Search in sources :

Example 1 with AesGcmHkdfStreamingKey

use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.

the class AesGcmHkdfStreamingKeyManagerTest method testNewKeyMultipleTimes.

@Test
public void testNewKeyMultipleTimes() throws Exception {
    AesGcmHkdfStreamingKeyFormat keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(16).build();
    ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    Set<String> keys = new TreeSet<String>();
    // Calls newKey multiple times and make sure that they generate different keys.
    int numTests = 27;
    for (int i = 0; i < numTests / 3; i++) {
        AesGcmHkdfStreamingKey key = (AesGcmHkdfStreamingKey) keyManager.newKey(keyFormat);
        keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
        assertEquals(16, key.getKeyValue().toByteArray().length);
        key = (AesGcmHkdfStreamingKey) keyManager.newKey(serializedKeyFormat);
        keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
        assertEquals(16, key.getKeyValue().toByteArray().length);
        KeyData keyData = keyManager.newKeyData(serializedKeyFormat);
        key = AesGcmHkdfStreamingKey.parseFrom(keyData.getValue());
        keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
        assertEquals(16, key.getKeyValue().toByteArray().length);
    }
    assertEquals(numTests, keys.size());
}
Also used : AesGcmHkdfStreamingKey(com.google.crypto.tink.proto.AesGcmHkdfStreamingKey) AesGcmHkdfStreamingKeyFormat(com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat) ByteString(com.google.protobuf.ByteString) TreeSet(java.util.TreeSet) ByteString(com.google.protobuf.ByteString) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Example 2 with AesGcmHkdfStreamingKey

use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.

the class AesGcmHkdfStreamingKeyManagerTest method testNewKeyWithBadFormat.

@Test
public void testNewKeyWithBadFormat() throws Exception {
    // key_size too small.
    AesGcmHkdfStreamingKeyFormat keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(15).build();
    ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    try {
        keyManager.newKey(keyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    try {
        keyManager.newKeyData(serializedKeyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    // Unknown HKDF HashType.
    AesGcmHkdfStreamingParams badKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(AES_KEY_SIZE).build();
    keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
    serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    try {
        keyManager.newKey(keyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    try {
        keyManager.newKeyData(serializedKeyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    // derived_key_size too small.
    badKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(10).setHkdfHashType(HashType.SHA256).build();
    keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
    serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    try {
        keyManager.newKey(keyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    try {
        keyManager.newKeyData(serializedKeyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    // ciphertext_segment_size too small.
    badKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(15).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
    keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
    serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    try {
        keyManager.newKey(keyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    try {
        keyManager.newKeyData(serializedKeyFormat);
        fail("Bad format, should have thrown exception");
    } catch (GeneralSecurityException expected) {
    // Expected
    }
    // All params good.
    AesGcmHkdfStreamingParams goodKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
    keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(goodKeyParams).setKeySize(16).build();
    serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    AesGcmHkdfStreamingKey unusedKey = (AesGcmHkdfStreamingKey) keyManager.newKey(keyFormat);
    unusedKey = (AesGcmHkdfStreamingKey) keyManager.newKey(serializedKeyFormat);
}
Also used : AesGcmHkdfStreamingKey(com.google.crypto.tink.proto.AesGcmHkdfStreamingKey) AesGcmHkdfStreamingParams(com.google.crypto.tink.proto.AesGcmHkdfStreamingParams) AesGcmHkdfStreamingKeyFormat(com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat) ByteString(com.google.protobuf.ByteString) GeneralSecurityException(java.security.GeneralSecurityException) Test(org.junit.Test)

Example 3 with AesGcmHkdfStreamingKey

use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.

the class AesGcmHkdfStreamingKeyManagerTest method testBasic.

@Test
public void testBasic() throws Exception {
    // Create primitive from a given key.
    AesGcmHkdfStreamingKey key = AesGcmHkdfStreamingKey.newBuilder().setVersion(0).setKeyValue(ByteString.copyFrom(Random.randBytes(20))).setParams(keyParams).build();
    StreamingAead streamingAead = keyManager.getPrimitive(key);
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
    // Create a key from KeyFormat, and use the key.
    AesGcmHkdfStreamingKeyFormat keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(16).build();
    ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
    key = (AesGcmHkdfStreamingKey) keyManager.newKey(serializedKeyFormat);
    streamingAead = keyManager.getPrimitive(key);
    StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
}
Also used : AesGcmHkdfStreamingKey(com.google.crypto.tink.proto.AesGcmHkdfStreamingKey) AesGcmHkdfStreamingKeyFormat(com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat) ByteString(com.google.protobuf.ByteString) StreamingAead(com.google.crypto.tink.StreamingAead) Test(org.junit.Test)

Example 4 with AesGcmHkdfStreamingKey

use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.

the class TestUtil method createAesGcmHkdfStreamingKeyData.

/**
 * @return a {@code KeyData} containing a {@code AesGcmHkdfStreamingKey}.
 */
public static KeyData createAesGcmHkdfStreamingKeyData(byte[] keyValue, int derivedKeySize, int ciphertextSegmentSize) throws Exception {
    AesGcmHkdfStreamingParams keyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(ciphertextSegmentSize).setDerivedKeySize(derivedKeySize).setHkdfHashType(HashType.SHA256).build();
    AesGcmHkdfStreamingKey keyProto = AesGcmHkdfStreamingKey.newBuilder().setVersion(0).setKeyValue(ByteString.copyFrom(keyValue)).setParams(keyParams).build();
    return createKeyData(keyProto, StreamingAeadConfig.AES_GCM_HKDF_STREAMINGAEAD_TYPE_URL, KeyData.KeyMaterialType.SYMMETRIC);
}
Also used : AesGcmHkdfStreamingKey(com.google.crypto.tink.proto.AesGcmHkdfStreamingKey) AesGcmHkdfStreamingParams(com.google.crypto.tink.proto.AesGcmHkdfStreamingParams)

Example 5 with AesGcmHkdfStreamingKey

use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.

the class AesGcmHkdfStreamingKeyManager method getPrimitive.

/**
 * @param key {@code AesGcmHkdfStreamingKey} proto
 */
@Override
public StreamingAead getPrimitive(MessageLite key) throws GeneralSecurityException {
    if (!(key instanceof AesGcmHkdfStreamingKey)) {
        throw new GeneralSecurityException("expected AesGcmHkdfStreamingKey proto");
    }
    AesGcmHkdfStreamingKey keyProto = (AesGcmHkdfStreamingKey) key;
    validate(keyProto);
    return new AesGcmHkdfStreaming(keyProto.getKeyValue().toByteArray(), StreamingAeadUtil.toHmacAlgo(keyProto.getParams().getHkdfHashType()), keyProto.getParams().getDerivedKeySize(), keyProto.getParams().getCiphertextSegmentSize(), /* firstSegmentOffset= */
    0);
}
Also used : AesGcmHkdfStreamingKey(com.google.crypto.tink.proto.AesGcmHkdfStreamingKey) GeneralSecurityException(java.security.GeneralSecurityException) AesGcmHkdfStreaming(com.google.crypto.tink.subtle.AesGcmHkdfStreaming)

Aggregations

AesGcmHkdfStreamingKey (com.google.crypto.tink.proto.AesGcmHkdfStreamingKey)5 AesGcmHkdfStreamingKeyFormat (com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat)3 ByteString (com.google.protobuf.ByteString)3 Test (org.junit.Test)3 AesGcmHkdfStreamingParams (com.google.crypto.tink.proto.AesGcmHkdfStreamingParams)2 GeneralSecurityException (java.security.GeneralSecurityException)2 StreamingAead (com.google.crypto.tink.StreamingAead)1 KeyData (com.google.crypto.tink.proto.KeyData)1 AesGcmHkdfStreaming (com.google.crypto.tink.subtle.AesGcmHkdfStreaming)1 TreeSet (java.util.TreeSet)1