def test_new_keyset_handle_on_public_key_fails(self): key_format = ecies_aead_hkdf_pb2.EciesAeadHkdfKeyFormat() key_template = tink_pb2.KeyTemplate() key_template.type_url = ( 'type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey') key_template.value = key_format.SerializeToString() key_template.output_prefix_type = tink_pb2.TINK with self.assertRaises(core.TinkError): tink.new_keyset_handle(key_template)
def test_new_key_data_on_public_key_manager_fails(self): key_format = ecies_aead_hkdf_pb2.EciesAeadHkdfKeyFormat() key_template = tink_pb2.KeyTemplate() key_template.type_url = ( 'type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey') key_template.value = key_format.SerializeToString() key_template.output_prefix_type = tink_pb2.TINK with self.assertRaisesRegex(tink_error.TinkError, 'Operation not supported for public keys'): key_manager = _hybrid_encrypt_key_manager() key_manager.new_key_data(key_template)
def test_ecies_p256_hkdf_hmac_sha256_aes128_gcm(self): template = hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM self.assertEqual( 'type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey', template.type_url) self.assertEqual(tink_pb2.TINK, template.output_prefix_type) key_format = ecies_aead_hkdf_pb2.EciesAeadHkdfKeyFormat() key_format.ParseFromString(template.value) self.assertEqual(key_format.params.kem_params.curve_type, common_pb2.NIST_P256) self.assertEqual(key_format.params.dem_params.aead_dem, aead.aead_key_templates.AES128_GCM)
def create_ecies_aead_hkdf_key_template( curve_type: common_pb2.EllipticCurveType, ec_point_format: common_pb2.EcPointFormat, hash_type: common_pb2.HashType, dem_key_template: tink_pb2.KeyTemplate) -> tink_pb2.KeyTemplate: """Creates an ECIES-AEAD-HKDF KeyTemplate, and fills in its values.""" key_format = ecies_aead_hkdf_pb2.EciesAeadHkdfKeyFormat() key_format.params.kem_params.curve_type = curve_type key_format.params.kem_params.hkdf_hash_type = hash_type key_format.params.dem_params.aead_dem.CopyFrom(dem_key_template) key_format.params.ec_point_format = ec_point_format key_template = tink_pb2.KeyTemplate() key_template.type_url = ( 'type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey') key_template.value = key_format.SerializeToString() key_template.output_prefix_type = tink_pb2.TINK return key_template
def test_create_aes_eax_key_template(self): # Intentionally using 'weird' or invalid values for parameters, # to test that the function correctly puts them in the resulting template. template = hybrid.hybrid_key_templates.create_ecies_aead_hkdf_key_template( curve_type=common_pb2.NIST_P521, ec_point_format=common_pb2.DO_NOT_USE_CRUNCHY_UNCOMPRESSED, hash_type=common_pb2.SHA1, dem_key_template=aead.aead_key_templates.AES256_EAX) self.assertEqual( 'type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey', template.type_url) self.assertEqual(tink_pb2.TINK, template.output_prefix_type) key_format = ecies_aead_hkdf_pb2.EciesAeadHkdfKeyFormat() key_format.ParseFromString(template.value) self.assertEqual(key_format.params.kem_params.curve_type, common_pb2.NIST_P521) self.assertEqual(key_format.params.kem_params.hkdf_hash_type, common_pb2.SHA1) self.assertEqual(key_format.params.ec_point_format, common_pb2.DO_NOT_USE_CRUNCHY_UNCOMPRESSED) self.assertEqual(key_format.params.dem_params.aead_dem, aead.aead_key_templates.AES256_EAX)