1*e7b1675dSTing-Kang Chang /** 2*e7b1675dSTing-Kang Chang * Copyright 2021 Google LLC 3*e7b1675dSTing-Kang Chang * 4*e7b1675dSTing-Kang Chang * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except 5*e7b1675dSTing-Kang Chang * in compliance with the License. You may obtain a copy of the License at 6*e7b1675dSTing-Kang Chang * 7*e7b1675dSTing-Kang Chang * http://www.apache.org/licenses/LICENSE-2.0 8*e7b1675dSTing-Kang Chang * 9*e7b1675dSTing-Kang Chang * Unless required by applicable law or agreed to in writing, software distributed under the License 10*e7b1675dSTing-Kang Chang * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 11*e7b1675dSTing-Kang Chang * or implied. See the License for the specific language governing permissions and limitations under 12*e7b1675dSTing-Kang Chang * the License. 13*e7b1675dSTing-Kang Chang */ 14*e7b1675dSTing-Kang Chang // [START cleartext-keyset-example] 15*e7b1675dSTing-Kang Chang package cleartextkeyset; 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Chang import static java.nio.charset.StandardCharsets.UTF_8; 18*e7b1675dSTing-Kang Chang 19*e7b1675dSTing-Kang Chang import com.google.crypto.tink.Aead; 20*e7b1675dSTing-Kang Chang import com.google.crypto.tink.InsecureSecretKeyAccess; 21*e7b1675dSTing-Kang Chang import com.google.crypto.tink.KeysetHandle; 22*e7b1675dSTing-Kang Chang import com.google.crypto.tink.TinkJsonProtoKeysetFormat; 23*e7b1675dSTing-Kang Chang import com.google.crypto.tink.aead.AeadConfig; 24*e7b1675dSTing-Kang Chang import com.google.crypto.tink.aead.PredefinedAeadParameters; 25*e7b1675dSTing-Kang Chang import java.nio.file.Files; 26*e7b1675dSTing-Kang Chang import java.nio.file.Path; 27*e7b1675dSTing-Kang Chang import java.nio.file.Paths; 28*e7b1675dSTing-Kang Chang 29*e7b1675dSTing-Kang Chang /** 30*e7b1675dSTing-Kang Chang * A command-line utility for generating, storing and using AES128_GCM keysets. 31*e7b1675dSTing-Kang Chang * 32*e7b1675dSTing-Kang Chang * <h1>WARNING: Loading a Keyset from disk is often a security problem -- hence this needs {@code 33*e7b1675dSTing-Kang Chang * InsecureSecretKeyAccess.get()}. 34*e7b1675dSTing-Kang Chang * 35*e7b1675dSTing-Kang Chang * <p>It requires the following arguments: 36*e7b1675dSTing-Kang Chang * 37*e7b1675dSTing-Kang Chang * <ul> 38*e7b1675dSTing-Kang Chang * <li>mode: Can be "generate", "encrypt" or "decrypt". If mode is "generate" it will generate, 39*e7b1675dSTing-Kang Chang * encrypt a keyset, store it in key-file. If mode is "encrypt" or "decrypt" it will read and 40*e7b1675dSTing-Kang Chang * decrypt an keyset from key-file, and use it to encrypt or decrypt input-file. 41*e7b1675dSTing-Kang Chang * <li>key-file: Read the encrypted key material from this file. 42*e7b1675dSTing-Kang Chang * <li>input-file: If mode is "encrypt" or "decrypt", read the input from this file. 43*e7b1675dSTing-Kang Chang * <li>output-file: If mode is "encrypt" or "decrypt", write the result to this file. 44*e7b1675dSTing-Kang Chang */ 45*e7b1675dSTing-Kang Chang public final class CleartextKeysetExample { 46*e7b1675dSTing-Kang Chang private static final String MODE_ENCRYPT = "encrypt"; 47*e7b1675dSTing-Kang Chang private static final String MODE_DECRYPT = "decrypt"; 48*e7b1675dSTing-Kang Chang private static final String MODE_GENERATE = "generate"; 49*e7b1675dSTing-Kang Chang private static final byte[] EMPTY_ASSOCIATED_DATA = new byte[0]; 50*e7b1675dSTing-Kang Chang main(String[] args)51*e7b1675dSTing-Kang Chang public static void main(String[] args) throws Exception { 52*e7b1675dSTing-Kang Chang if (args.length != 2 && args.length != 4) { 53*e7b1675dSTing-Kang Chang System.err.printf("Expected 2 or 4 parameters, got %d\n", args.length); 54*e7b1675dSTing-Kang Chang System.err.println( 55*e7b1675dSTing-Kang Chang "Usage: java CleartextKeysetExample generate/encrypt/decrypt key-file input-file" 56*e7b1675dSTing-Kang Chang + " output-file"); 57*e7b1675dSTing-Kang Chang System.exit(1); 58*e7b1675dSTing-Kang Chang } 59*e7b1675dSTing-Kang Chang String mode = args[0]; 60*e7b1675dSTing-Kang Chang if (!MODE_ENCRYPT.equals(mode) && !MODE_DECRYPT.equals(mode) && !MODE_GENERATE.equals(mode)) { 61*e7b1675dSTing-Kang Chang System.err.print("The first argument should be either encrypt, decrypt or generate"); 62*e7b1675dSTing-Kang Chang System.exit(1); 63*e7b1675dSTing-Kang Chang } 64*e7b1675dSTing-Kang Chang Path keyFile = Paths.get(args[1]); 65*e7b1675dSTing-Kang Chang 66*e7b1675dSTing-Kang Chang // Initialise Tink: register all AEAD key types with the Tink runtime 67*e7b1675dSTing-Kang Chang AeadConfig.register(); 68*e7b1675dSTing-Kang Chang 69*e7b1675dSTing-Kang Chang if (MODE_GENERATE.equals(mode)) { 70*e7b1675dSTing-Kang Chang // [START generate-a-new-keyset] 71*e7b1675dSTing-Kang Chang KeysetHandle handle = KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM); 72*e7b1675dSTing-Kang Chang // [END generate-a-new-keyset] 73*e7b1675dSTing-Kang Chang 74*e7b1675dSTing-Kang Chang // [START store-a-cleartext-keyset] 75*e7b1675dSTing-Kang Chang String serializedKeyset = 76*e7b1675dSTing-Kang Chang TinkJsonProtoKeysetFormat.serializeKeyset(handle, InsecureSecretKeyAccess.get()); 77*e7b1675dSTing-Kang Chang Files.write(keyFile, serializedKeyset.getBytes(UTF_8)); 78*e7b1675dSTing-Kang Chang // [END store-a-cleartext-keyset] 79*e7b1675dSTing-Kang Chang return; 80*e7b1675dSTing-Kang Chang } 81*e7b1675dSTing-Kang Chang 82*e7b1675dSTing-Kang Chang // Use the primitive to encrypt/decrypt files 83*e7b1675dSTing-Kang Chang 84*e7b1675dSTing-Kang Chang // Read the keyset from disk 85*e7b1675dSTing-Kang Chang String serializedKeyset = new String(Files.readAllBytes(keyFile), UTF_8); 86*e7b1675dSTing-Kang Chang KeysetHandle handle = 87*e7b1675dSTing-Kang Chang TinkJsonProtoKeysetFormat.parseKeyset(serializedKeyset, InsecureSecretKeyAccess.get()); 88*e7b1675dSTing-Kang Chang 89*e7b1675dSTing-Kang Chang // Get the primitive 90*e7b1675dSTing-Kang Chang Aead aead = handle.getPrimitive(Aead.class); 91*e7b1675dSTing-Kang Chang 92*e7b1675dSTing-Kang Chang byte[] input = Files.readAllBytes(Paths.get(args[2])); 93*e7b1675dSTing-Kang Chang Path outputFile = Paths.get(args[3]); 94*e7b1675dSTing-Kang Chang 95*e7b1675dSTing-Kang Chang if (MODE_ENCRYPT.equals(mode)) { 96*e7b1675dSTing-Kang Chang byte[] ciphertext = aead.encrypt(input, EMPTY_ASSOCIATED_DATA); 97*e7b1675dSTing-Kang Chang Files.write(outputFile, ciphertext); 98*e7b1675dSTing-Kang Chang } else if (MODE_DECRYPT.equals(mode)) { 99*e7b1675dSTing-Kang Chang byte[] plaintext = aead.decrypt(input, EMPTY_ASSOCIATED_DATA); 100*e7b1675dSTing-Kang Chang Files.write(outputFile, plaintext); 101*e7b1675dSTing-Kang Chang } 102*e7b1675dSTing-Kang Chang } 103*e7b1675dSTing-Kang Chang CleartextKeysetExample()104*e7b1675dSTing-Kang Chang private CleartextKeysetExample() {} 105*e7b1675dSTing-Kang Chang } 106*e7b1675dSTing-Kang Chang // [END cleartext-keyset-example] 107