Examples with KeysetPublicResponse com.google.crypto.tink.proto.testing.KeysetPublicResponse used on opensource projects

Search in sources :

Example 1 with KeysetPublicResponse

use of com.google.crypto.tink.proto.testing.KeysetPublicResponse in project tink by google.

the class JwtServiceImplTest method jwtToFromJwt_success.

@Test
public void jwtToFromJwt_success() throws Exception {
    byte[] template = KeyTemplateProtoConverter.toByteArray(KeyTemplates.get("JWT_ES256"));
    KeysetGenerateResponse keysetResponse = generateKeyset(keysetStub, template);
    assertThat(keysetResponse.getErr()).isEmpty();
    byte[] privateKeyset = keysetResponse.getKeyset().toByteArray();
    KeysetPublicResponse pubResponse = publicKeyset(keysetStub, privateKeyset);
    assertThat(pubResponse.getErr()).isEmpty();
    byte[] publicKeyset = pubResponse.getPublicKeyset().toByteArray();
    JwtToken token = generateToken("audience", 1245, 0);
    JwtSignRequest signRequest = JwtSignRequest.newBuilder().setKeyset(ByteString.copyFrom(privateKeyset)).setRawJwt(token).build();
    JwtSignResponse signResponse = jwtStub.publicKeySignAndEncode(signRequest);
    assertThat(signResponse.getErr()).isEmpty();
    // Convert the public keyset to a JWK set
    JwtToJwkSetRequest toRequest = JwtToJwkSetRequest.newBuilder().setKeyset(ByteString.copyFrom(publicKeyset)).build();
    JwtToJwkSetResponse toResponse = jwtStub.toJwkSet(toRequest);
    assertThat(toResponse.getErr()).isEmpty();
    assertThat(toResponse.getJwkSet()).contains("{\"keys\":[{\"kty\":\"EC\",\"crv\":\"P-256\",");
    // Convert the public keyset to a JWK set
    JwtFromJwkSetRequest fromRequest = JwtFromJwkSetRequest.newBuilder().setJwkSet(toResponse.getJwkSet()).build();
    JwtFromJwkSetResponse fromResponse = jwtStub.fromJwkSet(fromRequest);
    assertThat(fromResponse.getErr()).isEmpty();
    // Use that output keyset to verify the token
    JwtValidator validator = JwtValidator.newBuilder().setExpectedTypeHeader(StringValue.newBuilder().setValue("typeHeader")).setExpectedIssuer(StringValue.newBuilder().setValue("issuer")).setExpectedAudience(StringValue.newBuilder().setValue("audience")).setNow(Timestamp.newBuilder().setSeconds(1234)).build();
    JwtVerifyRequest verifyRequest = JwtVerifyRequest.newBuilder().setKeyset(fromResponse.getKeyset()).setSignedCompactJwt(signResponse.getSignedCompactJwt()).setValidator(validator).build();
    JwtVerifyResponse verifyResponse = jwtStub.publicKeyVerifyAndDecode(verifyRequest);
    assertThat(verifyResponse.getErr()).isEmpty();
}
Also used : JwtFromJwkSetRequest(com.google.crypto.tink.proto.testing.JwtFromJwkSetRequest) JwtToJwkSetRequest(com.google.crypto.tink.proto.testing.JwtToJwkSetRequest) JwtToJwkSetResponse(com.google.crypto.tink.proto.testing.JwtToJwkSetResponse) JwtFromJwkSetResponse(com.google.crypto.tink.proto.testing.JwtFromJwkSetResponse) JwtSignResponse(com.google.crypto.tink.proto.testing.JwtSignResponse) KeysetGenerateResponse(com.google.crypto.tink.proto.testing.KeysetGenerateResponse) JwtToken(com.google.crypto.tink.proto.testing.JwtToken) JwtSignRequest(com.google.crypto.tink.proto.testing.JwtSignRequest) JwtValidator(com.google.crypto.tink.proto.testing.JwtValidator) JwtVerifyRequest(com.google.crypto.tink.proto.testing.JwtVerifyRequest) JwtVerifyResponse(com.google.crypto.tink.proto.testing.JwtVerifyResponse) KeysetPublicResponse(com.google.crypto.tink.proto.testing.KeysetPublicResponse) Test(org.junit.Test)

Example 2 with KeysetPublicResponse

use of com.google.crypto.tink.proto.testing.KeysetPublicResponse in project tink by google.

the class AsymmetricTestingServicesTest method hybridGenerateEncryptDecrypt_success.

@Test
public void hybridGenerateEncryptDecrypt_success() throws Exception {
    byte[] template = KeyTemplateProtoConverter.toByteArray(EciesAeadHkdfPrivateKeyManager.eciesP256HkdfHmacSha256Aes128GcmTemplate());
    byte[] plaintext = "The quick brown fox jumps over the lazy dog".getBytes(UTF_8);
    byte[] associatedData = "generate_encrypt_decrypt".getBytes(UTF_8);
    KeysetGenerateResponse genResponse = generateKeyset(keysetStub, template);
    assertThat(genResponse.getErr()).isEmpty();
    byte[] privateKeyset = genResponse.getKeyset().toByteArray();
    KeysetPublicResponse pubResponse = publicKeyset(keysetStub, privateKeyset);
    assertThat(pubResponse.getErr()).isEmpty();
    byte[] publicKeyset = pubResponse.getPublicKeyset().toByteArray();
    HybridEncryptResponse encResponse = hybridEncrypt(hybridStub, publicKeyset, plaintext, associatedData);
    assertThat(encResponse.getErr()).isEmpty();
    byte[] ciphertext = encResponse.getCiphertext().toByteArray();
    HybridDecryptResponse decResponse = hybridDecrypt(hybridStub, privateKeyset, ciphertext, associatedData);
    assertThat(decResponse.getErr()).isEmpty();
    byte[] output = decResponse.getPlaintext().toByteArray();
    assertThat(output).isEqualTo(plaintext);
}
Also used : HybridEncryptResponse(com.google.crypto.tink.proto.testing.HybridEncryptResponse) HybridDecryptResponse(com.google.crypto.tink.proto.testing.HybridDecryptResponse) KeysetGenerateResponse(com.google.crypto.tink.proto.testing.KeysetGenerateResponse) KeysetPublicResponse(com.google.crypto.tink.proto.testing.KeysetPublicResponse) Test(org.junit.Test)

Example 3 with KeysetPublicResponse

use of com.google.crypto.tink.proto.testing.KeysetPublicResponse in project tink by google.

the class AsymmetricTestingServicesTest method signatureVerify_failsOnBadSignature.

@Test
public void signatureVerify_failsOnBadSignature() throws Exception {
    byte[] template = KeyTemplateProtoConverter.toByteArray(EcdsaSignKeyManager.ecdsaP256Template());
    byte[] data = "The quick brown fox jumps over the lazy dog".getBytes(UTF_8);
    KeysetGenerateResponse genResponse = generateKeyset(keysetStub, template);
    assertThat(genResponse.getErr()).isEmpty();
    byte[] privateKeyset = genResponse.getKeyset().toByteArray();
    KeysetPublicResponse pubResponse = publicKeyset(keysetStub, privateKeyset);
    assertThat(pubResponse.getErr()).isEmpty();
    byte[] publicKeyset = pubResponse.getPublicKeyset().toByteArray();
    SignatureVerifyResponse verifyResponse = signatureVerify(signatureStub, publicKeyset, "bad signature".getBytes(UTF_8), data);
    assertThat(verifyResponse.getErr()).isNotEmpty();
}
Also used : KeysetGenerateResponse(com.google.crypto.tink.proto.testing.KeysetGenerateResponse) SignatureVerifyResponse(com.google.crypto.tink.proto.testing.SignatureVerifyResponse) KeysetPublicResponse(com.google.crypto.tink.proto.testing.KeysetPublicResponse) Test(org.junit.Test)

Example 4 with KeysetPublicResponse

use of com.google.crypto.tink.proto.testing.KeysetPublicResponse in project tink by google.

the class AsymmetricTestingServicesTest method hybridDecrypt_failsOnBadCiphertext.

@Test
public void hybridDecrypt_failsOnBadCiphertext() throws Exception {
    byte[] template = KeyTemplateProtoConverter.toByteArray(EciesAeadHkdfPrivateKeyManager.eciesP256HkdfHmacSha256Aes128GcmTemplate());
    byte[] badCiphertext = "bad ciphertext".getBytes(UTF_8);
    byte[] contextInfo = "hybrid_decrypt_bad_ciphertext".getBytes(UTF_8);
    KeysetGenerateResponse keysetResponse = generateKeyset(keysetStub, template);
    assertThat(keysetResponse.getErr()).isEmpty();
    byte[] privateKeyset = keysetResponse.getKeyset().toByteArray();
    KeysetPublicResponse pubResponse = publicKeyset(keysetStub, privateKeyset);
    assertThat(pubResponse.getErr()).isEmpty();
    byte[] publicKeyset = pubResponse.getPublicKeyset().toByteArray();
    HybridDecryptResponse decResponse = hybridDecrypt(hybridStub, publicKeyset, badCiphertext, contextInfo);
    assertThat(decResponse.getErr()).isNotEmpty();
}
Also used : HybridDecryptResponse(com.google.crypto.tink.proto.testing.HybridDecryptResponse) KeysetGenerateResponse(com.google.crypto.tink.proto.testing.KeysetGenerateResponse) KeysetPublicResponse(com.google.crypto.tink.proto.testing.KeysetPublicResponse) Test(org.junit.Test)

Example 5 with KeysetPublicResponse

use of com.google.crypto.tink.proto.testing.KeysetPublicResponse in project tink by google.

the class AsymmetricTestingServicesTest method hybridDecrypt_failsOnBadKeyset.

@Test
public void hybridDecrypt_failsOnBadKeyset() throws Exception {
    byte[] template = KeyTemplateProtoConverter.toByteArray(EciesAeadHkdfPrivateKeyManager.eciesP256HkdfHmacSha256Aes128GcmTemplate());
    byte[] plaintext = "The quick brown fox jumps over the lazy dog".getBytes(UTF_8);
    byte[] contextInfo = "hybrid_decrypt_bad_keyset".getBytes(UTF_8);
    KeysetGenerateResponse privateKeysetResponse = generateKeyset(keysetStub, template);
    assertThat(privateKeysetResponse.getErr()).isEmpty();
    byte[] privateKeyset = privateKeysetResponse.getKeyset().toByteArray();
    KeysetPublicResponse pubResponse = publicKeyset(keysetStub, privateKeyset);
    assertThat(pubResponse.getErr()).isEmpty();
    byte[] publicKeyset = pubResponse.getPublicKeyset().toByteArray();
    HybridEncryptResponse encResponse = hybridEncrypt(hybridStub, publicKeyset, plaintext, contextInfo);
    assertThat(encResponse.getErr()).isEmpty();
    byte[] ciphertext = encResponse.getCiphertext().toByteArray();
    byte[] badKeyset = "bad keyset".getBytes(UTF_8);
    HybridDecryptResponse decResponse = hybridDecrypt(hybridStub, badKeyset, ciphertext, contextInfo);
    assertThat(decResponse.getErr()).isNotEmpty();
}
Also used : HybridEncryptResponse(com.google.crypto.tink.proto.testing.HybridEncryptResponse) HybridDecryptResponse(com.google.crypto.tink.proto.testing.HybridDecryptResponse) KeysetGenerateResponse(com.google.crypto.tink.proto.testing.KeysetGenerateResponse) KeysetPublicResponse(com.google.crypto.tink.proto.testing.KeysetPublicResponse) Test(org.junit.Test)

Aggregations

KeysetPublicResponse (com.google.crypto.tink.proto.testing.KeysetPublicResponse)9 Test (org.junit.Test)8 KeysetGenerateResponse (com.google.crypto.tink.proto.testing.KeysetGenerateResponse)7 HybridDecryptResponse (com.google.crypto.tink.proto.testing.HybridDecryptResponse)3 HybridEncryptResponse (com.google.crypto.tink.proto.testing.HybridEncryptResponse)2 JwtSignRequest (com.google.crypto.tink.proto.testing.JwtSignRequest)2 JwtSignResponse (com.google.crypto.tink.proto.testing.JwtSignResponse)2 JwtToken (com.google.crypto.tink.proto.testing.JwtToken)2 JwtValidator (com.google.crypto.tink.proto.testing.JwtValidator)2 JwtVerifyRequest (com.google.crypto.tink.proto.testing.JwtVerifyRequest)2 JwtVerifyResponse (com.google.crypto.tink.proto.testing.JwtVerifyResponse)2 SignatureVerifyResponse (com.google.crypto.tink.proto.testing.SignatureVerifyResponse)2 CleartextKeysetHandle (com.google.crypto.tink.CleartextKeysetHandle)1 KeysetHandle (com.google.crypto.tink.KeysetHandle)1 Keyset (com.google.crypto.tink.proto.Keyset)1 JwtFromJwkSetRequest (com.google.crypto.tink.proto.testing.JwtFromJwkSetRequest)1 JwtFromJwkSetResponse (com.google.crypto.tink.proto.testing.JwtFromJwkSetResponse)1 JwtToJwkSetRequest (com.google.crypto.tink.proto.testing.JwtToJwkSetRequest)1 JwtToJwkSetResponse (com.google.crypto.tink.proto.testing.JwtToJwkSetResponse)1 SignatureSignResponse (com.google.crypto.tink.proto.testing.SignatureSignResponse)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial