Skip to content
Snippets Groups Projects
Commit 258e6140 authored by Tink Team's avatar Tink Team Committed by Copybara-Service
Browse files

Add AES-256-GCM key template with raw output prefix.

PiperOrigin-RevId: 262647886
parent 2958a388
No related branches found
No related tags found
No related merge requests found
......@@ -83,22 +83,42 @@ class AeadKeyTemplates {
* Returns a KeyTemplate that generates new instances of AesGcmKey
* with the following parameters:
* key size: 16 bytes
* OutputPrefixType: TINK
*
* @return {!PbKeyTemplate}
*/
static aes128Gcm() {
return AeadKeyTemplates.newAesGcmKeyTemplate_(/* keySize = */ 16);
return AeadKeyTemplates.newAesGcmKeyTemplate_(
/* keySize = */ 16,
/* outputPrefixType = */ PbOutputPrefixType.TINK);
}
/**
* Returns a KeyTemplate that generates new instances of AesGcmKey
* with the following parameters:
* key size: 32 bytes
* OutputPrefixType: TINK
*
* @return {!PbKeyTemplate}
*/
static aes256Gcm() {
return AeadKeyTemplates.newAesGcmKeyTemplate_(/* keySize = */ 32);
return AeadKeyTemplates.newAesGcmKeyTemplate_(
/* keySize = */ 32,
/* outputPrefixType = */ PbOutputPrefixType.TINK);
}
/**
* Returns a KeyTemplate that generates new instances of AesGcmKey
* with the following parameters:
* key size: 32 bytes
* OutputPrefixType: RAW
*
* @return {!PbKeyTemplate}
*/
static aes256GcmNoPrefix() {
return AeadKeyTemplates.newAesGcmKeyTemplate_(
/* keySize = */ 32,
/* outputPrefixType = */ PbOutputPrefixType.RAW);
}
/**
......@@ -144,17 +164,18 @@ class AeadKeyTemplates {
* @private
*
* @param {number} keySize
* @param {!PbOutputPrefixType} outputPrefixType
*
* @return {!PbKeyTemplate}
*/
static newAesGcmKeyTemplate_(keySize) {
static newAesGcmKeyTemplate_(keySize, outputPrefixType) {
// Define AES GCM key format.
const keyFormat = new PbAesGcmKeyFormat().setKeySize(keySize);
// Define key template.
const keyTemplate = new PbKeyTemplate()
.setTypeUrl(AeadConfig.AES_GCM_TYPE_URL)
.setOutputPrefixType(PbOutputPrefixType.TINK)
.setOutputPrefixType(outputPrefixType)
.setValue(keyFormat.serializeBinary());
return keyTemplate;
......
......@@ -144,4 +144,26 @@ testSuite({
// Test that the template works with AesCtrHmacAeadKeyManager.
manager.getKeyFactory().newKey(keyTemplate.getValue_asU8());
},
testAes256GcmNoPrefix() {
// The created key should have the following parameters.
const expectedKeySize = 32;
const expectedOutputPrefix = PbOutputPrefixType.RAW;
// Expected type URL is the one supported by AesGcmKeyManager.
const manager = new AesGcmKeyManager();
const expectedTypeUrl = manager.getKeyType();
const keyTemplate = AeadKeyTemplates.aes256GcmNoPrefix();
assertEquals(expectedTypeUrl, keyTemplate.getTypeUrl());
assertEquals(expectedOutputPrefix, keyTemplate.getOutputPrefixType());
// Test key size value in key format.
const keyFormat =
PbAesGcmKeyFormat.deserializeBinary(keyTemplate.getValue_asU8());
assertEquals(expectedKeySize, keyFormat.getKeySize());
// Test that the template works with AesCtrHmacAeadKeyManager.
manager.getKeyFactory().newKey(keyTemplate.getValue_asU8());
}
});
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment