go/aead/aead_key_templates.go - third_party/tink - Git at Google

 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////

 package aead

 import (
 	"github.com/golang/protobuf/proto"
 	ctrpb "github.com/google/tink/proto/aes_ctr_go_proto"
 	ctrhmacpb "github.com/google/tink/proto/aes_ctr_hmac_aead_go_proto"
 	gcmpb "github.com/google/tink/proto/aes_gcm_go_proto"
 	commonpb "github.com/google/tink/proto/common_go_proto"
 	hmacpb "github.com/google/tink/proto/hmac_go_proto"
 	kmsenvpb "github.com/google/tink/proto/kms_envelope_go_proto"
 	tinkpb "github.com/google/tink/proto/tink_go_proto"
 )

 // This file contains pre-generated KeyTemplates for AEAD keys. One can use these templates
 // to generate new Keysets.

 // AES128GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
 //   - Key size: 16 bytes
 func AES128GCMKeyTemplate() *tinkpb.KeyTemplate {
 	return createAESGCMKeyTemplate(16)
 }

 // AES256GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
 //   - Key size: 32 bytes
 func AES256GCMKeyTemplate() *tinkpb.KeyTemplate {
 	return createAESGCMKeyTemplate(32)
 }

 // AES128CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:
 //  - AES key size: 16 bytes
 //  - AES CTR IV size: 16 bytes
 //  - HMAC key size: 32 bytes
 //  - HMAC tag size: 16 bytes
 //  - HMAC hash function: SHA256
 func AES128CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
 	return createAESCTRHMACAEADKeyTemplate(16, 16, 32, 16, commonpb.HashType_SHA256)
 }

 // AES256CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:
 //  - AES key size: 32 bytes
 //  - AES CTR IV size: 16 bytes
 //  - HMAC key size: 32 bytes
 //  - HMAC tag size: 32 bytes
 //  - HMAC hash function: SHA256
 func AES256CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
 	return createAESCTRHMACAEADKeyTemplate(32, 16, 32, 32, commonpb.HashType_SHA256)
 }

 // KMSEnvelopeAEADKeyTemplate is a KeyTemplate that generates a KMSEnvelopeAEAD key for a given KEK in remote KMS
 func KMSEnvelopeAEADKeyTemplate(uri string, dekT *tinkpb.KeyTemplate) *tinkpb.KeyTemplate {
 	f := &kmsenvpb.KmsEnvelopeAeadKeyFormat{
 		KekUri:      uri,
 		DekTemplate: dekT,
 	}
 	serializedFormat, _ := proto.Marshal(f)
 	return &tinkpb.KeyTemplate{
 		Value:            serializedFormat,
 		TypeUrl:          kmsEnvelopeAEADTypeURL,
 		OutputPrefixType: tinkpb.OutputPrefixType_TINK,
 	}
 }

 // createAESGCMKeyTemplate creates a new AES-GCM key template with the given key
 // size in bytes.
 func createAESGCMKeyTemplate(keySize uint32) *tinkpb.KeyTemplate {
 	format := &gcmpb.AesGcmKeyFormat{
 		KeySize: keySize,
 	}
 	serializedFormat, _ := proto.Marshal(format)
 	return &tinkpb.KeyTemplate{
 		TypeUrl: aesGCMTypeURL,
 		Value:   serializedFormat,
 	}
 }

 func createAESCTRHMACAEADKeyTemplate(aesKeySize, ivSize, hmacKeySize, tagSize uint32, hash commonpb.HashType) *tinkpb.KeyTemplate {
 	format := &ctrhmacpb.AesCtrHmacAeadKeyFormat{
 		AesCtrKeyFormat: &ctrpb.AesCtrKeyFormat{
 			Params:  &ctrpb.AesCtrParams{IvSize: ivSize},
 			KeySize: aesKeySize,
 		},
 		HmacKeyFormat: &hmacpb.HmacKeyFormat{
 			Params:  &hmacpb.HmacParams{Hash: hash, TagSize: tagSize},
 			KeySize: hmacKeySize,
 		},
 	}
 	serializedFormat, _ := proto.Marshal(format)
 	return &tinkpb.KeyTemplate{
 		Value:            serializedFormat,
 		TypeUrl:          aesCTRHMACAEADTypeURL,
 		OutputPrefixType: tinkpb.OutputPrefixType_TINK,
 	}
 }
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	////////////////////////////////////////////////////////////////////////////////

	package aead

	import (
	"github.com/golang/protobuf/proto"
	ctrpb "github.com/google/tink/proto/aes_ctr_go_proto"
	ctrhmacpb "github.com/google/tink/proto/aes_ctr_hmac_aead_go_proto"
	gcmpb "github.com/google/tink/proto/aes_gcm_go_proto"
	commonpb "github.com/google/tink/proto/common_go_proto"
	hmacpb "github.com/google/tink/proto/hmac_go_proto"
	kmsenvpb "github.com/google/tink/proto/kms_envelope_go_proto"
	tinkpb "github.com/google/tink/proto/tink_go_proto"
	)

	// This file contains pre-generated KeyTemplates for AEAD keys. One can use these templates
	// to generate new Keysets.

	// AES128GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
	// - Key size: 16 bytes
	func AES128GCMKeyTemplate() *tinkpb.KeyTemplate {
	return createAESGCMKeyTemplate(16)
	}

	// AES256GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
	// - Key size: 32 bytes
	func AES256GCMKeyTemplate() *tinkpb.KeyTemplate {
	return createAESGCMKeyTemplate(32)
	}

	// AES128CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:
	// - AES key size: 16 bytes
	// - AES CTR IV size: 16 bytes
	// - HMAC key size: 32 bytes
	// - HMAC tag size: 16 bytes
	// - HMAC hash function: SHA256
	func AES128CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
	return createAESCTRHMACAEADKeyTemplate(16, 16, 32, 16, commonpb.HashType_SHA256)
	}

	// AES256CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:
	// - AES key size: 32 bytes
	// - AES CTR IV size: 16 bytes
	// - HMAC key size: 32 bytes
	// - HMAC tag size: 32 bytes
	// - HMAC hash function: SHA256
	func AES256CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
	return createAESCTRHMACAEADKeyTemplate(32, 16, 32, 32, commonpb.HashType_SHA256)
	}

	// KMSEnvelopeAEADKeyTemplate is a KeyTemplate that generates a KMSEnvelopeAEAD key for a given KEK in remote KMS
	func KMSEnvelopeAEADKeyTemplate(uri string, dekT tinkpb.KeyTemplate) tinkpb.KeyTemplate {
	f := &kmsenvpb.KmsEnvelopeAeadKeyFormat{
	KekUri: uri,
	DekTemplate: dekT,
	}
	serializedFormat, _ := proto.Marshal(f)
	return &tinkpb.KeyTemplate{
	Value: serializedFormat,
	TypeUrl: kmsEnvelopeAEADTypeURL,
	OutputPrefixType: tinkpb.OutputPrefixType_TINK,
	}
	}

	// createAESGCMKeyTemplate creates a new AES-GCM key template with the given key
	// size in bytes.
	func createAESGCMKeyTemplate(keySize uint32) *tinkpb.KeyTemplate {
	format := &gcmpb.AesGcmKeyFormat{
	KeySize: keySize,
	}
	serializedFormat, _ := proto.Marshal(format)
	return &tinkpb.KeyTemplate{
	TypeUrl: aesGCMTypeURL,
	Value: serializedFormat,
	}
	}

	func createAESCTRHMACAEADKeyTemplate(aesKeySize, ivSize, hmacKeySize, tagSize uint32, hash commonpb.HashType) *tinkpb.KeyTemplate {
	format := &ctrhmacpb.AesCtrHmacAeadKeyFormat{
	AesCtrKeyFormat: &ctrpb.AesCtrKeyFormat{
	Params: &ctrpb.AesCtrParams{IvSize: ivSize},
	KeySize: aesKeySize,
	},
	HmacKeyFormat: &hmacpb.HmacKeyFormat{
	Params: &hmacpb.HmacParams{Hash: hash, TagSize: tagSize},
	KeySize: hmacKeySize,
	},
	}
	serializedFormat, _ := proto.Marshal(format)
	return &tinkpb.KeyTemplate{
	Value: serializedFormat,
	TypeUrl: aesCTRHMACAEADTypeURL,
	OutputPrefixType: tinkpb.OutputPrefixType_TINK,
	}
	}