Colton Idle
02/27/2024, 7:27 PMEgYIARABGAIaILk8CE7/WHIslvUnsNk+ZYNVF0XTTwCQzAD8xqk7K81G
through a protobuf deserializer? I guess i have the proto file so it should be possible? https://github.com/tink-crypto/tink-java/blob/main/proto/tink.protoJohann Pardanaud
02/28/2024, 11:24 AMColton Idle
02/28/2024, 11:27 AMColton Idle
02/28/2024, 11:29 AM{
"primaryKeyId": 1358657949,
"key": [
{
"keyData": {
"typeUrl": "<http://type.googleapis.com/google.crypto.tink.HpkePublicKey|type.googleapis.com/google.crypto.tink.HpkePublicKey>",
"value": "EgYIARABGAIaIJn0ZHt4NmblUzZZP/NKmNyHB1A+FOPTajWZU4igYNtY",
"keyMaterialType": "ASYMMETRIC_PUBLIC"
},
"status": "ENABLED",
"keyId": 1358657949,
"outputPrefixType": "TINK"
}
]
}
and the tink proto is above. and protobufpal just fails to decodeJohann Pardanaud
02/28/2024, 11:30 AMJohann Pardanaud
02/28/2024, 11:31 AMColton Idle
02/28/2024, 11:33 AMtinkey create-keyset \
--key-template DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM \
--out-format json \
--out keyset.json
3. Generate json file with public keyset from the previously created keyset.json
tinkey create-public-keyset --in keyset.json --out public.json
4. Inside of public.json you will find the base64 key valueColton Idle
02/28/2024, 11:34 AMJohann Pardanaud
02/28/2024, 11:55 AMKeyset
, it contains an array of Key
, which contains a KeyData
The content of your KeyData
is what you found in the key_data
field:
{
"primaryKeyId": 1358657949,
"key": [
{
"keyData": {
"typeUrl": "<http://type.googleapis.com/google.crypto.tink.HpkePublicKey|type.googleapis.com/google.crypto.tink.HpkePublicKey>",
"value": "EgYIARABGAIaIJn0ZHt4NmblUzZZP/NKmNyHB1A+FOPTajWZU4igYNtY",
"keyMaterialType": "ASYMMETRIC_PUBLIC"
},
"status": "ENABLED",
"keyId": 1358657949,
"outputPrefixType": "TINK"
}
]
}
which, essentially, is this part:
{
"typeUrl": "<http://type.googleapis.com/google.crypto.tink.HpkePublicKey|type.googleapis.com/google.crypto.tink.HpkePublicKey>",
"value": "EgYIARABGAIaIJn0ZHt4NmblUzZZP/NKmNyHB1A+FOPTajWZU4igYNtY",
"keyMaterialType": "ASYMMETRIC_PUBLIC"
}
If you check the definition of the value
field, you will see it is defined as a bytes
type : https://github.com/tink-crypto/tink-java/blob/14dfd36a2e3ad8c36bd35bf9ef0046f97cf9a390/proto/tink.proto#L119
the value is an opaque byte array, you can't go furtherJohann Pardanaud
02/28/2024, 11:56 AMEgYIARABGAIaILk8CE7/WHIslvUnsNk+ZYNVF0XTTwCQzAD8xqk7K81G
it's not a KeyData
message, it's the value contained within the KeyData
messageColton Idle
02/28/2024, 11:57 AMColton Idle
02/28/2024, 11:58 AMJohann Pardanaud
02/28/2024, 11:59 AMEgYIARABGAIaILk8CE7/WHIslvUnsNk+ZYNVF0XTTwCQzAD8xqk7K81G
Johann Pardanaud
02/28/2024, 12:00 PMColton Idle
02/28/2024, 12:01 PMColton Idle
02/28/2024, 12:02 PMJohann Pardanaud
02/28/2024, 12:03 PMJohann Pardanaud
02/28/2024, 12:03 PMColton Idle
02/28/2024, 12:03 PMJohann Pardanaud
02/28/2024, 12:03 PMJohann Pardanaud
02/28/2024, 12:04 PMJohann Pardanaud
02/28/2024, 12:04 PM3
is a byte arrayJohann Pardanaud
02/28/2024, 12:04 PMColton Idle
02/28/2024, 12:05 PMColton Idle
02/28/2024, 12:06 PMColton Idle
02/28/2024, 12:06 PMJohann Pardanaud
02/28/2024, 12:07 PMJohann Pardanaud
02/28/2024, 12:07 PMJohann Pardanaud
02/28/2024, 12:08 PMpublic_key
field is the `3`rd oneJohann Pardanaud
02/28/2024, 12:08 PMColton Idle
02/28/2024, 12:09 PMColton Idle
02/28/2024, 12:10 PMEgYIARABGAIaILk8CE7/WHIslvUnsNk+ZYNVF0XTTwCQzAD8xqk7K81G
) and then I should be able to grab the actual public keyColton Idle
02/28/2024, 12:10 PMColton Idle
02/28/2024, 12:11 PMColton Idle
02/28/2024, 12:11 PMJohann Pardanaud
02/28/2024, 12:14 PMColton Idle
02/28/2024, 12:21 PMColton Idle
02/28/2024, 12:23 PMJohann Pardanaud
02/28/2024, 12:25 PMJohann Pardanaud
02/28/2024, 12:25 PMJohann Pardanaud
02/28/2024, 12:25 PMJohann Pardanaud
02/28/2024, 12:26 PMJohann Pardanaud
02/28/2024, 12:26 PMAnmol Verma
03/03/2024, 7:40 PMColton Idle
03/04/2024, 4:39 PMColton Idle
03/07/2024, 9:01 AMval cipheredTextWireFormat: ByteArray = encryptor.encrypt("hello".toByteArray(), ByteArray(0))
println("got ciphered text hex")
println(cipheredTextWireFormat.toHexString())
Output:
got ciphered text hex
016b099f30d906625582c02234ca9ea6852831edd6c85c3dcb4bdbaf20d9c9c66e1858de13ee00e35898c65cfc836f8afebbfa71336a283ec1f0
According to the docs... the ciphertext wireformat for Hybrid encryption is
prefix || encapsulated_key || encrypted_data
So now I'm kinda stuck on trying to extract encapsulated_key
and encrypted_data
from that cipheredTextWireFormat
Any chance you know how to pull those two values out?Colton Idle
03/07/2024, 9:19 AMJohann Pardanaud
03/07/2024, 10:27 AMThis page describes Tink's wire format for keys and primitive output. The documentation is aimed at cryptographers who want to add additional languages to Tink and maintainers of other high-level crypto libraries who want a wire compatible mode. It is not intended for general audiences.are you SURE you need to extract the encrypted data from the binary? 😄
Johann Pardanaud
03/07/2024, 10:28 AMJohann Pardanaud
03/07/2024, 10:30 AMColton Idle
03/07/2024, 3:49 PMColton Idle
03/07/2024, 3:57 PMColton Idle
03/07/2024, 7:04 PM