xref: /aosp_15_r20/external/tink/go/streamingaead/streamingaead_factory.go (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1*e7b1675dSTing-Kang Chang// Copyright 2020 Google LLC
2*e7b1675dSTing-Kang Chang//
3*e7b1675dSTing-Kang Chang// Licensed under the Apache License, Version 2.0 (the "License");
4*e7b1675dSTing-Kang Chang// you may not use this file except in compliance with the License.
5*e7b1675dSTing-Kang Chang// You may obtain a copy of the License at
6*e7b1675dSTing-Kang Chang//
7*e7b1675dSTing-Kang Chang//      http://www.apache.org/licenses/LICENSE-2.0
8*e7b1675dSTing-Kang Chang//
9*e7b1675dSTing-Kang Chang// Unless required by applicable law or agreed to in writing, software
10*e7b1675dSTing-Kang Chang// distributed under the License is distributed on an "AS IS" BASIS,
11*e7b1675dSTing-Kang Chang// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12*e7b1675dSTing-Kang Chang// See the License for the specific language governing permissions and
13*e7b1675dSTing-Kang Chang// limitations under the License.
14*e7b1675dSTing-Kang Chang//
15*e7b1675dSTing-Kang Chang////////////////////////////////////////////////////////////////////////////////
16*e7b1675dSTing-Kang Chang
17*e7b1675dSTing-Kang Changpackage streamingaead
18*e7b1675dSTing-Kang Chang
19*e7b1675dSTing-Kang Changimport (
20*e7b1675dSTing-Kang Chang	"fmt"
21*e7b1675dSTing-Kang Chang	"io"
22*e7b1675dSTing-Kang Chang
23*e7b1675dSTing-Kang Chang	"github.com/google/tink/go/core/primitiveset"
24*e7b1675dSTing-Kang Chang	"github.com/google/tink/go/keyset"
25*e7b1675dSTing-Kang Chang	"github.com/google/tink/go/tink"
26*e7b1675dSTing-Kang Chang)
27*e7b1675dSTing-Kang Chang
28*e7b1675dSTing-Kang Chang// New returns a StreamingAEAD primitive from the given keyset handle.
29*e7b1675dSTing-Kang Changfunc New(handle *keyset.Handle) (tink.StreamingAEAD, error) {
30*e7b1675dSTing-Kang Chang	ps, err := handle.Primitives()
31*e7b1675dSTing-Kang Chang	if err != nil {
32*e7b1675dSTing-Kang Chang		return nil, fmt.Errorf("streamingaead_factory: cannot obtain primitive set: %s", err)
33*e7b1675dSTing-Kang Chang	}
34*e7b1675dSTing-Kang Chang
35*e7b1675dSTing-Kang Chang	_, ok := (ps.Primary.Primitive).(tink.StreamingAEAD)
36*e7b1675dSTing-Kang Chang	if !ok {
37*e7b1675dSTing-Kang Chang		return nil, fmt.Errorf("streamingaead_factory: not a StreamingAEAD primitive")
38*e7b1675dSTing-Kang Chang	}
39*e7b1675dSTing-Kang Chang
40*e7b1675dSTing-Kang Chang	for _, primitives := range ps.Entries {
41*e7b1675dSTing-Kang Chang		for _, p := range primitives {
42*e7b1675dSTing-Kang Chang			if _, ok := (p.Primitive).(tink.StreamingAEAD); !ok {
43*e7b1675dSTing-Kang Chang				return nil, fmt.Errorf("streamingaead_factory: not a StreamingAEAD primitive")
44*e7b1675dSTing-Kang Chang			}
45*e7b1675dSTing-Kang Chang		}
46*e7b1675dSTing-Kang Chang	}
47*e7b1675dSTing-Kang Chang
48*e7b1675dSTing-Kang Chang	ret := new(wrappedStreamingAEAD)
49*e7b1675dSTing-Kang Chang	ret.ps = ps
50*e7b1675dSTing-Kang Chang	return tink.StreamingAEAD(ret), nil
51*e7b1675dSTing-Kang Chang}
52*e7b1675dSTing-Kang Chang
53*e7b1675dSTing-Kang Chang// wrappedStreamingAEAD is a StreamingAEAD implementation that uses the underlying primitive set
54*e7b1675dSTing-Kang Chang// for streaming encryption and decryption.
55*e7b1675dSTing-Kang Changtype wrappedStreamingAEAD struct {
56*e7b1675dSTing-Kang Chang	ps *primitiveset.PrimitiveSet
57*e7b1675dSTing-Kang Chang}
58*e7b1675dSTing-Kang Chang
59*e7b1675dSTing-Kang Chang// Asserts that wrappedStreamingAEAD implements the StreamingAEAD interface.
60*e7b1675dSTing-Kang Changvar _ tink.StreamingAEAD = (*wrappedStreamingAEAD)(nil)
61*e7b1675dSTing-Kang Chang
62*e7b1675dSTing-Kang Chang// NewEncryptingWriter returns a wrapper around underlying io.Writer, such that any write-operation
63*e7b1675dSTing-Kang Chang// via the wrapper results in AEAD-encryption of the written data, using aad
64*e7b1675dSTing-Kang Chang// as associated authenticated data. The associated data is not included in the ciphertext
65*e7b1675dSTing-Kang Chang// and has to be passed in as parameter for decryption.
66*e7b1675dSTing-Kang Changfunc (s *wrappedStreamingAEAD) NewEncryptingWriter(w io.Writer, aad []byte) (io.WriteCloser, error) {
67*e7b1675dSTing-Kang Chang	primary := s.ps.Primary
68*e7b1675dSTing-Kang Chang	p, ok := (primary.Primitive).(tink.StreamingAEAD)
69*e7b1675dSTing-Kang Chang	if !ok {
70*e7b1675dSTing-Kang Chang		return nil, fmt.Errorf("streamingaead_factory: not a StreamingAEAD primitive")
71*e7b1675dSTing-Kang Chang	}
72*e7b1675dSTing-Kang Chang
73*e7b1675dSTing-Kang Chang	return p.NewEncryptingWriter(w, aad)
74*e7b1675dSTing-Kang Chang}
75*e7b1675dSTing-Kang Chang
76*e7b1675dSTing-Kang Chang// NewDecryptingReader returns a wrapper around underlying io.Reader, such that any read-operation
77*e7b1675dSTing-Kang Chang// via the wrapper results in AEAD-decryption of the underlying ciphertext,
78*e7b1675dSTing-Kang Chang// using aad as associated authenticated data.
79*e7b1675dSTing-Kang Changfunc (s *wrappedStreamingAEAD) NewDecryptingReader(r io.Reader, aad []byte) (io.Reader, error) {
80*e7b1675dSTing-Kang Chang	return &decryptReader{
81*e7b1675dSTing-Kang Chang		wrapped: s,
82*e7b1675dSTing-Kang Chang		cr:      r,
83*e7b1675dSTing-Kang Chang		aad:     aad,
84*e7b1675dSTing-Kang Chang	}, nil
85*e7b1675dSTing-Kang Chang}
86