Merge Gerrit change 25820 Patch Set 12
PiperOrigin-RevId: 267595230
Change-Id: I3d960c326c913aa9f39cd92753a4c48bcfcea023
diff --git a/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java b/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java
index 3ca8224..49d24d5 100644
--- a/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java
+++ b/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java
@@ -34,7 +34,8 @@
* @since 1.0.0
*/
public final class AeadConfig {
- public static final String AES_CTR_HMAC_AEAD_TYPE_URL = AesCtrHmacAeadKeyManager.TYPE_URL;
+ public static final String AES_CTR_HMAC_AEAD_TYPE_URL =
+ new AesCtrHmacAeadKeyManager().getKeyType();
public static final String AES_GCM_TYPE_URL = new AesGcmKeyManager().getKeyType();
public static final String AES_EAX_TYPE_URL = new AesEaxKeyManager().getKeyType();
public static final String KMS_AEAD_TYPE_URL = new KmsAeadKeyManager().getKeyType();
@@ -96,7 +97,7 @@
*/
public static void register() throws GeneralSecurityException {
MacConfig.register();
- Registry.registerKeyManager(new AesCtrHmacAeadKeyManager());
+ Registry.registerKeyManager(new AesCtrHmacAeadKeyManager(), /*newKeyAllowed=*/ true);
Registry.registerKeyManager(new AesEaxKeyManager(), /*newKeyAllowed=*/ true);
Registry.registerKeyManager(new AesGcmKeyManager(), /*newKeyAllowed=*/ true);
Registry.registerKeyManager(new ChaCha20Poly1305KeyManager(), /*newKeyAllowed=*/ true);
diff --git a/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java b/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java
index 33f4622..c96e4c2 100644
--- a/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java
+++ b/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java
@@ -202,7 +202,7 @@
.build();
return KeyTemplate.newBuilder()
.setValue(format.toByteString())
- .setTypeUrl(AesCtrHmacAeadKeyManager.TYPE_URL)
+ .setTypeUrl(new AesCtrHmacAeadKeyManager().getKeyType())
.setOutputPrefixType(OutputPrefixType.TINK)
.build();
}
diff --git a/java/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java b/java/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java
index 80c44f1..db261b8 100644
--- a/java/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java
+++ b/java/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java
@@ -17,10 +17,9 @@
package com.google.crypto.tink.aead;
import com.google.crypto.tink.Aead;
-import com.google.crypto.tink.KeyManagerBase;
+import com.google.crypto.tink.KeyTypeManager;
import com.google.crypto.tink.Mac;
-import com.google.crypto.tink.Registry;
-import com.google.crypto.tink.mac.MacConfig;
+import com.google.crypto.tink.mac.HmacKeyManager;
import com.google.crypto.tink.proto.AesCtrHmacAeadKey;
import com.google.crypto.tink.proto.AesCtrHmacAeadKeyFormat;
import com.google.crypto.tink.proto.AesCtrKey;
@@ -37,69 +36,78 @@
* This key manager generates new {@link AesCtrHmacAeadKey} keys and produces new instances of
* {@link EncryptThenAuthenticate}.
*/
-class AesCtrHmacAeadKeyManager
- extends KeyManagerBase<Aead, AesCtrHmacAeadKey, AesCtrHmacAeadKeyFormat> {
- public AesCtrHmacAeadKeyManager() throws GeneralSecurityException {
- super(Aead.class, AesCtrHmacAeadKey.class, AesCtrHmacAeadKeyFormat.class, TYPE_URL);
- Registry.registerKeyManager(new AesCtrKeyManager(), /*newKeyAllowed=*/ true);
+class AesCtrHmacAeadKeyManager extends KeyTypeManager<AesCtrHmacAeadKey> {
+ public AesCtrHmacAeadKeyManager() {
+ super(
+ AesCtrHmacAeadKey.class,
+ new PrimitiveFactory<Aead, AesCtrHmacAeadKey>(Aead.class) {
+ @Override
+ public Aead getPrimitive(AesCtrHmacAeadKey key) throws GeneralSecurityException {
+ return new EncryptThenAuthenticate(
+ new AesCtrKeyManager().getPrimitive(key.getAesCtrKey(), IndCpaCipher.class),
+ new HmacKeyManager().getPrimitive(key.getHmacKey(), Mac.class),
+ key.getHmacKey().getParams().getTagSize());
+ }
+ });
}
- private static final int VERSION = 0;
-
- public static final String TYPE_URL = "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey";
-
+ // Static so we don't have to construct the object and handle the exception when we need the
+ // key type.
@Override
- public Aead getPrimitiveFromKey(AesCtrHmacAeadKey keyProto) throws GeneralSecurityException {
- return new EncryptThenAuthenticate(
- Registry.getPrimitive(
- new AesCtrKeyManager().getKeyType(), keyProto.getAesCtrKey(), IndCpaCipher.class),
- Registry.getPrimitive(MacConfig.HMAC_TYPE_URL, keyProto.getHmacKey(), Mac.class),
- keyProto.getHmacKey().getParams().getTagSize());
- }
-
- @Override
- public AesCtrHmacAeadKey newKeyFromFormat(AesCtrHmacAeadKeyFormat format)
- throws GeneralSecurityException {
- AesCtrKey aesCtrKey =
- (AesCtrKey)
- Registry.newKey(new AesCtrKeyManager().getKeyType(), format.getAesCtrKeyFormat());
- HmacKey hmacKey = (HmacKey) Registry.newKey(MacConfig.HMAC_TYPE_URL, format.getHmacKeyFormat());
- return AesCtrHmacAeadKey.newBuilder()
- .setAesCtrKey(aesCtrKey)
- .setHmacKey(hmacKey)
- .setVersion(VERSION)
- .build();
+ public String getKeyType() {
+ return "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey";
}
@Override
public int getVersion() {
- return VERSION;
+ return 0;
}
@Override
- protected KeyMaterialType keyMaterialType() {
+ public KeyMaterialType keyMaterialType() {
return KeyMaterialType.SYMMETRIC;
}
@Override
- protected AesCtrHmacAeadKey parseKeyProto(ByteString byteString)
- throws InvalidProtocolBufferException {
+ public void validateKey(AesCtrHmacAeadKey key) throws GeneralSecurityException {
+ Validators.validateVersion(key.getVersion(), getVersion());
+ }
+
+ @Override
+ public AesCtrHmacAeadKey parseKey(ByteString byteString) throws InvalidProtocolBufferException {
return AesCtrHmacAeadKey.parseFrom(byteString);
}
@Override
- protected AesCtrHmacAeadKeyFormat parseKeyFormatProto(ByteString byteString)
- throws InvalidProtocolBufferException {
- return AesCtrHmacAeadKeyFormat.parseFrom(byteString);
- }
+ public KeyFactory<AesCtrHmacAeadKeyFormat, AesCtrHmacAeadKey> keyFactory() {
+ return new KeyFactory<AesCtrHmacAeadKeyFormat, AesCtrHmacAeadKey>(
+ AesCtrHmacAeadKeyFormat.class) {
+ @Override
+ public void validateKeyFormat(AesCtrHmacAeadKeyFormat format)
+ throws GeneralSecurityException {
+ new AesCtrKeyManager().keyFactory().validateKeyFormat(format.getAesCtrKeyFormat());
+ new HmacKeyManager().keyFactory().validateKeyFormat(format.getHmacKeyFormat());
+ Validators.validateAesKeySize(format.getAesCtrKeyFormat().getKeySize());
+ }
- @Override
- protected void validateKeyFormat(AesCtrHmacAeadKeyFormat format) throws GeneralSecurityException {
- Validators.validateAesKeySize(format.getAesCtrKeyFormat().getKeySize());
- }
+ @Override
+ public AesCtrHmacAeadKeyFormat parseKeyFormat(ByteString byteString)
+ throws InvalidProtocolBufferException {
+ return AesCtrHmacAeadKeyFormat.parseFrom(byteString);
+ }
- @Override
- protected void validateKey(AesCtrHmacAeadKey key) throws GeneralSecurityException {
- Validators.validateVersion(key.getVersion(), VERSION);
+ @Override
+ public AesCtrHmacAeadKey createKey(AesCtrHmacAeadKeyFormat format)
+ throws GeneralSecurityException {
+ AesCtrKey aesCtrKey =
+ new AesCtrKeyManager().keyFactory().createKey(format.getAesCtrKeyFormat());
+ HmacKey hmacKey = new HmacKeyManager().keyFactory().createKey(format.getHmacKeyFormat());
+ return AesCtrHmacAeadKey.newBuilder()
+ .setAesCtrKey(aesCtrKey)
+ .setHmacKey(hmacKey)
+ .setVersion(getVersion())
+ .build();
+ }
+ };
}
}
diff --git a/java/src/main/java/com/google/crypto/tink/mac/HmacKeyManager.java b/java/src/main/java/com/google/crypto/tink/mac/HmacKeyManager.java
index a7863a0..73f43cc 100644
--- a/java/src/main/java/com/google/crypto/tink/mac/HmacKeyManager.java
+++ b/java/src/main/java/com/google/crypto/tink/mac/HmacKeyManager.java
@@ -34,7 +34,7 @@
/**
* This key manager generates new {@code HmacKey} keys and produces new instances of {@code MacJce}.
*/
-class HmacKeyManager extends KeyTypeManager<HmacKey> {
+public class HmacKeyManager extends KeyTypeManager<HmacKey> {
public HmacKeyManager() {
super(
HmacKey.class,
diff --git a/java/src/test/java/com/google/crypto/tink/RegistryTest.java b/java/src/test/java/com/google/crypto/tink/RegistryTest.java
index 0b46f25..641371f 100644
--- a/java/src/test/java/com/google/crypto/tink/RegistryTest.java
+++ b/java/src/test/java/com/google/crypto/tink/RegistryTest.java
@@ -124,7 +124,7 @@
@Test
public void testGetKeyManager_legacy_shouldWork() throws Exception {
- testGetKeyManager_shouldWork(AeadConfig.AES_CTR_HMAC_AEAD_TYPE_URL, "AesCtrHmacAeadKeyManager");
+ testGetKeyManager_shouldWork(AeadConfig.AES_CTR_HMAC_AEAD_TYPE_URL, "KeyManagerImpl");
testGetKeyManager_shouldWork(AeadConfig.AES_EAX_TYPE_URL, "KeyManagerImpl");
testGetKeyManager_shouldWork(MacConfig.HMAC_TYPE_URL, "KeyManagerImpl");
}
@@ -249,7 +249,7 @@
}
KeyManager<Aead> manager = Registry.getKeyManager(AeadConfig.AES_CTR_HMAC_AEAD_TYPE_URL);
- assertThat(manager.getClass().toString()).contains("AesCtrHmacAeadKeyManager");
+ assertThat(manager.getClass().toString()).contains("KeyManagerImpl");
}
@Test
@@ -317,7 +317,7 @@
}
KeyManager<Aead> manager = Registry.getKeyManager(AeadConfig.AES_CTR_HMAC_AEAD_TYPE_URL);
- assertThat(manager.getClass().toString()).contains("AesCtrHmacAeadKeyManager");
+ assertThat(manager.getClass().toString()).contains("KeyManagerImpl");
}
@Test
diff --git a/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java b/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java
index c956700..7ad9ed6 100644
--- a/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java
+++ b/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java
@@ -106,7 +106,7 @@
@Test
public void testAES128_CTR_HMAC_SHA256() throws Exception {
KeyTemplate template = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
- assertEquals(AesCtrHmacAeadKeyManager.TYPE_URL, template.getTypeUrl());
+ assertEquals(new AesCtrHmacAeadKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
AesCtrHmacAeadKeyFormat format = AesCtrHmacAeadKeyFormat.parseFrom(template.getValue());
@@ -125,7 +125,7 @@
@Test
public void testAES256_CTR_HMAC_SHA256() throws Exception {
KeyTemplate template = AeadKeyTemplates.AES256_CTR_HMAC_SHA256;
- assertEquals(AesCtrHmacAeadKeyManager.TYPE_URL, template.getTypeUrl());
+ assertEquals(new AesCtrHmacAeadKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
AesCtrHmacAeadKeyFormat format = AesCtrHmacAeadKeyFormat.parseFrom(template.getValue());
@@ -152,7 +152,7 @@
HashType hashType = HashType.UNKNOWN_HASH;
KeyTemplate template = AeadKeyTemplates.createAesCtrHmacAeadKeyTemplate(
aesKeySize, ivSize, hmacKeySize, tagSize, hashType);
- assertEquals(AesCtrHmacAeadKeyManager.TYPE_URL, template.getTypeUrl());
+ assertEquals(new AesCtrHmacAeadKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
AesCtrHmacAeadKeyFormat format = AesCtrHmacAeadKeyFormat.parseFrom(template.getValue());
diff --git a/java/src/test/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManagerTest.java b/java/src/test/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManagerTest.java
index 82ae96d..9b499ca 100644
--- a/java/src/test/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManagerTest.java
+++ b/java/src/test/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManagerTest.java
@@ -16,18 +16,24 @@
package com.google.crypto.tink.aead;
-import static org.junit.Assert.assertEquals;
+import static com.google.common.truth.Truth.assertThat;
import static org.junit.Assert.fail;
+import com.google.crypto.tink.Aead;
+import com.google.crypto.tink.TestUtil;
import com.google.crypto.tink.proto.AesCtrHmacAeadKey;
import com.google.crypto.tink.proto.AesCtrHmacAeadKeyFormat;
-import com.google.crypto.tink.proto.KeyData;
-import com.google.crypto.tink.proto.KeyTemplate;
-import com.google.protobuf.ByteString;
+import com.google.crypto.tink.proto.AesCtrKeyFormat;
+import com.google.crypto.tink.proto.AesCtrParams;
+import com.google.crypto.tink.proto.HashType;
+import com.google.crypto.tink.proto.HmacKeyFormat;
+import com.google.crypto.tink.proto.HmacParams;
+import com.google.crypto.tink.proto.KeyData.KeyMaterialType;
+import com.google.crypto.tink.subtle.EncryptThenAuthenticate;
+import com.google.crypto.tink.subtle.Random;
import java.security.GeneralSecurityException;
import java.util.Set;
import java.util.TreeSet;
-import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
@@ -35,64 +41,140 @@
/** Tests for AesCtrHmaAeadKeyManager. */
@RunWith(JUnit4.class)
public class AesCtrHmacAeadKeyManagerTest {
- @BeforeClass
- public static void setUp() throws Exception {
- AeadConfig.register();
+ private final AesCtrHmacAeadKeyManager manager = new AesCtrHmacAeadKeyManager();
+ private final AesCtrHmacAeadKeyManager.KeyFactory<AesCtrHmacAeadKeyFormat, AesCtrHmacAeadKey>
+ factory = manager.keyFactory();
+
+ @Test
+ public void basics() throws Exception {
+ assertThat(manager.getKeyType())
+ .isEqualTo("type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey");
+ assertThat(manager.getVersion()).isEqualTo(0);
+ assertThat(manager.keyMaterialType()).isEqualTo(KeyMaterialType.SYMMETRIC);
}
@Test
- public void testNewKeyMultipleTimes() throws Exception {
- KeyTemplate keyTemplate = AeadKeyTemplates.AES128_CTR_HMAC_SHA256;
- AesCtrHmacAeadKeyFormat aeadKeyFormat =
- AesCtrHmacAeadKeyFormat.parseFrom(keyTemplate.getValue());
- ByteString serialized = ByteString.copyFrom(aeadKeyFormat.toByteArray());
- AesCtrHmacAeadKeyManager keyManager = new AesCtrHmacAeadKeyManager();
- Set<String> keys = new TreeSet<String>();
+ public void validateKeyFormat_empty() throws Exception {
+ try {
+ factory.validateKeyFormat(AesCtrHmacAeadKeyFormat.getDefaultInstance());
+ fail();
+ } catch (GeneralSecurityException e) {
+ // expected.
+ }
+ }
+
+
+ // Returns an AesCtrKeyFormat.Builder with valid parameters
+ private static AesCtrKeyFormat.Builder createAesCtrKeyFormat() {
+ return AesCtrKeyFormat.newBuilder()
+ .setParams(AesCtrParams.newBuilder().setIvSize(16))
+ .setKeySize(16);
+ }
+
+ // Returns an HmacParams.Builder with valid parameters
+ private static HmacParams.Builder createHmacParams() {
+ return HmacParams.newBuilder().setHash(HashType.SHA256).setTagSize(32);
+ }
+
+ // Returns an HmacParams.Builder with valid parameters
+ private static HmacKeyFormat.Builder createHmacKeyFormat() {
+ return HmacKeyFormat.newBuilder().setParams(createHmacParams()).setKeySize(32);
+ }
+
+ // Returns an AesCtrHmacStreamingKeyFormat.Builder with valid parameters
+ private static AesCtrHmacAeadKeyFormat.Builder createKeyFormat() {
+ return AesCtrHmacAeadKeyFormat.newBuilder()
+ .setAesCtrKeyFormat(createAesCtrKeyFormat())
+ .setHmacKeyFormat(createHmacKeyFormat());
+ }
+
+ @Test
+ public void validateKeyFormat_valid() throws Exception {
+ factory.validateKeyFormat(createKeyFormat().build());
+ }
+
+ @Test
+ public void validateKeyFormat_keySizes() throws Exception {
+ for (int keySize = 0; keySize < 42; ++keySize) {
+ AesCtrHmacAeadKeyFormat format =
+ createKeyFormat().setAesCtrKeyFormat(createAesCtrKeyFormat().setKeySize(keySize)).build();
+ if (keySize == 16 || keySize == 32) {
+ factory.validateKeyFormat(format);
+ } else {
+ try {
+ factory.validateKeyFormat(format);
+ fail();
+ } catch (GeneralSecurityException e) {
+ // expected
+ }
+ }
+ }
+ }
+
+ @Test
+ public void validateKeyFormat_hmacKeySizes() throws Exception {
+ for (int keySize = 0; keySize < 42; ++keySize) {
+ AesCtrHmacAeadKeyFormat format =
+ createKeyFormat().setHmacKeyFormat(createHmacKeyFormat().setKeySize(keySize)).build();
+ if (keySize >= 16) {
+ factory.validateKeyFormat(format);
+ } else {
+ try {
+ factory.validateKeyFormat(format);
+ fail("For key size" + keySize);
+ } catch (GeneralSecurityException e) {
+ // expected
+ }
+ }
+ }
+ }
+
+ @Test
+ public void createKey_multipleTimes_distinctAesKeys() throws Exception {
+ AesCtrHmacAeadKeyFormat format = createKeyFormat().build();
+ Set<String> keys = new TreeSet<>();
// Calls newKey multiple times and make sure that they generate different keys.
- int numTests = 24;
- for (int i = 0; i < numTests / 6; i++) {
- AesCtrHmacAeadKey key = (AesCtrHmacAeadKey) keyManager.newKey(aeadKeyFormat);
- keys.add(new String(key.getAesCtrKey().getKeyValue().toByteArray(), "UTF-8"));
- keys.add(new String(key.getHmacKey().getKeyValue().toByteArray(), "UTF-8"));
- assertEquals(16, key.getAesCtrKey().getKeyValue().toByteArray().length);
- assertEquals(32, key.getHmacKey().getKeyValue().toByteArray().length);
-
- key = (AesCtrHmacAeadKey) keyManager.newKey(serialized);
- keys.add(new String(key.getAesCtrKey().getKeyValue().toByteArray(), "UTF-8"));
- keys.add(new String(key.getHmacKey().getKeyValue().toByteArray(), "UTF-8"));
- assertEquals(16, key.getAesCtrKey().getKeyValue().toByteArray().length);
- assertEquals(32, key.getHmacKey().getKeyValue().toByteArray().length);
-
- KeyData keyData = keyManager.newKeyData(keyTemplate.getValue());
- key = AesCtrHmacAeadKey.parseFrom(keyData.getValue());
- keys.add(new String(key.getAesCtrKey().getKeyValue().toByteArray(), "UTF-8"));
- keys.add(new String(key.getHmacKey().getKeyValue().toByteArray(), "UTF-8"));
- assertEquals(16, key.getAesCtrKey().getKeyValue().toByteArray().length);
- assertEquals(32, key.getHmacKey().getKeyValue().toByteArray().length);
+ int numTests = 50;
+ for (int i = 0; i < numTests; i++) {
+ keys.add(
+ TestUtil.hexEncode(factory.createKey(format).getAesCtrKey().getKeyValue().toByteArray()));
}
- assertEquals(numTests, keys.size());
+ assertThat(keys).hasSize(numTests);
}
@Test
- public void testNewKeyWithCorruptedFormat() throws Exception {
- ByteString serialized = ByteString.copyFrom(new byte[128]);
- KeyTemplate keyTemplate =
- KeyTemplate.newBuilder()
- .setTypeUrl(AesCtrHmacAeadKeyManager.TYPE_URL)
- .setValue(serialized)
- .build();
- AesCtrHmacAeadKeyManager keyManager = new AesCtrHmacAeadKeyManager();
- try {
- keyManager.newKey(serialized);
- fail("Corrupted format, should have thrown exception");
- } catch (GeneralSecurityException expected) {
- // Expected
+ public void createKey_multipleTimes_distinctHmacKeys() throws Exception {
+ AesCtrHmacAeadKeyFormat format = createKeyFormat().build();
+ Set<String> keys = new TreeSet<>();
+ // Calls newKey multiple times and make sure that they generate different keys.
+ int numTests = 50;
+ for (int i = 0; i < numTests; i++) {
+ keys.add(
+ TestUtil.hexEncode(factory.createKey(format).getHmacKey().getKeyValue().toByteArray()));
}
- try {
- keyManager.newKeyData(keyTemplate.getValue());
- fail("Corrupted format, should have thrown exception");
- } catch (GeneralSecurityException expected) {
- // Expected
- }
+ assertThat(keys).hasSize(numTests);
+ }
+
+ @Test
+ public void getPrimitive() throws Exception {
+ AesCtrHmacAeadKey key =
+ factory.createKey(
+ createKeyFormat()
+ .setHmacKeyFormat(
+ createHmacKeyFormat().setParams(createHmacParams().setHash(HashType.SHA512)))
+ .build());
+ Aead managerAead = manager.getPrimitive(key, Aead.class);
+ Aead directAead =
+ EncryptThenAuthenticate.newAesCtrHmac(
+ key.getAesCtrKey().getKeyValue().toByteArray(),
+ key.getAesCtrKey().getParams().getIvSize(),
+ "HMACSHA512",
+ key.getHmacKey().getKeyValue().toByteArray(),
+ key.getHmacKey().getParams().getTagSize());
+
+ byte[] plaintext = Random.randBytes(20);
+ byte[] associatedData = Random.randBytes(20);
+ assertThat(directAead.decrypt(managerAead.encrypt(plaintext, associatedData), associatedData))
+ .isEqualTo(plaintext);
}
}
diff --git a/java/src/test/java/com/google/crypto/tink/signature/RsaSsaPssVerifyKeyManagerTest.java b/java/src/test/java/com/google/crypto/tink/signature/RsaSsaPssVerifyKeyManagerTest.java
index b63a29d..4025daf 100644
--- a/java/src/test/java/com/google/crypto/tink/signature/RsaSsaPssVerifyKeyManagerTest.java
+++ b/java/src/test/java/com/google/crypto/tink/signature/RsaSsaPssVerifyKeyManagerTest.java
@@ -135,18 +135,7 @@
@Test
public void validateKey_testVector() throws Exception {
- RsaSsaPssKeyFormat keyFormat =
- RsaSsaPssKeyFormat.newBuilder()
- .setParams(
- RsaSsaPssParams.newBuilder()
- .setSigHash(HashType.SHA256)
- .setMgf1Hash(HashType.SHA256)
- .setSaltLength(32))
- .setModulusSizeInBits(3072)
- .setPublicExponent(ByteString.copyFrom(RSAKeyGenParameterSpec.F4.toByteArray()))
- .build();
- RsaSsaPssPrivateKey privateKey = factory.createKey(keyFormat);
- RsaSsaPssPublicKey publicKey = signManager.getPublicKey(privateKey);
+ RsaSsaPssPublicKey publicKey = nistTestVectors[0].publicKeyProto;
verifyManager.validateKey(publicKey);
}
diff --git a/kokoro/run_tests.sh b/kokoro/run_tests.sh
index 60f354b..fe831c9 100755
--- a/kokoro/run_tests.sh
+++ b/kokoro/run_tests.sh
@@ -62,7 +62,7 @@
)
readonly DISABLE_SANDBOX_ARGS
-# TODO(b/)
+# TODO(b/140615798)
DISABLE_GRPC_ON_MAC_OS=""
if [[ "${PLATFORM}" == 'darwin' ]]; then
DISABLE_GRPC_ON_MAC_OS="-//cc/integration/gcpkms/..."