Examples with EciesAeadHkdfHybridDecrypt com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt used on opensource projects

Search in sources :

Example 1 with EciesAeadHkdfHybridDecrypt

use of com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt in project tink by google.

the class EciesAeadHkdfHybridDecryptTest method testModifyDecrypt.

private void testModifyDecrypt(CurveType curveType, KeyTemplate keyTemplate) throws Exception {
    KeyPair recipientKey = EllipticCurves.generateKeyPair(curveType);
    ECPublicKey recipientPublicKey = (ECPublicKey) recipientKey.getPublic();
    ECPrivateKey recipientPrivateKey = (ECPrivateKey) recipientKey.getPrivate();
    byte[] salt = Random.randBytes(8);
    byte[] plaintext = Random.randBytes(4);
    byte[] context = Random.randBytes(4);
    String hmacAlgo = HybridUtil.toHmacAlgo(HashType.SHA256);
    HybridEncrypt hybridEncrypt = new EciesAeadHkdfHybridEncrypt(recipientPublicKey, salt, hmacAlgo, EllipticCurves.PointFormatType.UNCOMPRESSED, new RegistryEciesAeadHkdfDemHelper(keyTemplate));
    HybridDecrypt hybridDecrypt = new EciesAeadHkdfHybridDecrypt(recipientPrivateKey, salt, hmacAlgo, EllipticCurves.PointFormatType.UNCOMPRESSED, new RegistryEciesAeadHkdfDemHelper(keyTemplate));
    byte[] ciphertext = hybridEncrypt.encrypt(plaintext, context);
    byte[] decrypted = hybridDecrypt.decrypt(ciphertext, context);
    assertArrayEquals(plaintext, decrypted);
    // implicitly checks the modification of public key and the raw ciphertext.
    for (int bytes = 0; bytes < ciphertext.length; bytes++) {
        for (int bit = 0; bit < 8; bit++) {
            byte[] modifiedCiphertext = Arrays.copyOf(ciphertext, ciphertext.length);
            modifiedCiphertext[bytes] ^= (byte) (1 << bit);
            try {
                hybridDecrypt.decrypt(modifiedCiphertext, context);
                fail("Invalid ciphertext, should have thrown exception");
            } catch (GeneralSecurityException expected) {
            // Expected
            }
        }
    }
    // Modify context.
    for (int bytes = 0; bytes < context.length; bytes++) {
        for (int bit = 0; bit < 8; bit++) {
            byte[] modifiedContext = Arrays.copyOf(context, context.length);
            modifiedContext[bytes] ^= (byte) (1 << bit);
            try {
                hybridDecrypt.decrypt(ciphertext, modifiedContext);
                fail("Invalid context, should have thrown exception");
            } catch (GeneralSecurityException expected) {
            // Expected
            }
        }
    }
    // modifying the length may not be detected.
    for (int bytes = 0; bytes < salt.length; bytes++) {
        for (int bit = 0; bit < 8; bit++) {
            byte[] modifiedSalt = Arrays.copyOf(salt, salt.length);
            modifiedSalt[bytes] ^= (byte) (1 << bit);
            hybridDecrypt = new EciesAeadHkdfHybridDecrypt(recipientPrivateKey, modifiedSalt, hmacAlgo, EllipticCurves.PointFormatType.UNCOMPRESSED, new RegistryEciesAeadHkdfDemHelper(keyTemplate));
            try {
                hybridDecrypt.decrypt(ciphertext, context);
                fail("Invalid salt, should have thrown exception");
            } catch (GeneralSecurityException expected) {
            // Expected
            }
        }
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) HybridDecrypt(com.google.crypto.tink.HybridDecrypt) EciesAeadHkdfHybridDecrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt) ECPublicKey(java.security.interfaces.ECPublicKey) EciesAeadHkdfHybridDecrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt) GeneralSecurityException(java.security.GeneralSecurityException) EciesAeadHkdfHybridEncrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) EciesAeadHkdfHybridEncrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt)

Example 2 with EciesAeadHkdfHybridDecrypt

use of com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt in project tink by google.

the class EciesAeadHkdfHybridEncryptTest method testBasicMultipleEncrypts.

private void testBasicMultipleEncrypts(CurveType curveType, KeyTemplate keyTemplate) throws Exception {
    KeyPair recipientKey = EllipticCurves.generateKeyPair(curveType);
    ECPublicKey recipientPublicKey = (ECPublicKey) recipientKey.getPublic();
    ECPrivateKey recipientPrivateKey = (ECPrivateKey) recipientKey.getPrivate();
    byte[] salt = "some salt".getBytes("UTF-8");
    byte[] plaintext = Random.randBytes(20);
    byte[] context = "context info".getBytes("UTF-8");
    String hmacAlgo = HybridUtil.toHmacAlgo(HashType.SHA256);
    HybridEncrypt hybridEncrypt = new EciesAeadHkdfHybridEncrypt(recipientPublicKey, salt, hmacAlgo, EllipticCurves.PointFormatType.UNCOMPRESSED, new RegistryEciesAeadHkdfDemHelper(keyTemplate));
    HybridDecrypt hybridDecrypt = new EciesAeadHkdfHybridDecrypt(recipientPrivateKey, salt, hmacAlgo, EllipticCurves.PointFormatType.UNCOMPRESSED, new RegistryEciesAeadHkdfDemHelper(keyTemplate));
    // Makes sure that the encryption is randomized.
    Set<String> ciphertexts = new TreeSet<String>();
    for (int j = 0; j < 8; j++) {
        byte[] ciphertext = hybridEncrypt.encrypt(plaintext, context);
        if (ciphertexts.contains(new String(ciphertext, "UTF-8"))) {
            throw new GeneralSecurityException("Encryption is not randomized");
        }
        ciphertexts.add(new String(ciphertext, "UTF-8"));
        byte[] decrypted = hybridDecrypt.decrypt(ciphertext, context);
        assertArrayEquals(plaintext, decrypted);
    }
    assertEquals(8, ciphertexts.size());
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) GeneralSecurityException(java.security.GeneralSecurityException) EciesAeadHkdfHybridEncrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt) HybridEncrypt(com.google.crypto.tink.HybridEncrypt) HybridDecrypt(com.google.crypto.tink.HybridDecrypt) EciesAeadHkdfHybridDecrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt) ECPublicKey(java.security.interfaces.ECPublicKey) EciesAeadHkdfHybridDecrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt) TreeSet(java.util.TreeSet) EciesAeadHkdfHybridEncrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt)

Example 3 with EciesAeadHkdfHybridDecrypt

use of com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt in project tink by google.

the class EciesAeadHkdfPrivateKeyManager method getPrimitive.

/**
 * @param recipientKey {@code EciesAeadHkdfPrivateKey} proto
 */
@Override
public HybridDecrypt getPrimitive(MessageLite recipientKey) throws GeneralSecurityException {
    if (!(recipientKey instanceof EciesAeadHkdfPrivateKey)) {
        throw new GeneralSecurityException("expected EciesAeadHkdfPrivateKey proto");
    }
    EciesAeadHkdfPrivateKey recipientKeyProto = (EciesAeadHkdfPrivateKey) recipientKey;
    validate(recipientKeyProto);
    EciesAeadHkdfParams eciesParams = recipientKeyProto.getPublicKey().getParams();
    EciesHkdfKemParams kemParams = eciesParams.getKemParams();
    ECPrivateKey recipientPrivateKey = EllipticCurves.getEcPrivateKey(HybridUtil.toCurveType(kemParams.getCurveType()), recipientKeyProto.getKeyValue().toByteArray());
    EciesAeadHkdfDemHelper demHelper = new RegistryEciesAeadHkdfDemHelper(eciesParams.getDemParams().getAeadDem());
    return new EciesAeadHkdfHybridDecrypt(recipientPrivateKey, kemParams.getHkdfSalt().toByteArray(), HybridUtil.toHmacAlgo(kemParams.getHkdfHashType()), HybridUtil.toPointFormatType(eciesParams.getEcPointFormat()), demHelper);
}
Also used : EciesAeadHkdfDemHelper(com.google.crypto.tink.subtle.EciesAeadHkdfDemHelper) EciesAeadHkdfParams(com.google.crypto.tink.proto.EciesAeadHkdfParams) ECPrivateKey(java.security.interfaces.ECPrivateKey) EciesAeadHkdfHybridDecrypt(com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt) EciesAeadHkdfPrivateKey(com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey) GeneralSecurityException(java.security.GeneralSecurityException) EciesHkdfKemParams(com.google.crypto.tink.proto.EciesHkdfKemParams)

Aggregations

EciesAeadHkdfHybridDecrypt (com.google.crypto.tink.subtle.EciesAeadHkdfHybridDecrypt)3 GeneralSecurityException (java.security.GeneralSecurityException)3 ECPrivateKey (java.security.interfaces.ECPrivateKey)3 HybridDecrypt (com.google.crypto.tink.HybridDecrypt)2 HybridEncrypt (com.google.crypto.tink.HybridEncrypt)2 EciesAeadHkdfHybridEncrypt (com.google.crypto.tink.subtle.EciesAeadHkdfHybridEncrypt)2 KeyPair (java.security.KeyPair)2 ECPublicKey (java.security.interfaces.ECPublicKey)2 EciesAeadHkdfParams (com.google.crypto.tink.proto.EciesAeadHkdfParams)1 EciesAeadHkdfPrivateKey (com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)1 EciesHkdfKemParams (com.google.crypto.tink.proto.EciesHkdfKemParams)1 EciesAeadHkdfDemHelper (com.google.crypto.tink.subtle.EciesAeadHkdfDemHelper)1 TreeSet (java.util.TreeSet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial