This example shows how to encrypt files with Tink using streaming Authenticated Encryption with Associated Data (AEAD).
It demonstrates the basic steps of using Tink, namely loading key material, obtaining a primitive, and using the primitive to do crypto.
The key material was generated using Tinkey:
$ tinkey create-keyset --key-template AES256_CTR_HMAC_SHA256_1MB \ --out-format JSON --out streaming_aead_keyset.json
Build the examples:
$ git clone https://github.com/google/tink $ cd tink/python/examples $ bazel build ...
You can then encrypt a file with:
$ echo "some data" > testdata.txt $ ./bazel-bin/streaming_aead/streaming_aead --mode encrypt \ --keyset_path ./streaming_aead/streaming_aead_keyset.json \ --input_path testdata.txt \ --output_path testdata.txt.ciphertext
And then decrypt the the output with:
$ ./bazel-bin/streaming_aead/streaming_aead --mode decrypt \ --keyset_path ./streaming_aead/streaming_aead_keyset.json \ --input_path testdata.txt.ciphertext \ --output_path testdata.txt.plaintext $ diff testdata.txt testdata.txt.decrypted