1*e7b1675dSTing-Kang Chang// Copyright 2020 Google LLC 2*e7b1675dSTing-Kang Chang// 3*e7b1675dSTing-Kang Chang// Licensed under the Apache License, Version 2.0 (the "License"); 4*e7b1675dSTing-Kang Chang// you may not use this file except in compliance with the License. 5*e7b1675dSTing-Kang Chang// You may obtain a copy of the License at 6*e7b1675dSTing-Kang Chang// 7*e7b1675dSTing-Kang Chang// http://www.apache.org/licenses/LICENSE-2.0 8*e7b1675dSTing-Kang Chang// 9*e7b1675dSTing-Kang Chang// Unless required by applicable law or agreed to in writing, software 10*e7b1675dSTing-Kang Chang// distributed under the License is distributed on an "AS IS" BASIS, 11*e7b1675dSTing-Kang Chang// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e7b1675dSTing-Kang Chang// See the License for the specific language governing permissions and 13*e7b1675dSTing-Kang Chang// limitations under the License. 14*e7b1675dSTing-Kang Chang// 15*e7b1675dSTing-Kang Chang//////////////////////////////////////////////////////////////////////////////// 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Changpackage streamingaead 18*e7b1675dSTing-Kang Chang 19*e7b1675dSTing-Kang Changimport ( 20*e7b1675dSTing-Kang Chang "fmt" 21*e7b1675dSTing-Kang Chang 22*e7b1675dSTing-Kang Chang "google.golang.org/protobuf/proto" 23*e7b1675dSTing-Kang Chang "github.com/google/tink/go/internal/tinkerror" 24*e7b1675dSTing-Kang Chang ctrhmacpb "github.com/google/tink/go/proto/aes_ctr_hmac_streaming_go_proto" 25*e7b1675dSTing-Kang Chang gcmhkdfpb "github.com/google/tink/go/proto/aes_gcm_hkdf_streaming_go_proto" 26*e7b1675dSTing-Kang Chang commonpb "github.com/google/tink/go/proto/common_go_proto" 27*e7b1675dSTing-Kang Chang hmacpb "github.com/google/tink/go/proto/hmac_go_proto" 28*e7b1675dSTing-Kang Chang tinkpb "github.com/google/tink/go/proto/tink_go_proto" 29*e7b1675dSTing-Kang Chang) 30*e7b1675dSTing-Kang Chang 31*e7b1675dSTing-Kang Chang// This file contains pre-generated KeyTemplates for streaming AEAD keys. One can use these templates 32*e7b1675dSTing-Kang Chang// to generate new Keysets. 33*e7b1675dSTing-Kang Chang 34*e7b1675dSTing-Kang Chang// AES128GCMHKDF4KBKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters: 35*e7b1675dSTing-Kang Chang// - Main key size: 16 bytes 36*e7b1675dSTing-Kang Chang// - HKDF algo: HMAC-SHA256 37*e7b1675dSTing-Kang Chang// - Size of AES-GCM derived keys: 16 bytes 38*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 4096 bytes 39*e7b1675dSTing-Kang Changfunc AES128GCMHKDF4KBKeyTemplate() *tinkpb.KeyTemplate { 40*e7b1675dSTing-Kang Chang return newAESGCMHKDFKeyTemplate(16, commonpb.HashType_SHA256, 16, 4096) 41*e7b1675dSTing-Kang Chang} 42*e7b1675dSTing-Kang Chang 43*e7b1675dSTing-Kang Chang// AES128GCMHKDF1MBKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters: 44*e7b1675dSTing-Kang Chang// - Main key size: 16 bytes 45*e7b1675dSTing-Kang Chang// - HKDF algo: HMAC-SHA256 46*e7b1675dSTing-Kang Chang// - Size of AES-GCM derived keys: 16 bytes 47*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 1048576 bytes (1 MB) 48*e7b1675dSTing-Kang Changfunc AES128GCMHKDF1MBKeyTemplate() *tinkpb.KeyTemplate { 49*e7b1675dSTing-Kang Chang return newAESGCMHKDFKeyTemplate(16, commonpb.HashType_SHA256, 16, 1048576) 50*e7b1675dSTing-Kang Chang} 51*e7b1675dSTing-Kang Chang 52*e7b1675dSTing-Kang Chang// AES256GCMHKDF4KBKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters: 53*e7b1675dSTing-Kang Chang// - Main key size: 32 bytes 54*e7b1675dSTing-Kang Chang// - HKDF algo: HMAC-SHA256 55*e7b1675dSTing-Kang Chang// - Size of AES-GCM derived keys: 32 bytes 56*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 4096 bytes 57*e7b1675dSTing-Kang Changfunc AES256GCMHKDF4KBKeyTemplate() *tinkpb.KeyTemplate { 58*e7b1675dSTing-Kang Chang return newAESGCMHKDFKeyTemplate(32, commonpb.HashType_SHA256, 32, 4096) 59*e7b1675dSTing-Kang Chang} 60*e7b1675dSTing-Kang Chang 61*e7b1675dSTing-Kang Chang// AES256GCMHKDF1MBKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters: 62*e7b1675dSTing-Kang Chang// - Main key size: 32 bytes 63*e7b1675dSTing-Kang Chang// - HKDF algo: HMAC-SHA256 64*e7b1675dSTing-Kang Chang// - Size of AES-GCM derived keys: 32 bytes 65*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 1048576 bytes (1 MB) 66*e7b1675dSTing-Kang Changfunc AES256GCMHKDF1MBKeyTemplate() *tinkpb.KeyTemplate { 67*e7b1675dSTing-Kang Chang return newAESGCMHKDFKeyTemplate(32, commonpb.HashType_SHA256, 32, 1048576) 68*e7b1675dSTing-Kang Chang} 69*e7b1675dSTing-Kang Chang 70*e7b1675dSTing-Kang Chang// AES128CTRHMACSHA256Segment4KBKeyTemplate is a KeyTemplate that generates an 71*e7b1675dSTing-Kang Chang// AES-CTR-HMAC key with the following parameters: 72*e7b1675dSTing-Kang Chang// - Main key size: 16 bytes 73*e7b1675dSTing-Kang Chang// - HKDF algorthim: HMAC-SHA256 74*e7b1675dSTing-Kang Chang// - AES-CTR derived key size: 16 bytes 75*e7b1675dSTing-Kang Chang// - Tag algorithm: HMAC-SHA256 76*e7b1675dSTing-Kang Chang// - Tag size: 32 bytes 77*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 4096 bytes (4 KB) 78*e7b1675dSTing-Kang Changfunc AES128CTRHMACSHA256Segment4KBKeyTemplate() *tinkpb.KeyTemplate { 79*e7b1675dSTing-Kang Chang return newAESCTRHMACKeyTemplate(16, commonpb.HashType_SHA256, 16, commonpb.HashType_SHA256, 32, 4096) 80*e7b1675dSTing-Kang Chang} 81*e7b1675dSTing-Kang Chang 82*e7b1675dSTing-Kang Chang// AES128CTRHMACSHA256Segment1MBKeyTemplate is a KeyTemplate that generates an 83*e7b1675dSTing-Kang Chang// AES-CTR-HMAC key with the following parameters: 84*e7b1675dSTing-Kang Chang// - Main key size: 16 bytes 85*e7b1675dSTing-Kang Chang// - HKDF algorthim: HMAC-SHA256 86*e7b1675dSTing-Kang Chang// - AES-CTR derived key size: 16 bytes 87*e7b1675dSTing-Kang Chang// - Tag algorithm: HMAC-SHA256 88*e7b1675dSTing-Kang Chang// - Tag size: 32 bytes 89*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 1048576 bytes (1 MB) 90*e7b1675dSTing-Kang Changfunc AES128CTRHMACSHA256Segment1MBKeyTemplate() *tinkpb.KeyTemplate { 91*e7b1675dSTing-Kang Chang return newAESCTRHMACKeyTemplate(16, commonpb.HashType_SHA256, 16, commonpb.HashType_SHA256, 32, 1048576) 92*e7b1675dSTing-Kang Chang} 93*e7b1675dSTing-Kang Chang 94*e7b1675dSTing-Kang Chang// AES256CTRHMACSHA256Segment4KBKeyTemplate is a KeyTemplate that generates an 95*e7b1675dSTing-Kang Chang// AES-CTR-HMAC key with the following parameters: 96*e7b1675dSTing-Kang Chang// - Main key size: 32 bytes 97*e7b1675dSTing-Kang Chang// - HKDF algorthim: HMAC-SHA256 98*e7b1675dSTing-Kang Chang// - AES-CTR derived key size: 32 bytes 99*e7b1675dSTing-Kang Chang// - Tag algorithm: HMAC-SHA256 100*e7b1675dSTing-Kang Chang// - Tag size: 32 bytes 101*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 4096 bytes (4 KB) 102*e7b1675dSTing-Kang Changfunc AES256CTRHMACSHA256Segment4KBKeyTemplate() *tinkpb.KeyTemplate { 103*e7b1675dSTing-Kang Chang return newAESCTRHMACKeyTemplate(32, commonpb.HashType_SHA256, 32, commonpb.HashType_SHA256, 32, 4096) 104*e7b1675dSTing-Kang Chang} 105*e7b1675dSTing-Kang Chang 106*e7b1675dSTing-Kang Chang// AES256CTRHMACSHA256Segment1MBKeyTemplate is a KeyTemplate that generates an 107*e7b1675dSTing-Kang Chang// AES-CTR-HMAC key with the following parameters: 108*e7b1675dSTing-Kang Chang// - Main key size: 32 bytes 109*e7b1675dSTing-Kang Chang// - HKDF algorthim: HMAC-SHA256 110*e7b1675dSTing-Kang Chang// - AES-CTR derived key size: 32 bytes 111*e7b1675dSTing-Kang Chang// - Tag algorithm: HMAC-SHA256 112*e7b1675dSTing-Kang Chang// - Tag size: 32 bytes 113*e7b1675dSTing-Kang Chang// - Ciphertext segment size: 1048576 bytes (1 MB) 114*e7b1675dSTing-Kang Changfunc AES256CTRHMACSHA256Segment1MBKeyTemplate() *tinkpb.KeyTemplate { 115*e7b1675dSTing-Kang Chang return newAESCTRHMACKeyTemplate(32, commonpb.HashType_SHA256, 32, commonpb.HashType_SHA256, 32, 1048576) 116*e7b1675dSTing-Kang Chang} 117*e7b1675dSTing-Kang Chang 118*e7b1675dSTing-Kang Chang// newAESGCMHKDFKeyTemplate creates a KeyTemplate containing a AesGcmHkdfStreamingKeyFormat with 119*e7b1675dSTing-Kang Chang// specified parameters. 120*e7b1675dSTing-Kang Changfunc newAESGCMHKDFKeyTemplate(mainKeySize uint32, hkdfHashType commonpb.HashType, derivedKeySize, ciphertextSegmentSize uint32) *tinkpb.KeyTemplate { 121*e7b1675dSTing-Kang Chang serializedFormat, err := proto.Marshal(&gcmhkdfpb.AesGcmHkdfStreamingKeyFormat{ 122*e7b1675dSTing-Kang Chang KeySize: mainKeySize, 123*e7b1675dSTing-Kang Chang Params: &gcmhkdfpb.AesGcmHkdfStreamingParams{ 124*e7b1675dSTing-Kang Chang CiphertextSegmentSize: ciphertextSegmentSize, 125*e7b1675dSTing-Kang Chang DerivedKeySize: derivedKeySize, 126*e7b1675dSTing-Kang Chang HkdfHashType: hkdfHashType, 127*e7b1675dSTing-Kang Chang }, 128*e7b1675dSTing-Kang Chang }) 129*e7b1675dSTing-Kang Chang if err != nil { 130*e7b1675dSTing-Kang Chang tinkerror.Fail(fmt.Sprintf("failed to marshal key: %s", err)) 131*e7b1675dSTing-Kang Chang } 132*e7b1675dSTing-Kang Chang return &tinkpb.KeyTemplate{ 133*e7b1675dSTing-Kang Chang TypeUrl: aesGCMHKDFTypeURL, 134*e7b1675dSTing-Kang Chang Value: serializedFormat, 135*e7b1675dSTing-Kang Chang OutputPrefixType: tinkpb.OutputPrefixType_RAW, 136*e7b1675dSTing-Kang Chang } 137*e7b1675dSTing-Kang Chang} 138*e7b1675dSTing-Kang Chang 139*e7b1675dSTing-Kang Chang// newAESCTRHMACKeyTemplate creates a KeyTemplate containing a 140*e7b1675dSTing-Kang Chang// AesCtrHmacStreamingKeyFormat with the specified parameters. 141*e7b1675dSTing-Kang Changfunc newAESCTRHMACKeyTemplate(mainKeySize uint32, hkdfHashType commonpb.HashType, derivedKeySize uint32, tagAlg commonpb.HashType, tagSize, ciphertextSegmentSize uint32) *tinkpb.KeyTemplate { 142*e7b1675dSTing-Kang Chang serializedFormat, err := proto.Marshal(&ctrhmacpb.AesCtrHmacStreamingKeyFormat{ 143*e7b1675dSTing-Kang Chang KeySize: mainKeySize, 144*e7b1675dSTing-Kang Chang Params: &ctrhmacpb.AesCtrHmacStreamingParams{ 145*e7b1675dSTing-Kang Chang CiphertextSegmentSize: ciphertextSegmentSize, 146*e7b1675dSTing-Kang Chang DerivedKeySize: derivedKeySize, 147*e7b1675dSTing-Kang Chang HkdfHashType: hkdfHashType, 148*e7b1675dSTing-Kang Chang HmacParams: &hmacpb.HmacParams{ 149*e7b1675dSTing-Kang Chang Hash: tagAlg, 150*e7b1675dSTing-Kang Chang TagSize: tagSize, 151*e7b1675dSTing-Kang Chang }, 152*e7b1675dSTing-Kang Chang }, 153*e7b1675dSTing-Kang Chang }) 154*e7b1675dSTing-Kang Chang if err != nil { 155*e7b1675dSTing-Kang Chang tinkerror.Fail(fmt.Sprintf("failed to marshal key: %s", err)) 156*e7b1675dSTing-Kang Chang } 157*e7b1675dSTing-Kang Chang return &tinkpb.KeyTemplate{ 158*e7b1675dSTing-Kang Chang TypeUrl: aesCTRHMACTypeURL, 159*e7b1675dSTing-Kang Chang Value: serializedFormat, 160*e7b1675dSTing-Kang Chang OutputPrefixType: tinkpb.OutputPrefixType_RAW, 161*e7b1675dSTing-Kang Chang } 162*e7b1675dSTing-Kang Chang} 163