use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.
the class AesGcmHkdfStreamingKeyManagerTest method testNewKeyMultipleTimes.
@Test
public void testNewKeyMultipleTimes() throws Exception {
AesGcmHkdfStreamingKeyFormat keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(16).build();
ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
Set<String> keys = new TreeSet<String>();
// Calls newKey multiple times and make sure that they generate different keys.
int numTests = 27;
for (int i = 0; i < numTests / 3; i++) {
AesGcmHkdfStreamingKey key = (AesGcmHkdfStreamingKey) keyManager.newKey(keyFormat);
keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
assertEquals(16, key.getKeyValue().toByteArray().length);
key = (AesGcmHkdfStreamingKey) keyManager.newKey(serializedKeyFormat);
keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
assertEquals(16, key.getKeyValue().toByteArray().length);
KeyData keyData = keyManager.newKeyData(serializedKeyFormat);
key = AesGcmHkdfStreamingKey.parseFrom(keyData.getValue());
keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
assertEquals(16, key.getKeyValue().toByteArray().length);
}
assertEquals(numTests, keys.size());
}
use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.
the class AesGcmHkdfStreamingKeyManagerTest method testNewKeyWithBadFormat.
@Test
public void testNewKeyWithBadFormat() throws Exception {
// key_size too small.
AesGcmHkdfStreamingKeyFormat keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(15).build();
ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
try {
keyManager.newKey(keyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
try {
keyManager.newKeyData(serializedKeyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
// Unknown HKDF HashType.
AesGcmHkdfStreamingParams badKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(AES_KEY_SIZE).build();
keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
try {
keyManager.newKey(keyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
try {
keyManager.newKeyData(serializedKeyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
// derived_key_size too small.
badKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(128).setDerivedKeySize(10).setHkdfHashType(HashType.SHA256).build();
keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
try {
keyManager.newKey(keyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
try {
keyManager.newKeyData(serializedKeyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
// ciphertext_segment_size too small.
badKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(15).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(badKeyParams).setKeySize(16).build();
serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
try {
keyManager.newKey(keyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
try {
keyManager.newKeyData(serializedKeyFormat);
fail("Bad format, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
// All params good.
AesGcmHkdfStreamingParams goodKeyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(130).setDerivedKeySize(AES_KEY_SIZE).setHkdfHashType(HashType.SHA256).build();
keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(goodKeyParams).setKeySize(16).build();
serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
AesGcmHkdfStreamingKey unusedKey = (AesGcmHkdfStreamingKey) keyManager.newKey(keyFormat);
unusedKey = (AesGcmHkdfStreamingKey) keyManager.newKey(serializedKeyFormat);
}
use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.
the class AesGcmHkdfStreamingKeyManagerTest method testBasic.
@Test
public void testBasic() throws Exception {
// Create primitive from a given key.
AesGcmHkdfStreamingKey key = AesGcmHkdfStreamingKey.newBuilder().setVersion(0).setKeyValue(ByteString.copyFrom(Random.randBytes(20))).setParams(keyParams).build();
StreamingAead streamingAead = keyManager.getPrimitive(key);
StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
// Create a key from KeyFormat, and use the key.
AesGcmHkdfStreamingKeyFormat keyFormat = AesGcmHkdfStreamingKeyFormat.newBuilder().setParams(keyParams).setKeySize(16).build();
ByteString serializedKeyFormat = ByteString.copyFrom(keyFormat.toByteArray());
key = (AesGcmHkdfStreamingKey) keyManager.newKey(serializedKeyFormat);
streamingAead = keyManager.getPrimitive(key);
StreamingTestUtil.testEncryptionAndDecryption(streamingAead);
}
use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.
the class TestUtil method createAesGcmHkdfStreamingKeyData.
/**
* @return a {@code KeyData} containing a {@code AesGcmHkdfStreamingKey}.
*/
public static KeyData createAesGcmHkdfStreamingKeyData(byte[] keyValue, int derivedKeySize, int ciphertextSegmentSize) throws Exception {
AesGcmHkdfStreamingParams keyParams = AesGcmHkdfStreamingParams.newBuilder().setCiphertextSegmentSize(ciphertextSegmentSize).setDerivedKeySize(derivedKeySize).setHkdfHashType(HashType.SHA256).build();
AesGcmHkdfStreamingKey keyProto = AesGcmHkdfStreamingKey.newBuilder().setVersion(0).setKeyValue(ByteString.copyFrom(keyValue)).setParams(keyParams).build();
return createKeyData(keyProto, StreamingAeadConfig.AES_GCM_HKDF_STREAMINGAEAD_TYPE_URL, KeyData.KeyMaterialType.SYMMETRIC);
}
use of com.google.crypto.tink.proto.AesGcmHkdfStreamingKey in project tink by google.
the class AesGcmHkdfStreamingKeyManager method getPrimitive.
/**
* @param key {@code AesGcmHkdfStreamingKey} proto
*/
@Override
public StreamingAead getPrimitive(MessageLite key) throws GeneralSecurityException {
if (!(key instanceof AesGcmHkdfStreamingKey)) {
throw new GeneralSecurityException("expected AesGcmHkdfStreamingKey proto");
}
AesGcmHkdfStreamingKey keyProto = (AesGcmHkdfStreamingKey) key;
validate(keyProto);
return new AesGcmHkdfStreaming(keyProto.getKeyValue().toByteArray(), StreamingAeadUtil.toHmacAlgo(keyProto.getParams().getHkdfHashType()), keyProto.getParams().getDerivedKeySize(), keyProto.getParams().getCiphertextSegmentSize(), /* firstSegmentOffset= */
0);
}
Aggregations