• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1// Copyright 2018 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//      http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15////////////////////////////////////////////////////////////////////////////////
16
17package registry
18
19import (
20	"google.golang.org/protobuf/proto"
21	tinkpb "github.com/google/tink/go/proto/tink_go_proto"
22)
23
24// KeyManager "understands" keys of a specific key types: it can generate keys of a supported type
25// and create primitives for supported keys.  A key type is identified by the global name of the
26// protocol buffer that holds the corresponding key material, and is given by type_url-field of
27// KeyData-protocol buffer.
28type KeyManager interface {
29	// Primitive constructs a primitive instance for the key given in serializedKey, which must be a
30	// serialized key protocol buffer handled by this manager.
31	Primitive(serializedKey []byte) (interface{}, error)
32
33	// NewKey generates a new key according to specification in serializedKeyFormat, which must be
34	// supported by this manager.
35	//
36	// Deprecated: Tink always used [NewKeyData] to create new keys. This function is
37	// unused (except in the unused and deprecated function [registry.NewKey]). It doesn't need to be
38	// implemented.
39	NewKey(serializedKeyFormat []byte) (proto.Message, error)
40
41	// DoesSupport returns true iff this KeyManager supports key type identified by typeURL.
42	DoesSupport(typeURL string) bool
43
44	// TypeURL returns the type URL that identifies the key type of keys managed by this key manager.
45	TypeURL() string
46
47	// APIs for Key Management
48
49	// NewKeyData generates a new KeyData according to specification in serializedkeyFormat.
50	// This should be used solely by the key management API.
51	NewKeyData(serializedKeyFormat []byte) (*tinkpb.KeyData, error)
52}
53