xref: /aosp_15_r20/external/tink/cc/streamingaead/aes_gcm_hkdf_streaming_key_manager.h (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2019 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 #ifndef TINK_STREAMINGAEAD_AES_GCM_HKDF_STREAMING_KEY_MANAGER_H_
17 #define TINK_STREAMINGAEAD_AES_GCM_HKDF_STREAMING_KEY_MANAGER_H_
18 
19 #include <memory>
20 #include <string>
21 #include <utility>
22 
23 #include "absl/memory/memory.h"
24 #include "absl/strings/str_cat.h"
25 #include "tink/core/key_type_manager.h"
26 #include "tink/key_manager.h"
27 #include "tink/streaming_aead.h"
28 #include "tink/subtle/aes_gcm_hkdf_streaming.h"
29 #include "tink/util/constants.h"
30 #include "tink/util/enums.h"
31 #include "tink/util/errors.h"
32 #include "tink/util/protobuf_helper.h"
33 #include "tink/util/secret_data.h"
34 #include "tink/util/status.h"
35 #include "tink/util/statusor.h"
36 #include "proto/aes_gcm_hkdf_streaming.pb.h"
37 #include "proto/tink.pb.h"
38 
39 namespace crypto {
40 namespace tink {
41 
42 class AesGcmHkdfStreamingKeyManager
43     : public KeyTypeManager<google::crypto::tink::AesGcmHkdfStreamingKey,
44                             google::crypto::tink::AesGcmHkdfStreamingKeyFormat,
45                             List<StreamingAead>> {
46  public:
47   class AesGcmHkdfStreamingKeyManagerFactory
48       : public PrimitiveFactory<StreamingAead> {
Create(const google::crypto::tink::AesGcmHkdfStreamingKey & key)49     crypto::tink::util::StatusOr<std::unique_ptr<StreamingAead>> Create(
50         const google::crypto::tink::AesGcmHkdfStreamingKey& key)
51         const override {
52       subtle::AesGcmHkdfStreaming::Params params;
53       params.ikm = util::SecretDataFromStringView(key.key_value());
54       params.hkdf_hash = crypto::tink::util::Enums::ProtoToSubtle(
55           key.params().hkdf_hash_type());
56       params.derived_key_size = key.params().derived_key_size();
57       params.ciphertext_segment_size = key.params().ciphertext_segment_size();
58       params.ciphertext_offset = 0;
59       auto streaming_result =
60           subtle::AesGcmHkdfStreaming::New(std::move(params));
61       if (!streaming_result.ok()) return streaming_result.status();
62       return {std::move(streaming_result.value())};
63     }
64   };
65 
AesGcmHkdfStreamingKeyManager()66   AesGcmHkdfStreamingKeyManager()
67       : KeyTypeManager(
68             absl::make_unique<AesGcmHkdfStreamingKeyManager::
69                                   AesGcmHkdfStreamingKeyManagerFactory>()) {}
70 
71   // Returns the version of this key manager.
get_version()72   uint32_t get_version() const override { return 0; }
73 
key_material_type()74   google::crypto::tink::KeyData::KeyMaterialType key_material_type()
75       const override {
76     return google::crypto::tink::KeyData::SYMMETRIC;
77   }
78 
get_key_type()79   const std::string& get_key_type() const override { return key_type_; }
80 
81   crypto::tink::util::Status ValidateKey(
82       const google::crypto::tink::AesGcmHkdfStreamingKey& key) const override;
83 
84   crypto::tink::util::Status ValidateKeyFormat(
85       const google::crypto::tink::AesGcmHkdfStreamingKeyFormat& key_format)
86       const override;
87 
88   crypto::tink::util::StatusOr<google::crypto::tink::AesGcmHkdfStreamingKey>
89   CreateKey(const google::crypto::tink::AesGcmHkdfStreamingKeyFormat&
90                 key_format) const override;
91 
92   crypto::tink::util::StatusOr<google::crypto::tink::AesGcmHkdfStreamingKey>
93   DeriveKey(
94       const google::crypto::tink::AesGcmHkdfStreamingKeyFormat& key_format,
95       InputStream* input_stream) const override;
96 
97   ~AesGcmHkdfStreamingKeyManager() override = default;
98 
99  private:
100   const std::string key_type_ = absl::StrCat(
101       kTypeGoogleapisCom,
102       google::crypto::tink::AesGcmHkdfStreamingKey().GetTypeName());
103 
104   static crypto::tink::util::Status Validate(
105       const google::crypto::tink::AesGcmHkdfStreamingKeyFormat& key_format);
106 };
107 
108 }  // namespace tink
109 }  // namespace crypto
110 
111 #endif  // TINK_STREAMINGAEAD_AES_GCM_HKDF_STREAMING_KEY_MANAGER_H_
112