1 // Copyright 2018 Google Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 /////////////////////////////////////////////////////////////////////////////// 16 17 #ifndef TINK_SIGNATURE_SIGNATURE_KEY_TEMPLATES_H_ 18 #define TINK_SIGNATURE_SIGNATURE_KEY_TEMPLATES_H_ 19 20 #include "absl/base/macros.h" 21 #include "proto/tink.pb.h" 22 23 namespace crypto { 24 namespace tink { 25 26 /////////////////////////////////////////////////////////////////////////////// 27 // Pre-generated KeyTemplate for signature key types. One can use these 28 // templates to generate new KeysetHandle object with fresh keys. 29 // To generate a new keyset that contains a single EcdsaPrivateKey, one can do: 30 // 31 // auto status = SignatureConfig::Register(); 32 // if (!status.ok()) { /* fail with error */ } 33 // auto handle_result = 34 // KeysetHandle::GenerateNew(SignatureKeyTemplates::EcdsaP256()); 35 // if (!handle_result.ok()) { /* fail with error */ } 36 // auto keyset_handle = std::move(handle_result.value()); 37 class SignatureKeyTemplates { 38 public: 39 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 40 // with the following parameters: 41 // - EC curve: NIST P-256 42 // - hash function: SHA256 43 // - signature encoding: DER 44 // - OutputPrefixType: TINK 45 static const google::crypto::tink::KeyTemplate& EcdsaP256(); 46 47 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 48 // with the following parameters: 49 // - EC curve: NIST P-384 50 // - hash function: SHA512 51 // - signature encoding: DER 52 // - OutputPrefixType: TINK 53 ABSL_DEPRECATED("Use EcdsaP384Sha384() or EcdsaP384Sha512() instead") 54 static const google::crypto::tink::KeyTemplate& EcdsaP384(); 55 56 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 57 // with the following parameters: 58 // - EC curve: NIST P-384 59 // - hash function: SHA384 60 // - signature encoding: DER 61 // - OutputPrefixType: TINK 62 static const google::crypto::tink::KeyTemplate& EcdsaP384Sha384(); 63 64 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 65 // with the following parameters: 66 // - EC curve: NIST P-384 67 // - hash function: SHA512 68 // - signature encoding: DER 69 // - OutputPrefixType: TINK 70 static const google::crypto::tink::KeyTemplate& EcdsaP384Sha512(); 71 72 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 73 // with the following parameters: 74 // - EC curve: NIST P-521 75 // - hash function: SHA512 76 // - signature encoding: DER 77 // - OutputPrefixType: TINK 78 static const google::crypto::tink::KeyTemplate& EcdsaP521(); 79 80 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 81 // with the following parameters: 82 // - EC curve: NIST P-256 83 // - hash function: SHA256 84 // - signature encoding: IEEE_P1363 85 // - OutputPrefixType: RAW 86 // This template will give you compatibility with most other libraries. 87 static const google::crypto::tink::KeyTemplate& EcdsaP256Raw(); 88 89 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 90 // with the following parameters: 91 // - EC curve: NIST P-256 92 // - hash function: SHA256 93 // - signature encoding: IEEE_P1363 94 // - OutputPrefixType: TINK 95 // This key template does not make sense because IEEE P1363 mandates a raw 96 // signature. 97 ABSL_DEPRECATED("Use EcdsaP256() or EcdsaP256Raw() instead") 98 static const google::crypto::tink::KeyTemplate& EcdsaP256Ieee(); 99 100 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 101 // with the following parameters: 102 // - EC curve: NIST P-384 103 // - hash function: SHA512 104 // - signature encoding: IEEE_P1363 105 // - OutputPrefixType: TINK 106 // This key template does not make sense because IEEE P1363 mandates a raw 107 // signature. 108 ABSL_DEPRECATED( 109 "Use EcdsaP384Sha384(), EcdsaP384Sha512() or EcdsaP256Raw() instead") 110 static const google::crypto::tink::KeyTemplate& EcdsaP384Ieee(); 111 112 // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 113 // with the following parameters: 114 // - EC curve: NIST P-521 115 // - hash function: SHA512 116 // - signature encoding: IEEE_P1363 117 // - OutputPrefixType: TINK 118 // This key template does not make sense because IEEE P1363 mandates a raw 119 // signature. 120 ABSL_DEPRECATED("Use EcdsaP521() or EcdsaP256Raw() instead") 121 static const google::crypto::tink::KeyTemplate& EcdsaP521Ieee(); 122 123 // Returns a KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey 124 // with the following parameters: 125 // - Modulus size in bits: 3072. 126 // - Hash function: SHA256. 127 // - Public Exponent: 65537 (aka F4). 128 // - OutputPrefixType: TINK 129 static const google::crypto::tink::KeyTemplate& RsaSsaPkcs13072Sha256F4(); 130 131 // Returns a KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey 132 // with the following parameters: 133 // - Modulus size in bits: 4096. 134 // - Hash function: SHA512. 135 // - Public Exponent: 65537 (aka F4). 136 // - OutputPrefixType: TINK 137 static const google::crypto::tink::KeyTemplate& RsaSsaPkcs14096Sha512F4(); 138 139 // Returns a KeyTemplate that generates new instances of RsaSsaPssPrivateKey 140 // with the following parameters: 141 // - Modulus size in bits: 3072. 142 // - Signature hash: SHA256. 143 // - MGF1 hash: SHA256. 144 // - Salt length: 32 (i.e., SHA256's output length). 145 // - Public Exponent: 65537 (aka F4). 146 // - OutputPrefixType: TINK 147 static const google::crypto::tink::KeyTemplate& RsaSsaPss3072Sha256Sha256F4(); 148 149 // Returns a KeyTemplate that generates new instances of RsaSsaPssPrivateKey 150 // with the following parameters: 151 // - Modulus size in bits: 4096. 152 // - Signature hash: SHA512. 153 // - MGF1 hash: SHA512. 154 // - Salt length: 64 (i.e., SHA512's output length). 155 // - Public Exponent: 65537 (aka F4). 156 // - OutputPrefixType: TINK 157 static const google::crypto::tink::KeyTemplate& RsaSsaPss4096Sha512Sha512F4(); 158 159 // Returns a KeyTemplate that generates new instances of RsaSsaPssPrivateKey 160 // with the following parameters: 161 // - Modulus size in bits: 4096. 162 // - Signature hash: SHA384. 163 // - MGF1 hash: SHA384. 164 // - Salt length: 48 (i.e., SHA384's output length). 165 // - Public Exponent: 65537 (aka F4). 166 // - OutputPrefixType: TINK 167 static const google::crypto::tink::KeyTemplate& RsaSsaPss4096Sha384Sha384F4(); 168 169 // Returns a KeyTemplate that generates new instances of Ed25519PrivateKey. 170 static const google::crypto::tink::KeyTemplate& Ed25519(); 171 172 // Returns a KeyTemplate that generates new instances of Ed25519PrivateKey. 173 // The difference between Ed25519WithRawOutput and Ed25519 is the format of 174 // signatures generated. Ed25519WithRawOutput generates signatures of 175 // OutputPrefixType::RAW format, which is 64 bytes long. 176 static const google::crypto::tink::KeyTemplate& Ed25519WithRawOutput(); 177 }; 178 179 } // namespace tink 180 } // namespace crypto 181 182 #endif // TINK_SIGNATURE_SIGNATURE_KEY_TEMPLATES_H_ 183