def test_encrypt_decrypt(self):
key_template = aead_key_templates.AES256_GCM
keyset_handle = core.KeysetHandle.generate_new(key_template)
remote_aead = keyset_handle.primitive(aead.Aead)
env_aead = kms_envelope_aead.KmsEnvelopeAead(key_template, remote_aead)
plaintext = b'helloworld'
ciphertext = env_aead.encrypt(plaintext, b'')
self.assertEqual(plaintext, env_aead.decrypt(ciphertext, b''))
def test_encrypt_decrypt_missing_ad(self):
key_template = aead_key_templates.AES256_GCM
keyset_handle = core.KeysetHandle.generate_new(key_template)
remote_aead = keyset_handle.primitive(aead.Aead)
env_aead = kms_envelope_aead.KmsEnvelopeAead(key_template, remote_aead)
plaintext = b'helloworld'
ciphertext = env_aead.encrypt(plaintext, b'envelope_ad')
with self.assertRaises(tink_error.TinkError):
plaintext = env_aead.decrypt(ciphertext, b'')
def test_corrupted_dek(self):
key_template = aead_key_templates.AES256_GCM
keyset_handle = core.KeysetHandle.generate_new(key_template)
remote_aead = keyset_handle.primitive(aead.Aead)
env_aead = kms_envelope_aead.KmsEnvelopeAead(key_template, remote_aead)
plaintext = b'helloworld'
ciphertext = bytearray(env_aead.encrypt(plaintext, b'some ad'))
ciphertext[4] ^= 0x1
corrupted_ciphertext = bytes(ciphertext)
with self.assertRaises(tink_error.TinkError):
plaintext = env_aead.decrypt(corrupted_ciphertext, b'some ad')
def test_malformed_dek_length(self):
key_template = aead.aead_key_templates.AES256_GCM
keyset_handle = tink.new_keyset_handle(key_template)
remote_aead = keyset_handle.primitive(aead.Aead)
env_aead = kms_envelope_aead.KmsEnvelopeAead(key_template, remote_aead)
plaintext = b'helloworld'
ciphertext = bytearray(env_aead.encrypt(plaintext, b'some ad'))
ciphertext[0:3] = [0xff, 0xff, 0xff, 0xff]
corrupted_ciphertext = bytes(ciphertext)
with self.assertRaises(core.TinkError):
plaintext = env_aead.decrypt(corrupted_ciphertext, b'some ad')
ciphertext[0:3] = [0, 0, 0, 0]
corrupted_ciphertext = bytes(ciphertext)
with self.assertRaises(core.TinkError):
plaintext = env_aead.decrypt(corrupted_ciphertext, b'some ad')
def test_dek_extraction(self):
key_template = aead.aead_key_templates.AES256_GCM
keyset_handle = tink.new_keyset_handle(key_template)
remote_aead = keyset_handle.primitive(aead.Aead)
env_aead = kms_envelope_aead.KmsEnvelopeAead(key_template, remote_aead)
plaintext = b'helloworld'
ciphertext = bytearray(env_aead.encrypt(plaintext, b'some ad'))
# Decrypt DEK
dek_len = struct.unpack('>I',
ciphertext[0:kms_envelope_aead.DEK_LEN_BYTES])[0]
encrypted_dek_bytes = bytes(ciphertext[
kms_envelope_aead.DEK_LEN_BYTES:kms_envelope_aead.DEK_LEN_BYTES +
dek_len])
dek_bytes = remote_aead.decrypt(encrypted_dek_bytes, b'')
# Try to deserialize key
key = aes_gcm_pb2.AesGcmKey()
key.ParseFromString(dek_bytes)
self.assertLen(key.key_value, 32)
