1*e7b1675dSTing-Kang Chang // Copyright 2018 Google Inc. 2*e7b1675dSTing-Kang Chang // 3*e7b1675dSTing-Kang Chang // Licensed under the Apache License, Version 2.0 (the "License"); 4*e7b1675dSTing-Kang Chang // you may not use this file except in compliance with the License. 5*e7b1675dSTing-Kang Chang // You may obtain a copy of the License at 6*e7b1675dSTing-Kang Chang // 7*e7b1675dSTing-Kang Chang // http://www.apache.org/licenses/LICENSE-2.0 8*e7b1675dSTing-Kang Chang // 9*e7b1675dSTing-Kang Chang // Unless required by applicable law or agreed to in writing, software 10*e7b1675dSTing-Kang Chang // distributed under the License is distributed on an "AS IS" BASIS, 11*e7b1675dSTing-Kang Chang // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e7b1675dSTing-Kang Chang // See the License for the specific language governing permissions and 13*e7b1675dSTing-Kang Chang // limitations under the License. 14*e7b1675dSTing-Kang Chang // 15*e7b1675dSTing-Kang Chang /////////////////////////////////////////////////////////////////////////////// 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Chang #ifndef TINK_SIGNATURE_SIGNATURE_KEY_TEMPLATES_H_ 18*e7b1675dSTing-Kang Chang #define TINK_SIGNATURE_SIGNATURE_KEY_TEMPLATES_H_ 19*e7b1675dSTing-Kang Chang 20*e7b1675dSTing-Kang Chang #include "absl/base/macros.h" 21*e7b1675dSTing-Kang Chang #include "proto/tink.pb.h" 22*e7b1675dSTing-Kang Chang 23*e7b1675dSTing-Kang Chang namespace crypto { 24*e7b1675dSTing-Kang Chang namespace tink { 25*e7b1675dSTing-Kang Chang 26*e7b1675dSTing-Kang Chang /////////////////////////////////////////////////////////////////////////////// 27*e7b1675dSTing-Kang Chang // Pre-generated KeyTemplate for signature key types. One can use these 28*e7b1675dSTing-Kang Chang // templates to generate new KeysetHandle object with fresh keys. 29*e7b1675dSTing-Kang Chang // To generate a new keyset that contains a single EcdsaPrivateKey, one can do: 30*e7b1675dSTing-Kang Chang // 31*e7b1675dSTing-Kang Chang // auto status = SignatureConfig::Register(); 32*e7b1675dSTing-Kang Chang // if (!status.ok()) { /* fail with error */ } 33*e7b1675dSTing-Kang Chang // auto handle_result = 34*e7b1675dSTing-Kang Chang // KeysetHandle::GenerateNew(SignatureKeyTemplates::EcdsaP256()); 35*e7b1675dSTing-Kang Chang // if (!handle_result.ok()) { /* fail with error */ } 36*e7b1675dSTing-Kang Chang // auto keyset_handle = std::move(handle_result.value()); 37*e7b1675dSTing-Kang Chang class SignatureKeyTemplates { 38*e7b1675dSTing-Kang Chang public: 39*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 40*e7b1675dSTing-Kang Chang // with the following parameters: 41*e7b1675dSTing-Kang Chang // - EC curve: NIST P-256 42*e7b1675dSTing-Kang Chang // - hash function: SHA256 43*e7b1675dSTing-Kang Chang // - signature encoding: DER 44*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 45*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP256(); 46*e7b1675dSTing-Kang Chang 47*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 48*e7b1675dSTing-Kang Chang // with the following parameters: 49*e7b1675dSTing-Kang Chang // - EC curve: NIST P-384 50*e7b1675dSTing-Kang Chang // - hash function: SHA512 51*e7b1675dSTing-Kang Chang // - signature encoding: DER 52*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 53*e7b1675dSTing-Kang Chang ABSL_DEPRECATED("Use EcdsaP384Sha384() or EcdsaP384Sha512() instead") 54*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP384(); 55*e7b1675dSTing-Kang Chang 56*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 57*e7b1675dSTing-Kang Chang // with the following parameters: 58*e7b1675dSTing-Kang Chang // - EC curve: NIST P-384 59*e7b1675dSTing-Kang Chang // - hash function: SHA384 60*e7b1675dSTing-Kang Chang // - signature encoding: DER 61*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 62*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP384Sha384(); 63*e7b1675dSTing-Kang Chang 64*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 65*e7b1675dSTing-Kang Chang // with the following parameters: 66*e7b1675dSTing-Kang Chang // - EC curve: NIST P-384 67*e7b1675dSTing-Kang Chang // - hash function: SHA512 68*e7b1675dSTing-Kang Chang // - signature encoding: DER 69*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 70*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP384Sha512(); 71*e7b1675dSTing-Kang Chang 72*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 73*e7b1675dSTing-Kang Chang // with the following parameters: 74*e7b1675dSTing-Kang Chang // - EC curve: NIST P-521 75*e7b1675dSTing-Kang Chang // - hash function: SHA512 76*e7b1675dSTing-Kang Chang // - signature encoding: DER 77*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 78*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP521(); 79*e7b1675dSTing-Kang Chang 80*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 81*e7b1675dSTing-Kang Chang // with the following parameters: 82*e7b1675dSTing-Kang Chang // - EC curve: NIST P-256 83*e7b1675dSTing-Kang Chang // - hash function: SHA256 84*e7b1675dSTing-Kang Chang // - signature encoding: IEEE_P1363 85*e7b1675dSTing-Kang Chang // - OutputPrefixType: RAW 86*e7b1675dSTing-Kang Chang // This template will give you compatibility with most other libraries. 87*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP256Raw(); 88*e7b1675dSTing-Kang Chang 89*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 90*e7b1675dSTing-Kang Chang // with the following parameters: 91*e7b1675dSTing-Kang Chang // - EC curve: NIST P-256 92*e7b1675dSTing-Kang Chang // - hash function: SHA256 93*e7b1675dSTing-Kang Chang // - signature encoding: IEEE_P1363 94*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 95*e7b1675dSTing-Kang Chang // This key template does not make sense because IEEE P1363 mandates a raw 96*e7b1675dSTing-Kang Chang // signature. 97*e7b1675dSTing-Kang Chang ABSL_DEPRECATED("Use EcdsaP256() or EcdsaP256Raw() instead") 98*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP256Ieee(); 99*e7b1675dSTing-Kang Chang 100*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 101*e7b1675dSTing-Kang Chang // with the following parameters: 102*e7b1675dSTing-Kang Chang // - EC curve: NIST P-384 103*e7b1675dSTing-Kang Chang // - hash function: SHA512 104*e7b1675dSTing-Kang Chang // - signature encoding: IEEE_P1363 105*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 106*e7b1675dSTing-Kang Chang // This key template does not make sense because IEEE P1363 mandates a raw 107*e7b1675dSTing-Kang Chang // signature. 108*e7b1675dSTing-Kang Chang ABSL_DEPRECATED( 109*e7b1675dSTing-Kang Chang "Use EcdsaP384Sha384(), EcdsaP384Sha512() or EcdsaP256Raw() instead") 110*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP384Ieee(); 111*e7b1675dSTing-Kang Chang 112*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of EcdsaPrivateKey 113*e7b1675dSTing-Kang Chang // with the following parameters: 114*e7b1675dSTing-Kang Chang // - EC curve: NIST P-521 115*e7b1675dSTing-Kang Chang // - hash function: SHA512 116*e7b1675dSTing-Kang Chang // - signature encoding: IEEE_P1363 117*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 118*e7b1675dSTing-Kang Chang // This key template does not make sense because IEEE P1363 mandates a raw 119*e7b1675dSTing-Kang Chang // signature. 120*e7b1675dSTing-Kang Chang ABSL_DEPRECATED("Use EcdsaP521() or EcdsaP256Raw() instead") 121*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& EcdsaP521Ieee(); 122*e7b1675dSTing-Kang Chang 123*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey 124*e7b1675dSTing-Kang Chang // with the following parameters: 125*e7b1675dSTing-Kang Chang // - Modulus size in bits: 3072. 126*e7b1675dSTing-Kang Chang // - Hash function: SHA256. 127*e7b1675dSTing-Kang Chang // - Public Exponent: 65537 (aka F4). 128*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 129*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& RsaSsaPkcs13072Sha256F4(); 130*e7b1675dSTing-Kang Chang 131*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey 132*e7b1675dSTing-Kang Chang // with the following parameters: 133*e7b1675dSTing-Kang Chang // - Modulus size in bits: 4096. 134*e7b1675dSTing-Kang Chang // - Hash function: SHA512. 135*e7b1675dSTing-Kang Chang // - Public Exponent: 65537 (aka F4). 136*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 137*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& RsaSsaPkcs14096Sha512F4(); 138*e7b1675dSTing-Kang Chang 139*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of RsaSsaPssPrivateKey 140*e7b1675dSTing-Kang Chang // with the following parameters: 141*e7b1675dSTing-Kang Chang // - Modulus size in bits: 3072. 142*e7b1675dSTing-Kang Chang // - Signature hash: SHA256. 143*e7b1675dSTing-Kang Chang // - MGF1 hash: SHA256. 144*e7b1675dSTing-Kang Chang // - Salt length: 32 (i.e., SHA256's output length). 145*e7b1675dSTing-Kang Chang // - Public Exponent: 65537 (aka F4). 146*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 147*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& RsaSsaPss3072Sha256Sha256F4(); 148*e7b1675dSTing-Kang Chang 149*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of RsaSsaPssPrivateKey 150*e7b1675dSTing-Kang Chang // with the following parameters: 151*e7b1675dSTing-Kang Chang // - Modulus size in bits: 4096. 152*e7b1675dSTing-Kang Chang // - Signature hash: SHA512. 153*e7b1675dSTing-Kang Chang // - MGF1 hash: SHA512. 154*e7b1675dSTing-Kang Chang // - Salt length: 64 (i.e., SHA512's output length). 155*e7b1675dSTing-Kang Chang // - Public Exponent: 65537 (aka F4). 156*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 157*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& RsaSsaPss4096Sha512Sha512F4(); 158*e7b1675dSTing-Kang Chang 159*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of RsaSsaPssPrivateKey 160*e7b1675dSTing-Kang Chang // with the following parameters: 161*e7b1675dSTing-Kang Chang // - Modulus size in bits: 4096. 162*e7b1675dSTing-Kang Chang // - Signature hash: SHA384. 163*e7b1675dSTing-Kang Chang // - MGF1 hash: SHA384. 164*e7b1675dSTing-Kang Chang // - Salt length: 48 (i.e., SHA384's output length). 165*e7b1675dSTing-Kang Chang // - Public Exponent: 65537 (aka F4). 166*e7b1675dSTing-Kang Chang // - OutputPrefixType: TINK 167*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& RsaSsaPss4096Sha384Sha384F4(); 168*e7b1675dSTing-Kang Chang 169*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of Ed25519PrivateKey. 170*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& Ed25519(); 171*e7b1675dSTing-Kang Chang 172*e7b1675dSTing-Kang Chang // Returns a KeyTemplate that generates new instances of Ed25519PrivateKey. 173*e7b1675dSTing-Kang Chang // The difference between Ed25519WithRawOutput and Ed25519 is the format of 174*e7b1675dSTing-Kang Chang // signatures generated. Ed25519WithRawOutput generates signatures of 175*e7b1675dSTing-Kang Chang // OutputPrefixType::RAW format, which is 64 bytes long. 176*e7b1675dSTing-Kang Chang static const google::crypto::tink::KeyTemplate& Ed25519WithRawOutput(); 177*e7b1675dSTing-Kang Chang }; 178*e7b1675dSTing-Kang Chang 179*e7b1675dSTing-Kang Chang } // namespace tink 180*e7b1675dSTing-Kang Chang } // namespace crypto 181*e7b1675dSTing-Kang Chang 182*e7b1675dSTing-Kang Chang #endif // TINK_SIGNATURE_SIGNATURE_KEY_TEMPLATES_H_ 183