def test_generate_hybrid_encrypt_decrypt(self):
keyset_servicer = services.KeysetServicer()
hybrid_servicer = services.HybridServicer()
tp = hybrid.hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM
template = tp.SerializeToString()
gen_request = testing_api_pb2.KeysetGenerateRequest(template=template)
gen_response = keyset_servicer.Generate(gen_request, self._ctx)
self.assertEmpty(gen_response.err)
private_keyset = gen_response.keyset
pub_request = testing_api_pb2.KeysetPublicRequest(
private_keyset=private_keyset)
pub_response = keyset_servicer.Public(pub_request, self._ctx)
self.assertEqual(pub_response.WhichOneof('result'), 'public_keyset')
public_keyset = pub_response.public_keyset
plaintext = b'The quick brown fox jumps over the lazy dog'
context_info = b'context_info'
enc_request = testing_api_pb2.HybridEncryptRequest(
public_keyset=public_keyset,
plaintext=plaintext,
context_info=context_info)
enc_response = hybrid_servicer.Encrypt(enc_request, self._ctx)
self.assertEqual(enc_response.WhichOneof('result'), 'ciphertext')
ciphertext = enc_response.ciphertext
dec_request = testing_api_pb2.HybridDecryptRequest(
private_keyset=private_keyset,
ciphertext=ciphertext,
context_info=context_info)
dec_response = hybrid_servicer.Decrypt(dec_request, self._ctx)
self.assertEqual(dec_response.WhichOneof('result'), 'plaintext')
self.assertEqual(dec_response.plaintext, plaintext)
def decrypt(self, ciphertext: bytes, context_info: bytes) -> bytes:
dec_request = testing_api_pb2.HybridDecryptRequest(
private_keyset=self._private_handle,
ciphertext=ciphertext,
context_info=context_info)
dec_response = self._stub.Decrypt(dec_request)
if dec_response.err:
raise tink.TinkError(dec_response.err)
return dec_response.plaintext
def decrypt(self, ciphertext: bytes, context_info: bytes) -> bytes:
logging.info('decrypt in lang %s.', self.lang)
dec_request = testing_api_pb2.HybridDecryptRequest(
private_keyset=self._private_handle,
ciphertext=ciphertext,
context_info=context_info)
dec_response = self._stub.Decrypt(dec_request)
if dec_response.err:
logging.info('error hybriddecrypt in %s: %s', self.lang,
dec_response.err)
raise tink.TinkError(dec_response.err)
return dec_response.plaintext
def test_generate_hybrid_encrypt_decrypt_fail(self):
keyset_servicer = services.KeysetServicer()
hybrid_servicer = services.HybridServicer()
tp = hybrid.hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM
template = tp.SerializeToString()
gen_request = testing_api_pb2.KeysetGenerateRequest(template=template)
gen_response = keyset_servicer.Generate(gen_request, self._ctx)
self.assertEqual(gen_response.WhichOneof('result'), 'keyset')
private_keyset = gen_response.keyset
dec_request = testing_api_pb2.HybridDecryptRequest(
private_keyset=private_keyset,
ciphertext=b'invalid ciphertext',
context_info=b'context_info')
dec_response = hybrid_servicer.Decrypt(dec_request, self._ctx)
self.assertEqual(dec_response.WhichOneof('result'), 'err')
self.assertNotEmpty(dec_response.err)