Example 6 with EciesAeadHkdfPublicKey
use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.
the class EciesAeadHkdfPrivateKeyManager method keyFactory.
@Override
public KeyFactory<EciesAeadHkdfKeyFormat, EciesAeadHkdfPrivateKey> keyFactory() {
return new KeyFactory<EciesAeadHkdfKeyFormat, EciesAeadHkdfPrivateKey>(EciesAeadHkdfKeyFormat.class) {
@Override
public void validateKeyFormat(EciesAeadHkdfKeyFormat eciesKeyFormat) throws GeneralSecurityException {
HybridUtil.validate(eciesKeyFormat.getParams());
}
@Override
public EciesAeadHkdfKeyFormat parseKeyFormat(ByteString byteString) throws InvalidProtocolBufferException {
return EciesAeadHkdfKeyFormat.parseFrom(byteString, ExtensionRegistryLite.getEmptyRegistry());
}
@Override
public EciesAeadHkdfPrivateKey createKey(EciesAeadHkdfKeyFormat eciesKeyFormat) throws GeneralSecurityException {
EciesHkdfKemParams kemParams = eciesKeyFormat.getParams().getKemParams();
KeyPair keyPair = EllipticCurves.generateKeyPair(HybridUtil.toCurveType(kemParams.getCurveType()));
ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
ECPoint w = pubKey.getW();
// Creates EciesAeadHkdfPublicKey.
EciesAeadHkdfPublicKey eciesPublicKey = EciesAeadHkdfPublicKey.newBuilder().setVersion(getVersion()).setParams(eciesKeyFormat.getParams()).setX(ByteString.copyFrom(w.getAffineX().toByteArray())).setY(ByteString.copyFrom(w.getAffineY().toByteArray())).build();
// Creates EciesAeadHkdfPrivateKey.
return EciesAeadHkdfPrivateKey.newBuilder().setVersion(getVersion()).setPublicKey(eciesPublicKey).setKeyValue(ByteString.copyFrom(privKey.getS().toByteArray())).build();
}
@Override
public Map<String, KeyFactory.KeyFormat<EciesAeadHkdfKeyFormat>> keyFormats() throws GeneralSecurityException {
Map<String, KeyFactory.KeyFormat<EciesAeadHkdfKeyFormat>> result = new HashMap<>();
result.put("ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.UNCOMPRESSED, KeyTemplates.get("AES128_GCM"), EMPTY_SALT, KeyTemplate.OutputPrefixType.TINK));
result.put("ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM_RAW", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.UNCOMPRESSED, KeyTemplates.get("AES128_GCM"), EMPTY_SALT, KeyTemplate.OutputPrefixType.RAW));
result.put("ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_GCM", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.COMPRESSED, KeyTemplates.get("AES128_GCM"), EMPTY_SALT, KeyTemplate.OutputPrefixType.TINK));
result.put("ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_GCM_RAW", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.COMPRESSED, KeyTemplates.get("AES128_GCM"), EMPTY_SALT, KeyTemplate.OutputPrefixType.RAW));
// backward compatibility with HybridKeyTemplates
result.put("ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM_COMPRESSED_WITHOUT_PREFIX", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.COMPRESSED, KeyTemplates.get("AES128_GCM"), EMPTY_SALT, KeyTemplate.OutputPrefixType.RAW));
result.put("ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.UNCOMPRESSED, KeyTemplates.get("AES128_CTR_HMAC_SHA256"), EMPTY_SALT, KeyTemplate.OutputPrefixType.TINK));
result.put("ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256_RAW", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.UNCOMPRESSED, KeyTemplates.get("AES128_CTR_HMAC_SHA256"), EMPTY_SALT, KeyTemplate.OutputPrefixType.RAW));
result.put("ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.COMPRESSED, KeyTemplates.get("AES128_CTR_HMAC_SHA256"), EMPTY_SALT, KeyTemplate.OutputPrefixType.TINK));
result.put("ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256_RAW", createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.COMPRESSED, KeyTemplates.get("AES128_CTR_HMAC_SHA256"), EMPTY_SALT, KeyTemplate.OutputPrefixType.RAW));
return Collections.unmodifiableMap(result);
}
};
}
Also used :
ECPrivateKey(java.security.interfaces.ECPrivateKey)
KeyPair(java.security.KeyPair)
EciesAeadHkdfKeyFormat(com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat)
HashMap(java.util.HashMap)
ByteString(com.google.protobuf.ByteString)
ByteString(com.google.protobuf.ByteString)
ECPoint(java.security.spec.ECPoint)
EciesAeadHkdfKeyFormat(com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat)
EciesHkdfKemParams(com.google.crypto.tink.proto.EciesHkdfKemParams)
ECPublicKey(java.security.interfaces.ECPublicKey)
EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey)
Example 7 with EciesAeadHkdfPublicKey
use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.
the class EciesAeadHkdfPublicKeyManagerTest method validateKey_invalidPointFormat_throws.
@Test
public void validateKey_invalidPointFormat_throws() throws Exception {
EciesAeadHkdfPrivateKey privateKey = createValidPrivateKey();
EciesAeadHkdfPublicKey publicKey = privateManager.getPublicKey(privateKey);
EciesAeadHkdfPublicKey invalidKey = EciesAeadHkdfPublicKey.newBuilder().setParams(createKeyFormat(EllipticCurveType.NIST_P256, HashType.SHA256, EcPointFormat.UNKNOWN_FORMAT, AeadKeyTemplates.AES128_CTR_HMAC_SHA256, "some salt".getBytes("UTF-8")).getParams()).build();
assertThrows(GeneralSecurityException.class, () -> publicManager.validateKey(invalidKey));
}
Also used :
EciesAeadHkdfPrivateKey(com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)
EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey)
Test(org.junit.Test)
Example 8 with EciesAeadHkdfPublicKey
use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.
the class EciesAeadHkdfPrivateKeyManagerTest method getPublicKey_values.
@Test
public void getPublicKey_values() throws Exception {
EciesAeadHkdfPrivateKey key = createValidKey();
EciesAeadHkdfPublicKey publicKey = manager.getPublicKey(key);
assertThat(publicKey).isEqualTo(key.getPublicKey());
}
Also used :
EciesAeadHkdfPrivateKey(com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)
EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey)
Test(org.junit.Test)
Example 9 with EciesAeadHkdfPublicKey
use of com.google.crypto.tink.proto.EciesAeadHkdfPublicKey in project tink by google.
the class TestUtil method generateEciesAeadHkdfPrivKey.
/**
* @return a freshly generated {@code EciesAeadHkdfPrivateKey} constructed with specified
* parameters.
*/
public static EciesAeadHkdfPrivateKey generateEciesAeadHkdfPrivKey(EllipticCurveType curve, HashType hashType, EcPointFormat pointFormat, KeyTemplate demKeyTemplate, byte[] salt) throws Exception {
ECParameterSpec ecParams;
switch(curve) {
case NIST_P256:
ecParams = EllipticCurves.getNistP256Params();
break;
case NIST_P384:
ecParams = EllipticCurves.getNistP384Params();
break;
case NIST_P521:
ecParams = EllipticCurves.getNistP521Params();
break;
default:
throw new NoSuchAlgorithmException("Curve not implemented:" + curve);
}
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
keyGen.initialize(ecParams);
KeyPair keyPair = keyGen.generateKeyPair();
ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
ECPoint w = pubKey.getW();
EciesAeadHkdfPublicKey eciesPubKey = createEciesAeadHkdfPubKey(curve, hashType, pointFormat, demKeyTemplate, w.getAffineX().toByteArray(), w.getAffineY().toByteArray(), salt);
return createEciesAeadHkdfPrivKey(eciesPubKey, privKey.getS().toByteArray());
}
Also used :
ECPrivateKey(java.security.interfaces.ECPrivateKey)
KeyPair(java.security.KeyPair)
ECPublicKey(java.security.interfaces.ECPublicKey)
ECParameterSpec(java.security.spec.ECParameterSpec)
EciesAeadHkdfPublicKey(com.google.crypto.tink.proto.EciesAeadHkdfPublicKey)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyPairGenerator(java.security.KeyPairGenerator)
ECPoint(java.security.spec.ECPoint)
Aggregations
EciesAeadHkdfPublicKey (com.google.crypto.tink.proto.EciesAeadHkdfPublicKey)9
ECPublicKey (java.security.interfaces.ECPublicKey)5
EciesAeadHkdfPrivateKey (com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)4
KeyPair (java.security.KeyPair)4
ECPrivateKey (java.security.interfaces.ECPrivateKey)4
ECPoint (java.security.spec.ECPoint)4
Test (org.junit.Test)4
EciesHkdfKemParams (com.google.crypto.tink.proto.EciesHkdfKemParams)3
EciesAeadHkdfKeyFormat (com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat)2
GeneralSecurityException (java.security.GeneralSecurityException)2
KeyPairGenerator (java.security.KeyPairGenerator)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
ECParameterSpec (java.security.spec.ECParameterSpec)2
HybridDecrypt (com.google.crypto.tink.HybridDecrypt)1
HybridEncrypt (com.google.crypto.tink.HybridEncrypt)1
EciesAeadHkdfParams (com.google.crypto.tink.proto.EciesAeadHkdfParams)1
EciesAeadHkdfDemHelper (com.google.crypto.tink.subtle.EciesAeadHkdfDemHelper)1
EciesAeadHkdfHybridEncrypt (com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt)1
ByteString (com.google.protobuf.ByteString)1
HashMap (java.util.HashMap)1
