Search in sources :

Example 1 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class NoSecretKeysetHandleTest method testBasic.

@Test
public void testBasic() throws Exception {
    // Create a keyset that contains a single HmacKey.
    KeyTemplate template = MacKeyTemplates.HMAC_SHA256_128BITTAG;
    KeysetManager manager = KeysetManager.withEmptyKeyset().rotate(template);
    Keyset keyset = manager.getKeysetHandle().getKeyset();
    try {
        KeysetHandle unused = NoSecretKeysetHandle.parseFrom(keyset.toByteArray());
        fail("Expected GeneralSecurityException");
    } catch (GeneralSecurityException e) {
        assertExceptionContains(e, "keyset contains secret key material");
    }
}
Also used : Keyset(com.google.crypto.tink.proto.Keyset) GeneralSecurityException(java.security.GeneralSecurityException) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) Test(org.junit.Test)

Example 2 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class RegistryTest method testGetPrimitives_WithSomeNonEnabledKeys_shouldWork.

@Test
public void testGetPrimitives_WithSomeNonEnabledKeys_shouldWork() throws Exception {
    // Try a keyset with some keys non-ENABLED.
    KeyTemplate template1 = AeadKeyTemplates.AES128_EAX;
    KeyTemplate template2 = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
    KeyData key1 = Registry.newKeyData(template1);
    KeyData key2 = Registry.newKeyData(template1);
    KeyData key3 = Registry.newKeyData(template2);
    KeysetHandle keysetHandle = KeysetHandle.fromKeyset(Keyset.newBuilder().addKey(Keyset.Key.newBuilder().setKeyData(key1).setKeyId(1).setStatus(KeyStatusType.DESTROYED).setOutputPrefixType(OutputPrefixType.TINK).build()).addKey(Keyset.Key.newBuilder().setKeyData(key2).setKeyId(2).setStatus(KeyStatusType.DISABLED).setOutputPrefixType(OutputPrefixType.TINK).build()).addKey(Keyset.Key.newBuilder().setKeyData(key3).setKeyId(3).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build()).setPrimaryKeyId(3).build());
    PrimitiveSet<Aead> aeadSet = Registry.getPrimitives(keysetHandle);
    assertThat(aeadSet.getPrimary().getPrimitive().getClass()).isEqualTo(EncryptThenAuthenticate.class);
}
Also used : DummyAead(com.google.crypto.tink.TestUtil.DummyAead) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Example 3 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class RegistryTest method testGetPrimitive_Hmac_shouldWork.

@Test
public void testGetPrimitive_Hmac_shouldWork() throws Exception {
    KeyTemplate template = MacKeyTemplates.HMAC_SHA256_128BITTAG;
    HmacKey hmacKey = (HmacKey) Registry.newKey(template);
    KeyData hmacKeyData = Registry.newKeyData(template);
    Mac mac = Registry.getPrimitive(hmacKeyData);
    assertThat(hmacKey.getKeyValue().size()).isEqualTo(32);
    assertThat(hmacKey.getParams().getTagSize()).isEqualTo(16);
    assertThat(hmacKey.getParams().getHash()).isEqualTo(HashType.SHA256);
    assertThat(hmacKeyData.getTypeUrl()).isEqualTo(MacConfig.HMAC_TYPE_URL);
    // This might break when we add native implementations.
    assertThat(mac.getClass()).isEqualTo(MacJce.class);
}
Also used : HmacKey(com.google.crypto.tink.proto.HmacKey) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Example 4 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class RegistryTest method testGetPrimitives_shouldWork.

@Test
public void testGetPrimitives_shouldWork() throws Exception {
    // Create a keyset, and get a PrimitiveSet.
    KeyTemplate template1 = AeadKeyTemplates.AES128_EAX;
    KeyTemplate template2 = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
    KeyData key1 = Registry.newKeyData(template1);
    KeyData key2 = Registry.newKeyData(template1);
    KeyData key3 = Registry.newKeyData(template2);
    KeysetHandle keysetHandle = KeysetHandle.fromKeyset(Keyset.newBuilder().addKey(Keyset.Key.newBuilder().setKeyData(key1).setKeyId(1).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build()).addKey(Keyset.Key.newBuilder().setKeyData(key2).setKeyId(2).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build()).addKey(Keyset.Key.newBuilder().setKeyData(key3).setKeyId(3).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build()).setPrimaryKeyId(2).build());
    PrimitiveSet<Aead> aeadSet = Registry.getPrimitives(keysetHandle);
    assertThat(aeadSet.getPrimary().getPrimitive().getClass()).isEqualTo(AesEaxJce.class);
}
Also used : DummyAead(com.google.crypto.tink.TestUtil.DummyAead) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Example 5 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class RegistryTest method testGetPrimitives_CustomManager_shouldWork.

@Test
public void testGetPrimitives_CustomManager_shouldWork() throws Exception {
    // Create a keyset.
    KeyTemplate template1 = AeadKeyTemplates.AES128_EAX;
    KeyTemplate template2 = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
    KeyData key1 = Registry.newKeyData(template1);
    KeyData key2 = Registry.newKeyData(template2);
    KeysetHandle keysetHandle = KeysetHandle.fromKeyset(Keyset.newBuilder().addKey(Keyset.Key.newBuilder().setKeyData(key1).setKeyId(1).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build()).addKey(Keyset.Key.newBuilder().setKeyData(key2).setKeyId(2).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build()).setPrimaryKeyId(2).build());
    // Get a PrimitiveSet using a custom key manager for key1.
    KeyManager<Aead> customManager = new CustomAeadKeyManager();
    PrimitiveSet<Aead> aeadSet = Registry.getPrimitives(keysetHandle, customManager);
    List<PrimitiveSet.Entry<Aead>> aead1List = aeadSet.getPrimitive(keysetHandle.getKeyset().getKey(0));
    List<PrimitiveSet.Entry<Aead>> aead2List = aeadSet.getPrimitive(keysetHandle.getKeyset().getKey(1));
    assertThat(aead1List.size()).isEqualTo(1);
    assertThat(aead1List.get(0).getPrimitive().getClass()).isEqualTo(DummyAead.class);
    assertThat(aead2List.size()).isEqualTo(1);
    assertThat(aead2List.get(0).getPrimitive().getClass()).isEqualTo(EncryptThenAuthenticate.class);
}
Also used : DummyAead(com.google.crypto.tink.TestUtil.DummyAead) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Aggregations

KeyTemplate (com.google.crypto.tink.proto.KeyTemplate)82 Test (org.junit.Test)79 GeneralSecurityException (java.security.GeneralSecurityException)18 ByteString (com.google.protobuf.ByteString)12 KeyData (com.google.crypto.tink.proto.KeyData)11 ByteArrayOutputStream (java.io.ByteArrayOutputStream)10 HashType (com.google.crypto.tink.proto.HashType)8 ByteArrayInputStream (java.io.ByteArrayInputStream)7 TreeSet (java.util.TreeSet)7 Keyset (com.google.crypto.tink.proto.Keyset)6 KeysetHandle (com.google.crypto.tink.KeysetHandle)5 DummyAead (com.google.crypto.tink.TestUtil.DummyAead)5 AesCtrHmacAeadKeyFormat (com.google.crypto.tink.proto.AesCtrHmacAeadKeyFormat)4 AesEaxKeyFormat (com.google.crypto.tink.proto.AesEaxKeyFormat)4 AesGcmKeyFormat (com.google.crypto.tink.proto.AesGcmKeyFormat)4 EcdsaKeyFormat (com.google.crypto.tink.proto.EcdsaKeyFormat)4 EllipticCurveType (com.google.crypto.tink.proto.EllipticCurveType)4 HmacKeyFormat (com.google.crypto.tink.proto.HmacKeyFormat)4 AesCtrHmacStreamingKeyFormat (com.google.crypto.tink.proto.AesCtrHmacStreamingKeyFormat)3 AesGcmHkdfStreamingKeyFormat (com.google.crypto.tink.proto.AesGcmHkdfStreamingKeyFormat)3