1 // Copyright 2021 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 /////////////////////////////////////////////////////////////////////////////// 16 17 #include "tink/experimental/pqcrypto/signature/falcon_sign_key_manager.h" 18 19 #include <memory> 20 21 #include "absl/memory/memory.h" 22 #include "absl/strings/str_cat.h" 23 #include "absl/strings/string_view.h" 24 #include "tink/experimental/pqcrypto/signature/falcon_verify_key_manager.h" 25 #include "tink/experimental/pqcrypto/signature/subtle/falcon_sign.h" 26 #include "tink/experimental/pqcrypto/signature/subtle/falcon_subtle_utils.h" 27 #include "tink/public_key_sign.h" 28 #include "tink/util/errors.h" 29 #include "tink/util/input_stream_util.h" 30 #include "tink/util/protobuf_helper.h" 31 #include "tink/util/secret_data.h" 32 #include "tink/util/status.h" 33 #include "tink/util/statusor.h" 34 #include "tink/util/validation.h" 35 36 namespace crypto { 37 namespace tink { 38 39 using ::crypto::tink::subtle::FalconKeyPair; 40 using ::crypto::tink::subtle::FalconPrivateKeyPqclean; 41 using ::crypto::tink::util::Status; 42 using ::crypto::tink::util::StatusOr; 43 using ::google::crypto::tink::FalconKeyFormat; 44 using ::google::crypto::tink::FalconPrivateKey; 45 using ::google::crypto::tink::FalconPublicKey; 46 CreateKey(const FalconKeyFormat & key_format) const47StatusOr<FalconPrivateKey> FalconSignKeyManager::CreateKey( 48 const FalconKeyFormat& key_format) const { 49 util::StatusOr<FalconKeyPair> key_pair = 50 subtle::GenerateFalconKeyPair(key_format.key_size()); 51 52 if (!key_pair.status().ok()) { 53 return key_pair.status(); 54 } 55 56 FalconPrivateKey falcon_private_key; 57 falcon_private_key.set_version(get_version()); 58 falcon_private_key.set_key_value( 59 util::SecretDataAsStringView(key_pair->GetPrivateKey().GetKey())); 60 61 FalconPublicKey* falcon_public_key = falcon_private_key.mutable_public_key(); 62 falcon_public_key->set_version(get_version()); 63 falcon_public_key->set_key_value(key_pair->GetPublicKey().GetKey()); 64 65 return falcon_private_key; 66 } 67 68 StatusOr<std::unique_ptr<PublicKeySign>> Create(const FalconPrivateKey & private_key) const69FalconSignKeyManager::PublicKeySignFactory::Create( 70 const FalconPrivateKey& private_key) const { 71 util::SecretData sk_data = 72 util::SecretDataFromStringView(private_key.key_value()); 73 74 util::StatusOr<FalconPrivateKeyPqclean> falcon_private_key = 75 FalconPrivateKeyPqclean::NewPrivateKey(sk_data); 76 77 if (!falcon_private_key.ok()) { 78 return falcon_private_key.status(); 79 } 80 81 return subtle::FalconSign::New(*falcon_private_key); 82 } 83 ValidateKey(const FalconPrivateKey & key) const84Status FalconSignKeyManager::ValidateKey(const FalconPrivateKey& key) const { 85 Status status = ValidateVersion(key.version(), get_version()); 86 if (!status.ok()) { 87 return status; 88 } 89 90 status = subtle::ValidateFalconPrivateKeySize(key.key_value().length()); 91 if (!status.ok()) { 92 return status; 93 } 94 95 return FalconVerifyKeyManager().ValidateKey(key.public_key()); 96 } 97 ValidateKeyFormat(const FalconKeyFormat & key_format) const98Status FalconSignKeyManager::ValidateKeyFormat( 99 const FalconKeyFormat& key_format) const { 100 Status status = subtle::ValidateFalconPrivateKeySize(key_format.key_size()); 101 if (!status.ok()) { 102 return status; 103 } 104 105 return util::OkStatus(); 106 } 107 108 } // namespace tink 109 } // namespace crypto 110