys.

@Test
public void testMultipleKeys() throws Exception {
    byte[] keyValue = Random.randBytes(HMAC_KEY_SIZE);
    Key tink = TestUtil.createKey(TestUtil.createHmacKeyData(keyValue, 16), 42, KeyStatusType.ENABLED, OutputPrefixType.TINK);
    Key legacy = TestUtil.createKey(TestUtil.createHmacKeyData(keyValue, 16), 43, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
    Key raw = TestUtil.createKey(TestUtil.createHmacKeyData(keyValue, 16), 44, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    Key crunchy = TestUtil.createKey(TestUtil.createHmacKeyData(keyValue, 16), 45, KeyStatusType.ENABLED, OutputPrefixType.CRUNCHY);
    Key[] keys = new Key[] { tink, legacy, raw, crunchy };
    int j = keys.length;
    for (int i = 0; i < j; i++) {
        KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(keys[i], keys[(i + 1) % j], keys[(i + 2) % j], keys[(i + 3) % j]));
        Mac mac = MacFactory.getPrimitive(keysetHandle);
        byte[] plaintext = "plaintext".getBytes("UTF-8");
        byte[] tag = mac.computeMac(plaintext);
        if (!keys[i].getOutputPrefixType().equals(OutputPrefixType.RAW)) {
            byte[] prefix = Arrays.copyOfRange(tag, 0, CryptoFormat.NON_RAW_PREFIX_SIZE);
            assertArrayEquals(prefix, CryptoFormat.getOutputPrefix(keys[i]));
        }
        try {
            mac.verifyMac(tag, plaintext);
        } catch (GeneralSecurityException e) {
            fail("Valid MAC, should not throw exception: " + i);
        }
        // Modify plaintext or tag and make sure the verifyMac failed.
        byte[] plaintextAndTag = Bytes.concat(plaintext, tag);
        for (int b = 0; b < plaintextAndTag.length; b++) {
            for (int bit = 0; bit < 8; bit++) {
                byte[] modified = Arrays.copyOf(plaintextAndTag, plaintextAndTag.length);
                modified[b] ^= (byte) (1 << bit);
                assertThrows(GeneralSecurityException.class, () -> mac.verifyMac(Arrays.copyOfRange(modified, plaintext.length, modified.length), Arrays.copyOfRange(modified, 0, plaintext.length)));
            }
        }
        // mac with a non-primary RAW key, verify with the keyset
        KeysetHandle keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(raw, legacy, tink, crunchy));
        Mac mac2 = MacFactory.getPrimitive(keysetHandle2);
        tag = mac2.computeMac(plaintext);
        try {
            mac.verifyMac(tag, plaintext);
        } catch (GeneralSecurityException e) {
            fail("Valid MAC, should not throw exception");
        }
        // mac with a random key not in the keyset, verify with the keyset should fail
        byte[] keyValue2 = Random.randBytes(HMAC_KEY_SIZE);
        Key random = TestUtil.createKey(TestUtil.createHmacKeyData(keyValue2, 16), 44, KeyStatusType.ENABLED, OutputPrefixType.TINK);
        keysetHandle2 = TestUtil.createKeysetHandle(TestUtil.createKeyset(random));
        mac2 = MacFactory.getPrimitive(keysetHandle2);
        final byte[] tag2 = mac2.computeMac(plaintext);
        assertThrows(GeneralSecurityException.class, () -> mac.verifyMac(tag2, plaintext));
    }
}