Make the EciesAeadHkdfPrivateKeyManager public, but restrict visibility of the constructor. Then, add a static function which registers it together with the public key manager.
Also, do the same for the Hybrid{En,De}cryptWrappers.
PiperOrigin-RevId: 270243637
diff --git a/java/src/main/java/com/google/crypto/tink/hybrid/EciesAeadHkdfPrivateKeyManager.java b/java/src/main/java/com/google/crypto/tink/hybrid/EciesAeadHkdfPrivateKeyManager.java
index 24e398f..621370c 100644
--- a/java/src/main/java/com/google/crypto/tink/hybrid/EciesAeadHkdfPrivateKeyManager.java
+++ b/java/src/main/java/com/google/crypto/tink/hybrid/EciesAeadHkdfPrivateKeyManager.java
@@ -18,6 +18,7 @@
import com.google.crypto.tink.HybridDecrypt;
import com.google.crypto.tink.PrivateKeyTypeManager;
+import com.google.crypto.tink.Registry;
import com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat;
import com.google.crypto.tink.proto.EciesAeadHkdfParams;
import com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey;
@@ -40,9 +41,9 @@
* This key manager generates new {@code EciesAeadHkdfPrivateKey} keys and produces new instances of
* {@code EciesAeadHkdfHybridDecrypt}.
*/
-class EciesAeadHkdfPrivateKeyManager
+public class EciesAeadHkdfPrivateKeyManager
extends PrivateKeyTypeManager<EciesAeadHkdfPrivateKey, EciesAeadHkdfPublicKey> {
- public EciesAeadHkdfPrivateKeyManager() {
+ EciesAeadHkdfPrivateKeyManager() {
super(
EciesAeadHkdfPrivateKey.class,
EciesAeadHkdfPublicKey.class,
@@ -149,4 +150,14 @@
}
};
}
+
+ /**
+ * Registers the {@link EciesAeadHkdfPrivateKeyManager} and the {@link
+ * EciesAeadHkdfPublicKeyManager} with the registry, so that the the EciesAeadHkdfKeys can be used
+ * with Tink.
+ */
+ public static void registerPair(boolean newKeyAllowed) throws GeneralSecurityException {
+ Registry.registerAsymmetricKeyManagers(
+ new EciesAeadHkdfPrivateKeyManager(), new EciesAeadHkdfPublicKeyManager(), newKeyAllowed);
+ }
}
diff --git a/java/src/main/java/com/google/crypto/tink/hybrid/HybridConfig.java b/java/src/main/java/com/google/crypto/tink/hybrid/HybridConfig.java
index 3fa3f5c..fa268d1 100644
--- a/java/src/main/java/com/google/crypto/tink/hybrid/HybridConfig.java
+++ b/java/src/main/java/com/google/crypto/tink/hybrid/HybridConfig.java
@@ -95,11 +95,8 @@
*/
public static void register() throws GeneralSecurityException {
AeadConfig.register();
- Registry.registerAsymmetricKeyManagers(
- new EciesAeadHkdfPrivateKeyManager(),
- new EciesAeadHkdfPublicKeyManager(),
- /*newKeyAllowed=*/ true);
- Registry.registerPrimitiveWrapper(new HybridDecryptWrapper());
- Registry.registerPrimitiveWrapper(new HybridEncryptWrapper());
+ EciesAeadHkdfPrivateKeyManager.registerPair(/*newKeyAllowed=*/true);
+ HybridDecryptWrapper.register();
+ HybridEncryptWrapper.register();
}
}
diff --git a/java/src/main/java/com/google/crypto/tink/hybrid/HybridDecryptWrapper.java b/java/src/main/java/com/google/crypto/tink/hybrid/HybridDecryptWrapper.java
index ae8c8e6..68fd909 100644
--- a/java/src/main/java/com/google/crypto/tink/hybrid/HybridDecryptWrapper.java
+++ b/java/src/main/java/com/google/crypto/tink/hybrid/HybridDecryptWrapper.java
@@ -19,6 +19,7 @@
import com.google.crypto.tink.HybridDecrypt;
import com.google.crypto.tink.PrimitiveSet;
import com.google.crypto.tink.PrimitiveWrapper;
+import com.google.crypto.tink.Registry;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.List;
@@ -32,7 +33,7 @@
* the keys associated with the prefix do not work, the primitive tries all keys with {@link
* com.google.crypto.tink.proto.OutputPrefixType#RAW}.
*/
-class HybridDecryptWrapper implements PrimitiveWrapper<HybridDecrypt> {
+public class HybridDecryptWrapper implements PrimitiveWrapper<HybridDecrypt> {
private static final Logger logger = Logger.getLogger(HybridDecryptWrapper.class.getName());
private static class WrappedHybridDecrypt implements HybridDecrypt {
@@ -73,6 +74,8 @@
}
}
+ HybridDecryptWrapper() {}
+
@Override
public HybridDecrypt wrap(final PrimitiveSet<HybridDecrypt> primitives) {
return new WrappedHybridDecrypt(primitives);
@@ -82,4 +85,14 @@
public Class<HybridDecrypt> getPrimitiveClass() {
return HybridDecrypt.class;
}
+
+ /**
+ * Register the wrapper within the registry.
+ *
+ * <p>This is required for calls to {@link Keyset.getPrimitive} with a {@link HybridDecrypt}
+ * argument.
+ */
+ public static void register() throws GeneralSecurityException {
+ Registry.registerPrimitiveWrapper(new HybridDecryptWrapper());
+ }
}
diff --git a/java/src/main/java/com/google/crypto/tink/hybrid/HybridEncryptWrapper.java b/java/src/main/java/com/google/crypto/tink/hybrid/HybridEncryptWrapper.java
index 6bf9c79..6574864 100644
--- a/java/src/main/java/com/google/crypto/tink/hybrid/HybridEncryptWrapper.java
+++ b/java/src/main/java/com/google/crypto/tink/hybrid/HybridEncryptWrapper.java
@@ -18,6 +18,7 @@
import com.google.crypto.tink.HybridEncrypt;
import com.google.crypto.tink.PrimitiveSet;
import com.google.crypto.tink.PrimitiveWrapper;
+import com.google.crypto.tink.Registry;
import com.google.crypto.tink.subtle.Bytes;
import java.security.GeneralSecurityException;
@@ -54,4 +55,14 @@
public Class<HybridEncrypt> getPrimitiveClass() {
return HybridEncrypt.class;
}
+
+ /**
+ * Register the wrapper within the registry.
+ *
+ * <p>This is required for calls to {@link Keyset.getPrimitive} with a {@link HybridEncrypt}
+ * argument.
+ */
+ public static void register() throws GeneralSecurityException {
+ Registry.registerPrimitiveWrapper(new HybridEncryptWrapper());
+ }
}
