Merge pull request #6667 from freddyaott/master

[BAEL-2767] Guide to Google Tink
This commit is contained in:
Loredana Crusoveanu 2019-04-14 20:34:49 +03:00 committed by GitHub
commit d958ee9e03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 108 additions and 0 deletions

View File

@ -32,6 +32,12 @@
<version>${scribejava.version}</version> <version>${scribejava.version}</version>
</dependency> </dependency>
<dependency>
<groupId>com.google.crypto.tink</groupId>
<artifactId>tink</artifactId>
<version>${tink.version}</version>
</dependency>
<dependency> <dependency>
<groupId>junit</groupId> <groupId>junit</groupId>
<artifactId>junit</artifactId> <artifactId>junit</artifactId>
@ -55,6 +61,7 @@
<scribejava.version>5.6.0</scribejava.version> <scribejava.version>5.6.0</scribejava.version>
<spring-security-oauth2.version>2.3.3.RELEASE</spring-security-oauth2.version> <spring-security-oauth2.version>2.3.3.RELEASE</spring-security-oauth2.version>
<passay.version>1.3.1</passay.version> <passay.version>1.3.1</passay.version>
<tink.version>1.2.2</tink.version>
<cryptacular.version>1.2.2</cryptacular.version> <cryptacular.version>1.2.2</cryptacular.version>
</properties> </properties>
</project> </project>

View File

@ -0,0 +1,101 @@
package com.baeldung.tink;
import com.google.crypto.tink.*;
import com.google.crypto.tink.aead.AeadConfig;
import com.google.crypto.tink.aead.AeadFactory;
import com.google.crypto.tink.aead.AeadKeyTemplates;
import com.google.crypto.tink.config.TinkConfig;
import com.google.crypto.tink.hybrid.HybridDecryptFactory;
import com.google.crypto.tink.hybrid.HybridEncryptFactory;
import com.google.crypto.tink.hybrid.HybridKeyTemplates;
import com.google.crypto.tink.mac.MacFactory;
import com.google.crypto.tink.mac.MacKeyTemplates;
import com.google.crypto.tink.signature.PublicKeySignFactory;
import com.google.crypto.tink.signature.PublicKeyVerifyFactory;
import com.google.crypto.tink.signature.SignatureKeyTemplates;
import org.junit.Assert;
import org.junit.Test;
import java.security.GeneralSecurityException;
public class TinkUnitTest {
private static final String PLAINTEXT = "BAELDUNG";
private static final String DATA = "TINK";
@Test
public void givenPlaintext_whenEncryptWithAead_thenPlaintextIsEncrypted() throws GeneralSecurityException {
AeadConfig.register();
KeysetHandle keysetHandle = KeysetHandle.generateNew(
AeadKeyTemplates.AES256_GCM);
Aead aead = AeadFactory.getPrimitive(keysetHandle);
byte[] ciphertext = aead.encrypt(PLAINTEXT.getBytes(),
DATA.getBytes());
Assert.assertNotEquals(PLAINTEXT, new String(ciphertext));
}
@Test
public void givenData_whenComputeMAC_thenVerifyMAC() throws GeneralSecurityException {
TinkConfig.register();
KeysetHandle keysetHandle = KeysetHandle.generateNew(
MacKeyTemplates.HMAC_SHA256_128BITTAG);
Mac mac = MacFactory.getPrimitive(keysetHandle);
byte[] tag = mac.computeMac(DATA.getBytes());
mac.verifyMac(tag, DATA.getBytes());
}
@Test
public void givenData_whenSignData_thenVerifySignature() throws GeneralSecurityException {
TinkConfig.register();
KeysetHandle privateKeysetHandle = KeysetHandle.generateNew(
SignatureKeyTemplates.ECDSA_P256);
PublicKeySign signer = PublicKeySignFactory.getPrimitive(privateKeysetHandle);
byte[] signature = signer.sign(DATA.getBytes());
KeysetHandle publicKeysetHandle =
privateKeysetHandle.getPublicKeysetHandle();
PublicKeyVerify verifier = PublicKeyVerifyFactory.getPrimitive(publicKeysetHandle);
verifier.verify(signature, DATA.getBytes());
}
@Test
public void givenPlaintext_whenEncryptWithHybridEncryption_thenVerifyDecryptedIsEqual() throws GeneralSecurityException {
TinkConfig.register();
KeysetHandle privateKeysetHandle = KeysetHandle.generateNew(
HybridKeyTemplates.ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256);
KeysetHandle publicKeysetHandle = privateKeysetHandle.getPublicKeysetHandle();
HybridEncrypt hybridEncrypt = HybridEncryptFactory.getPrimitive(publicKeysetHandle);
HybridDecrypt hybridDecrypt = HybridDecryptFactory.getPrimitive(privateKeysetHandle);
String contextInfo = "Tink";
byte[] ciphertext = hybridEncrypt.encrypt(PLAINTEXT.getBytes(), contextInfo.getBytes());
byte[] plaintextDecrypted = hybridDecrypt.decrypt(ciphertext, contextInfo.getBytes());
Assert.assertEquals(PLAINTEXT,new String(plaintextDecrypted));
}
}