use of com.google.crypto.tink.proto.Keyset.Key in project tink by google.
the class MacWrapperTest method testSmallPlaintextWithRawKey.
@Test
public void testSmallPlaintextWithRawKey() throws Exception {
byte[] keyValue = Random.randBytes(HMAC_KEY_SIZE);
Key primary = TestUtil.createKey(TestUtil.createHmacKeyData(keyValue, 16), 42, KeyStatusType.ENABLED, OutputPrefixType.RAW);
PrimitiveSet<Mac> primitives = TestUtil.createPrimitiveSet(TestUtil.createKeyset(primary), Mac.class);
Mac mac = new MacWrapper().wrap(primitives);
byte[] plaintext = "blah".getBytes("UTF-8");
byte[] tag = mac.computeMac(plaintext);
// no prefix
assertEquals(16, /* TAG */
tag.length);
try {
mac.verifyMac(tag, plaintext);
} catch (GeneralSecurityException e) {
fail("Valid MAC, should not throw exception");
}
}
use of com.google.crypto.tink.proto.Keyset.Key in project tink by google.
the class PrimitiveSetTest method testPrefix_isUnique.
@Test
public void testPrefix_isUnique() throws Exception {
PrimitiveSet<Mac> pset = PrimitiveSet.newPrimitiveSet(Mac.class);
Key key1 = Key.newBuilder().setKeyId(0xffffffff).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build();
pset.addPrimitive(new DummyMac1(), key1);
Key key2 = Key.newBuilder().setKeyId(0xffffffdf).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.RAW).build();
pset.setPrimary(pset.addPrimitive(new DummyMac2(), key2));
Key key3 = Key.newBuilder().setKeyId(0xffffffef).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.LEGACY).build();
pset.addPrimitive(new DummyMac1(), key3);
assertThat(pset.getAll()).hasSize(3);
assertThat(pset.getPrimitive(Hex.decode("01ffffffff"))).hasSize(1);
assertThat(pset.getPrimitive(Hex.decode("01ffffffef"))).isEmpty();
assertThat(pset.getPrimitive(Hex.decode("00ffffffff"))).isEmpty();
assertThat(pset.getPrimitive(Hex.decode("00ffffffef"))).hasSize(1);
}
use of com.google.crypto.tink.proto.Keyset.Key in project tink by google.
the class PrimitiveSetTest method testDuplicateKeys.
@Test
public void testDuplicateKeys() throws Exception {
PrimitiveSet<Mac> pset = PrimitiveSet.newPrimitiveSet(Mac.class);
Key key1 = Key.newBuilder().setKeyId(1).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build();
pset.addPrimitive(new DummyMac1(), key1);
Key key2 = Key.newBuilder().setKeyId(1).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.RAW).build();
pset.setPrimary(pset.addPrimitive(new DummyMac2(), key2));
Key key3 = Key.newBuilder().setKeyId(2).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.LEGACY).build();
pset.addPrimitive(new DummyMac1(), key3);
Key key4 = Key.newBuilder().setKeyId(2).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.LEGACY).build();
pset.addPrimitive(new DummyMac2(), key4);
Key key5 = Key.newBuilder().setKeyId(3).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.RAW).build();
pset.addPrimitive(new DummyMac1(), key5);
Key key6 = Key.newBuilder().setKeyId(3).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.RAW).build();
pset.addPrimitive(new DummyMac1(), key6);
// 3 instead of 6 because of duplicated key ids
assertEquals(3, pset.getAll().size());
// tink keys
List<PrimitiveSet.Entry<Mac>> entries = pset.getPrimitive(key1);
assertEquals(1, entries.size());
PrimitiveSet.Entry<Mac> entry = entries.get(0);
assertEquals(DummyMac1.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertEquals(CryptoFormat.TINK_START_BYTE, entry.getIdentifier()[0]);
assertArrayEquals(CryptoFormat.getOutputPrefix(key1), entry.getIdentifier());
assertEquals(1, entry.getKeyId());
// raw keys
// The order of the keys is an implementation detail.
List<Integer> ids = new ArrayList<>();
entries = pset.getPrimitive(key2);
assertEquals(3, entries.size());
entry = entries.get(0);
assertEquals(DummyMac2.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertEquals(0, entry.getIdentifier().length);
ids.add(entry.getKeyId());
entry = entries.get(1);
assertEquals(DummyMac1.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertEquals(0, entry.getIdentifier().length);
ids.add(entry.getKeyId());
entry = entries.get(2);
assertEquals(DummyMac1.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertEquals(0, entry.getIdentifier().length);
ids.add(entry.getKeyId());
assertThat(ids).containsExactly(1, 3, 3);
// legacy keys
entries = pset.getPrimitive(key3);
assertEquals(2, entries.size());
entry = entries.get(0);
assertEquals(DummyMac1.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertArrayEquals(CryptoFormat.getOutputPrefix(key3), entry.getIdentifier());
assertEquals(2, entry.getKeyId());
entry = entries.get(1);
assertEquals(DummyMac2.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertArrayEquals(CryptoFormat.getOutputPrefix(key4), entry.getIdentifier());
assertEquals(2, entry.getKeyId());
entry = pset.getPrimary();
assertEquals(DummyMac2.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertEquals(0, entry.getIdentifier().length);
assertArrayEquals(CryptoFormat.getOutputPrefix(key2), entry.getIdentifier());
assertEquals(1, entry.getKeyId());
}
use of com.google.crypto.tink.proto.Keyset.Key in project tink by google.
the class PrimitiveSetTest method testBasicFunctionality.
@Test
public void testBasicFunctionality() throws Exception {
PrimitiveSet<Mac> pset = PrimitiveSet.newPrimitiveSet(Mac.class);
Key key1 = Key.newBuilder().setKeyId(1).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.TINK).build();
pset.addPrimitive(new DummyMac1(), key1);
Key key2 = Key.newBuilder().setKeyId(2).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.RAW).build();
pset.setPrimary(pset.addPrimitive(new DummyMac2(), key2));
Key key3 = Key.newBuilder().setKeyId(3).setStatus(KeyStatusType.ENABLED).setOutputPrefixType(OutputPrefixType.LEGACY).build();
pset.addPrimitive(new DummyMac1(), key3);
assertThat(pset.getAll()).hasSize(3);
List<PrimitiveSet.Entry<Mac>> entries = pset.getPrimitive(key1);
assertThat(entries).hasSize(1);
PrimitiveSet.Entry<Mac> entry = entries.get(0);
assertEquals(DummyMac1.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertEquals(CryptoFormat.TINK_START_BYTE, entry.getIdentifier()[0]);
assertArrayEquals(CryptoFormat.getOutputPrefix(key1), entry.getIdentifier());
assertEquals(entry.getKeyId(), 1);
entries = pset.getPrimitive(key2);
assertThat(entries).hasSize(1);
entry = entries.get(0);
assertEquals(DummyMac2.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertThat(entry.getIdentifier()).isEmpty();
assertArrayEquals(CryptoFormat.getOutputPrefix(key2), entry.getIdentifier());
assertEquals(2, entry.getKeyId());
entries = pset.getPrimitive(key3);
assertThat(entries).hasSize(1);
entry = entries.get(0);
assertEquals(DummyMac1.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertEquals(CryptoFormat.LEGACY_START_BYTE, entry.getIdentifier()[0]);
assertArrayEquals(CryptoFormat.getOutputPrefix(key3), entry.getIdentifier());
assertEquals(entry.getKeyId(), 3);
entry = pset.getPrimary();
assertEquals(DummyMac2.class.getSimpleName(), new String(entry.getPrimitive().computeMac(null), UTF_8));
assertEquals(KeyStatusType.ENABLED, entry.getStatus());
assertArrayEquals(CryptoFormat.getOutputPrefix(key2), entry.getIdentifier());
assertEquals(2, entry.getKeyId());
}
use of com.google.crypto.tink.proto.Keyset.Key in project tink by google.
the class KeysetManagerTest method addKeyHandle_newKeyset_shouldAddKey.
@Test
public void addKeyHandle_newKeyset_shouldAddKey() throws Exception {
KeyTemplate keyTemplate = KeyTemplates.get("AES256_GCM");
KeyHandle keyHandle = KeyHandle.generateNew(keyTemplate);
KeysetManager keysetManager = KeysetManager.withEmptyKeyset();
keysetManager = keysetManager.add(keyHandle);
KeysetHandle keysetHandle = keysetManager.getKeysetHandle();
Keyset keyset = keysetHandle.getKeyset();
expect.that(keyset.getKeyCount()).isEqualTo(1);
Keyset.Key key = keyset.getKey(0);
expect.that(key.getKeyId()).isEqualTo(keyHandle.getId());
expect.that(key.getStatus()).isEqualTo(KeyStatusType.ENABLED);
expect.that(key.getOutputPrefixType()).isEqualTo(OutputPrefixType.TINK);
expect.that(key.hasKeyData()).isTrue();
expect.that(key.getKeyData().getTypeUrl()).isEqualTo(keyTemplate.getTypeUrl());
AesGcmKeyFormat aesGcmKeyFormat = AesGcmKeyFormat.parseFrom(keyTemplate.getValue(), ExtensionRegistryLite.getEmptyRegistry());
AesGcmKey aesGcmKey = AesGcmKey.parseFrom(key.getKeyData().getValue(), ExtensionRegistryLite.getEmptyRegistry());
expect.that(aesGcmKey.getKeyValue().size()).isEqualTo(aesGcmKeyFormat.getKeySize());
// No primary key because add doesn't automatically promote the new key to primary.
assertThrows(GeneralSecurityException.class, () -> keysetHandle.getPrimitive(Aead.class));
}
Aggregations