1 // Copyright 2017 Google Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 /////////////////////////////////////////////////////////////////////////////// 16 17 #include "tink/hybrid/ecies_aead_hkdf_private_key_manager.h" 18 19 #include <string> 20 21 #include "absl/memory/memory.h" 22 #include "absl/status/status.h" 23 #include "absl/strings/string_view.h" 24 #include "tink/hybrid/ecies_aead_hkdf_hybrid_decrypt.h" 25 #include "tink/hybrid/ecies_aead_hkdf_public_key_manager.h" 26 #include "tink/hybrid_decrypt.h" 27 #include "tink/internal/ec_util.h" 28 #include "tink/key_manager.h" 29 #include "tink/util/enums.h" 30 #include "tink/util/errors.h" 31 #include "tink/util/protobuf_helper.h" 32 #include "tink/util/secret_data.h" 33 #include "tink/util/status.h" 34 #include "tink/util/statusor.h" 35 #include "tink/util/validation.h" 36 #include "proto/ecies_aead_hkdf.pb.h" 37 #include "proto/tink.pb.h" 38 39 namespace crypto { 40 namespace tink { 41 42 using crypto::tink::util::Status; 43 using crypto::tink::util::StatusOr; 44 using google::crypto::tink::EciesAeadHkdfKeyFormat; 45 using google::crypto::tink::EciesAeadHkdfPrivateKey; 46 using google::crypto::tink::EciesAeadHkdfPublicKey; 47 using google::crypto::tink::EciesHkdfKemParams; 48 ValidateKeyFormat(const EciesAeadHkdfKeyFormat & key_format) const49Status EciesAeadHkdfPrivateKeyManager::ValidateKeyFormat( 50 const EciesAeadHkdfKeyFormat& key_format) const { 51 if (!key_format.has_params()) { 52 return Status(absl::StatusCode::kInvalidArgument, "Missing params."); 53 } 54 return EciesAeadHkdfPublicKeyManager().ValidateParams(key_format.params()); 55 } 56 CreateKey(const EciesAeadHkdfKeyFormat & ecies_key_format) const57StatusOr<EciesAeadHkdfPrivateKey> EciesAeadHkdfPrivateKeyManager::CreateKey( 58 const EciesAeadHkdfKeyFormat& ecies_key_format) const { 59 // Generate new EC key. 60 const EciesHkdfKemParams& kem_params = ecies_key_format.params().kem_params(); 61 util::StatusOr<internal::EcKey> ec_key = 62 internal::NewEcKey(util::Enums::ProtoToSubtle(kem_params.curve_type())); 63 if (!ec_key.ok()) { 64 return ec_key.status(); 65 } 66 67 // Build EciesAeadHkdfPrivateKey. 68 EciesAeadHkdfPrivateKey ecies_private_key; 69 ecies_private_key.set_version(get_version()); 70 ecies_private_key.set_key_value( 71 std::string(util::SecretDataAsStringView(ec_key->priv))); 72 auto ecies_public_key = ecies_private_key.mutable_public_key(); 73 ecies_public_key->set_version(get_version()); 74 ecies_public_key->set_x(ec_key->pub_x); 75 ecies_public_key->set_y(ec_key->pub_y); 76 *(ecies_public_key->mutable_params()) = ecies_key_format.params(); 77 78 return ecies_private_key; 79 } 80 GetPublicKey(const EciesAeadHkdfPrivateKey & private_key) const81StatusOr<EciesAeadHkdfPublicKey> EciesAeadHkdfPrivateKeyManager::GetPublicKey( 82 const EciesAeadHkdfPrivateKey& private_key) const { 83 return private_key.public_key(); 84 } 85 ValidateKey(const EciesAeadHkdfPrivateKey & key) const86Status EciesAeadHkdfPrivateKeyManager::ValidateKey( 87 const EciesAeadHkdfPrivateKey& key) const { 88 Status status = ValidateVersion(key.version(), get_version()); 89 if (!status.ok()) return status; 90 if (!key.has_public_key()) { 91 return Status(absl::StatusCode::kInvalidArgument, "Missing public_key."); 92 } 93 return EciesAeadHkdfPublicKeyManager().ValidateKey(key.public_key()); 94 } 95 96 } // namespace tink 97 } // namespace crypto 98