Skip to content
This repository has been archived by the owner on Apr 17, 2024. It is now read-only.

StreamingAead with KEK URI #527

Closed
mayurpr opened this issue Jul 6, 2021 · 6 comments
Closed

StreamingAead with KEK URI #527

mayurpr opened this issue Jul 6, 2021 · 6 comments

Comments

@mayurpr
Copy link

mayurpr commented Jul 6, 2021

Currently tink has only Aead KEK URI support.
Is there any example or support for StreamingAead with KEK URI?

below example is only having Aead as primitive, but we want to use StreamingAead with KEK URI.
https://github.com/google/tink/blob/master/examples/java_src/encryptedkeyset/EncryptedKeysetExample.java

if i try to use this snippet

                   StreamingAead aead = null;
		KeysetHandle handle;
		try {
			handle = KeysetHandle.generateNew(KmsAeadKeyManager.createKeyTemplate(kekUri));
			aead = handle.getPrimitive(StreamingAead.class);
		} catch (GeneralSecurityException ex) {
			throw ex;
		}

to get StreamingAead instance i get below exception.

java.security.GeneralSecurityException: Primitive type com.google.crypto.tink.StreamingAead not supported by key manager of type class com.google.crypto.tink.aead.KmsAeadKeyManager, supported primitives: com.google.crypto.tink.Aead

Thanks for making this awesome lib :)
@milindrao
Copy link

milindrao commented Sep 15, 2021
edited
Loading

I'm having the same issue. A different application is writing to GCS using StreamingAead. And a different application is reading the encrypted file. Streaming AED works when I'm using the same KeysetHandle when encrypting and decrypting the file.

	    	KeyTemplate theKeyTemplate = KeyTemplates.get("AES256_GCM_HKDF_1MB");
	    	KeysetHandle theHandle = KeysetHandle.generateNew(theKeyTemplate);

I'm just starting out on using Tink and GCP in general, so possibly I'm missing something obvious.

I think I can store the keys in KMS (https://github.com/google/tink/blob/v1.2.2/docs/JAVA-HOWTO.md#storing-keysets). But I wonder why I can't use the KEK URI for streaming Aead like I can for Aead.

Edit: This link and the corresponding GitHub code helped me figure it out.
https://medium.com/12-developer-labors/envelope-encryption-with-google-tink-and-gcp-key-management-with-example-a738632434da

@chuckx chuckx unassigned thaidn and chuckx Aug 10, 2022
@lcguida
Copy link

lcguida commented Aug 29, 2022

Hello, I'm searching for the same functionality.

I currently have some code (in golang in my case) using the AEAD envelope with a Google KMS Key URI, which works very well, but I'm trying to do the same with a streaming AEAD instead.

Is it possible?

@tmelmoth
Copy link

I'm also interested in having a StreamingAead implementation that encrypts a stream using a key encrypted by a KMS. Is this something that is on the Tink roadmap? If not, is this a feature that would be accepted as a contribution?

@juergw
Copy link
Contributor

juergw commented Jan 30, 2023

It is currently not possible to create an "EnvelopeStreamingAead" primitive, and we also don't plan to add this functionality. Also, we have some plans to change the API of Envelope encryption, and therefore we prefer not to add any feature to it at the moment.

But you can do almost the same like this:
to encrypt using StreamingAead and a KMS key, you do this:

  • create a keyset handle using a StreamingAead template.
  • create an Aead primitive for your KMS key.
  • encrypt the StreamingAead keyset using TinkProtoKeysetFormat.serializeEncryptedKeyset and store it somewhere (or use KeystHandle.write method and the BinaryKeysetWriter.)
  • create the StreamingAead primitive from the keyset handle and encrypt your data.

to decrypt, you do this:

  • create an AEAD primitive for your KMS key.
  • read and decrypt the encrypted StreamingAead keyset using TinkProtoKeysetFormat.parseEncryptedKeyset (or KeysetHandle.read method and the BinaryKeysetReader)
  • create the StreamingAead primitive and decrypt your data.

The code is very similar to https://source.corp.google.com/piper///depot/google3/third_party/tink/java_src/examples/encryptedkeyset/EncryptedKeysetExample.java.
(the difference is that I prefer to use binary format instead of Json, because it will be smaller)
This should also work in C++, Go and Python.

The only difference to envelope encryption is that you will have to store two files (the encrypted keyset and the encrypted data) instead of just one. But this approach here is a bit more flexible, because you can for example use the StreamingAead primitive several times if you want, which will result in less calls to the KMS.

Does this work for your use case?

@juergw juergw mentioned this issue Jan 30, 2023
Closed
@juergw juergw closed this as completed Mar 21, 2023
@lcguida
Copy link

lcguida commented May 10, 2023
edited
Loading

Hello, the code sample seems to be private. But i'm doing something similar to what you described, storing key sets n a separate bucket and encrypting them with a KMS Key. I also added some code to deal with key rotation.

PS: I was on parental leave, so I took time to go back to the problem ;)

@chuckx
Copy link
Contributor

chuckx commented May 11, 2023
edited
Loading

To clarify, the code sample referenced above can be found here:

https://github.com/google/tink/blob/master/java_src/examples/encryptedkeyset/EncryptedKeysetExample.java

Or, in its new home here:

https://github.com/tink-crypto/tink-java-gcpkms/blob/main/examples/encryptedkeyset/EncryptedKeysetExample.java

@dimapaikin dimapaikin mentioned this issue Nov 6, 2023
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@thaidn @chuckx @lcguida @milindrao @juergw @mayurpr @tmelmoth