xref: /aosp_15_r20/external/tink/cc/jwt/jwt_key_templates.cc (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1*e7b1675dSTing-Kang Chang // Copyright 2021 Google LLC
2*e7b1675dSTing-Kang Chang //
3*e7b1675dSTing-Kang Chang // Licensed under the Apache License, Version 2.0 (the "License");
4*e7b1675dSTing-Kang Chang // you may not use this file except in compliance with the License.
5*e7b1675dSTing-Kang Chang // You may obtain a copy of the License at
6*e7b1675dSTing-Kang Chang //
7*e7b1675dSTing-Kang Chang //     http://www.apache.org/licenses/LICENSE-2.0
8*e7b1675dSTing-Kang Chang //
9*e7b1675dSTing-Kang Chang // Unless required by applicable law or agreed to in writing, software
10*e7b1675dSTing-Kang Chang // distributed under the License is distributed on an "AS IS" BASIS,
11*e7b1675dSTing-Kang Chang // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12*e7b1675dSTing-Kang Chang // See the License for the specific language governing permissions and
13*e7b1675dSTing-Kang Chang // limitations under the License.
14*e7b1675dSTing-Kang Chang //
15*e7b1675dSTing-Kang Chang ///////////////////////////////////////////////////////////////////////////////
16*e7b1675dSTing-Kang Chang 
17*e7b1675dSTing-Kang Chang #include "tink/jwt/jwt_key_templates.h"
18*e7b1675dSTing-Kang Chang 
19*e7b1675dSTing-Kang Chang #include <string>
20*e7b1675dSTing-Kang Chang 
21*e7b1675dSTing-Kang Chang #include "openssl/bn.h"
22*e7b1675dSTing-Kang Chang #include "openssl/rsa.h"
23*e7b1675dSTing-Kang Chang #include "tink/internal/bn_util.h"
24*e7b1675dSTing-Kang Chang #include "tink/internal/ssl_unique_ptr.h"
25*e7b1675dSTing-Kang Chang #include "tink/util/statusor.h"
26*e7b1675dSTing-Kang Chang #include "proto/common.pb.h"
27*e7b1675dSTing-Kang Chang #include "proto/jwt_ecdsa.pb.h"
28*e7b1675dSTing-Kang Chang #include "proto/jwt_hmac.pb.h"
29*e7b1675dSTing-Kang Chang #include "proto/jwt_rsa_ssa_pkcs1.pb.h"
30*e7b1675dSTing-Kang Chang #include "proto/jwt_rsa_ssa_pss.pb.h"
31*e7b1675dSTing-Kang Chang #include "proto/tink.pb.h"
32*e7b1675dSTing-Kang Chang 
33*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtEcdsaAlgorithm;
34*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtEcdsaKeyFormat;
35*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtHmacAlgorithm;
36*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtHmacKeyFormat;
37*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtRsaSsaPkcs1Algorithm;
38*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtRsaSsaPkcs1KeyFormat;
39*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtRsaSsaPssAlgorithm;
40*e7b1675dSTing-Kang Chang using ::google::crypto::tink::JwtRsaSsaPssKeyFormat;
41*e7b1675dSTing-Kang Chang using ::google::crypto::tink::KeyTemplate;
42*e7b1675dSTing-Kang Chang using ::google::crypto::tink::OutputPrefixType;
43*e7b1675dSTing-Kang Chang 
44*e7b1675dSTing-Kang Chang namespace crypto {
45*e7b1675dSTing-Kang Chang namespace tink {
46*e7b1675dSTing-Kang Chang 
47*e7b1675dSTing-Kang Chang namespace {
48*e7b1675dSTing-Kang Chang 
NewJwtHmacKeyTemplate(JwtHmacAlgorithm algorithm,uint32_t key_size,OutputPrefixType output_prefix_type)49*e7b1675dSTing-Kang Chang KeyTemplate* NewJwtHmacKeyTemplate(JwtHmacAlgorithm algorithm,
50*e7b1675dSTing-Kang Chang                                    uint32_t key_size,
51*e7b1675dSTing-Kang Chang                                    OutputPrefixType output_prefix_type) {
52*e7b1675dSTing-Kang Chang   KeyTemplate* key_template = new KeyTemplate;
53*e7b1675dSTing-Kang Chang   key_template->set_type_url(
54*e7b1675dSTing-Kang Chang       "type.googleapis.com/google.crypto.tink.JwtHmacKey");
55*e7b1675dSTing-Kang Chang   key_template->set_output_prefix_type(output_prefix_type);
56*e7b1675dSTing-Kang Chang   JwtHmacKeyFormat key_format;
57*e7b1675dSTing-Kang Chang   key_format.set_key_size(key_size);
58*e7b1675dSTing-Kang Chang   key_format.set_algorithm(algorithm);
59*e7b1675dSTing-Kang Chang   key_format.SerializeToString(key_template->mutable_value());
60*e7b1675dSTing-Kang Chang   return key_template;
61*e7b1675dSTing-Kang Chang }
62*e7b1675dSTing-Kang Chang 
NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm algorithm,OutputPrefixType output_prefix_type)63*e7b1675dSTing-Kang Chang KeyTemplate* NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm algorithm,
64*e7b1675dSTing-Kang Chang                                     OutputPrefixType output_prefix_type) {
65*e7b1675dSTing-Kang Chang   KeyTemplate* key_template = new KeyTemplate;
66*e7b1675dSTing-Kang Chang   key_template->set_type_url(
67*e7b1675dSTing-Kang Chang       "type.googleapis.com/google.crypto.tink.JwtEcdsaPrivateKey");
68*e7b1675dSTing-Kang Chang   key_template->set_output_prefix_type(output_prefix_type);
69*e7b1675dSTing-Kang Chang   JwtEcdsaKeyFormat key_format;
70*e7b1675dSTing-Kang Chang   key_format.set_algorithm(algorithm);
71*e7b1675dSTing-Kang Chang   key_format.SerializeToString(key_template->mutable_value());
72*e7b1675dSTing-Kang Chang   return key_template;
73*e7b1675dSTing-Kang Chang }
74*e7b1675dSTing-Kang Chang 
NewJwtRsaSsaPkcs1KeyTemplate(JwtRsaSsaPkcs1Algorithm algorithm,int modulus_size_in_bits,int public_exponent,OutputPrefixType output_prefix_type)75*e7b1675dSTing-Kang Chang KeyTemplate* NewJwtRsaSsaPkcs1KeyTemplate(JwtRsaSsaPkcs1Algorithm algorithm,
76*e7b1675dSTing-Kang Chang                                           int modulus_size_in_bits,
77*e7b1675dSTing-Kang Chang                                           int public_exponent,
78*e7b1675dSTing-Kang Chang                                           OutputPrefixType output_prefix_type) {
79*e7b1675dSTing-Kang Chang   KeyTemplate* key_template = new KeyTemplate;
80*e7b1675dSTing-Kang Chang   key_template->set_type_url(
81*e7b1675dSTing-Kang Chang       "type.googleapis.com/google.crypto.tink.JwtRsaSsaPkcs1PrivateKey");
82*e7b1675dSTing-Kang Chang   key_template->set_output_prefix_type(output_prefix_type);
83*e7b1675dSTing-Kang Chang   JwtRsaSsaPkcs1KeyFormat key_format;
84*e7b1675dSTing-Kang Chang   key_format.set_algorithm(algorithm);
85*e7b1675dSTing-Kang Chang   key_format.set_modulus_size_in_bits(modulus_size_in_bits);
86*e7b1675dSTing-Kang Chang   internal::SslUniquePtr<BIGNUM> e(BN_new());
87*e7b1675dSTing-Kang Chang   BN_set_word(e.get(), public_exponent);
88*e7b1675dSTing-Kang Chang   util::StatusOr<std::string> e_str =
89*e7b1675dSTing-Kang Chang       internal::BignumToString(e.get(), BN_num_bytes(e.get()));
90*e7b1675dSTing-Kang Chang   key_format.set_public_exponent(e_str.value());
91*e7b1675dSTing-Kang Chang   key_format.SerializeToString(key_template->mutable_value());
92*e7b1675dSTing-Kang Chang   return key_template;
93*e7b1675dSTing-Kang Chang }
94*e7b1675dSTing-Kang Chang 
NewJwtRsaSsaPssKeyTemplate(JwtRsaSsaPssAlgorithm algorithm,int modulus_size_in_bits,int public_exponent,OutputPrefixType output_prefix_type)95*e7b1675dSTing-Kang Chang KeyTemplate* NewJwtRsaSsaPssKeyTemplate(JwtRsaSsaPssAlgorithm algorithm,
96*e7b1675dSTing-Kang Chang                                         int modulus_size_in_bits,
97*e7b1675dSTing-Kang Chang                                         int public_exponent,
98*e7b1675dSTing-Kang Chang                                         OutputPrefixType output_prefix_type) {
99*e7b1675dSTing-Kang Chang   KeyTemplate* key_template = new KeyTemplate;
100*e7b1675dSTing-Kang Chang   key_template->set_type_url(
101*e7b1675dSTing-Kang Chang       "type.googleapis.com/google.crypto.tink.JwtRsaSsaPssPrivateKey");
102*e7b1675dSTing-Kang Chang   key_template->set_output_prefix_type(output_prefix_type);
103*e7b1675dSTing-Kang Chang   JwtRsaSsaPssKeyFormat key_format;
104*e7b1675dSTing-Kang Chang   key_format.set_algorithm(algorithm);
105*e7b1675dSTing-Kang Chang   key_format.set_modulus_size_in_bits(modulus_size_in_bits);
106*e7b1675dSTing-Kang Chang   internal::SslUniquePtr<BIGNUM> e(BN_new());
107*e7b1675dSTing-Kang Chang   BN_set_word(e.get(), public_exponent);
108*e7b1675dSTing-Kang Chang   util::StatusOr<std::string> e_str =
109*e7b1675dSTing-Kang Chang       internal::BignumToString(e.get(), BN_num_bytes(e.get()));
110*e7b1675dSTing-Kang Chang   key_format.set_public_exponent(e_str.value());
111*e7b1675dSTing-Kang Chang   key_format.SerializeToString(key_template->mutable_value());
112*e7b1675dSTing-Kang Chang   return key_template;
113*e7b1675dSTing-Kang Chang }
114*e7b1675dSTing-Kang Chang 
115*e7b1675dSTing-Kang Chang }  // anonymous namespace
116*e7b1675dSTing-Kang Chang 
JwtHs256Template()117*e7b1675dSTing-Kang Chang const KeyTemplate& JwtHs256Template() {
118*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtHmacKeyTemplate(
119*e7b1675dSTing-Kang Chang       JwtHmacAlgorithm::HS256, 32, OutputPrefixType::TINK);
120*e7b1675dSTing-Kang Chang   return *key_template;
121*e7b1675dSTing-Kang Chang }
122*e7b1675dSTing-Kang Chang 
RawJwtHs256Template()123*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtHs256Template() {
124*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
125*e7b1675dSTing-Kang Chang       NewJwtHmacKeyTemplate(JwtHmacAlgorithm::HS256, 32, OutputPrefixType::RAW);
126*e7b1675dSTing-Kang Chang   return *key_template;
127*e7b1675dSTing-Kang Chang }
128*e7b1675dSTing-Kang Chang 
JwtHs384Template()129*e7b1675dSTing-Kang Chang const KeyTemplate& JwtHs384Template() {
130*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtHmacKeyTemplate(
131*e7b1675dSTing-Kang Chang       JwtHmacAlgorithm::HS384, 48, OutputPrefixType::TINK);
132*e7b1675dSTing-Kang Chang   return *key_template;
133*e7b1675dSTing-Kang Chang }
134*e7b1675dSTing-Kang Chang 
RawJwtHs384Template()135*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtHs384Template() {
136*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
137*e7b1675dSTing-Kang Chang       NewJwtHmacKeyTemplate(JwtHmacAlgorithm::HS384, 48, OutputPrefixType::RAW);
138*e7b1675dSTing-Kang Chang   return *key_template;
139*e7b1675dSTing-Kang Chang }
140*e7b1675dSTing-Kang Chang 
JwtHs512Template()141*e7b1675dSTing-Kang Chang const KeyTemplate& JwtHs512Template() {
142*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtHmacKeyTemplate(
143*e7b1675dSTing-Kang Chang       JwtHmacAlgorithm::HS512, 64, OutputPrefixType::TINK);
144*e7b1675dSTing-Kang Chang   return *key_template;
145*e7b1675dSTing-Kang Chang }
146*e7b1675dSTing-Kang Chang 
RawJwtHs512Template()147*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtHs512Template() {
148*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
149*e7b1675dSTing-Kang Chang       NewJwtHmacKeyTemplate(JwtHmacAlgorithm::HS512, 64, OutputPrefixType::RAW);
150*e7b1675dSTing-Kang Chang   return *key_template;
151*e7b1675dSTing-Kang Chang }
152*e7b1675dSTing-Kang Chang 
JwtEs256Template()153*e7b1675dSTing-Kang Chang const KeyTemplate& JwtEs256Template() {
154*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
155*e7b1675dSTing-Kang Chang       NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm::ES256, OutputPrefixType::TINK);
156*e7b1675dSTing-Kang Chang   return *key_template;
157*e7b1675dSTing-Kang Chang }
158*e7b1675dSTing-Kang Chang 
RawJwtEs256Template()159*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtEs256Template() {
160*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
161*e7b1675dSTing-Kang Chang       NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm::ES256, OutputPrefixType::RAW);
162*e7b1675dSTing-Kang Chang   return *key_template;
163*e7b1675dSTing-Kang Chang }
164*e7b1675dSTing-Kang Chang 
JwtEs384Template()165*e7b1675dSTing-Kang Chang const KeyTemplate& JwtEs384Template() {
166*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
167*e7b1675dSTing-Kang Chang       NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm::ES384, OutputPrefixType::TINK);
168*e7b1675dSTing-Kang Chang   return *key_template;
169*e7b1675dSTing-Kang Chang }
170*e7b1675dSTing-Kang Chang 
RawJwtEs384Template()171*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtEs384Template() {
172*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
173*e7b1675dSTing-Kang Chang       NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm::ES384, OutputPrefixType::RAW);
174*e7b1675dSTing-Kang Chang   return *key_template;
175*e7b1675dSTing-Kang Chang }
176*e7b1675dSTing-Kang Chang 
JwtEs512Template()177*e7b1675dSTing-Kang Chang const KeyTemplate& JwtEs512Template() {
178*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
179*e7b1675dSTing-Kang Chang       NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm::ES512, OutputPrefixType::TINK);
180*e7b1675dSTing-Kang Chang   return *key_template;
181*e7b1675dSTing-Kang Chang }
182*e7b1675dSTing-Kang Chang 
RawJwtEs512Template()183*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtEs512Template() {
184*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template =
185*e7b1675dSTing-Kang Chang       NewJwtEcdsaKeyTemplate(JwtEcdsaAlgorithm::ES512, OutputPrefixType::RAW);
186*e7b1675dSTing-Kang Chang   return *key_template;
187*e7b1675dSTing-Kang Chang }
188*e7b1675dSTing-Kang Chang 
JwtRs256_2048_F4_Template()189*e7b1675dSTing-Kang Chang const KeyTemplate& JwtRs256_2048_F4_Template() {
190*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
191*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS256, 2048, RSA_F4, OutputPrefixType::TINK);
192*e7b1675dSTing-Kang Chang   return *key_template;
193*e7b1675dSTing-Kang Chang }
194*e7b1675dSTing-Kang Chang 
RawJwtRs256_2048_F4_Template()195*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtRs256_2048_F4_Template() {
196*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
197*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS256, 2048, RSA_F4, OutputPrefixType::RAW);
198*e7b1675dSTing-Kang Chang   return *key_template;
199*e7b1675dSTing-Kang Chang }
200*e7b1675dSTing-Kang Chang 
JwtRs256_3072_F4_Template()201*e7b1675dSTing-Kang Chang const KeyTemplate& JwtRs256_3072_F4_Template() {
202*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
203*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS256, 3072, RSA_F4, OutputPrefixType::TINK);
204*e7b1675dSTing-Kang Chang   return *key_template;
205*e7b1675dSTing-Kang Chang }
206*e7b1675dSTing-Kang Chang 
RawJwtRs256_3072_F4_Template()207*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtRs256_3072_F4_Template() {
208*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
209*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS256, 3072, RSA_F4, OutputPrefixType::RAW);
210*e7b1675dSTing-Kang Chang   return *key_template;
211*e7b1675dSTing-Kang Chang }
212*e7b1675dSTing-Kang Chang 
JwtRs384_3072_F4_Template()213*e7b1675dSTing-Kang Chang const KeyTemplate& JwtRs384_3072_F4_Template() {
214*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
215*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS384, 3072, RSA_F4, OutputPrefixType::TINK);
216*e7b1675dSTing-Kang Chang   return *key_template;
217*e7b1675dSTing-Kang Chang }
218*e7b1675dSTing-Kang Chang 
RawJwtRs384_3072_F4_Template()219*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtRs384_3072_F4_Template() {
220*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
221*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS384, 3072, RSA_F4, OutputPrefixType::RAW);
222*e7b1675dSTing-Kang Chang   return *key_template;
223*e7b1675dSTing-Kang Chang }
224*e7b1675dSTing-Kang Chang 
JwtRs512_4096_F4_Template()225*e7b1675dSTing-Kang Chang const KeyTemplate& JwtRs512_4096_F4_Template() {
226*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
227*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS512, 4096, RSA_F4, OutputPrefixType::TINK);
228*e7b1675dSTing-Kang Chang   return *key_template;
229*e7b1675dSTing-Kang Chang }
230*e7b1675dSTing-Kang Chang 
RawJwtRs512_4096_F4_Template()231*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtRs512_4096_F4_Template() {
232*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPkcs1KeyTemplate(
233*e7b1675dSTing-Kang Chang       JwtRsaSsaPkcs1Algorithm::RS512, 4096, RSA_F4, OutputPrefixType::RAW);
234*e7b1675dSTing-Kang Chang   return *key_template;
235*e7b1675dSTing-Kang Chang }
236*e7b1675dSTing-Kang Chang 
JwtPs256_2048_F4_Template()237*e7b1675dSTing-Kang Chang const KeyTemplate& JwtPs256_2048_F4_Template() {
238*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
239*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS256, 2048, RSA_F4, OutputPrefixType::TINK);
240*e7b1675dSTing-Kang Chang   return *key_template;
241*e7b1675dSTing-Kang Chang }
242*e7b1675dSTing-Kang Chang 
RawJwtPs256_2048_F4_Template()243*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtPs256_2048_F4_Template() {
244*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
245*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS256, 2048, RSA_F4, OutputPrefixType::RAW);
246*e7b1675dSTing-Kang Chang   return *key_template;
247*e7b1675dSTing-Kang Chang }
248*e7b1675dSTing-Kang Chang 
JwtPs256_3072_F4_Template()249*e7b1675dSTing-Kang Chang const KeyTemplate& JwtPs256_3072_F4_Template() {
250*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
251*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS256, 3072, RSA_F4, OutputPrefixType::TINK);
252*e7b1675dSTing-Kang Chang   return *key_template;
253*e7b1675dSTing-Kang Chang }
254*e7b1675dSTing-Kang Chang 
RawJwtPs256_3072_F4_Template()255*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtPs256_3072_F4_Template() {
256*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
257*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS256, 3072, RSA_F4, OutputPrefixType::RAW);
258*e7b1675dSTing-Kang Chang   return *key_template;
259*e7b1675dSTing-Kang Chang }
260*e7b1675dSTing-Kang Chang 
JwtPs384_3072_F4_Template()261*e7b1675dSTing-Kang Chang const KeyTemplate& JwtPs384_3072_F4_Template() {
262*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
263*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS384, 3072, RSA_F4, OutputPrefixType::TINK);
264*e7b1675dSTing-Kang Chang   return *key_template;
265*e7b1675dSTing-Kang Chang }
266*e7b1675dSTing-Kang Chang 
RawJwtPs384_3072_F4_Template()267*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtPs384_3072_F4_Template() {
268*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
269*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS384, 3072, RSA_F4, OutputPrefixType::RAW);
270*e7b1675dSTing-Kang Chang   return *key_template;
271*e7b1675dSTing-Kang Chang }
272*e7b1675dSTing-Kang Chang 
JwtPs512_4096_F4_Template()273*e7b1675dSTing-Kang Chang const KeyTemplate& JwtPs512_4096_F4_Template() {
274*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
275*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS512, 4096, RSA_F4, OutputPrefixType::TINK);
276*e7b1675dSTing-Kang Chang   return *key_template;
277*e7b1675dSTing-Kang Chang }
278*e7b1675dSTing-Kang Chang 
RawJwtPs512_4096_F4_Template()279*e7b1675dSTing-Kang Chang const KeyTemplate& RawJwtPs512_4096_F4_Template() {
280*e7b1675dSTing-Kang Chang   static const KeyTemplate* key_template = NewJwtRsaSsaPssKeyTemplate(
281*e7b1675dSTing-Kang Chang       JwtRsaSsaPssAlgorithm::PS512, 4096, RSA_F4, OutputPrefixType::RAW);
282*e7b1675dSTing-Kang Chang   return *key_template;
283*e7b1675dSTing-Kang Chang }
284*e7b1675dSTing-Kang Chang 
285*e7b1675dSTing-Kang Chang }  // namespace tink
286*e7b1675dSTing-Kang Chang }  // namespace crypto
287