use of com.google.crypto.tink.StreamingAead in project tink by google.
the class AesGcmHkdfStreamingKeyManagerTest method testSkip.
@Test
public void testSkip() throws Exception {
AesGcmHkdfStreamingKey key = factory.createKey(createKeyFormat(32, 32, HashType.SHA256, 1024));
StreamingAead streamingAead = manager.getPrimitive(key, StreamingAead.class);
int offset = 0;
int plaintextSize = 1 << 16;
// Runs the test with different sizes for the chunks to skip.
StreamingTestUtil.testSkipWithStream(streamingAead, offset, plaintextSize, 1);
StreamingTestUtil.testSkipWithStream(streamingAead, offset, plaintextSize, 64);
StreamingTestUtil.testSkipWithStream(streamingAead, offset, plaintextSize, 300);
}
use of com.google.crypto.tink.StreamingAead in project tink by google.
the class StreamingAeadFactoryTest method testMultipleKeys.
@Test
public void testMultipleKeys() throws Exception {
byte[] primaryKeyValue = Random.randBytes(KDF_KEY_SIZE);
byte[] otherKeyValue = Random.randBytes(KDF_KEY_SIZE);
byte[] anotherKeyValue = Random.randBytes(KDF_KEY_SIZE);
int derivedKeySize = AES_KEY_SIZE;
Key primaryKey = TestUtil.createKey(TestUtil.createAesGcmHkdfStreamingKeyData(primaryKeyValue, derivedKeySize, 512), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
// Another key with a smaller segment size than the primary key
Key otherKey = TestUtil.createKey(TestUtil.createAesCtrHmacStreamingKeyData(otherKeyValue, derivedKeySize, 256), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
// Another key with a larger segment size than the primary key
Key anotherKey = TestUtil.createKey(TestUtil.createAesGcmHkdfStreamingKeyData(anotherKeyValue, derivedKeySize, 1024), 72, KeyStatusType.ENABLED, OutputPrefixType.RAW);
KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryKey, otherKey, anotherKey));
StreamingAead streamingAead = StreamingAeadFactory.getPrimitive(keysetHandle);
StreamingAead primaryAead = StreamingAeadFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryKey)));
StreamingAead otherAead = StreamingAeadFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(otherKey)));
StreamingAead anotherAead = StreamingAeadFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(anotherKey)));
StreamingTestUtil.testEncryptionAndDecryption(streamingAead, streamingAead);
StreamingTestUtil.testEncryptionAndDecryption(streamingAead, primaryAead);
StreamingTestUtil.testEncryptionAndDecryption(primaryAead, streamingAead);
StreamingTestUtil.testEncryptionAndDecryption(otherAead, streamingAead);
StreamingTestUtil.testEncryptionAndDecryption(anotherAead, streamingAead);
StreamingTestUtil.testEncryptionAndDecryption(primaryAead, primaryAead);
StreamingTestUtil.testEncryptionAndDecryption(otherAead, otherAead);
StreamingTestUtil.testEncryptionAndDecryption(anotherAead, anotherAead);
IOException expected = assertThrows(IOException.class, () -> StreamingTestUtil.testEncryptionAndDecryption(otherAead, primaryAead));
assertExceptionContains(expected, "No matching key");
IOException expected2 = assertThrows(IOException.class, () -> StreamingTestUtil.testEncryptionAndDecryption(anotherAead, primaryAead));
assertExceptionContains(expected2, "No matching key");
}
use of com.google.crypto.tink.StreamingAead in project tink by google.
the class StreamingAeadFactoryTest method testBasicAesGcmHkdfStreamingAead.
@Test
public void testBasicAesGcmHkdfStreamingAead() throws Exception {
byte[] keyValue = Random.randBytes(KDF_KEY_SIZE);
int derivedKeySize = AES_KEY_SIZE;
int ciphertextSegmentSize = 128;
KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createAesGcmHkdfStreamingKeyData(keyValue, derivedKeySize, ciphertextSegmentSize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW)));
StreamingAead streamingAead = StreamingAeadFactory.getPrimitive(keysetHandle);
StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
}
use of com.google.crypto.tink.StreamingAead in project tink by google.
the class StreamingAeadExample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4 && args.length != 5) {
System.err.printf("Expected 4 or 5 parameters, got %d\n", args.length);
System.err.println("Usage: java StreamingAeadExample encrypt/decrypt key-file input-file output-file" + " [associated-data]");
System.exit(1);
}
String mode = args[0];
File keyFile = new File(args[1]);
File inputFile = new File(args[2]);
File outputFile = new File(args[3]);
byte[] associatedData = new byte[0];
if (args.length == 5) {
associatedData = args[4].getBytes(UTF_8);
}
// Initalise Tink: register all Streaming AEAD key types with the Tink runtime
StreamingAeadConfig.register();
// Read the keyset into a KeysetHandle
KeysetHandle handle = null;
try {
handle = CleartextKeysetHandle.read(JsonKeysetReader.withFile(keyFile));
} catch (GeneralSecurityException | IOException ex) {
System.err.println("Cannot read keyset, got error: " + ex);
System.exit(1);
}
// Get the primitive
StreamingAead streamingAead = null;
try {
streamingAead = handle.getPrimitive(StreamingAead.class);
} catch (GeneralSecurityException ex) {
System.err.println("Cannot create primitive, got error: " + ex);
System.exit(1);
}
// Use the primitive to encrypt/decrypt files
if (MODE_ENCRYPT.equals(mode)) {
encryptFile(streamingAead, inputFile, outputFile, associatedData);
} else if (MODE_DECRYPT.equals(mode)) {
decryptFile(streamingAead, inputFile, outputFile, associatedData);
} else {
System.err.println("The first argument must be either encrypt or decrypt, got: " + mode);
System.exit(1);
}
System.exit(0);
}
use of com.google.crypto.tink.StreamingAead in project tink by google.
the class StreamingAeadServiceImpl method decrypt.
/**
* Decrypts a message.
*/
@Override
public void decrypt(StreamingAeadDecryptRequest request, StreamObserver<StreamingAeadDecryptResponse> responseObserver) {
StreamingAeadDecryptResponse response;
try {
KeysetHandle keysetHandle = CleartextKeysetHandle.read(BinaryKeysetReader.withBytes(request.getKeyset().toByteArray()));
StreamingAead streamingAead = keysetHandle.getPrimitive(StreamingAead.class);
InputStream ciphertextStream = request.getCiphertext().newInput();
InputStream decryptingStream = streamingAead.newDecryptingStream(ciphertextStream, request.getAssociatedData().toByteArray());
ByteArrayOutputStream plaintextStream = new ByteArrayOutputStream();
while (true) {
int bytesRead = decryptingStream.read();
if (bytesRead == -1) {
break;
}
plaintextStream.write(bytesRead);
}
response = StreamingAeadDecryptResponse.newBuilder().setPlaintext(ByteString.copyFrom(plaintextStream.toByteArray())).build();
} catch (GeneralSecurityException | InvalidProtocolBufferException e) {
response = StreamingAeadDecryptResponse.newBuilder().setErr(e.toString()).build();
} catch (IOException e) {
response = StreamingAeadDecryptResponse.newBuilder().setErr(e.toString()).build();
}
responseObserver.onNext(response);
responseObserver.onCompleted();
}
Aggregations