Use the new KmsEnvelopeAead.create API in GcpKmsClientTest

This was introduced in [email protected]. PiperOrigin-RevId: 567611894 Change-Id: Iba504a1878cd4334585ccba456d5cc89b7b49dfa
tink-crypto · Sep 22, 2023 · 5d38e48 · 5d38e48
1 parent b2f59a0
commit 5d38e48
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 9 deletions.
diff --git a/src/test/java/com/google/crypto/tink/integration/gcpkms/BUILD.bazel b/src/test/java/com/google/crypto/tink/integration/gcpkms/BUILD.bazel
@@ -15,7 +15,9 @@ java_test(
         "@tink_java//src/main/java/com/google/crypto/tink:registry_cluster",
         "@tink_java//src/main/java/com/google/crypto/tink/aead:aead_config",
         "@tink_java//src/main/java/com/google/crypto/tink/aead:kms_aead_key_manager",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:kms_envelope_aead",
         "@tink_java//src/main/java/com/google/crypto/tink/aead:kms_envelope_aead_key_manager",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:predefined_aead_parameters",
         "//src/main/java/com/google/crypto/tink/integration/gcpkms:fake_cloud_kms",
         "//src/main/java/com/google/crypto/tink/integration/gcpkms:gcp_kms_client",
         "@maven//:com_google_truth_truth",

diff --git a/src/test/java/com/google/crypto/tink/integration/gcpkms/GcpKmsClientTest.java b/src/test/java/com/google/crypto/tink/integration/gcpkms/GcpKmsClientTest.java
@@ -30,7 +30,9 @@
 import com.google.crypto.tink.KmsClientsTestUtil;
 import com.google.crypto.tink.aead.AeadConfig;
 import com.google.crypto.tink.aead.KmsAeadKeyManager;
+import com.google.crypto.tink.aead.KmsEnvelopeAead;
 import com.google.crypto.tink.aead.KmsEnvelopeAeadKeyManager;
+import com.google.crypto.tink.aead.PredefinedAeadParameters;
 import java.security.GeneralSecurityException;
 import org.junit.Before;
 import org.junit.BeforeClass;
@@ -108,14 +110,10 @@ public void clientBoundToKeyUri_createKmsEnvelopeAead_works() throws Exception {
     String keyUri =
         "gcp-kms://projects/tink-test/locations/global/keyRings/unit-test/cryptoKeys/aead-key";
 
-    // Register a client bound to a single key.
-    registerGcpKmsClient(keyUri, new FakeCloudKms(asList(keyId)));
-
-    // Create an envelope encryption AEAD primitive
-    KeyTemplate dekTemplate = KeyTemplates.get("AES128_CTR_HMAC_SHA256_RAW");
-    KeyTemplate envelopeTemplate = KmsEnvelopeAeadKeyManager.createKeyTemplate(keyUri, dekTemplate);
-    KeysetHandle handle = KeysetHandle.generateNew(envelopeTemplate);
-    Aead kmsEnvelopeAead = handle.getPrimitive(Aead.class);
+    KmsClient client = new GcpKmsClient(keyUri).withCloudKms(new FakeCloudKms(asList(keyId)));
+    Aead kmsEnvelopeAead =
+        KmsEnvelopeAead.create(
+            PredefinedAeadParameters.AES128_CTR_HMAC_SHA256, client.getAead(keyUri));
 
     byte[] plaintext = "plaintext".getBytes(UTF_8);
     byte[] associatedData = "associatedData".getBytes(UTF_8);
@@ -262,7 +260,8 @@ public void kmsAeadCannotDecryptCiphertextOfDifferentUriIfItIsHasAnInvalidUri()
     byte[] ciphertext = kmsAead.encrypt(plaintext, associatedData);
 
     Aead kmsAeadWithInvalidUri = client.getAead(invalidUri);
-    assertThrows(IllegalArgumentException.class,
+    assertThrows(
+        IllegalArgumentException.class,
         () -> kmsAeadWithInvalidUri.decrypt(ciphertext, associatedData));
   }
 }