cc/aead/kms_envelope_aead.h

*e7b1675dSTing-Kang Chang// Copyright 2019 Google LLC
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang// Licensed under the Apache License, Version 2.0 (the "License");
*e7b1675dSTing-Kang Chang// you may not use this file except in compliance with the License.
*e7b1675dSTing-Kang Chang// You may obtain a copy of the License at
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang//     http://www.apache.org/licenses/LICENSE-2.0
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang// Unless required by applicable law or agreed to in writing, software
*e7b1675dSTing-Kang Chang// distributed under the License is distributed on an "AS IS" BASIS,
*e7b1675dSTing-Kang Chang// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*e7b1675dSTing-Kang Chang// See the License for the specific language governing permissions and
*e7b1675dSTing-Kang Chang// limitations under the License.
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang///////////////////////////////////////////////////////////////////////////////
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang#ifndef TINK_AEAD_KMS_ENVELOPE_AEAD_H_
*e7b1675dSTing-Kang Chang#define TINK_AEAD_KMS_ENVELOPE_AEAD_H_
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang#include <memory>
*e7b1675dSTing-Kang Chang#include <string>
*e7b1675dSTing-Kang Chang#include <utility>
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang#include "absl/strings/string_view.h"
*e7b1675dSTing-Kang Chang#include "tink/aead.h"
*e7b1675dSTing-Kang Chang#include "tink/util/status.h"
*e7b1675dSTing-Kang Chang#include "tink/util/statusor.h"
*e7b1675dSTing-Kang Chang#include "proto/tink.pb.h"
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Changnamespace crypto {
*e7b1675dSTing-Kang Changnamespace tink {
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang// An implementation of KMS Envelope AEAD encryption
*e7b1675dSTing-Kang Chang// (https://cloud.google.com/kms/docs/data-encryption-keys).
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang// In envelope encryption user generates a data encryption key (DEK) locally,
*e7b1675dSTing-Kang Chang// encrypts data with DEK, sends DEK to a KMS to be encrypted (with a key
*e7b1675dSTing-Kang Chang// managed by KMS), and stores encrypted DEK with encrypted data; at a later
*e7b1675dSTing-Kang Chang// point user can retrieve encrypted data and DEK, use KMS to decrypt DEK,
*e7b1675dSTing-Kang Chang// and use decrypted DEK to decrypt the data.
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang// The ciphertext structure is as follows:
*e7b1675dSTing-Kang Chang//  - Length of encrypted DEK: 4 bytes (big endian)
*e7b1675dSTing-Kang Chang//  - Encrypted DEK: variable length that is equal to the value
*e7b1675dSTing-Kang Chang//    specified in the last 4 bytes.
*e7b1675dSTing-Kang Chang//  - AEAD payload: variable length.
*e7b1675dSTing-Kang Changclass KmsEnvelopeAead : public Aead {
*e7b1675dSTing-Kang Chang public:
*e7b1675dSTing-Kang Chang  static crypto::tink::util::StatusOr<std::unique_ptr<Aead>> New(
*e7b1675dSTing-Kang Chang      const google::crypto::tink::KeyTemplate& dek_template,
*e7b1675dSTing-Kang Chang      std::unique_ptr<Aead> remote_aead);
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang  crypto::tink::util::StatusOr<std::string> Encrypt(
*e7b1675dSTing-Kang Chang      absl::string_view plaintext,
*e7b1675dSTing-Kang Chang      absl::string_view associated_data) const override;
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang  crypto::tink::util::StatusOr<std::string> Decrypt(
*e7b1675dSTing-Kang Chang      absl::string_view ciphertext,
*e7b1675dSTing-Kang Chang      absl::string_view associated_data) const override;
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang  ~KmsEnvelopeAead() override = default;
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang private:
*e7b1675dSTing-Kang Chang  KmsEnvelopeAead(const google::crypto::tink::KeyTemplate& dek_template,
*e7b1675dSTing-Kang Chang                  std::unique_ptr<Aead> remote_aead) :
*e7b1675dSTing-Kang Chang      dek_template_(dek_template), remote_aead_(std::move(remote_aead)) {}
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang  google::crypto::tink::KeyTemplate dek_template_;
*e7b1675dSTing-Kang Chang  std::unique_ptr<Aead> remote_aead_;
*e7b1675dSTing-Kang Chang};
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang}  // namespace tink
*e7b1675dSTing-Kang Chang}  // namespace crypto
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang#endif  // TINK_AEAD_KMS_ENVELOPE_AEAD_H_