Search in sources :

Example 1 with AesCtrHmacStreamingKeyFormat

use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.

the class AesCtrHmacStreamingKeyManagerTest method testNewKeyWithBadFormat.

private void testNewKeyWithBadFormat(AesCtrHmacStreamingParams badKeyParams) throws Exception {
    AesCtrHmacStreamingKeyFormat keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
    testNewKeyWithBadFormat(keyFormat);
}
Also used : AesCtrHmacStreamingKeyFormat(com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat)

Example 2 with AesCtrHmacStreamingKeyFormat

use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.

the class AesCtrHmacStreamingKeyManagerTest method testNewKeyWithBadFormat.

@Test
public void testNewKeyWithBadFormat() throws Exception {
    // key_size too small.
    AesCtrHmacStreamingKeyFormat keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(15).build();
    testNewKeyWithBadFormat(keyFormat);
    // Unknown HKDF HashType.
    AesCtrHmacStreamingParams badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(AES_KEY_SIZE).build();
    testNewKeyWithBadFormat(badKeyParams);
    // derived_key_size too small.
    badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(10).setHkdfHashType(HashType.SHA256).build();
    testNewKeyWithBadFormat(badKeyParams);
    // ciphertext_segment_size too small.
    badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(15).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
    testNewKeyWithBadFormat(badKeyParams);
    // No HmacParams.
    badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
    testNewKeyWithBadFormat(badKeyParams);
    // Unknown HmacParams.hash.
    badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(HmacParams.newBuilder().build()).build();
    testNewKeyWithBadFormat(badKeyParams);
    // tag size too small.
    badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(HmacParams.newBuilder().setHash(HashType.SHA256).setTagSize(9).build()).build();
    testNewKeyWithBadFormat(badKeyParams);
    // tag size too big.
    badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(HmacParams.newBuilder().setHash(HashType.SHA256).setTagSize(33).build()).build();
    testNewKeyWithBadFormat(badKeyParams);
    // All params good.
    AesCtrHmacStreamingParams goodKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(hmacParams).build();
    keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(goodKeyParams).setKeySize(16).build();
    ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    AesCtrHmacStreamingKey unusedKey = (AesCtrHmacStreamingKey) keyManager.newKey(keyFormat);
    unusedKey = (AesCtrHmacStreamingKey) keyManager.newKey(serializedKeyFormat);
}
Also used : AesCtrHmacStreamingParams(com.google.crypto.tink.proto.AesCtrHmacStreamingParams) ByteString(com.google.protobuf.ByteString) AesCtrHmacStreamingKey(com.google.crypto.tink.proto.AesCtrHmacStreamingKey) AesCtrHmacStreamingKeyFormat(com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat) Test(org.junit.Test)

Example 3 with AesCtrHmacStreamingKeyFormat

use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.

the class AesCtrHmacStreamingKeyManagerTest method testBasic.

@Test
public void testBasic() throws Exception {
    // Create primitive from a given key.
    AesCtrHmacStreamingKey key = AesCtrHmacStreamingKey.newBuilder().setVersion(0).setKeyValue(ByteString.copyFrom(Random.randBytes(20))).setParams(keyParams).build();
    StreamingAead streamingAead = keyManager.getPrimitive(key);
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
    // Create a key from KeyFormat, and use the key.
    AesCtrHmacStreamingKeyFormat keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(16).build();
    ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    key = (AesCtrHmacStreamingKey) keyManager.newKey(serializedKeyFormat);
    streamingAead = keyManager.getPrimitive(key);
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
}
Also used : AesCtrHmacStreamingKey(com.google.crypto.tink.proto.AesCtrHmacStreamingKey) ByteString(com.google.protobuf.ByteString) AesCtrHmacStreamingKeyFormat(com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat) StreamingAead(com.google.crypto.tink.StreamingAead) Test(org.junit.Test)

Example 4 with AesCtrHmacStreamingKeyFormat

use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.

the class StreamingAeadKeyTemplatesTest method testAES128_CTR_HMAC_SHA256_4KB.

@Test
public void testAES128_CTR_HMAC_SHA256_4KB() throws Exception {
    KeyTemplate template = StreamingAeadKeyTemplates.AES128_CTR_HMAC_SHA256_4KB;
    assertEquals(AesCtrHmacStreamingKeyManager.TYPE_URL, template.getTypeUrl());
    assertEquals(OutputPrefixType.RAW, template.getOutputPrefixType());
    AesCtrHmacStreamingKeyFormat format = AesCtrHmacStreamingKeyFormat.parseFrom(template.getValue());
    assertEquals(16, format.getKeySize());
    assertEquals(16, format.getParams().getDerivedKeySize());
    assertEquals(HashType.SHA256, format.getParams().getHkdfHashType());
    assertEquals(4096, format.getParams().getCiphertextSegmentSize());
    assertEquals(HashType.SHA256, format.getParams().getHmacParams().getHash());
    assertEquals(32, format.getParams().getHmacParams().getTagSize());
}
Also used : AesCtrHmacStreamingKeyFormat(com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) Test(org.junit.Test)

Example 5 with AesCtrHmacStreamingKeyFormat

use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.

the class AesCtrHmacStreamingKeyManagerTest method validateKeyFormat_smallKey_throws.

@Test
public void validateKeyFormat_smallKey_throws() throws Exception {
    // TODO(b/140161847): Also check for key size 16.
    AesCtrHmacStreamingKeyFormat format = createKeyFormat().setKeySize(15).build();
    assertThrows(GeneralSecurityException.class, () -> factory.validateKeyFormat(format));
}
Also used : AesCtrHmacStreamingKeyFormat(com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat) Test(org.junit.Test)

Aggregations

AesCtrHmacStreamingKeyFormat (com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat)28 Test (org.junit.Test)25 KeyTemplate (com.google.crypto.tink.proto.KeyTemplate)7 AesCtrHmacStreamingKey (com.google.crypto.tink.proto.AesCtrHmacStreamingKey)5 KeyTemplate (com.google.crypto.tink.KeyTemplate)4 ByteString (com.google.protobuf.ByteString)3 StreamingAead (com.google.crypto.tink.StreamingAead)2 AesCtrHmacStreamingParams (com.google.crypto.tink.proto.AesCtrHmacStreamingParams)2 TreeSet (java.util.TreeSet)2 HashType (com.google.crypto.tink.proto.HashType)1 HmacParams (com.google.crypto.tink.proto.HmacParams)1 KeyData (com.google.crypto.tink.proto.KeyData)1 GeneralSecurityException (java.security.GeneralSecurityException)1