xref: /aosp_15_r20/external/tink/cc/hybrid/hybrid_key_templates.cc (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2018 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 
17 #include "tink/hybrid/hybrid_key_templates.h"
18 
19 #include <string>
20 
21 #include "absl/strings/string_view.h"
22 #include "tink/aead/aead_key_templates.h"
23 #include "tink/daead/deterministic_aead_key_templates.h"
24 #include "proto/common.pb.h"
25 #include "proto/ecies_aead_hkdf.pb.h"
26 #include "proto/hpke.pb.h"
27 #include "proto/tink.pb.h"
28 
29 namespace crypto {
30 namespace tink {
31 namespace {
32 
33 using google::crypto::tink::EciesAeadHkdfKeyFormat;
34 using google::crypto::tink::EcPointFormat;
35 using google::crypto::tink::EllipticCurveType;
36 using google::crypto::tink::HashType;
37 using google::crypto::tink::HpkeAead;
38 using google::crypto::tink::HpkeKdf;
39 using google::crypto::tink::HpkeKem;
40 using google::crypto::tink::HpkeKeyFormat;
41 using google::crypto::tink::HpkeParams;
42 using google::crypto::tink::KeyTemplate;
43 using google::crypto::tink::OutputPrefixType;
44 
NewEciesAeadHkdfKeyTemplate(EllipticCurveType curve_type,HashType hkdf_hash_type,EcPointFormat ec_point_format,const KeyTemplate & dem_key_template,OutputPrefixType prefix_type,absl::string_view hkdf_salt)45 KeyTemplate* NewEciesAeadHkdfKeyTemplate(
46     EllipticCurveType curve_type,
47     HashType hkdf_hash_type,
48     EcPointFormat ec_point_format,
49     const KeyTemplate& dem_key_template,
50     OutputPrefixType prefix_type,
51     absl::string_view hkdf_salt) {
52   KeyTemplate* key_template = new KeyTemplate;
53   key_template->set_type_url(
54       "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey");
55   key_template->set_output_prefix_type(prefix_type);
56   EciesAeadHkdfKeyFormat key_format;
57   key_format.mutable_params()->set_ec_point_format(ec_point_format);
58   auto dem_params = key_format.mutable_params()->mutable_dem_params();
59   *(dem_params->mutable_aead_dem()) = dem_key_template;
60   auto kem_params = key_format.mutable_params()->mutable_kem_params();
61   kem_params->set_curve_type(curve_type);
62   kem_params->set_hkdf_hash_type(hkdf_hash_type);
63   kem_params->set_hkdf_salt(std::string(hkdf_salt));
64   key_format.SerializeToString(key_template->mutable_value());
65   return key_template;
66 }
67 
NewHpkeKeyTemplate(HpkeKem kem,HpkeKdf kdf,HpkeAead aead,OutputPrefixType prefix_type)68 KeyTemplate* NewHpkeKeyTemplate(HpkeKem kem, HpkeKdf kdf, HpkeAead aead,
69                                 OutputPrefixType prefix_type) {
70   KeyTemplate* key_template = new KeyTemplate;
71   key_template->set_type_url(
72       "type.googleapis.com/google.crypto.tink.HpkePrivateKey");
73   key_template->set_output_prefix_type(prefix_type);
74   HpkeKeyFormat key_format;
75   HpkeParams* params = key_format.mutable_params();
76   params->set_kem(kem);
77   params->set_kdf(kdf);
78   params->set_aead(aead);
79   key_format.SerializeToString(key_template->mutable_value());
80   return key_template;
81 }
82 
83 }  // anonymous namespace
84 
85 // static
EciesP256HkdfHmacSha256Aes128Gcm()86 const KeyTemplate& HybridKeyTemplates::EciesP256HkdfHmacSha256Aes128Gcm() {
87   static const KeyTemplate* key_template =
88       NewEciesAeadHkdfKeyTemplate(EllipticCurveType::NIST_P256,
89                                   HashType::SHA256,
90                                   EcPointFormat::UNCOMPRESSED,
91                                   AeadKeyTemplates::Aes128Gcm(),
92                                   OutputPrefixType::TINK,
93                                   /* hkdf_salt= */ "");
94   return *key_template;
95 }
96 
97 // static
EciesP256HkdfHmacSha512Aes128Gcm()98 const KeyTemplate& HybridKeyTemplates::EciesP256HkdfHmacSha512Aes128Gcm() {
99   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
100       EllipticCurveType::NIST_P256, HashType::SHA512,
101       EcPointFormat::UNCOMPRESSED, AeadKeyTemplates::Aes128Gcm(),
102       OutputPrefixType::TINK,
103       /* hkdf_salt= */ "");
104   return *key_template;
105 }
106 
107 // static
108 const KeyTemplate&
EciesP256HkdfHmacSha256Aes128GcmCompressedWithoutPrefix()109 HybridKeyTemplates::EciesP256HkdfHmacSha256Aes128GcmCompressedWithoutPrefix() {
110   static const KeyTemplate* key_template =
111       NewEciesAeadHkdfKeyTemplate(EllipticCurveType::NIST_P256,
112                                   HashType::SHA256,
113                                   EcPointFormat::COMPRESSED,
114                                   AeadKeyTemplates::Aes128Gcm(),
115                                   OutputPrefixType::RAW,
116                                   /* hkdf_salt= */ "");
117   return *key_template;
118 }
119 
120 // static
121 const KeyTemplate&
EciesP256HkdfHmacSha256Aes128CtrHmacSha256()122 HybridKeyTemplates::EciesP256HkdfHmacSha256Aes128CtrHmacSha256() {
123   static const KeyTemplate* key_template =
124       NewEciesAeadHkdfKeyTemplate(EllipticCurveType::NIST_P256,
125                                   HashType::SHA256,
126                                   EcPointFormat::UNCOMPRESSED,
127                                   AeadKeyTemplates::Aes128CtrHmacSha256(),
128                                   OutputPrefixType::TINK,
129                                   /* hkdf_salt= */ "");
130   return *key_template;
131 }
132 
133 // static
134 const KeyTemplate&
EciesP256HkdfHmacSha512Aes128CtrHmacSha256()135 HybridKeyTemplates::EciesP256HkdfHmacSha512Aes128CtrHmacSha256() {
136   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
137       EllipticCurveType::NIST_P256, HashType::SHA512,
138       EcPointFormat::UNCOMPRESSED, AeadKeyTemplates::Aes128CtrHmacSha256(),
139       OutputPrefixType::TINK,
140       /* hkdf_salt= */ "");
141   return *key_template;
142 }
143 
144 // static
145 const KeyTemplate&
EciesP256CompressedHkdfHmacSha256Aes128Gcm()146 HybridKeyTemplates::EciesP256CompressedHkdfHmacSha256Aes128Gcm() {
147   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
148       EllipticCurveType::NIST_P256, HashType::SHA256, EcPointFormat::COMPRESSED,
149       AeadKeyTemplates::Aes128Gcm(),
150       OutputPrefixType::TINK,
151       /* hkdf_salt= */ "");
152   return *key_template;
153 }
154 
155 // static
156 const KeyTemplate&
EciesP256CompressedHkdfHmacSha256Aes128CtrHmacSha256()157 HybridKeyTemplates::EciesP256CompressedHkdfHmacSha256Aes128CtrHmacSha256() {
158   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
159       EllipticCurveType::NIST_P256, HashType::SHA256, EcPointFormat::COMPRESSED,
160       AeadKeyTemplates::Aes128CtrHmacSha256(),
161       OutputPrefixType::TINK,
162       /* hkdf_salt= */ "");
163   return *key_template;
164 }
165 
166 // static
EciesX25519HkdfHmacSha256Aes128Gcm()167 const KeyTemplate& HybridKeyTemplates::EciesX25519HkdfHmacSha256Aes128Gcm() {
168   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
169       EllipticCurveType::CURVE25519, HashType::SHA256,
170       EcPointFormat::COMPRESSED, AeadKeyTemplates::Aes128Gcm(),
171       OutputPrefixType::TINK,
172       /* hkdf_salt= */ "");
173   return *key_template;
174 }
175 
176 // static
EciesX25519HkdfHmacSha256Aes256Gcm()177 const KeyTemplate& HybridKeyTemplates::EciesX25519HkdfHmacSha256Aes256Gcm() {
178   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
179       EllipticCurveType::CURVE25519, HashType::SHA256,
180       EcPointFormat::COMPRESSED, AeadKeyTemplates::Aes256Gcm(),
181       OutputPrefixType::TINK,
182       /* hkdf_salt= */ "");
183   return *key_template;
184 }
185 
186 // static
187 const KeyTemplate&
EciesX25519HkdfHmacSha256Aes128CtrHmacSha256()188 HybridKeyTemplates::EciesX25519HkdfHmacSha256Aes128CtrHmacSha256() {
189   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
190       EllipticCurveType::CURVE25519, HashType::SHA256,
191       EcPointFormat::COMPRESSED, AeadKeyTemplates::Aes128CtrHmacSha256(),
192       OutputPrefixType::TINK,
193       /* hkdf_salt= */ "");
194   return *key_template;
195 }
196 
197 // static
198 const KeyTemplate&
EciesX25519HkdfHmacSha256XChaCha20Poly1305()199 HybridKeyTemplates::EciesX25519HkdfHmacSha256XChaCha20Poly1305() {
200   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
201       EllipticCurveType::CURVE25519, HashType::SHA256,
202       EcPointFormat::COMPRESSED, AeadKeyTemplates::XChaCha20Poly1305(),
203       OutputPrefixType::TINK,
204       /* hkdf_salt= */ "");
205   return *key_template;
206 }
207 
208 // static
209 const KeyTemplate&
EciesX25519HkdfHmacSha256DeterministicAesSiv()210 HybridKeyTemplates::EciesX25519HkdfHmacSha256DeterministicAesSiv() {
211   static const KeyTemplate* key_template = NewEciesAeadHkdfKeyTemplate(
212       EllipticCurveType::CURVE25519, HashType::SHA256,
213       EcPointFormat::COMPRESSED, DeterministicAeadKeyTemplates::Aes256Siv(),
214       OutputPrefixType::TINK,
215       /* hkdf_salt= */ "");
216   return *key_template;
217 }
218 
219 // static
HpkeX25519HkdfSha256Aes128Gcm()220 const KeyTemplate& HybridKeyTemplates::HpkeX25519HkdfSha256Aes128Gcm() {
221   static const KeyTemplate* key_template = NewHpkeKeyTemplate(
222       HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
223       HpkeAead::AES_128_GCM, OutputPrefixType::TINK);
224   return *key_template;
225 }
226 
227 // static
HpkeX25519HkdfSha256Aes128GcmRaw()228 const KeyTemplate& HybridKeyTemplates::HpkeX25519HkdfSha256Aes128GcmRaw() {
229   static const KeyTemplate* key_template = NewHpkeKeyTemplate(
230       HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
231       HpkeAead::AES_128_GCM, OutputPrefixType::RAW);
232   return *key_template;
233 }
234 
235 // static
HpkeX25519HkdfSha256Aes256Gcm()236 const KeyTemplate& HybridKeyTemplates::HpkeX25519HkdfSha256Aes256Gcm() {
237   static const KeyTemplate* key_template = NewHpkeKeyTemplate(
238       HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
239       HpkeAead::AES_256_GCM, OutputPrefixType::TINK);
240   return *key_template;
241 }
242 
243 // static
HpkeX25519HkdfSha256Aes256GcmRaw()244 const KeyTemplate& HybridKeyTemplates::HpkeX25519HkdfSha256Aes256GcmRaw() {
245   static const KeyTemplate* key_template = NewHpkeKeyTemplate(
246       HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
247       HpkeAead::AES_256_GCM, OutputPrefixType::RAW);
248   return *key_template;
249 }
250 
251 // static
252 const KeyTemplate&
HpkeX25519HkdfSha256ChaCha20Poly1305()253 HybridKeyTemplates::HpkeX25519HkdfSha256ChaCha20Poly1305() {
254   static const KeyTemplate* key_template = NewHpkeKeyTemplate(
255       HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
256       HpkeAead::CHACHA20_POLY1305, OutputPrefixType::TINK);
257   return *key_template;
258 }
259 
260 // static
261 const KeyTemplate&
HpkeX25519HkdfSha256ChaCha20Poly1305Raw()262 HybridKeyTemplates::HpkeX25519HkdfSha256ChaCha20Poly1305Raw() {
263   static const KeyTemplate* key_template = NewHpkeKeyTemplate(
264       HpkeKem::DHKEM_X25519_HKDF_SHA256, HpkeKdf::HKDF_SHA256,
265       HpkeAead::CHACHA20_POLY1305, OutputPrefixType::RAW);
266   return *key_template;
267 }
268 
269 }  // namespace tink
270 }  // namespace crypto
271