use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.
the class AesCtrHmacStreamingKeyManagerTest method testNewKeyWithBadFormat.
private void testNewKeyWithBadFormat(AesCtrHmacStreamingParams badKeyParams) throws Exception {
AesCtrHmacStreamingKeyFormat keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
testNewKeyWithBadFormat(keyFormat);
}
use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.
the class AesCtrHmacStreamingKeyManagerTest method testNewKeyWithBadFormat.
@Test
public void testNewKeyWithBadFormat() throws Exception {
// key_size too small.
AesCtrHmacStreamingKeyFormat keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(15).build();
testNewKeyWithBadFormat(keyFormat);
// Unknown HKDF HashType.
AesCtrHmacStreamingParams badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(AES_KEY_SIZE).build();
testNewKeyWithBadFormat(badKeyParams);
// derived_key_size too small.
badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(10).setHkdfHashType(HashType.SHA256).build();
testNewKeyWithBadFormat(badKeyParams);
// ciphertext_segment_size too small.
badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(15).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
testNewKeyWithBadFormat(badKeyParams);
// No HmacParams.
badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
testNewKeyWithBadFormat(badKeyParams);
// Unknown HmacParams.hash.
badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(HmacParams.newBuilder().build()).build();
testNewKeyWithBadFormat(badKeyParams);
// tag size too small.
badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(HmacParams.newBuilder().setHash(HashType.SHA256).setTagSize(9).build()).build();
testNewKeyWithBadFormat(badKeyParams);
// tag size too big.
badKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(HmacParams.newBuilder().setHash(HashType.SHA256).setTagSize(33).build()).build();
testNewKeyWithBadFormat(badKeyParams);
// All params good.
AesCtrHmacStreamingParams goodKeyParams = AesCtrHmacStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).setHmacParams(hmacParams).build();
keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(goodKeyParams).setKeySize(16).build();
ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
AesCtrHmacStreamingKey unusedKey = (AesCtrHmacStreamingKey) keyManager.newKey(keyFormat);
unusedKey = (AesCtrHmacStreamingKey) keyManager.newKey(serializedKeyFormat);
}
use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.
the class AesCtrHmacStreamingKeyManagerTest method testBasic.
@Test
public void testBasic() throws Exception {
// Create primitive from a given key.
AesCtrHmacStreamingKey key = AesCtrHmacStreamingKey.newBuilder().setVersion(0).setKeyValue(ByteString.copyFrom(Random.randBytes(20))).setParams(keyParams).build();
StreamingAead streamingAead = keyManager.getPrimitive(key);
StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
// Create a key from KeyFormat, and use the key.
AesCtrHmacStreamingKeyFormat keyFormat = AesCtrHmacStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(16).build();
ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
key = (AesCtrHmacStreamingKey) keyManager.newKey(serializedKeyFormat);
streamingAead = keyManager.getPrimitive(key);
StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
}
use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.
the class StreamingAeadKeyTemplatesTest method testAES128_CTR_HMAC_SHA256_4KB.
@Test
public void testAES128_CTR_HMAC_SHA256_4KB() throws Exception {
KeyTemplate template = StreamingAeadKeyTemplates.AES128_CTR_HMAC_SHA256_4KB;
assertEquals(AesCtrHmacStreamingKeyManager.TYPE_URL, template.getTypeUrl());
assertEquals(OutputPrefixType.RAW, template.getOutputPrefixType());
AesCtrHmacStreamingKeyFormat format = AesCtrHmacStreamingKeyFormat.parseFrom(template.getValue());
assertEquals(16, format.getKeySize());
assertEquals(16, format.getParams().getDerivedKeySize());
assertEquals(HashType.SHA256, format.getParams().getHkdfHashType());
assertEquals(4096, format.getParams().getCiphertextSegmentSize());
assertEquals(HashType.SHA256, format.getParams().getHmacParams().getHash());
assertEquals(32, format.getParams().getHmacParams().getTagSize());
}
use of com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat in project tink by google.
the class AesCtrHmacStreamingKeyManagerTest method validateKeyFormat_smallKey_throws.
@Test
public void validateKeyFormat_smallKey_throws() throws Exception {
// TODO(b/140161847): Also check for key size 16.
AesCtrHmacStreamingKeyFormat format = createKeyFormat().setKeySize(15).build();
assertThrows(GeneralSecurityException.class, () -> factory.validateKeyFormat(format));
}
Aggregations