// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
////////////////////////////////////////////////////////////////////////////////
package com.google.crypto.tink;
import com.google.errorprone.annotations.Immutable;
import com.google.protobuf.ByteString;
A KeyTemplate specifies how to generate keys of a particular type. /** A KeyTemplate specifies how to generate keys of a particular type. */
@Immutable
public final class KeyTemplate {
private final com.google.crypto.tink.proto.KeyTemplate kt;
Tink produces and accepts ciphertexts or signatures that consist of a prefix and a payload. The
payload and its format is determined entirely by the primitive, but the prefix has to be one of
the following 4 types:
- Legacy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte key id that is
computed from the key material.
- Crunchy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte key id that is
generated randomly.
- Tink : prefix is 5 bytes, starts with \x01 and followed by 4-byte key id that is
generated randomly.
- Raw : prefix is 0 byte, i.e., empty.
/**
* Tink produces and accepts ciphertexts or signatures that consist of a prefix and a payload. The
* payload and its format is determined entirely by the primitive, but the prefix has to be one of
* the following 4 types:
*
* <ul>
* <li>Legacy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte key id that is
* computed from the key material.
* <li>Crunchy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte key id that is
* generated randomly.
* <li>Tink : prefix is 5 bytes, starts with \x01 and followed by 4-byte key id that is
* generated randomly.
* <li>Raw : prefix is 0 byte, i.e., empty.
* </ul>
*/
public enum OutputPrefixType {
TINK,
LEGACY,
RAW,
CRUNCHY
}
private static OutputPrefixType fromProto(
com.google.crypto.tink.proto.OutputPrefixType outputPrefixType) {
switch (outputPrefixType) {
case TINK:
return OutputPrefixType.TINK;
case LEGACY:
return OutputPrefixType.LEGACY;
case RAW:
return OutputPrefixType.RAW;
case CRUNCHY:
return OutputPrefixType.CRUNCHY;
default:
throw new IllegalArgumentException("Unknown output prefix type");
}
}
private static com.google.crypto.tink.proto.OutputPrefixType toProto(
OutputPrefixType outputPrefixType) {
switch (outputPrefixType) {
case TINK:
return com.google.crypto.tink.proto.OutputPrefixType.TINK;
case LEGACY:
return com.google.crypto.tink.proto.OutputPrefixType.LEGACY;
case RAW:
return com.google.crypto.tink.proto.OutputPrefixType.RAW;
case CRUNCHY:
return com.google.crypto.tink.proto.OutputPrefixType.CRUNCHY;
}
throw new IllegalArgumentException("Unknown output prefix type");
}
public static KeyTemplate create(
String typeUrl, byte[] value, OutputPrefixType outputPrefixType) {
return new KeyTemplate(
com.google.crypto.tink.proto.KeyTemplate.newBuilder()
.setTypeUrl(typeUrl)
.setValue(ByteString.copyFrom(value))
.setOutputPrefixType(toProto(outputPrefixType))
.build());
}
private KeyTemplate(com.google.crypto.tink.proto.KeyTemplate kt) {
this.kt = kt;
}
com.google.crypto.tink.proto.KeyTemplate getProto() {
return kt;
}
public String getTypeUrl() {
return kt.getTypeUrl();
}
public byte[] getValue() {
return kt.getValue().toByteArray();
}
public OutputPrefixType getOutputPrefixType() {
return fromProto(kt.getOutputPrefixType());
}
}