| # Copyright 2021 Google LLC |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| """Pre-generated JWT KeyTemplate.""" |
| |
| from tink.proto import jwt_ecdsa_pb2 |
| from tink.proto import jwt_hmac_pb2 |
| from tink.proto import jwt_rsa_ssa_pkcs1_pb2 |
| from tink.proto import jwt_rsa_ssa_pss_pb2 |
| from tink.proto import tink_pb2 |
| from tink.internal import big_integer_util |
| |
| |
| _F4 = 65537 |
| |
| |
| def _create_jwt_hmac_template( |
| algorithm: jwt_hmac_pb2.JwtHmacAlgorithm, key_size: int, |
| output_prefix_type: tink_pb2.OutputPrefixType) -> tink_pb2.KeyTemplate: |
| key_format = jwt_hmac_pb2.JwtHmacKeyFormat( |
| algorithm=algorithm, key_size=key_size) |
| return tink_pb2.KeyTemplate( |
| type_url='type.googleapis.com/google.crypto.tink.JwtHmacKey', |
| value=key_format.SerializeToString(), |
| output_prefix_type=output_prefix_type) |
| |
| |
| def _create_jwt_ecdsa_template( |
| algorithm: jwt_ecdsa_pb2.JwtEcdsaAlgorithm, |
| output_prefix_type: tink_pb2.OutputPrefixType) -> tink_pb2.KeyTemplate: |
| key_format = jwt_ecdsa_pb2.JwtEcdsaKeyFormat( |
| algorithm=algorithm) |
| return tink_pb2.KeyTemplate( |
| type_url='type.googleapis.com/google.crypto.tink.JwtEcdsaPrivateKey', |
| value=key_format.SerializeToString(), |
| output_prefix_type=output_prefix_type) |
| |
| |
| def _create_jwt_rsa_ssa_pkcs1_template( |
| algorithm: jwt_rsa_ssa_pkcs1_pb2.JwtRsaSsaPkcs1Algorithm, modulus_size: int, |
| output_prefix_type: tink_pb2.OutputPrefixType) -> tink_pb2.KeyTemplate: |
| key_format = jwt_rsa_ssa_pkcs1_pb2.JwtRsaSsaPkcs1KeyFormat( |
| algorithm=algorithm, |
| modulus_size_in_bits=modulus_size, |
| public_exponent=big_integer_util.num_to_bytes(_F4)) |
| return tink_pb2.KeyTemplate( |
| type_url='type.googleapis.com/google.crypto.tink.JwtRsaSsaPkcs1PrivateKey', |
| value=key_format.SerializeToString(), |
| output_prefix_type=output_prefix_type) |
| |
| |
| def _create_jwt_rsa_ssa_pss_template( |
| algorithm: jwt_rsa_ssa_pss_pb2.JwtRsaSsaPssAlgorithm, modulus_size: int, |
| output_prefix_type: tink_pb2.OutputPrefixType) -> tink_pb2.KeyTemplate: |
| key_format = jwt_rsa_ssa_pss_pb2.JwtRsaSsaPssKeyFormat( |
| algorithm=algorithm, |
| modulus_size_in_bits=modulus_size, |
| public_exponent=big_integer_util.num_to_bytes(_F4)) |
| return tink_pb2.KeyTemplate( |
| type_url='type.googleapis.com/google.crypto.tink.JwtRsaSsaPssPrivateKey', |
| value=key_format.SerializeToString(), |
| output_prefix_type=output_prefix_type) |
| |
| |
| # Hmac Templates |
| def jwt_hs256_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_hmac_template(jwt_hmac_pb2.HS256, 32, tink_pb2.TINK) |
| |
| |
| def raw_jwt_hs256_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_hmac_template(jwt_hmac_pb2.HS256, 32, tink_pb2.RAW) |
| |
| |
| def jwt_hs384_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_hmac_template(jwt_hmac_pb2.HS384, 48, tink_pb2.TINK) |
| |
| |
| def raw_jwt_hs384_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_hmac_template(jwt_hmac_pb2.HS384, 48, tink_pb2.RAW) |
| |
| |
| def jwt_hs512_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_hmac_template(jwt_hmac_pb2.HS512, 64, tink_pb2.TINK) |
| |
| |
| def raw_jwt_hs512_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_hmac_template(jwt_hmac_pb2.HS512, 64, tink_pb2.RAW) |
| |
| |
| # ECDSA Templates |
| def jwt_es256_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_ecdsa_template(jwt_ecdsa_pb2.ES256, tink_pb2.TINK) |
| |
| |
| def raw_jwt_es256_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_ecdsa_template(jwt_ecdsa_pb2.ES256, tink_pb2.RAW) |
| |
| |
| def jwt_es384_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_ecdsa_template(jwt_ecdsa_pb2.ES384, tink_pb2.TINK) |
| |
| |
| def raw_jwt_es384_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_ecdsa_template(jwt_ecdsa_pb2.ES384, tink_pb2.RAW) |
| |
| |
| def jwt_es512_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_ecdsa_template(jwt_ecdsa_pb2.ES512, tink_pb2.TINK) |
| |
| |
| def raw_jwt_es512_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_ecdsa_template(jwt_ecdsa_pb2.ES512, tink_pb2.RAW) |
| |
| |
| # RSA SSA PKCS1 Templates |
| def jwt_rs256_2048_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS256, 2048, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_rs256_2048_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS256, 2048, |
| tink_pb2.RAW) |
| |
| |
| def jwt_rs256_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS256, 3072, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_rs256_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS256, 3072, |
| tink_pb2.RAW) |
| |
| |
| def jwt_rs384_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS384, 3072, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_rs384_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS384, 3072, |
| tink_pb2.RAW) |
| |
| |
| def jwt_rs512_4096_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS512, 4096, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_rs512_4096_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pkcs1_template(jwt_rsa_ssa_pkcs1_pb2.RS512, 4096, |
| tink_pb2.RAW) |
| |
| |
| # RSA SSA PSS Templates |
| def jwt_ps256_2048_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS256, 2048, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_ps256_2048_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS256, 2048, |
| tink_pb2.RAW) |
| |
| |
| def jwt_ps256_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS256, 3072, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_ps256_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS256, 3072, |
| tink_pb2.RAW) |
| |
| |
| def jwt_ps384_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS384, 3072, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_ps384_3072_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS384, 3072, |
| tink_pb2.RAW) |
| |
| |
| def jwt_ps512_4096_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS512, 4096, |
| tink_pb2.TINK) |
| |
| |
| def raw_jwt_ps512_4096_f4_template() -> tink_pb2.KeyTemplate: |
| return _create_jwt_rsa_ssa_pss_template(jwt_rsa_ssa_pss_pb2.PS512, 4096, |
| tink_pb2.RAW) |
