Examples with StreamingAead - com.google.crypto.tink.StreamingAead

Example 21 with StreamingAead

use of com.google.crypto.tink.StreamingAead in project tink by google.

the class InputStreamDecrypter method read.

@Override
@GuardedBy("this")
public synchronized int read(byte[] b, int offset, int len) throws IOException {
    if (len == 0) {
        return 0;
    }
    if (matchingStream != null) {
        return matchingStream.read(b, offset, len);
    } else {
        if (attemptedMatching) {
            throw new IOException("No matching key found for the ciphertext in the stream.");
        }
        attemptedMatching = true;
        List<PrimitiveSet.Entry<StreamingAead>> entries = primitives.getRawPrimitives();
        for (PrimitiveSet.Entry<StreamingAead> entry : entries) {
            try {
                InputStream attemptedStream = entry.getPrimitive().newDecryptingStream(ciphertextStream, associatedData);
                int retValue = attemptedStream.read(b, offset, len);
                if (retValue == 0) {
                    // Read should never return 0 when len > 0.
                    throw new IOException("Could not read bytes from the ciphertext stream");
                }
                // Found a matching stream.
                // If retValue > 0 then the first ciphertext segment has been decrypted and
                // authenticated. If retValue == -1 then plaintext is empty and again this has been
                // authenticated.
                matchingStream = attemptedStream;
                disableRewinding();
                return retValue;
            } catch (IOException e) {
                // Try another key.
                // IOException is thrown e.g. when MAC is incorrect, but also in case
                // of I/O failures.
                // TODO(b/66098906): Use a subclass of IOException.
                rewind();
                continue;
            } catch (GeneralSecurityException e) {
                // Try another key.
                rewind();
                continue;
            }
        }
        throw new IOException("No matching key found for the ciphertext in the stream.");
    }
}

Also used : BufferedInputStream(java.io.BufferedInputStream) InputStream(java.io.InputStream) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) PrimitiveSet(com.google.crypto.tink.PrimitiveSet) StreamingAead(com.google.crypto.tink.StreamingAead) GuardedBy(javax.annotation.concurrent.GuardedBy)

Aggregations

StreamingAead (com.google.crypto.tink.StreamingAead)21 Test (org.junit.Test)14 IOException (java.io.IOException)10 KeysetHandle (com.google.crypto.tink.KeysetHandle)9 GeneralSecurityException (java.security.GeneralSecurityException)7 GuardedBy (javax.annotation.concurrent.GuardedBy)4 CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)3 PrimitiveSet (com.google.crypto.tink.PrimitiveSet)3 Key (com.google.crypto.tink.proto.Keyset.Key)3 AesCtrHmacStreamingKey (com.google.crypto.tink.proto.AesCtrHmacStreamingKey)2 AesCtrHmacStreamingKeyFormat (com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat)2 AesGcmHkdfStreamingKey (com.google.crypto.tink.proto.AesGcmHkdfStreamingKey)2 ByteString (com.google.protobuf.ByteString)2 InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 InputStream (java.io.InputStream)2 SeekableByteChannel (java.nio.channels.SeekableByteChannel)2 KeyManager (com.google.crypto.tink.KeyManager)1 AesGcmHkdfStreamingKeyFormat (com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat)1 KeyTypeEntry (com.google.crypto.tink.proto.KeyTypeEntry)1