Search in sources :

Example 16 with StreamingAead

use of com.google.crypto.tink.StreamingAead in project tink by google.

the class AesGcmHkdfStreamingKeyManagerTest method testSkip.

@Test
public void testSkip() throws Exception {
    AesGcmHkdfStreamingKey key = factory.createKey(createKeyFormat(32, 32, HashType.SHA256, 1024));
    StreamingAead streamingAead = manager.getPrimitive(key, StreamingAead.class);
    int offset = 0;
    int plaintextSize = 1 << 16;
    // Runs the test with different sizes for the chunks to skip.
    StreamingTestUtil.testSkipWithStream(streamingAead, offset, plaintextSize, 1);
    StreamingTestUtil.testSkipWithStream(streamingAead, offset, plaintextSize, 64);
    StreamingTestUtil.testSkipWithStream(streamingAead, offset, plaintextSize, 300);
}
Also used : AesGcmHkdfStreamingKey(com.google.crypto.tink.proto.AesGcmHkdfStreamingKey) StreamingAead(com.google.crypto.tink.StreamingAead) Test(org.junit.Test)

Example 17 with StreamingAead

use of com.google.crypto.tink.StreamingAead in project tink by google.

the class StreamingAeadFactoryTest method testMultipleKeys.

@Test
public void testMultipleKeys() throws Exception {
    byte[] primaryKeyValue = Random.randBytes(KDF_KEY_SIZE);
    byte[] otherKeyValue = Random.randBytes(KDF_KEY_SIZE);
    byte[] anotherKeyValue = Random.randBytes(KDF_KEY_SIZE);
    int derivedKeySize = AES_KEY_SIZE;
    Key primaryKey = TestUtil.createKey(TestUtil.createAesGcmHkdfStreamingKeyData(primaryKeyValue, derivedKeySize, 512), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    // Another key with a smaller segment size than the primary key
    Key otherKey = TestUtil.createKey(TestUtil.createAesCtrHmacStreamingKeyData(otherKeyValue, derivedKeySize, 256), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    // Another key with a larger segment size than the primary key
    Key anotherKey = TestUtil.createKey(TestUtil.createAesGcmHkdfStreamingKeyData(anotherKeyValue, derivedKeySize, 1024), 72, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryKey, otherKey, anotherKey));
    StreamingAead streamingAead = StreamingAeadFactory.getPrimitive(keysetHandle);
    StreamingAead primaryAead = StreamingAeadFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryKey)));
    StreamingAead otherAead = StreamingAeadFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(otherKey)));
    StreamingAead anotherAead = StreamingAeadFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(anotherKey)));
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead, streamingAead);
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead, primaryAead);
    StreamingTestUtil.testEncryptionAndDecryption(primaryAead, streamingAead);
    StreamingTestUtil.testEncryptionAndDecryption(otherAead, streamingAead);
    StreamingTestUtil.testEncryptionAndDecryption(anotherAead, streamingAead);
    StreamingTestUtil.testEncryptionAndDecryption(primaryAead, primaryAead);
    StreamingTestUtil.testEncryptionAndDecryption(otherAead, otherAead);
    StreamingTestUtil.testEncryptionAndDecryption(anotherAead, anotherAead);
    IOException expected = assertThrows(IOException.class, () -> StreamingTestUtil.testEncryptionAndDecryption(otherAead, primaryAead));
    assertExceptionContains(expected, "No matching key");
    IOException expected2 = assertThrows(IOException.class, () -> StreamingTestUtil.testEncryptionAndDecryption(anotherAead, primaryAead));
    assertExceptionContains(expected2, "No matching key");
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) IOException(java.io.IOException) Key(com.google.crypto.tink.proto.Keyset.Key) StreamingAead(com.google.crypto.tink.StreamingAead) Test(org.junit.Test)

Example 18 with StreamingAead

use of com.google.crypto.tink.StreamingAead in project tink by google.

the class StreamingAeadFactoryTest method testBasicAesGcmHkdfStreamingAead.

@Test
public void testBasicAesGcmHkdfStreamingAead() throws Exception {
    byte[] keyValue = Random.randBytes(KDF_KEY_SIZE);
    int derivedKeySize = AES_KEY_SIZE;
    int ciphertextSegmentSize = 128;
    KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createAesGcmHkdfStreamingKeyData(keyValue, derivedKeySize, ciphertextSegmentSize), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW)));
    StreamingAead streamingAead = StreamingAeadFactory.getPrimitive(keysetHandle);
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) StreamingAead(com.google.crypto.tink.StreamingAead) Test(org.junit.Test)

Example 19 with StreamingAead

use of com.google.crypto.tink.StreamingAead in project tink by google.

the class StreamingAeadExample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4 && args.length != 5) {
        System.err.printf("Expected 4 or 5 parameters, got %d\n", args.length);
        System.err.println("Usage: java StreamingAeadExample encrypt/decrypt key-file input-file output-file" + " [associated-data]");
        System.exit(1);
    }
    String mode = args[0];
    File keyFile = new File(args[1]);
    File inputFile = new File(args[2]);
    File outputFile = new File(args[3]);
    byte[] associatedData = new byte[0];
    if (args.length == 5) {
        associatedData = args[4].getBytes(UTF_8);
    }
    // Initalise Tink: register all Streaming AEAD key types with the Tink runtime
    StreamingAeadConfig.register();
    // Read the keyset into a KeysetHandle
    KeysetHandle handle = null;
    try {
        handle = CleartextKeysetHandle.read(JsonKeysetReader.withFile(keyFile));
    } catch (GeneralSecurityException | IOException ex) {
        System.err.println("Cannot read keyset, got error: " + ex);
        System.exit(1);
    }
    // Get the primitive
    StreamingAead streamingAead = null;
    try {
        streamingAead = handle.getPrimitive(StreamingAead.class);
    } catch (GeneralSecurityException ex) {
        System.err.println("Cannot create primitive, got error: " + ex);
        System.exit(1);
    }
    // Use the primitive to encrypt/decrypt files
    if (MODE_ENCRYPT.equals(mode)) {
        encryptFile(streamingAead, inputFile, outputFile, associatedData);
    } else if (MODE_DECRYPT.equals(mode)) {
        decryptFile(streamingAead, inputFile, outputFile, associatedData);
    } else {
        System.err.println("The first argument must be either encrypt or decrypt, got: " + mode);
        System.exit(1);
    }
    System.exit(0);
}
Also used : CleartextKeysetHandle(com.google.crypto.tink.CleartextKeysetHandle) KeysetHandle(com.google.crypto.tink.KeysetHandle) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) File(java.io.File) StreamingAead(com.google.crypto.tink.StreamingAead)

Example 20 with StreamingAead

use of com.google.crypto.tink.StreamingAead in project tink by google.

the class StreamingAeadServiceImpl method decrypt.

/**
 * Decrypts a message.
 */
@Override
public void decrypt(StreamingAeadDecryptRequest request, StreamObserver<StreamingAeadDecryptResponse> responseObserver) {
    StreamingAeadDecryptResponse response;
    try {
        KeysetHandle keysetHandle = CleartextKeysetHandle.read(BinaryKeysetReader.withBytes(request.getKeyset().toByteArray()));
        StreamingAead streamingAead = keysetHandle.getPrimitive(StreamingAead.class);
        InputStream ciphertextStream = request.getCiphertext().newInput();
        InputStream decryptingStream = streamingAead.newDecryptingStream(ciphertextStream, request.getAssociatedData().toByteArray());
        ByteArrayOutputStream plaintextStream = new ByteArrayOutputStream();
        while (true) {
            int bytesRead = decryptingStream.read();
            if (bytesRead == -1) {
                break;
            }
            plaintextStream.write(bytesRead);
        }
        response = StreamingAeadDecryptResponse.newBuilder().setPlaintext(ByteString.copyFrom(plaintextStream.toByteArray())).build();
    } catch (GeneralSecurityException | InvalidProtocolBufferException e) {
        response = StreamingAeadDecryptResponse.newBuilder().setErr(e.toString()).build();
    } catch (IOException e) {
        response = StreamingAeadDecryptResponse.newBuilder().setErr(e.toString()).build();
    }
    responseObserver.onNext(response);
    responseObserver.onCompleted();
}
Also used : CleartextKeysetHandle(com.google.crypto.tink.CleartextKeysetHandle) KeysetHandle(com.google.crypto.tink.KeysetHandle) InputStream(java.io.InputStream) StreamingAeadDecryptResponse(com.google.crypto.tink.proto.testing.StreamingAeadDecryptResponse) GeneralSecurityException(java.security.GeneralSecurityException) InvalidProtocolBufferException(com.google.protobuf.InvalidProtocolBufferException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) StreamingAead(com.google.crypto.tink.StreamingAead)

Aggregations

StreamingAead (com.google.crypto.tink.StreamingAead)21 Test (org.junit.Test)14 IOException (java.io.IOException)10 KeysetHandle (com.google.crypto.tink.KeysetHandle)9 GeneralSecurityException (java.security.GeneralSecurityException)7 GuardedBy (javax.annotation.concurrent.GuardedBy)4 CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)3 PrimitiveSet (com.google.crypto.tink.PrimitiveSet)3 Key (com.google.crypto.tink.proto.Keyset.Key)3 AesCtrHmacStreamingKey (com.google.crypto.tink.proto.AesCtrHmacStreamingKey)2 AesCtrHmacStreamingKeyFormat (com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat)2 AesGcmHkdfStreamingKey (com.google.crypto.tink.proto.AesGcmHkdfStreamingKey)2 ByteString (com.google.protobuf.ByteString)2 InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 InputStream (java.io.InputStream)2 SeekableByteChannel (java.nio.channels.SeekableByteChannel)2 KeyManager (com.google.crypto.tink.KeyManager)1 AesGcmHkdfStreamingKeyFormat (com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat)1 KeyTypeEntry (com.google.crypto.tink.proto.KeyTypeEntry)1