Search in sources :

Example 1 with EciesAeadHkdfPublicKey

use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.

the class EciesAeadHkdfPrivateKeyManager method newKey.

/**
 * @param keyFormat {@code EciesAeadHkdfKeyFormat} proto
 * @return new {@code EciesAeadHkdfPrivateKey} proto
 */
@Override
public MessageLite newKey(MessageLite keyFormat) throws GeneralSecurityException {
    if (!(keyFormat instanceof EciesAeadHkdfKeyFormat)) {
        throw new GeneralSecurityException("expected EciesAeadHkdfKeyFormat proto");
    }
    EciesAeadHkdfKeyFormat eciesKeyFormat = (EciesAeadHkdfKeyFormat) keyFormat;
    HybridUtil.validate(eciesKeyFormat.getParams());
    EciesHkdfKemParams kemParams = eciesKeyFormat.getParams().getKemParams();
    KeyPair keyPair = EllipticCurves.generateKeyPair(HybridUtil.toCurveType(kemParams.getCurveType()));
    ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
    ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
    ECPoint w = pubKey.getW();
    // Creates EciesAeadHkdfPublicKey.
    EciesAeadHkdfPublicKey eciesPublicKey = EciesAeadHkdfPublicKey.newBuilder().setVersion(VERSION).setParams(eciesKeyFormat.getParams()).setX(ByteString.copyFrom(w.getAffineX().toByteArray())).setY(ByteString.copyFrom(w.getAffineY().toByteArray())).build();
    // Creates EciesAeadHkdfPrivateKey.
    return EciesAeadHkdfPrivateKey.newBuilder().setVersion(VERSION).setPublicKey(eciesPublicKey).setKeyValue(ByteString.copyFrom(privKey.getS().toByteArray())).build();
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) EciesAeadHkdfKeyFormat(com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey) ECPoint(java.security.spec.ECPoint) EciesHkdfKemParams(com.google.crypto.tink.proto.EciesHkdfKemParams)

Example 2 with EciesAeadHkdfPublicKey

use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.

the class EciesAeadHkdfPublicKeyManagerTest method createPrimitive.

@Test
public void createPrimitive() throws Exception {
    EciesAeadHkdfPrivateKey privateKey = createValidPrivateKey();
    HybridDecrypt hybridDecrypt = privateManager.getPrimitive(privateKey, HybridDecrypt.class);
    EciesAeadHkdfPublicKey publicKey = privateManager.getPublicKey(privateKey);
    HybridEncrypt hybridEncrypt = publicManager.getPrimitive(publicKey, HybridEncrypt.class);
    byte[] message = Random.randBytes(20);
    byte[] contextInfo = Random.randBytes(20);
    assertThat(hybridDecrypt.decrypt(hybridEncrypt.encrypt(message, contextInfo), contextInfo)).isEqualTo(message);
}
Also used : HybridDecrypt(com.google.crypto.tink.HybridDecrypt) EciesAeadHkdfPrivateKey(com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey) EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) Test(org.junit.Test)

Example 3 with EciesAeadHkdfPublicKey

use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.

the class EciesAeadHkdfPublicKeyManagerTest method validateKey_invalidWrongVersion_throws.

@Test
public void validateKey_invalidWrongVersion_throws() throws Exception {
    EciesAeadHkdfPrivateKey privateKey = createValidPrivateKey();
    EciesAeadHkdfPublicKey publicKey = privateManager.getPublicKey(privateKey);
    EciesAeadHkdfPublicKey invalidKey = EciesAeadHkdfPublicKey.newBuilder().setVersion(1).build();
    assertThrows(GeneralSecurityException.class, () -> publicManager.validateKey(invalidKey));
}
Also used : EciesAeadHkdfPrivateKey(com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey) EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey) Test(org.junit.Test)

Example 4 with EciesAeadHkdfPublicKey

use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.

the class TestUtil method generateEciesAeadHkdfPrivKey.

/**
 * @return a freshly generated {@code EciesAeadHkdfPrivateKey} constructed with specified
 *     parameters.
 */
public static EciesAeadHkdfPrivateKey generateEciesAeadHkdfPrivKey(EllipticCurveType curve, HashType hashType, EcPointFormat pointFormat, KeyTemplate demKeyTemplate, byte[] salt) throws Exception {
    ECParameterSpec ecParams;
    switch(curve) {
        case NIST_P256:
            ecParams = EllipticCurves.getNistP256Params();
            break;
        case NIST_P384:
            ecParams = EllipticCurves.getNistP384Params();
            break;
        case NIST_P521:
            ecParams = EllipticCurves.getNistP521Params();
            break;
        default:
            throw new NoSuchAlgorithmException("Curve not implemented:" + curve);
    }
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
    keyGen.initialize(ecParams);
    KeyPair keyPair = keyGen.generateKeyPair();
    ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
    ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
    ECPoint w = pubKey.getW();
    EciesAeadHkdfPublicKey eciesPubKey = createEciesAeadHkdfPubKey(curve, hashType, pointFormat, demKeyTemplate, w.getAffineX().toByteArray(), w.getAffineY().toByteArray(), salt);
    return createEciesAeadHkdfPrivKey(eciesPubKey, privKey.getS().toByteArray());
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) ECPublicKey(java.security.interfaces.ECPublicKey) ECParameterSpec(java.security.spec.ECParameterSpec) EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyPairGenerator(java.security.KeyPairGenerator) ECPoint(java.security.spec.ECPoint)

Example 5 with EciesAeadHkdfPublicKey

use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.

the class EciesAeadHkdfPublicKeyManager method getPrimitive.

/**
 * @param recipientKey {@code EciesAeadHkdfPublicKey} proto
 */
@Override
public HybridEncrypt getPrimitive(MessageLite recipientKey) throws GeneralSecurityException {
    if (!(recipientKey instanceof EciesAeadHkdfPublicKey)) {
        throw new GeneralSecurityException("expected EciesAeadHkdfPublicKey proto");
    }
    EciesAeadHkdfPublicKey recipientKeyProto = (EciesAeadHkdfPublicKey) recipientKey;
    validate(recipientKeyProto);
    EciesAeadHkdfParams eciesParams = recipientKeyProto.getParams();
    EciesHkdfKemParams kemParams = eciesParams.getKemParams();
    ECPublicKey recipientPublicKey = EllipticCurves.getEcPublicKey(HybridUtil.toCurveType(kemParams.getCurveType()), recipientKeyProto.getX().toByteArray(), recipientKeyProto.getY().toByteArray());
    EciesAeadHkdfDemHelper demHelper = new RegistryEciesAeadHkdfDemHelper(eciesParams.getDemParams().getAeadDem());
    return new EciesAeadHkdfHybridEncrypt(recipientPublicKey, kemParams.getHkdfSalt().toByteArray(), HybridUtil.toHmacAlgo(kemParams.getHkdfHashType()), HybridUtil.toPointFormatType(eciesParams.getEcPointFormat()), demHelper);
}
Also used : EciesAeadHkdfDemHelper(com.google.crypto.tink.subtle.EciesAeadHkdfDemHelper) EciesAeadHkdfParams(com.google.crypto.tink.proto.EciesAeadHkdfParams) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey) EciesHkdfKemParams(com.google.crypto.tink.proto.EciesHkdfKemParams) EciesAeadHkdfHybridEncrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt)

Aggregations

EciesAeadHkdfPublicKey (com.google.crypto.tink.proto.EciesAeadHkdfPublicKey)9 ECPublicKey (java.security.interfaces.ECPublicKey)5 EciesAeadHkdfPrivateKey (com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)4 KeyPair (java.security.KeyPair)4 ECPrivateKey (java.security.interfaces.ECPrivateKey)4 ECPoint (java.security.spec.ECPoint)4 Test (org.junit.Test)4 EciesHkdfKemParams (com.google.crypto.tink.proto.EciesHkdfKemParams)3 EciesAeadHkdfKeyFormat (com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat)2 GeneralSecurityException (java.security.GeneralSecurityException)2 KeyPairGenerator (java.security.KeyPairGenerator)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 ECParameterSpec (java.security.spec.ECParameterSpec)2 HybridDecrypt (com.google.crypto.tink.HybridDecrypt)1 HybridEncrypt (com.google.crypto.tink.HybridEncrypt)1 EciesAeadHkdfParams (com.google.crypto.tink.proto.EciesAeadHkdfParams)1 EciesAeadHkdfDemHelper (com.google.crypto.tink.subtle.EciesAeadHkdfDemHelper)1 EciesAeadHkdfHybridEncrypt (com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt)1 ByteString (com.google.protobuf.ByteString)1 HashMap (java.util.HashMap)1