1 // Copyright 2024 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink.aead; 18 19 import com.google.crypto.tink.AccessesPartialKey; 20 import com.google.crypto.tink.Aead; 21 import com.google.crypto.tink.Parameters; 22 import com.google.crypto.tink.aead.internal.XAesGcm; 23 import com.google.crypto.tink.aead.internal.XAesGcmProtoSerialization; 24 import com.google.crypto.tink.internal.MutableKeyCreationRegistry; 25 import com.google.crypto.tink.internal.MutableParametersRegistry; 26 import com.google.crypto.tink.internal.MutablePrimitiveRegistry; 27 import com.google.crypto.tink.internal.PrimitiveConstructor; 28 import com.google.crypto.tink.util.SecretBytes; 29 import java.security.GeneralSecurityException; 30 import java.util.Collections; 31 import java.util.HashMap; 32 import java.util.Map; 33 import javax.annotation.Nullable; 34 35 /** This key manager generates new {@code XAesGcmKey} keys. */ 36 public final class XAesGcmKeyManager { 37 38 @SuppressWarnings("InlineLambdaConstant") 39 private static final MutableKeyCreationRegistry.KeyCreator<XAesGcmParameters> KEY_CREATOR = 40 XAesGcmKeyManager::createXAesGcmKey; 41 42 private static final PrimitiveConstructor<XAesGcmKey, Aead> X_AES_GCM_PRIMITVE_CONSTRUCTOR = 43 PrimitiveConstructor.create(XAesGcm::create, XAesGcmKey.class, Aead.class); 44 namedParameters()45 private static Map<String, Parameters> namedParameters() { 46 Map<String, Parameters> result = new HashMap<>(); 47 result.put("XAES_256_GCM_192_BIT_NONCE", PredefinedAeadParameters.XAES_256_GCM_192_BIT_NONCE); 48 result.put( 49 "XAES_256_GCM_192_BIT_NONCE_NO_PREFIX", 50 PredefinedAeadParameters.XAES_256_GCM_192_BIT_NONCE_NO_PREFIX); 51 result.put( 52 "XAES_256_GCM_160_BIT_NONCE_NO_PREFIX", 53 PredefinedAeadParameters.XAES_256_GCM_160_BIT_NONCE_NO_PREFIX); 54 result.put( 55 "X_AES_GCM_8_BYTE_SALT_NO_PREFIX", 56 PredefinedAeadParameters.X_AES_GCM_8_BYTE_SALT_NO_PREFIX); 57 return Collections.unmodifiableMap(result); 58 } 59 60 @AccessesPartialKey createXAesGcmKey( XAesGcmParameters parameters, @Nullable Integer idRequirement)61 private static XAesGcmKey createXAesGcmKey( 62 XAesGcmParameters parameters, @Nullable Integer idRequirement) 63 throws GeneralSecurityException { 64 return XAesGcmKey.create(parameters, SecretBytes.randomBytes(32), idRequirement); 65 } 66 register(boolean newKeyAllowed)67 public static void register(boolean newKeyAllowed) throws GeneralSecurityException { 68 XAesGcmProtoSerialization.register(); 69 MutableParametersRegistry.globalInstance().putAll(namedParameters()); 70 MutablePrimitiveRegistry.globalInstance() 71 .registerPrimitiveConstructor(X_AES_GCM_PRIMITVE_CONSTRUCTOR); 72 MutableKeyCreationRegistry.globalInstance().add(KEY_CREATOR, XAesGcmParameters.class); 73 } 74 XAesGcmKeyManager()75 private XAesGcmKeyManager() {} 76 } 77