Examples with KeyTemplate com.google.crypto.tink.proto.KeyTemplate used on opensource projects

Example 41 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class MacKeyTemplatesTest method testHMAC_SHA256_256BITTAG.

@Test
public void testHMAC_SHA256_256BITTAG() throws Exception {
    KeyTemplate template = MacKeyTemplates.HMAC_SHA256_256BITTAG;
    assertEquals(HmacKeyManager.TYPE_URL, template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    HmacKeyFormat format = HmacKeyFormat.parseFrom(template.getValue());
    assertEquals(32, format.getKeySize());
    assertEquals(32, format.getParams().getTagSize());
    assertEquals(HashType.SHA256, format.getParams().getHash());
}

Example 42 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class RegistryEciesAeadHkdfDemHelperTest method testGetAead.

@Test
public void testGetAead() throws Exception {
    byte[] plaintext = "some plaintext string".getBytes(UTF_8);
    byte[] associatedData = "some associated data".getBytes(UTF_8);
    int count = 0;
    for (KeyTemplate template : keyTemplates) {
        RegistryEciesAeadHkdfDemHelper helper = new RegistryEciesAeadHkdfDemHelper(template);
        byte[] symmetricKey = Random.randBytes(helper.getSymmetricKeySizeInBytes());
        Aead aead = helper.getAead(symmetricKey);
        byte[] ciphertext = aead.encrypt(plaintext, associatedData);
        byte[] decrypted = aead.decrypt(ciphertext, associatedData);
        assertArrayEquals(plaintext, decrypted);
        // Try using a symmetric key that is too short.
        symmetricKey = Random.randBytes(helper.getSymmetricKeySizeInBytes() - 1);
        try {
            aead = helper.getAead(symmetricKey);
            fail("Symmetric key too short, should have thrown exception:\n" + template.toString());
        } catch (GeneralSecurityException e) {
            // Expected.
            assertExceptionContains(e, "incorrect length");
        }
        // Try using a symmetric key that is too long.
        symmetricKey = Random.randBytes(helper.getSymmetricKeySizeInBytes() + 1);
        try {
            aead = helper.getAead(symmetricKey);
            fail("Symmetric key too long, should have thrown exception:\n" + template.toString());
        } catch (GeneralSecurityException e) {
            // Expected.
            assertExceptionContains(e, "incorrect length");
        }
        count++;
    }
    assertEquals(keyTemplates.length, count);
}

Example 43 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class RegistryEciesAeadHkdfDemHelperTest method testConstructorWithUnsupportedTemplates.

@Test
public void testConstructorWithUnsupportedTemplates() throws Exception {
    RegistryEciesAeadHkdfDemHelper unusedHelper;
    // Unsupported templates.
    int templateCount = 4;
    KeyTemplate[] templates = new KeyTemplate[templateCount];
    templates[0] = AeadKeyTemplates.AES128_EAX;
    templates[1] = AeadKeyTemplates.AES256_EAX;
    templates[2] = AeadKeyTemplates.CHACHA20_POLY1305;
    templates[3] = SignatureKeyTemplates.ECDSA_P256;
    int count = 0;
    for (KeyTemplate template : templates) {
        try {
            unusedHelper = new RegistryEciesAeadHkdfDemHelper(template);
            fail("DEM type not supported, should have thrown exception:\n" + template.toString());
        } catch (GeneralSecurityException e) {
            // Expected.
            assertExceptionContains(e, "unsupported AEAD DEM key type");
            assertExceptionContains(e, template.getTypeUrl());
        }
        count++;
    }
    assertEquals(templateCount, count);
    // An inconsistent template.
    KeyTemplate template = KeyTemplate.newBuilder().setTypeUrl(AeadKeyTemplates.AES128_CTR_HMAC_SHA256.getTypeUrl()).setValue(SignatureKeyTemplates.ECDSA_P256.getValue()).build();
    try {
        unusedHelper = new RegistryEciesAeadHkdfDemHelper(template);
        fail("Inconsistent template, should have thrown exception:\n" + template.toString());
    } catch (GeneralSecurityException e) {
    // Expected.
    }
}

Example 44 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class HybridEncryptFactoryTest method testBasicEncryption.

@Test
public void testBasicEncryption() throws Exception {
    EllipticCurveType curve = EllipticCurveType.NIST_P384;
    HashType hashType = HashType.SHA256;
    EcPointFormat primaryPointFormat = EcPointFormat.UNCOMPRESSED;
    EcPointFormat rawPointFormat = EcPointFormat.COMPRESSED;
    KeyTemplate primaryDemKeyTemplate = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
    KeyTemplate rawDemKeyTemplate = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
    byte[] primarySalt = "some salt".getBytes("UTF-8");
    byte[] rawSalt = "other salt".getBytes("UTF-8");
    EciesAeadHkdfPrivateKey primaryPrivProto = TestUtil.generateEciesAeadHkdfPrivKey(curve, hashType, primaryPointFormat, primaryDemKeyTemplate, primarySalt);
    Key primaryPriv = TestUtil.createKey(TestUtil.createKeyData(primaryPrivProto, EciesAeadHkdfPrivateKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PRIVATE), 8, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    Key primaryPub = TestUtil.createKey(TestUtil.createKeyData(primaryPrivProto.getPublicKey(), EciesAeadHkdfPublicKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    EciesAeadHkdfPrivateKey rawPrivProto = TestUtil.generateEciesAeadHkdfPrivKey(curve, hashType, rawPointFormat, rawDemKeyTemplate, rawSalt);
    Key rawPriv = TestUtil.createKey(TestUtil.createKeyData(rawPrivProto, EciesAeadHkdfPrivateKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PRIVATE), 11, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    Key rawPub = TestUtil.createKey(TestUtil.createKeyData(rawPrivProto.getPublicKey(), EciesAeadHkdfPublicKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 43, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    KeysetHandle keysetHandlePub = TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryPub, rawPub));
    KeysetHandle keysetHandlePriv = TestUtil.createKeysetHandle(TestUtil.createKeyset(primaryPriv, rawPriv));
    HybridEncrypt hybridEncrypt = HybridEncryptFactory.getPrimitive(keysetHandlePub);
    HybridDecrypt hybridDecrypt = HybridDecryptFactory.getPrimitive(keysetHandlePriv);
    byte[] plaintext = Random.randBytes(20);
    byte[] contextInfo = Random.randBytes(20);
    byte[] ciphertext = hybridEncrypt.encrypt(plaintext, contextInfo);
    assertArrayEquals(plaintext, hybridDecrypt.decrypt(ciphertext, contextInfo));
}

Example 45 with KeyTemplate

use of com.google.crypto.tink.proto.KeyTemplate in project tink by google.

the class HybridKeyTemplatesTest method testECIES_P256_HKDF_HMAC_SHA256_AES128_GCM.

@Test
public void testECIES_P256_HKDF_HMAC_SHA256_AES128_GCM() throws Exception {
    KeyTemplate template = HybridKeyTemplates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM;
    assertEquals(EciesAeadHkdfPrivateKeyManager.TYPE_URL, template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    EciesAeadHkdfKeyFormat format = EciesAeadHkdfKeyFormat.parseFrom(template.getValue());
    assertTrue(format.hasParams());
    assertTrue(format.getParams().hasKemParams());
    assertTrue(format.getParams().hasDemParams());
    assertTrue(format.getParams().getDemParams().hasAeadDem());
    assertEquals(EcPointFormat.UNCOMPRESSED, format.getParams().getEcPointFormat());
    EciesHkdfKemParams kemParams = format.getParams().getKemParams();
    assertEquals(EllipticCurveType.NIST_P256, kemParams.getCurveType());
    assertEquals(HashType.SHA256, kemParams.getHkdfHashType());
    assertTrue(kemParams.getHkdfSalt().isEmpty());
    assertEquals(AeadKeyTemplates.AES128_GCM.toString(), format.getParams().getDemParams().getAeadDem().toString());
}