1 // Copyright 2022 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink; 18 19 import static com.google.crypto.tink.internal.Util.UTF_8; 20 21 import java.io.ByteArrayOutputStream; 22 import java.io.IOException; 23 import java.security.GeneralSecurityException; 24 25 /** Functions to parse and serialize Keyset in Tink's JSON format based on Protobufs. */ 26 public final class TinkJsonProtoKeysetFormat { 27 28 @SuppressWarnings("UnusedException") parseKeyset(String serializedKeyset, SecretKeyAccess access)29 public static KeysetHandle parseKeyset(String serializedKeyset, SecretKeyAccess access) 30 throws GeneralSecurityException { 31 if (access == null) { 32 throw new NullPointerException("SecretKeyAccess cannot be null"); 33 } 34 try { 35 return CleartextKeysetHandle.read(JsonKeysetReader.withString(serializedKeyset)); 36 } catch (IOException e) { 37 throw new GeneralSecurityException("Parse keyset failed"); 38 } 39 } 40 41 @SuppressWarnings("UnusedException") serializeKeyset(KeysetHandle keysetHandle, SecretKeyAccess access)42 public static String serializeKeyset(KeysetHandle keysetHandle, SecretKeyAccess access) 43 throws GeneralSecurityException { 44 if (access == null) { 45 throw new NullPointerException("SecretKeyAccess cannot be null"); 46 } 47 try { 48 ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); 49 CleartextKeysetHandle.write(keysetHandle, JsonKeysetWriter.withOutputStream(outputStream)); 50 return new String(outputStream.toByteArray(), UTF_8); 51 } catch (IOException e) { 52 throw new GeneralSecurityException("Serialize keyset failed"); 53 } 54 } 55 56 @SuppressWarnings("UnusedException") parseKeysetWithoutSecret(String serializedKeyset)57 public static KeysetHandle parseKeysetWithoutSecret(String serializedKeyset) 58 throws GeneralSecurityException { 59 try { 60 return KeysetHandle.readNoSecret(JsonKeysetReader.withString(serializedKeyset)); 61 } catch (IOException e) { 62 throw new GeneralSecurityException("Parse keyset failed"); 63 } 64 } 65 66 @SuppressWarnings("UnusedException") serializeKeysetWithoutSecret(KeysetHandle keysetHandle)67 public static String serializeKeysetWithoutSecret(KeysetHandle keysetHandle) 68 throws GeneralSecurityException { 69 try { 70 ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); 71 keysetHandle.writeNoSecret(JsonKeysetWriter.withOutputStream(outputStream)); 72 return new String(outputStream.toByteArray(), UTF_8); 73 } catch (IOException e) { 74 throw new GeneralSecurityException("Serialize keyset failed"); 75 } 76 } 77 78 @SuppressWarnings("UnusedException") parseEncryptedKeyset( String serializedEncryptedKeyset, Aead keysetEncryptionAead, byte[] associatedData)79 public static KeysetHandle parseEncryptedKeyset( 80 String serializedEncryptedKeyset, Aead keysetEncryptionAead, byte[] associatedData) 81 throws GeneralSecurityException { 82 try { 83 return KeysetHandle.readWithAssociatedData( 84 JsonKeysetReader.withString(serializedEncryptedKeyset), 85 keysetEncryptionAead, 86 associatedData); 87 } catch (IOException e) { 88 throw new GeneralSecurityException("Parse keyset failed"); 89 } 90 } 91 92 @SuppressWarnings("UnusedException") serializeEncryptedKeyset( KeysetHandle keysetHandle, Aead keysetEncryptionAead, byte[] associatedData)93 public static String serializeEncryptedKeyset( 94 KeysetHandle keysetHandle, Aead keysetEncryptionAead, byte[] associatedData) 95 throws GeneralSecurityException { 96 try { 97 ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); 98 keysetHandle.writeWithAssociatedData( 99 JsonKeysetWriter.withOutputStream(outputStream), keysetEncryptionAead, associatedData); 100 return new String(outputStream.toByteArray(), UTF_8); 101 } catch (IOException e) { 102 throw new GeneralSecurityException("Serialize keyset failed"); 103 } 104 } 105 TinkJsonProtoKeysetFormat()106 private TinkJsonProtoKeysetFormat() {} 107 } 108