• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2023 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //      http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ////////////////////////////////////////////////////////////////////////////////
16 
17 package com.google.crypto.tink;
18 
19 import com.google.crypto.tink.proto.KeysetInfo;
20 import java.io.IOException;
21 import java.security.GeneralSecurityException;
22 
23 /**
24  * Parsing and Serialization methods for use with {@link KeysetReader} and {@link KeysetWriter}
25  * classes.
26  *
27  * <p>In combination with a {@link BinaryKeysetReader} or a {@link BinaryKeysetWriter}, the methods
28  * in this file produce serializations compatible with the methods in {@link TinkProtoKeysetFormat}.
29  *
30  * <p>In combination with a {@link JsonKeysetReader} or a {@link JsonKeysetWriter}, the methods in
31  * this file produce serializations compatible with the methods in {@link
32  * TinkJsonProtoKeysetFormat}.
33  */
34 public final class LegacyKeysetSerialization {
35   /**
36    * Parse a KeysetHandle from the reader.
37    *
38    * <p>This method is used for keysets containing no secret key material.
39    */
parseKeysetWithoutSecret(KeysetReader reader)40   public static KeysetHandle parseKeysetWithoutSecret(KeysetReader reader)
41       throws GeneralSecurityException, IOException {
42     return KeysetHandle.readNoSecret(reader);
43   }
44 
45   /**
46    * Parse a keyset from the reader.
47    *
48    * <p>This is used to parse keysets that may contain secret key material. The second argument has
49    * to be {@code InsecureSecretKeyAccess.get()}.
50    */
parseKeyset(KeysetReader reader, SecretKeyAccess access)51   public static KeysetHandle parseKeyset(KeysetReader reader, SecretKeyAccess access)
52       throws GeneralSecurityException, IOException {
53     if (access == null) {
54       throw new NullPointerException("SecretKeyAccess cannot be null");
55     }
56     return CleartextKeysetHandle.read(reader);
57   }
58 
59   /** Parse an encrypted keyset from the reader. */
parseEncryptedKeyset( KeysetReader reader, Aead aead, byte[] associatedData)60   public static KeysetHandle parseEncryptedKeyset(
61       KeysetReader reader, Aead aead, byte[] associatedData)
62       throws GeneralSecurityException, IOException {
63     return KeysetHandle.readWithAssociatedData(reader, aead, associatedData);
64   }
65 
66   /**
67    * Serialize a keyset to the writer.
68    *
69    * <p>This method is used for keysets containing no secret key material.
70    */
serializeKeysetWithoutSecret(KeysetHandle keysetHandle, KeysetWriter writer)71   public static void serializeKeysetWithoutSecret(KeysetHandle keysetHandle, KeysetWriter writer)
72       throws GeneralSecurityException, IOException {
73     keysetHandle.writeNoSecret(writer);
74   }
75 
76   /**
77    * Serialize a keyset to the writer.
78    *
79    * <p>This method is used to serialize keysets that may contain secret key material. The last
80    * argument must be {@code InsecureSecretKeyAccess.get()}.
81    */
serializeKeyset( KeysetHandle keysetHandle, KeysetWriter writer, SecretKeyAccess access)82   public static void serializeKeyset(
83       KeysetHandle keysetHandle, KeysetWriter writer, SecretKeyAccess access) throws IOException {
84     if (access == null) {
85       throw new NullPointerException("SecretKeyAccess cannot be null");
86     }
87     CleartextKeysetHandle.write(keysetHandle, writer);
88   }
89 
90   /** Serialize a keyset in an encrypted format to the writer. */
serializeEncryptedKeyset( KeysetHandle keysetHandle, KeysetWriter writer, Aead aead, byte[] associatedData)91   public static void serializeEncryptedKeyset(
92       KeysetHandle keysetHandle, KeysetWriter writer, Aead aead, byte[] associatedData)
93       throws GeneralSecurityException, IOException {
94     keysetHandle.writeWithAssociatedData(writer, aead, associatedData);
95   }
96 
97   /**
98    * Returns the {@link KeysetInfo} proto of the given {@link KeysetHandle}.
99    *
100    * <p>Note: in most cases you can get more information by calling {@code handle.getAt(i).getKey()}
101    * and casting the result to the appropriate key type.
102    */
getKeysetInfo(KeysetHandle handle)103   public static KeysetInfo getKeysetInfo(KeysetHandle handle) {
104     return handle.getKeysetInfo();
105   }
106 
LegacyKeysetSerialization()107   private LegacyKeysetSerialization() {}
108 }
109