Examples with AesGcmKeyFormat com.google.crypto.tink.proto.AesGcmKeyFormat used on opensource projects

Example 1 with AesGcmKeyFormat

use of com.google.crypto.tink.proto.AesGcmKeyFormat in project tink by google.

the class AesGcmKeyManager method newKey.

/**
 * @param keyFormat {@code AesGcmKeyFormat} proto
 * @return new {@code AesGcmKey} proto
 */
@Override
public MessageLite newKey(MessageLite keyFormat) throws GeneralSecurityException {
    if (!(keyFormat instanceof AesGcmKeyFormat)) {
        throw new GeneralSecurityException("expected AesGcmKeyFormat proto");
    }
    AesGcmKeyFormat format = (AesGcmKeyFormat) keyFormat;
    validate(format);
    return AesGcmKey.newBuilder().setKeyValue(ByteString.copyFrom(Random.randBytes(format.getKeySize()))).setVersion(VERSION).build();
}

Example 2 with AesGcmKeyFormat

use of com.google.crypto.tink.proto.AesGcmKeyFormat in project tink by google.

the class AesGcmKeyManagerTest method testNewKeyMultipleTimes.

@Test
public void testNewKeyMultipleTimes() throws Exception {
    AesGcmKeyFormat gcmKeyFormat = AesGcmKeyFormat.newBuilder().setKeySize(16).build();
    ByteString serialized = ByteString.copyFrom(gcmKeyFormat.toByteArray());
    KeyTemplate keyTemplate = KeyTemplate.newBuilder().setTypeUrl(AesGcmKeyManager.TYPE_URL).setValue(serialized).build();
    AesGcmKeyManager keyManager = new AesGcmKeyManager();
    Set<String> keys = new TreeSet<String>();
    // Calls newKey multiple times and make sure that they generate different keys.
    int numTests = 27;
    for (int i = 0; i < numTests / 3; i++) {
        AesGcmKey key = (AesGcmKey) keyManager.newKey(gcmKeyFormat);
        keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
        assertEquals(16, key.getKeyValue().toByteArray().length);
        key = (AesGcmKey) keyManager.newKey(serialized);
        keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
        assertEquals(16, key.getKeyValue().toByteArray().length);
        KeyData keyData = keyManager.newKeyData(keyTemplate.getValue());
        key = AesGcmKey.parseFrom(keyData.getValue());
        keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
        assertEquals(16, key.getKeyValue().toByteArray().length);
    }
    assertEquals(numTests, keys.size());
}

Example 3 with AesGcmKeyFormat

use of com.google.crypto.tink.proto.AesGcmKeyFormat in project tink by google.

the class AeadKeyTemplatesTest method testCreateAesGcmKeyTemplate.

@Test
public void testCreateAesGcmKeyTemplate() throws Exception {
    // Intentionally using "weird" or invalid values for parameters,
    // to test that the function correctly puts them in the resulting template.
    int keySize = 42;
    KeyTemplate template = AeadKeyTemplates.createAesGcmKeyTemplate(keySize);
    assertEquals(new AesGcmKeyManager().getKeyType(), template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    AesGcmKeyFormat format = AesGcmKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    assertEquals(keySize, format.getKeySize());
}

Example 4 with AesGcmKeyFormat

use of com.google.crypto.tink.proto.AesGcmKeyFormat in project tink by google.

the class AesGcmKeyManager method keyFactory.

@Override
public KeyFactory<AesGcmKeyFormat, AesGcmKey> keyFactory() {
    return new KeyFactory<AesGcmKeyFormat, AesGcmKey>(AesGcmKeyFormat.class) {

        @Override
        public void validateKeyFormat(AesGcmKeyFormat format) throws GeneralSecurityException {
            Validators.validateAesKeySize(format.getKeySize());
        }

        @Override
        public AesGcmKeyFormat parseKeyFormat(ByteString byteString) throws InvalidProtocolBufferException {
            return AesGcmKeyFormat.parseFrom(byteString, ExtensionRegistryLite.getEmptyRegistry());
        }

        @Override
        public AesGcmKey createKey(AesGcmKeyFormat format) throws GeneralSecurityException {
            return AesGcmKey.newBuilder().setKeyValue(ByteString.copyFrom(Random.randBytes(format.getKeySize()))).setVersion(getVersion()).build();
        }

        @Override
        public AesGcmKey deriveKey(AesGcmKeyFormat format, InputStream inputStream) throws GeneralSecurityException {
            Validators.validateVersion(format.getVersion(), getVersion());
            byte[] pseudorandomness = new byte[format.getKeySize()];
            try {
                int read = inputStream.read(pseudorandomness);
                if (read != format.getKeySize()) {
                    throw new GeneralSecurityException("Not enough pseudorandomness given");
                }
                return AesGcmKey.newBuilder().setKeyValue(ByteString.copyFrom(pseudorandomness)).setVersion(getVersion()).build();
            } catch (IOException e) {
                throw new GeneralSecurityException("Reading pseudorandomness failed", e);
            }
        }

        @Override
        public Map<String, KeyFactory.KeyFormat<AesGcmKeyFormat>> keyFormats() throws GeneralSecurityException {
            Map<String, KeyFactory.KeyFormat<AesGcmKeyFormat>> result = new HashMap<>();
            result.put("AES128_GCM", createKeyFormat(16, KeyTemplate.OutputPrefixType.TINK));
            result.put("AES128_GCM_RAW", createKeyFormat(16, KeyTemplate.OutputPrefixType.RAW));
            result.put("AES256_GCM", createKeyFormat(32, KeyTemplate.OutputPrefixType.TINK));
            result.put("AES256_GCM_RAW", createKeyFormat(32, KeyTemplate.OutputPrefixType.RAW));
            return Collections.unmodifiableMap(result);
        }
    };
}

Example 5 with AesGcmKeyFormat

use of com.google.crypto.tink.proto.AesGcmKeyFormat in project tink by google.

the class KeysetManagerTest method addKeyHandle_newKeyset_shouldAddKey.

@Test
public void addKeyHandle_newKeyset_shouldAddKey() throws Exception {
    KeyTemplate keyTemplate = KeyTemplates.get("AES256_GCM");
    KeyHandle keyHandle = KeyHandle.generateNew(keyTemplate);
    KeysetManager keysetManager = KeysetManager.withEmptyKeyset();
    keysetManager = keysetManager.add(keyHandle);
    KeysetHandle keysetHandle = keysetManager.getKeysetHandle();
    Keyset keyset = keysetHandle.getKeyset();
    expect.that(keyset.getKeyCount()).isEqualTo(1);
    Keyset.Key key = keyset.getKey(0);
    expect.that(key.getKeyId()).isEqualTo(keyHandle.getId());
    expect.that(key.getStatus()).isEqualTo(KeyStatusType.ENABLED);
    expect.that(key.getOutputPrefixType()).isEqualTo(OutputPrefixType.TINK);
    expect.that(key.hasKeyData()).isTrue();
    expect.that(key.getKeyData().getTypeUrl()).isEqualTo(keyTemplate.getTypeUrl());
    AesGcmKeyFormat aesGcmKeyFormat = AesGcmKeyFormat.parseFrom(keyTemplate.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    AesGcmKey aesGcmKey = AesGcmKey.parseFrom(key.getKeyData().getValue(), ExtensionRegistryLite.getEmptyRegistry());
    expect.that(aesGcmKey.getKeyValue().size()).isEqualTo(aesGcmKeyFormat.getKeySize());
    // No primary key because add doesn't automatically promote the new key to primary.
    assertThrows(GeneralSecurityException.class, () -> keysetHandle.getPrimitive(Aead.class));
}