Java Code Examples for com.amazonaws.encryptionsdk.CryptoAlgorithm#ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384

The following examples show how to use com.amazonaws.encryptionsdk.CryptoAlgorithm#ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384 . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestFieldEncryptProtector.java    From datacollector with Apache License 2.0 6 votes vote down vote up 
@Test
public void testInit() throws Exception {
  ProtectorFieldEncryptConfig conf = new ProtectorFieldEncryptConfig();
  conf.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  conf.key = key;
  conf.keyId = "keyId";
  conf.context = aad;
  conf.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  Processor processor = new EncryptFieldProtector();
  ((EncryptFieldProtector) processor).conf = conf;

  ProcessorRunner runner = new ProcessorRunner.Builder(FieldEncryptDProcessor.class, processor)
      .addOutputLane("lane")
      .build();

  List<Stage.ConfigIssue> issues = runner.runValidateConfigs();
  assertTrue(issues.isEmpty());
}
Example 2
Source File: TestFieldEncryptProcessor.java    From datacollector with Apache License 2.0 6 votes vote down vote up 
@Test
public void testInit() throws Exception {
  ProcessorFieldEncryptConfig conf = new ProcessorFieldEncryptConfig();
  conf.mode = EncryptionMode.ENCRYPT;
  conf.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  conf.fieldPaths = ImmutableList.of("/message");
  conf.key = key;
  conf.keyId = "keyId";
  conf.context = aad;
  conf.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  Processor processor = new FieldEncryptProcessor(conf);

  ProcessorRunner runner = new ProcessorRunner.Builder(FieldEncryptDProcessor.class, processor)
      .addOutputLane("lane")
      .build();

  List<Stage.ConfigIssue> issues = runner.runValidateConfigs();
  assertTrue(issues.isEmpty());
}
Example 3
Source File: TestFieldEncryptProcessor.java    From datacollector with Apache License 2.0 5 votes vote down vote up 
@Test
public void testWrongInputType() throws Exception {
  ProcessorFieldEncryptConfig decryptConfig = new ProcessorFieldEncryptConfig();
  decryptConfig.mode = EncryptionMode.DECRYPT;
  decryptConfig.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  decryptConfig.fieldPaths = ImmutableList.of("/");
  decryptConfig.key = key;
  decryptConfig.keyId = "keyId";
  decryptConfig.context = aad;
  decryptConfig.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  Processor decryptProcessor = new FieldEncryptProcessor(decryptConfig);

  ProcessorRunner decryptRunner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      decryptProcessor
  ).addOutputLane("lane").build();

  Record record = RecordCreator.create();
  record.set(Field.create("abcdef"));

  decryptRunner.runInit();
  StageRunner.Output output = decryptRunner.runProcess(ImmutableList.of(record));
  List<Record> decryptedRecords = output.getRecords().get("lane");
  assertEquals(0, decryptedRecords.size());
  List<Record> errors = decryptRunner.getErrorRecords();
  assertEquals(1, errors.size());
  assertEquals(record.get(), errors.get(0).get());
}
Example 4
Source File: TrailingSignatureAlgorithmTest.java    From aws-encryption-sdk-java with Apache License 2.0 4 votes vote down vote up 
@Test
public void serializationEquality() throws Exception {
    CryptoAlgorithm algorithm = CryptoAlgorithm.ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256;

    PublicKey publicKey = TrailingSignatureAlgorithm.forCryptoAlgorithm(algorithm).generateKey().getPublic();

    String serializedPublicKey = TrailingSignatureAlgorithm.forCryptoAlgorithm(algorithm).serializePublicKey(publicKey);
    PublicKey deserializedPublicKey = TrailingSignatureAlgorithm.forCryptoAlgorithm(algorithm).deserializePublicKey(serializedPublicKey);

    assertEquals(publicKey, deserializedPublicKey);

    algorithm = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;

    publicKey = TrailingSignatureAlgorithm.forCryptoAlgorithm(algorithm).generateKey().getPublic();

    serializedPublicKey = TrailingSignatureAlgorithm.forCryptoAlgorithm(algorithm).serializePublicKey(publicKey);
    deserializedPublicKey = TrailingSignatureAlgorithm.forCryptoAlgorithm(algorithm).deserializePublicKey(serializedPublicKey);

    assertEquals(publicKey, deserializedPublicKey);
}
Example 5
Source File: TestFieldEncryptProtector.java    From datacollector with Apache License 2.0 4 votes vote down vote up 
@Test
public void testOutOfRangeConfigValue() throws Exception {
  ProtectorFieldEncryptConfig config = new ProtectorFieldEncryptConfig();
  config.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  config.key = key;
  config.keyId = "keyId";
  config.context = aad;
  config.dataKeyCaching = true;
  config.maxKeyAge = 600;
  config.maxRecordsPerKey = 1000;
  config.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  Processor encryptProcessor = new EncryptFieldProtector();
  ((EncryptFieldProtector) encryptProcessor).conf = config;

  ProcessorRunner runner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();

  List<Stage.ConfigIssue> issues = runner.runValidateConfigs();
  assertTrue(issues.isEmpty());

  // bytes < 1
  config.maxBytesPerKey = "0";
  encryptProcessor = new EncryptFieldProtector();
  ((EncryptFieldProtector) encryptProcessor).conf = config;

  runner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();

  issues = runner.runValidateConfigs();
  assertTrue(issues.get(0).toString().contains("must be in the range"));

  // value is not an integer
  config.maxBytesPerKey = "abc";
  encryptProcessor = new EncryptFieldProtector();
  ((EncryptFieldProtector) encryptProcessor).conf = config;

  runner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();

  issues = runner.runValidateConfigs();
  assertTrue(issues.get(0).toString().contains("not a valid integer"));
}
Example 6
Source File: TestFieldEncryptProtector.java    From datacollector with Apache License 2.0 4 votes vote down vote up 
@Test
public void testProcess() throws Exception {
  final String message = "Hello, World!";
  final long longValue = 1234L;
  final boolean boolValue = true;

  ProtectorFieldEncryptConfig encryptConfig = new ProtectorFieldEncryptConfig();
  encryptConfig.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  encryptConfig.key = key;
  encryptConfig.keyId = "keyId";
  encryptConfig.context = aad;
  encryptConfig.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  ProcessorFieldEncryptConfig decryptConfig = new ProcessorFieldEncryptConfig();
  decryptConfig.mode = EncryptionMode.DECRYPT;
  decryptConfig.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  decryptConfig.fieldPaths = ImmutableList.of("/message", "/long", "/bool");
  decryptConfig.key = new ClearCredentialValue(key);
  decryptConfig.keyId = "keyId";
  decryptConfig.context = aad;
  decryptConfig.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  BaseFieldProcessor encryptProcessor = new EncryptFieldProtector();
  ((EncryptFieldProtector) encryptProcessor).conf = encryptConfig;

  ProcessorRunner encryptRunner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();
  encryptRunner.runInit();

  Record record = RecordCreator.create();

  Field messageField = Field.create(message);
  Field longField = Field.create(longValue);
  Field boolField = Field.create(boolValue);
  Field rootField = Field.create(ImmutableMap.<String, Field>builder()
      .put("message", messageField)
      .put("long", longField)
      .put("bool", boolField)
      .put("nullValuedField", Field.create(Field.Type.STRING, null))
      .build());
  record.set(rootField);

  Processor decryptProcessor = new FieldEncryptProcessor(decryptConfig);

  ProcessorRunner decryptRunner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      decryptProcessor
  ).addOutputLane("lane").build();

  decryptRunner.runInit();
  encryptProcessor.process(new RecordBasedFieldBatch(record, ImmutableList.of("/message", "/long", "/bool", "/nonExistentField", "/nullValuedField").iterator()));
  StageRunner.Output output = decryptRunner.runProcess(Collections.singletonList(record));
  List<Record> decryptedRecords = output.getRecords().get("lane");
  assertEquals(1, decryptedRecords.size());
  assertEquals(messageField, decryptedRecords.get(0).get("/message"));
  assertEquals(longField, decryptedRecords.get(0).get("/long"));
  assertEquals(boolField, decryptedRecords.get(0).get("/bool"));
  assertTrue(decryptedRecords.get(0).has("/nullValuedField"));
  assertNull(decryptedRecords.get(0).get("/nullValuedField").getValue());
}
Example 7
Source File: TestFieldEncryptProcessor.java    From datacollector with Apache License 2.0 4 votes vote down vote up 
@Test
public void testOutOfRangeConfigValue() throws Exception {
  ProcessorFieldEncryptConfig config = new ProcessorFieldEncryptConfig();
  config.mode = EncryptionMode.ENCRYPT;
  config.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  config.fieldPaths = ImmutableList.of("/");
  config.key = key;
  config.keyId = "keyId";
  config.context = aad;
  config.dataKeyCaching = true;
  config.maxKeyAge = 600;
  config.maxRecordsPerKey = 1000;
  config.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  Processor encryptProcessor = new FieldEncryptProcessor(config);

  ProcessorRunner runner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();

  List<Stage.ConfigIssue> issues = runner.runValidateConfigs();
  assertTrue(issues.isEmpty());

  // bytes < 1
  config.maxBytesPerKey = "0";
  encryptProcessor = new FieldEncryptProcessor(config);

  runner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();

  issues = runner.runValidateConfigs();
  assertTrue(issues.get(0).toString().contains("must be in the range"));

  // value is not an integer
  config.maxBytesPerKey = "abc";
  encryptProcessor = new FieldEncryptProcessor(config);

  runner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();

  issues = runner.runValidateConfigs();
  assertTrue(issues.get(0).toString().contains("not a valid integer"));
}
Example 8
Source File: TestFieldEncryptProcessor.java    From datacollector with Apache License 2.0 4 votes vote down vote up 
@Test
public void testProcess() throws Exception {
  final String message = "Hello, World!";
  final long longValue = 1234L;
  final boolean boolValue = true;

  ProcessorFieldEncryptConfig encryptConfig = new ProcessorFieldEncryptConfig();
  encryptConfig.mode = EncryptionMode.ENCRYPT;
  encryptConfig.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  encryptConfig.fieldPaths = ImmutableList.of("/message", "/long", "/bool", "/nonExistentField", "/nullValuedField");
  encryptConfig.key = key;
  encryptConfig.keyId = "keyId";
  encryptConfig.context = aad;
  encryptConfig.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  ProcessorFieldEncryptConfig decryptConfig = new ProcessorFieldEncryptConfig();
  decryptConfig.mode = EncryptionMode.DECRYPT;
  decryptConfig.cipher = CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
  decryptConfig.fieldPaths = ImmutableList.of("/message", "/long", "/bool");
  decryptConfig.key = key;
  decryptConfig.keyId = "keyId";
  decryptConfig.context = aad;
  decryptConfig.maxBytesPerKey = String.valueOf(Long.MAX_VALUE);

  Processor encryptProcessor = new FieldEncryptProcessor(encryptConfig);

  ProcessorRunner encryptRunner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      encryptProcessor
  ).addOutputLane("lane").build();

  Record record = RecordCreator.create();

  Field messageField = Field.create(message);
  Field longField = Field.create(longValue);
  Field boolField = Field.create(boolValue);
  Field rootField = Field.create(ImmutableMap.<String, Field>builder()
      .put("message", messageField)
      .put("long", longField)
      .put("bool", boolField)
      .put("nullValuedField", Field.create(Field.Type.STRING, null))
      .build());
  record.set(rootField);

  List<Record> records = Collections.singletonList(record);
  encryptRunner.runInit();
  StageRunner.Output output = encryptRunner.runProcess(records);
  List<Record> encryptedRecords = output.getRecords().get("lane");
  assertEquals(1, encryptedRecords.size());

  Processor decryptProcessor = new FieldEncryptProcessor(decryptConfig);

  ProcessorRunner decryptRunner = new ProcessorRunner.Builder(
      FieldEncryptDProcessor.class,
      decryptProcessor
  ).addOutputLane("lane").build();

  decryptRunner.runInit();
  output = decryptRunner.runProcess(encryptedRecords);
  List<Record> decryptedRecords = output.getRecords().get("lane");
  assertEquals(1, decryptedRecords.size());
  assertEquals(messageField, decryptedRecords.get(0).get("/message"));
  assertEquals(longField, decryptedRecords.get(0).get("/long"));
  assertEquals(boolField, decryptedRecords.get(0).get("/bool"));
  assertTrue(decryptedRecords.get(0).has("/nullValuedField"));
  assertNull(decryptedRecords.get(0).get("/nullValuedField").getValue());
}