1*e7b1675dSTing-Kang Chang// Copyright 2018 Google LLC 2*e7b1675dSTing-Kang Chang// 3*e7b1675dSTing-Kang Chang// Licensed under the Apache License, Version 2.0 (the "License"); 4*e7b1675dSTing-Kang Chang// you may not use this file except in compliance with the License. 5*e7b1675dSTing-Kang Chang// You may obtain a copy of the License at 6*e7b1675dSTing-Kang Chang// 7*e7b1675dSTing-Kang Chang// http://www.apache.org/licenses/LICENSE-2.0 8*e7b1675dSTing-Kang Chang// 9*e7b1675dSTing-Kang Chang// Unless required by applicable law or agreed to in writing, software 10*e7b1675dSTing-Kang Chang// distributed under the License is distributed on an "AS IS" BASIS, 11*e7b1675dSTing-Kang Chang// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e7b1675dSTing-Kang Chang// See the License for the specific language governing permissions and 13*e7b1675dSTing-Kang Chang// limitations under the License. 14*e7b1675dSTing-Kang Chang// 15*e7b1675dSTing-Kang Chang//////////////////////////////////////////////////////////////////////////////// 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Changpackage signature 18*e7b1675dSTing-Kang Chang 19*e7b1675dSTing-Kang Changimport ( 20*e7b1675dSTing-Kang Chang "fmt" 21*e7b1675dSTing-Kang Chang 22*e7b1675dSTing-Kang Chang "google.golang.org/protobuf/proto" 23*e7b1675dSTing-Kang Chang "github.com/google/tink/go/internal/tinkerror" 24*e7b1675dSTing-Kang Chang commonpb "github.com/google/tink/go/proto/common_go_proto" 25*e7b1675dSTing-Kang Chang ecdsapb "github.com/google/tink/go/proto/ecdsa_go_proto" 26*e7b1675dSTing-Kang Chang rsppb "github.com/google/tink/go/proto/rsa_ssa_pkcs1_go_proto" 27*e7b1675dSTing-Kang Chang rspsspb "github.com/google/tink/go/proto/rsa_ssa_pss_go_proto" 28*e7b1675dSTing-Kang Chang tinkpb "github.com/google/tink/go/proto/tink_go_proto" 29*e7b1675dSTing-Kang Chang) 30*e7b1675dSTing-Kang Chang 31*e7b1675dSTing-Kang Chang// This file contains pre-generated KeyTemplates for Signer and Verifier. 32*e7b1675dSTing-Kang Chang// One can use these templates to generate new Keysets. 33*e7b1675dSTing-Kang Chang 34*e7b1675dSTing-Kang Chang// ECDSAP256KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters: 35*e7b1675dSTing-Kang Chang// - Hash function: SHA256 36*e7b1675dSTing-Kang Chang// - Curve: NIST P-256 37*e7b1675dSTing-Kang Chang// - Signature encoding: DER 38*e7b1675dSTing-Kang Chang// - Output prefix type: TINK 39*e7b1675dSTing-Kang Changfunc ECDSAP256KeyTemplate() *tinkpb.KeyTemplate { 40*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA256, 41*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P256, 42*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 43*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_TINK) 44*e7b1675dSTing-Kang Chang} 45*e7b1675dSTing-Kang Chang 46*e7b1675dSTing-Kang Chang// ECDSAP256KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following 47*e7b1675dSTing-Kang Chang// parameters: 48*e7b1675dSTing-Kang Chang// - Hash function: SHA256 49*e7b1675dSTing-Kang Chang// - Curve: NIST P-256 50*e7b1675dSTing-Kang Chang// - Signature encoding: DER 51*e7b1675dSTing-Kang Chang// - Output prefix type: RAW 52*e7b1675dSTing-Kang Chang// 53*e7b1675dSTing-Kang Chang// Note that this template uses a different encoding than ESDSA_P256_RAW in Tinkey. 54*e7b1675dSTing-Kang Changfunc ECDSAP256KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate { 55*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA256, 56*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P256, 57*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 58*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_RAW) 59*e7b1675dSTing-Kang Chang} 60*e7b1675dSTing-Kang Chang 61*e7b1675dSTing-Kang Chang// ECDSAP256RawKeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following 62*e7b1675dSTing-Kang Chang// parameters: 63*e7b1675dSTing-Kang Chang// - Hash function: SHA256 64*e7b1675dSTing-Kang Chang// - Curve: NIST P-256 65*e7b1675dSTing-Kang Chang// - Signature encoding: IEEE_P1363 66*e7b1675dSTing-Kang Chang// - Output prefix type: RAW 67*e7b1675dSTing-Kang Changfunc ECDSAP256RawKeyTemplate() *tinkpb.KeyTemplate { 68*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA256, 69*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P256, 70*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_IEEE_P1363, 71*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_RAW) 72*e7b1675dSTing-Kang Chang} 73*e7b1675dSTing-Kang Chang 74*e7b1675dSTing-Kang Chang// ECDSAP384SHA384KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters: 75*e7b1675dSTing-Kang Chang// - Hash function: SHA384 76*e7b1675dSTing-Kang Chang// - Curve: NIST P-384 77*e7b1675dSTing-Kang Chang// - Signature encoding: DER 78*e7b1675dSTing-Kang Chang// - Output prefix type: TINK 79*e7b1675dSTing-Kang Changfunc ECDSAP384SHA384KeyTemplate() *tinkpb.KeyTemplate { 80*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA384, 81*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P384, 82*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 83*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_TINK) 84*e7b1675dSTing-Kang Chang} 85*e7b1675dSTing-Kang Chang 86*e7b1675dSTing-Kang Chang// ECDSAP384SHA384KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters: 87*e7b1675dSTing-Kang Chang// - Hash function: SHA384 88*e7b1675dSTing-Kang Chang// - Curve: NIST P-384 89*e7b1675dSTing-Kang Chang// - Signature encoding: DER 90*e7b1675dSTing-Kang Chang// - Output prefix type: RAW 91*e7b1675dSTing-Kang Changfunc ECDSAP384SHA384KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate { 92*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA384, 93*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P384, 94*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 95*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_RAW) 96*e7b1675dSTing-Kang Chang} 97*e7b1675dSTing-Kang Chang 98*e7b1675dSTing-Kang Chang// ECDSAP384SHA512KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters: 99*e7b1675dSTing-Kang Chang// - Hash function: SHA512 100*e7b1675dSTing-Kang Chang// - Curve: NIST P-384 101*e7b1675dSTing-Kang Chang// - Signature encoding: DER 102*e7b1675dSTing-Kang Chang// - Output prefix type: TINK 103*e7b1675dSTing-Kang Changfunc ECDSAP384SHA512KeyTemplate() *tinkpb.KeyTemplate { 104*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA512, 105*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P384, 106*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 107*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_TINK) 108*e7b1675dSTing-Kang Chang} 109*e7b1675dSTing-Kang Chang 110*e7b1675dSTing-Kang Chang// ECDSAP384KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following 111*e7b1675dSTing-Kang Chang// parameters: 112*e7b1675dSTing-Kang Chang// - Hash function: SHA512 113*e7b1675dSTing-Kang Chang// - Curve: NIST P-384 114*e7b1675dSTing-Kang Chang// - Signature encoding: DER 115*e7b1675dSTing-Kang Chang// - Output prefix type: RAW 116*e7b1675dSTing-Kang Changfunc ECDSAP384KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate { 117*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA512, 118*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P384, 119*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 120*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_RAW) 121*e7b1675dSTing-Kang Chang} 122*e7b1675dSTing-Kang Chang 123*e7b1675dSTing-Kang Chang// ECDSAP521KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters: 124*e7b1675dSTing-Kang Chang// - Hash function: SHA512 125*e7b1675dSTing-Kang Chang// - Curve: NIST P-521 126*e7b1675dSTing-Kang Chang// - Signature encoding: DER 127*e7b1675dSTing-Kang Chang// - Output prefix type: TINK 128*e7b1675dSTing-Kang Changfunc ECDSAP521KeyTemplate() *tinkpb.KeyTemplate { 129*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA512, 130*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P521, 131*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 132*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_TINK) 133*e7b1675dSTing-Kang Chang} 134*e7b1675dSTing-Kang Chang 135*e7b1675dSTing-Kang Chang// ECDSAP521KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following 136*e7b1675dSTing-Kang Chang// parameters: 137*e7b1675dSTing-Kang Chang// - Hash function: SHA512 138*e7b1675dSTing-Kang Chang// - Curve: NIST P-521 139*e7b1675dSTing-Kang Chang// - Signature encoding: DER 140*e7b1675dSTing-Kang Chang// - Output prefix type: RAW 141*e7b1675dSTing-Kang Changfunc ECDSAP521KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate { 142*e7b1675dSTing-Kang Chang return createECDSAKeyTemplate(commonpb.HashType_SHA512, 143*e7b1675dSTing-Kang Chang commonpb.EllipticCurveType_NIST_P521, 144*e7b1675dSTing-Kang Chang ecdsapb.EcdsaSignatureEncoding_DER, 145*e7b1675dSTing-Kang Chang tinkpb.OutputPrefixType_RAW) 146*e7b1675dSTing-Kang Chang} 147*e7b1675dSTing-Kang Chang 148*e7b1675dSTing-Kang Chang// createECDSAKeyTemplate creates a KeyTemplate containing a EcdasKeyFormat 149*e7b1675dSTing-Kang Chang// with the given parameters. 150*e7b1675dSTing-Kang Changfunc createECDSAKeyTemplate(hashType commonpb.HashType, curve commonpb.EllipticCurveType, encoding ecdsapb.EcdsaSignatureEncoding, prefixType tinkpb.OutputPrefixType) *tinkpb.KeyTemplate { 151*e7b1675dSTing-Kang Chang params := &ecdsapb.EcdsaParams{ 152*e7b1675dSTing-Kang Chang HashType: hashType, 153*e7b1675dSTing-Kang Chang Curve: curve, 154*e7b1675dSTing-Kang Chang Encoding: encoding, 155*e7b1675dSTing-Kang Chang } 156*e7b1675dSTing-Kang Chang format := &ecdsapb.EcdsaKeyFormat{Params: params} 157*e7b1675dSTing-Kang Chang serializedFormat, err := proto.Marshal(format) 158*e7b1675dSTing-Kang Chang if err != nil { 159*e7b1675dSTing-Kang Chang tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err)) 160*e7b1675dSTing-Kang Chang } 161*e7b1675dSTing-Kang Chang return &tinkpb.KeyTemplate{ 162*e7b1675dSTing-Kang Chang TypeUrl: ecdsaSignerTypeURL, 163*e7b1675dSTing-Kang Chang Value: serializedFormat, 164*e7b1675dSTing-Kang Chang OutputPrefixType: prefixType, 165*e7b1675dSTing-Kang Chang } 166*e7b1675dSTing-Kang Chang} 167*e7b1675dSTing-Kang Chang 168*e7b1675dSTing-Kang Chang// ED25519KeyTemplate is a KeyTemplate that generates a new ED25519 private key. 169*e7b1675dSTing-Kang Changfunc ED25519KeyTemplate() *tinkpb.KeyTemplate { 170*e7b1675dSTing-Kang Chang return &tinkpb.KeyTemplate{ 171*e7b1675dSTing-Kang Chang TypeUrl: ed25519SignerTypeURL, 172*e7b1675dSTing-Kang Chang OutputPrefixType: tinkpb.OutputPrefixType_TINK, 173*e7b1675dSTing-Kang Chang } 174*e7b1675dSTing-Kang Chang} 175*e7b1675dSTing-Kang Chang 176*e7b1675dSTing-Kang Chang// ED25519KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ED25519 private key. 177*e7b1675dSTing-Kang Changfunc ED25519KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate { 178*e7b1675dSTing-Kang Chang return &tinkpb.KeyTemplate{ 179*e7b1675dSTing-Kang Chang TypeUrl: ed25519SignerTypeURL, 180*e7b1675dSTing-Kang Chang OutputPrefixType: tinkpb.OutputPrefixType_RAW, 181*e7b1675dSTing-Kang Chang } 182*e7b1675dSTing-Kang Chang} 183*e7b1675dSTing-Kang Chang 184*e7b1675dSTing-Kang Changfunc create_RSA_SSA_PKCS1_Template(prefixType tinkpb.OutputPrefixType, hashType commonpb.HashType, modulusSizeInBits uint32) *tinkpb.KeyTemplate { 185*e7b1675dSTing-Kang Chang keyFormat := &rsppb.RsaSsaPkcs1KeyFormat{ 186*e7b1675dSTing-Kang Chang Params: &rsppb.RsaSsaPkcs1Params{ 187*e7b1675dSTing-Kang Chang HashType: hashType, 188*e7b1675dSTing-Kang Chang }, 189*e7b1675dSTing-Kang Chang ModulusSizeInBits: modulusSizeInBits, 190*e7b1675dSTing-Kang Chang PublicExponent: []byte{0x01, 0x00, 0x01}, 191*e7b1675dSTing-Kang Chang } 192*e7b1675dSTing-Kang Chang serializedFormat, err := proto.Marshal(keyFormat) 193*e7b1675dSTing-Kang Chang if err != nil { 194*e7b1675dSTing-Kang Chang tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err)) 195*e7b1675dSTing-Kang Chang } 196*e7b1675dSTing-Kang Chang return &tinkpb.KeyTemplate{ 197*e7b1675dSTing-Kang Chang TypeUrl: rsaSSAPKCS1SignerTypeURL, 198*e7b1675dSTing-Kang Chang OutputPrefixType: prefixType, 199*e7b1675dSTing-Kang Chang Value: serializedFormat, 200*e7b1675dSTing-Kang Chang } 201*e7b1675dSTing-Kang Chang} 202*e7b1675dSTing-Kang Chang 203*e7b1675dSTing-Kang Changfunc create_RSA_SSA_PSS_Template(prefixType tinkpb.OutputPrefixType, hashType commonpb.HashType, saltLength int32, modulusSizeInBits uint32) *tinkpb.KeyTemplate { 204*e7b1675dSTing-Kang Chang keyFormat := &rspsspb.RsaSsaPssKeyFormat{ 205*e7b1675dSTing-Kang Chang Params: &rspsspb.RsaSsaPssParams{ 206*e7b1675dSTing-Kang Chang SigHash: hashType, 207*e7b1675dSTing-Kang Chang Mgf1Hash: hashType, 208*e7b1675dSTing-Kang Chang SaltLength: saltLength, 209*e7b1675dSTing-Kang Chang }, 210*e7b1675dSTing-Kang Chang ModulusSizeInBits: modulusSizeInBits, 211*e7b1675dSTing-Kang Chang PublicExponent: []byte{0x01, 0x00, 0x01}, 212*e7b1675dSTing-Kang Chang } 213*e7b1675dSTing-Kang Chang serializedFormat, err := proto.Marshal(keyFormat) 214*e7b1675dSTing-Kang Chang if err != nil { 215*e7b1675dSTing-Kang Chang tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err)) 216*e7b1675dSTing-Kang Chang } 217*e7b1675dSTing-Kang Chang return &tinkpb.KeyTemplate{ 218*e7b1675dSTing-Kang Chang TypeUrl: rsaSSAPSSSignerTypeURL, 219*e7b1675dSTing-Kang Chang OutputPrefixType: prefixType, 220*e7b1675dSTing-Kang Chang Value: serializedFormat, 221*e7b1675dSTing-Kang Chang } 222*e7b1675dSTing-Kang Chang} 223*e7b1675dSTing-Kang Chang 224*e7b1675dSTing-Kang Chang// RSA_SSA_PKCS1_3072_SHA256_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following 225*e7b1675dSTing-Kang Chang// parameters: 226*e7b1675dSTing-Kang Chang// - Modulus size in bits: 3072. 227*e7b1675dSTing-Kang Chang// - Hash function: SHA256. 228*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 229*e7b1675dSTing-Kang Chang// - OutputPrefixType: TINK 230*e7b1675dSTing-Kang Changfunc RSA_SSA_PKCS1_3072_SHA256_F4_Key_Template() *tinkpb.KeyTemplate { 231*e7b1675dSTing-Kang Chang return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA256, 3072) 232*e7b1675dSTing-Kang Chang} 233*e7b1675dSTing-Kang Chang 234*e7b1675dSTing-Kang Chang// RSA_SSA_PKCS1_3072_SHA256_F4_RAW_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following 235*e7b1675dSTing-Kang Chang// parameters: 236*e7b1675dSTing-Kang Chang// - Modulus size in bits: 3072. 237*e7b1675dSTing-Kang Chang// - Hash function: SHA256. 238*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 239*e7b1675dSTing-Kang Chang// - OutputPrefixType: RAW 240*e7b1675dSTing-Kang Changfunc RSA_SSA_PKCS1_3072_SHA256_F4_RAW_Key_Template() *tinkpb.KeyTemplate { 241*e7b1675dSTing-Kang Chang return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA256, 3072) 242*e7b1675dSTing-Kang Chang} 243*e7b1675dSTing-Kang Chang 244*e7b1675dSTing-Kang Chang// RSA_SSA_PKCS1_4096_SHA512_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following 245*e7b1675dSTing-Kang Chang// parameters: 246*e7b1675dSTing-Kang Chang// - Modulus size in bits: 4096. 247*e7b1675dSTing-Kang Chang// - Hash function: SHA512. 248*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 249*e7b1675dSTing-Kang Chang// - OutputPrefixType: TINK 250*e7b1675dSTing-Kang Changfunc RSA_SSA_PKCS1_4096_SHA512_F4_Key_Template() *tinkpb.KeyTemplate { 251*e7b1675dSTing-Kang Chang return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA512, 4096) 252*e7b1675dSTing-Kang Chang} 253*e7b1675dSTing-Kang Chang 254*e7b1675dSTing-Kang Chang// RSA_SSA_PKCS1_4096_SHA512_F4_RAW_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following 255*e7b1675dSTing-Kang Chang// parameters: 256*e7b1675dSTing-Kang Chang// - Modulus size in bits: 4096. 257*e7b1675dSTing-Kang Chang// - Hash function: SHA512. 258*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 259*e7b1675dSTing-Kang Chang// - OutputPrefixType: RAW 260*e7b1675dSTing-Kang Changfunc RSA_SSA_PKCS1_4096_SHA512_F4_RAW_Key_Template() *tinkpb.KeyTemplate { 261*e7b1675dSTing-Kang Chang return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA512, 4096) 262*e7b1675dSTing-Kang Chang} 263*e7b1675dSTing-Kang Chang 264*e7b1675dSTing-Kang Chang// RSA_SSA_PSS_3072_SHA256_32_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following 265*e7b1675dSTing-Kang Chang// parameters: 266*e7b1675dSTing-Kang Chang// - Modulus size in bits: 3072. 267*e7b1675dSTing-Kang Chang// - Signature hash: SHA256. 268*e7b1675dSTing-Kang Chang// - MGF1 hash: SHA256. 269*e7b1675dSTing-Kang Chang// - Salt length: 32 (i.e., SHA256's output length). 270*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 271*e7b1675dSTing-Kang Chang// - OutputPrefixType: TINK 272*e7b1675dSTing-Kang Changfunc RSA_SSA_PSS_3072_SHA256_32_F4_Key_Template() *tinkpb.KeyTemplate { 273*e7b1675dSTing-Kang Chang return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA256, 32, 3072) 274*e7b1675dSTing-Kang Chang} 275*e7b1675dSTing-Kang Chang 276*e7b1675dSTing-Kang Chang// RSA_SSA_PSS_3072_SHA256_32_F4_Raw_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following 277*e7b1675dSTing-Kang Chang// parameters: 278*e7b1675dSTing-Kang Chang// - Modulus size in bits: 3072. 279*e7b1675dSTing-Kang Chang// - Signature hash: SHA256. 280*e7b1675dSTing-Kang Chang// - MGF1 hash: SHA256. 281*e7b1675dSTing-Kang Chang// - Salt length: 32 (i.e., SHA256's output length). 282*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 283*e7b1675dSTing-Kang Chang// - OutputPrefixType: RAW 284*e7b1675dSTing-Kang Changfunc RSA_SSA_PSS_3072_SHA256_32_F4_Raw_Key_Template() *tinkpb.KeyTemplate { 285*e7b1675dSTing-Kang Chang return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA256, 32, 3072) 286*e7b1675dSTing-Kang Chang} 287*e7b1675dSTing-Kang Chang 288*e7b1675dSTing-Kang Chang// RSA_SSA_PSS_4096_SHA512_64_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following 289*e7b1675dSTing-Kang Chang// parameters: 290*e7b1675dSTing-Kang Chang// - Modulus size in bits: 4096. 291*e7b1675dSTing-Kang Chang// - Signature hash: SHA512. 292*e7b1675dSTing-Kang Chang// - MGF1 hash: SHA512. 293*e7b1675dSTing-Kang Chang// - Salt length: 64 (i.e., SHA512's output length). 294*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 295*e7b1675dSTing-Kang Chang// - OutputPrefixType: TINK 296*e7b1675dSTing-Kang Changfunc RSA_SSA_PSS_4096_SHA512_64_F4_Key_Template() *tinkpb.KeyTemplate { 297*e7b1675dSTing-Kang Chang return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA512, 64, 4096) 298*e7b1675dSTing-Kang Chang} 299*e7b1675dSTing-Kang Chang 300*e7b1675dSTing-Kang Chang// RSA_SSA_PSS_4096_SHA512_64_F4_Raw_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following 301*e7b1675dSTing-Kang Chang// parameters: 302*e7b1675dSTing-Kang Chang// - Modulus size in bits: 4096. 303*e7b1675dSTing-Kang Chang// - Signature hash: SHA512. 304*e7b1675dSTing-Kang Chang// - MGF1 hash: SHA512. 305*e7b1675dSTing-Kang Chang// - Salt length: 64 (i.e., SHA512's output length). 306*e7b1675dSTing-Kang Chang// - Public Exponent: 65537 (aka F4). 307*e7b1675dSTing-Kang Chang// - OutputPrefixType: RAW 308*e7b1675dSTing-Kang Changfunc RSA_SSA_PSS_4096_SHA512_64_F4_Raw_Key_Template() *tinkpb.KeyTemplate { 309*e7b1675dSTing-Kang Chang return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA512, 64, 4096) 310*e7b1675dSTing-Kang Chang} 311