From 6faa44c454264e68a7b93ca8616211e33b988064 Mon Sep 17 00:00:00 2001
From: Thai Duong <thaidn@google.com>
Date: Thu, 18 May 2017 16:52:02 +0000
Subject: [PATCH] Merge "Use unsigned integers when possible, including in
protobufs."
ORIGINAL_AUTHOR=Thai Duong <thaidn@google.com>
GitOrigin-RevId: bd54a12ce77ec6f535eac8a4660b365828854356
---
cc/aead/aes_gcm_key_manager.cc | 4 ++--
cc/aead/aes_gcm_key_manager.h | 2 +-
cc/core/crypto_format.cc | 4 ++--
cc/core/registry_test.cc | 2 +-
cc/key_manager.h | 2 +-
cc/mac/hmac_key_manager.cc | 2 +-
cc/mac/hmac_key_manager.h | 2 +-
cc/subtle/aes_gcm_boringssl.cc | 2 +-
cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc | 2 +-
cc/subtle/ecies_hkdf_recipient_kem_boringssl.h | 2 +-
cc/subtle/ecies_hkdf_sender_kem_boringssl.cc | 2 +-
cc/subtle/ecies_hkdf_sender_kem_boringssl.h | 2 +-
cc/subtle/hmac_boringssl.cc | 8 ++++----
cc/subtle/hmac_boringssl.h | 6 +++---
cc/subtle/hmac_boringssl_test.cc | 2 +-
cc/subtle/random.cc | 2 +-
cc/subtle/random.h | 2 +-
cc/subtle/subtle_util_boringssl.cc | 8 ++++----
cc/util/validation.h | 4 ++--
proto/aes_ctr.proto | 6 +++---
proto/aes_ctr_hmac_aead.proto | 2 +-
proto/aes_eax.proto | 6 +++---
proto/aes_gcm.proto | 4 ++--
proto/ecdsa.proto | 4 ++--
proto/ecies_aead_hkdf.proto | 4 ++--
proto/ed25519.proto | 4 ++--
proto/gcp_kms.proto | 2 +-
proto/hmac.proto | 6 +++---
proto/kms_envelope.proto | 2 +-
proto/tink.proto | 8 ++++----
30 files changed, 54 insertions(+), 54 deletions(-)
diff --git a/cc/aead/aes_gcm_key_manager.cc b/cc/aead/aes_gcm_key_manager.cc
index bb86486d4..999e16bb8 100644
--- a/cc/aead/aes_gcm_key_manager.cc
+++ b/cc/aead/aes_gcm_key_manager.cc
@@ -52,7 +52,7 @@ const std::string& AesGcmKeyManager::get_key_type() const {
return key_type_;
}
-int AesGcmKeyManager::get_version() const {
+uint32_t AesGcmKeyManager::get_version() const {
return 0;
}
@@ -128,7 +128,7 @@ Status AesGcmKeyManager::Validate(const AesGcmParams& params) const {
Status AesGcmKeyManager::Validate(const AesGcmKey& key) const {
Status status = ValidateVersion(key.version(), get_version());
if (!status.ok()) return status;
- int key_size = key.key_value().size();
+ uint32_t key_size = key.key_value().size();
if (key_size < kMinKeySizeInBytes) {
return ToStatusF(util::error::INVALID_ARGUMENT,
"Invalid AesGcmKey: key_value is too short.");
diff --git a/cc/aead/aes_gcm_key_manager.h b/cc/aead/aes_gcm_key_manager.h
index 64b04d9de..f64531004 100644
--- a/cc/aead/aes_gcm_key_manager.h
+++ b/cc/aead/aes_gcm_key_manager.h
@@ -54,7 +54,7 @@ class AesGcmKeyManager : public KeyManager<Aead> {
const std::string& get_key_type() const override;
// Returns the version of this key manager.
- int get_version() const override;
+ uint32_t get_version() const override;
virtual ~AesGcmKeyManager() {}
diff --git a/cc/core/crypto_format.cc b/cc/core/crypto_format.cc
index bd1d16ac0..d0db2e654 100644
--- a/cc/core/crypto_format.cc
+++ b/cc/core/crypto_format.cc
@@ -43,14 +43,14 @@ util::StatusOr<std::string> CryptoFormat::get_output_prefix(
case OutputPrefixType::TINK: {
std::string prefix;
prefix.assign(reinterpret_cast<const char*>(&kTinkStartByte), 1);
- int32_t key_id = key.key_id();
+ uint32_t key_id = key.key_id();
prefix.append(reinterpret_cast<char*>(&key_id), 4);
return prefix;
}
case OutputPrefixType::LEGACY: {
std::string prefix;
prefix.assign(reinterpret_cast<const char*>(&kLegacyStartByte), 1);
- int32_t key_id = key.key_id();
+ uint32_t key_id = key.key_id();
prefix.append(reinterpret_cast<char*>(&key_id), 4);
return prefix;
}
diff --git a/cc/core/registry_test.cc b/cc/core/registry_test.cc
index 1eb146bb3..f86c9c69d 100644
--- a/cc/core/registry_test.cc
+++ b/cc/core/registry_test.cc
@@ -78,7 +78,7 @@ class TestAeadKeyManager : public KeyManager<Aead> {
return util::Status::UNKNOWN;
}
- int get_version() const override {
+ uint32_t get_version() const override {
return 0;
}
diff --git a/cc/key_manager.h b/cc/key_manager.h
index b5b72ee5b..8ea34b0d4 100644
--- a/cc/key_manager.h
+++ b/cc/key_manager.h
@@ -59,7 +59,7 @@ class KeyManager {
virtual const std::string& get_key_type() const = 0;
// Returns the version of this key manager.
- virtual int get_version() const = 0;
+ virtual uint32_t get_version() const = 0;
bool DoesSupport(google::protobuf::StringPiece key_type) const {
return (key_type == get_key_type());
diff --git a/cc/mac/hmac_key_manager.cc b/cc/mac/hmac_key_manager.cc
index 7bd3cb4f5..1f6517508 100644
--- a/cc/mac/hmac_key_manager.cc
+++ b/cc/mac/hmac_key_manager.cc
@@ -55,7 +55,7 @@ const std::string& HmacKeyManager::get_key_type() const {
return key_type_;
}
-int HmacKeyManager::get_version() const {
+uint32_t HmacKeyManager::get_version() const {
return 0;
}
diff --git a/cc/mac/hmac_key_manager.h b/cc/mac/hmac_key_manager.h
index e3e312077..59e09b05b 100644
--- a/cc/mac/hmac_key_manager.h
+++ b/cc/mac/hmac_key_manager.h
@@ -54,7 +54,7 @@ class HmacKeyManager : public KeyManager<Mac> {
const std::string& get_key_type() const override;
// Returns the version of this key manager.
- int get_version() const override;
+ uint32_t get_version() const override;
virtual ~HmacKeyManager() {}
diff --git a/cc/subtle/aes_gcm_boringssl.cc b/cc/subtle/aes_gcm_boringssl.cc
index e09468fd2..028ec687d 100644
--- a/cc/subtle/aes_gcm_boringssl.cc
+++ b/cc/subtle/aes_gcm_boringssl.cc
@@ -32,7 +32,7 @@ namespace cloud {
namespace crypto {
namespace tink {
-static const EVP_CIPHER* GetCipherForKeySize(int size_in_bytes) {
+static const EVP_CIPHER* GetCipherForKeySize(uint32_t size_in_bytes) {
switch (size_in_bytes) {
case 16:
return EVP_aes_128_gcm();
diff --git a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc
index 8c8321eb5..a663ce859 100644
--- a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc
+++ b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc
@@ -31,7 +31,7 @@ EciesHkdfRecipientKemBoringSsl::EciesHkdfRecipientKemBoringSsl(
util::StatusOr<std::string> EciesHkdfRecipientKemBoringSsl::GenerateKey(
StringPiece kem_bytes, HashType hash, StringPiece hkdf_salt,
- StringPiece hkdf_info, int key_size_in_bytes,
+ StringPiece hkdf_info, uint32_t key_size_in_bytes,
EcPointFormat point_format) const {
auto status_or_ec_point =
SubtleUtilBoringSSL::EcPointDecode(curve_, point_format, kem_bytes);
diff --git a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h
index c0623bb8e..1f34f487a 100644
--- a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h
+++ b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h
@@ -43,7 +43,7 @@ class EciesHkdfRecipientKemBoringSsl {
util::StatusOr<std::string> GenerateKey(StringPiece kem_bytes, HashType hash,
StringPiece hkdf_salt,
StringPiece hkdf_info,
- int key_size_in_bytes,
+ uint32_t key_size_in_bytes,
EcPointFormat point_format) const;
private:
diff --git a/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc b/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc
index f1b0a9f8c..f82c780de 100644
--- a/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc
+++ b/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc
@@ -48,7 +48,7 @@ EciesHkdfSenderKemBoringSsl::EciesHkdfSenderKemBoringSsl(
util::StatusOr<EciesHkdfSenderKemBoringSsl::KemKey>
EciesHkdfSenderKemBoringSsl::GenerateKey(HashType hash, StringPiece hkdf_salt,
StringPiece hkdf_info,
- int key_size_in_bytes,
+ uint32_t key_size_in_bytes,
EcPointFormat point_format) const {
if (peer_pub_key_.get() == nullptr) {
return util::Status(util::error::INTERNAL,
diff --git a/cc/subtle/ecies_hkdf_sender_kem_boringssl.h b/cc/subtle/ecies_hkdf_sender_kem_boringssl.h
index 3fa259d1d..e6efd7bb3 100644
--- a/cc/subtle/ecies_hkdf_sender_kem_boringssl.h
+++ b/cc/subtle/ecies_hkdf_sender_kem_boringssl.h
@@ -59,7 +59,7 @@ class EciesHkdfSenderKemBoringSsl {
// symmetric key from the shared secret, hkdf info and hkdf salt.
util::StatusOr<KemKey> GenerateKey(HashType hash, StringPiece hkdf_salt,
StringPiece hkdf_info,
- int key_size_in_bytes,
+ uint32_t key_size_in_bytes,
EcPointFormat point_format) const;
private:
diff --git a/cc/subtle/hmac_boringssl.cc b/cc/subtle/hmac_boringssl.cc
index a1f6e7c72..23388ee18 100644
--- a/cc/subtle/hmac_boringssl.cc
+++ b/cc/subtle/hmac_boringssl.cc
@@ -37,13 +37,13 @@ namespace tink {
// static
util::StatusOr<std::unique_ptr<Mac>> HmacBoringSsl::New(
- HashType hash_type, int tag_size, const std::string& key_value) {
+ HashType hash_type, uint32_t tag_size, const std::string& key_value) {
util::StatusOr<const EVP_MD*> res = SubtleUtilBoringSSL::EvpHash(hash_type);
if (!res.ok()) {
return res.status();
}
const EVP_MD* md = res.ValueOrDie();
- if (static_cast<int>(EVP_MD_size(md)) < tag_size || tag_size <= 0) {
+ if (EVP_MD_size(md) < tag_size) {
// The key manager is responsible to security policies.
// The checks here just ensure the preconditions of the primitive.
// If this fails then something is wrong with the key manager.
@@ -53,7 +53,7 @@ util::StatusOr<std::unique_ptr<Mac>> HmacBoringSsl::New(
return std::move(hmac);
}
-HmacBoringSsl::HmacBoringSsl(const EVP_MD* md, int tag_size,
+HmacBoringSsl::HmacBoringSsl(const EVP_MD* md, uint32_t tag_size,
const std::string& key_value)
: md_(md), tag_size_(tag_size), key_value_(key_value) {}
@@ -90,7 +90,7 @@ util::Status HmacBoringSsl::VerifyMac(
"BoringSSL failed to compute HMAC");
}
uint8_t diff = 0;
- for (int i = 0; i < tag_size_; i++) {
+ for (uint32_t i = 0; i < tag_size_; i++) {
diff |= buf[i] ^ static_cast<uint8_t>(mac[i]);
}
if (diff == 0) {
diff --git a/cc/subtle/hmac_boringssl.h b/cc/subtle/hmac_boringssl.h
index c91236eba..654c1af4d 100644
--- a/cc/subtle/hmac_boringssl.h
+++ b/cc/subtle/hmac_boringssl.h
@@ -34,7 +34,7 @@ class HmacBoringSsl : public Mac {
public:
static util::StatusOr<std::unique_ptr<Mac>> New(
google::cloud::crypto::tink::HashType hash_type,
- int tag_size, const std::string& key_value);
+ uint32_t tag_size, const std::string& key_value);
// Computes and returns the HMAC for 'data'.
util::StatusOr<std::string> ComputeMac(
@@ -50,11 +50,11 @@ class HmacBoringSsl : public Mac {
private:
HmacBoringSsl() {}
- HmacBoringSsl(const EVP_MD* md, int tag_size, const std::string& key_value);
+ HmacBoringSsl(const EVP_MD* md, uint32_t tag_size, const std::string& key_value);
// HmacBoringSsl is not owner of md (it is owned by BoringSSL).
const EVP_MD* md_;
- int tag_size_;
+ uint32_t tag_size_;
std::string key_value_;
};
diff --git a/cc/subtle/hmac_boringssl_test.cc b/cc/subtle/hmac_boringssl_test.cc
index 367eea1d8..890c4feca 100644
--- a/cc/subtle/hmac_boringssl_test.cc
+++ b/cc/subtle/hmac_boringssl_test.cc
@@ -36,7 +36,7 @@ class HmacBoringSslTest : public ::testing::Test {
public:
// Utility to simplify testing with test vectors.
// Arguments and result are hexadecimal.
- bool HmacVerifyHex(HashType hash, int tag_size, const std::string &key_hex,
+ bool HmacVerifyHex(HashType hash, uint32_t tag_size, const std::string &key_hex,
const std::string &tag_hex, const std::string &data_hex) {
std::string key = test::HexDecodeOrDie(key_hex);
std::string tag = test::HexDecodeOrDie(tag_hex);
diff --git a/cc/subtle/random.cc b/cc/subtle/random.cc
index a386f2c16..0a9047bb0 100644
--- a/cc/subtle/random.cc
+++ b/cc/subtle/random.cc
@@ -23,7 +23,7 @@ namespace crypto {
namespace tink {
// static
-std::string Random::GetRandomBytes(int length) {
+std::string Random::GetRandomBytes(size_t length) {
std::unique_ptr<uint8_t[]> buf(new uint8_t[length]);
// BoringSSL documentation says that it always returns 1; while
// OpenSSL documentation says that it returns 1 on success, 0 otherwise. We
diff --git a/cc/subtle/random.h b/cc/subtle/random.h
index 751142cde..6c489ac67 100644
--- a/cc/subtle/random.h
+++ b/cc/subtle/random.h
@@ -26,7 +26,7 @@ namespace tink {
class Random {
public:
// Returns a random string of desired length.
- static std::string GetRandomBytes(int length);
+ static std::string GetRandomBytes(size_t length);
};
} // namespace tink
diff --git a/cc/subtle/subtle_util_boringssl.cc b/cc/subtle/subtle_util_boringssl.cc
index 5dcda8efe..35998154f 100644
--- a/cc/subtle/subtle_util_boringssl.cc
+++ b/cc/subtle/subtle_util_boringssl.cc
@@ -119,7 +119,7 @@ util::StatusOr<std::string> SubtleUtilBoringSSL::ComputeEcdhSharedSecret(
// Get shared point's x coordinate.
unsigned curve_size_in_bits = EC_GROUP_get_degree(priv_group.get());
unsigned curve_size_in_bytes = (curve_size_in_bits + 7) / 8;
- size_t x_size_in_bytes = BN_num_bytes(shared_x.get());
+ unsigned x_size_in_bytes = BN_num_bytes(shared_x.get());
std::unique_ptr<uint8_t[]> shared_secret_bytes(
new uint8_t[curve_size_in_bytes]);
memset(shared_secret_bytes.get(), 0, curve_size_in_bytes);
@@ -128,9 +128,9 @@ util::StatusOr<std::string> SubtleUtilBoringSSL::ComputeEcdhSharedSecret(
"The x-coordinate of the shared point is larger than "
"the size of the curve");
}
- int zeros = static_cast<int>(curve_size_in_bytes - x_size_in_bytes);
- int written = BN_bn2bin(shared_x.get(), &shared_secret_bytes.get()[zeros]);
- if (written != static_cast<int>(x_size_in_bytes)) {
+ unsigned zeros = curve_size_in_bytes - x_size_in_bytes;
+ size_t written = BN_bn2bin(shared_x.get(), &shared_secret_bytes.get()[zeros]);
+ if (written != x_size_in_bytes) {
return util::Status(util::error::INTERNAL, "BN_bn_2bin failed");
}
return std::string(reinterpret_cast<char *>(shared_secret_bytes.get()),
diff --git a/cc/util/validation.h b/cc/util/validation.h
index 3849c0b4d..6e793fa67 100644
--- a/cc/util/validation.h
+++ b/cc/util/validation.h
@@ -32,8 +32,8 @@ util::Status ValidateKeyset(const google::cloud::crypto::tink::Keyset& keyset) {
return util::Status::OK;
}
-util::Status ValidateVersion(int candidate, int max_expected) {
- if (candidate < 0 || candidate > max_expected) {
+util::Status ValidateVersion(uint32_t candidate, uint32_t max_expected) {
+ if (candidate > max_expected) {
return ToStatusF(util::error::INVALID_ARGUMENT,
"Key has version '%d'; "
"only keys with version in range [0..%d] are supported.",
diff --git a/proto/aes_ctr.proto b/proto/aes_ctr.proto
index 9d850cad8..2d52ef506 100644
--- a/proto/aes_ctr.proto
+++ b/proto/aes_ctr.proto
@@ -22,17 +22,17 @@ option java_package = "com.google.cloud.crypto.tink";
option java_outer_classname = "AesCtrProto";
message AesCtrParams {
- int32 iv_size = 1;
+ uint32 iv_size = 1;
}
message AesCtrKeyFormat {
AesCtrParams params = 1;
- int32 key_size = 2;
+ uint32 key_size = 2;
}
// key_type: type.googleapis.com/google.cloud.crypto.tink.AesCtrKey
message AesCtrKey {
- int32 version = 1;
+ uint32 version = 1;
AesCtrParams params = 2;
bytes key_value = 3;
}
\ No newline at end of file
diff --git a/proto/aes_ctr_hmac_aead.proto b/proto/aes_ctr_hmac_aead.proto
index c13dd2834..303cfc461 100644
--- a/proto/aes_ctr_hmac_aead.proto
+++ b/proto/aes_ctr_hmac_aead.proto
@@ -36,7 +36,7 @@ message AesCtrHmacAeadKeyFormat {
// key_type: type.googleapis.com/google.cloud.crypto.tink.AesCtrKey
message AesCtrHmacAeadKey {
- int32 version = 1;
+ uint32 version = 1;
AesCtrKey aes_ctr_key = 2;
HmacKey hmac_key = 3;
}
diff --git a/proto/aes_eax.proto b/proto/aes_eax.proto
index e10525417..92385ad42 100644
--- a/proto/aes_eax.proto
+++ b/proto/aes_eax.proto
@@ -24,17 +24,17 @@ option java_outer_classname = "AesEaxProto";
// only allowing tag size in bytes = 16
message AesEaxParams {
// possible value is 12 or 16 bytes.
- int32 iv_size = 1;
+ uint32 iv_size = 1;
}
message AesEaxKeyFormat {
AesEaxParams params = 1;
- int32 key_size = 2;
+ uint32 key_size = 2;
}
// key_type: type.googleapis.com/google.cloud.crypto.tink.AesEaxKey
message AesEaxKey {
- int32 version = 1;
+ uint32 version = 1;
AesEaxParams params = 2;
bytes key_value = 3;
}
diff --git a/proto/aes_gcm.proto b/proto/aes_gcm.proto
index dd190e5a9..412e25baf 100644
--- a/proto/aes_gcm.proto
+++ b/proto/aes_gcm.proto
@@ -28,12 +28,12 @@ message AesGcmParams {
message AesGcmKeyFormat {
AesGcmParams params = 1;
- int32 key_size = 2;
+ uint32 key_size = 2;
}
// key_type: type.googleapis.com/google.cloud.crypto.tink.AesGcmKey
message AesGcmKey {
- int32 version = 1;
+ uint32 version = 1;
AesGcmParams params = 2;
bytes key_value = 3;
}
diff --git a/proto/ecdsa.proto b/proto/ecdsa.proto
index d43472b97..ed87b392b 100644
--- a/proto/ecdsa.proto
+++ b/proto/ecdsa.proto
@@ -51,7 +51,7 @@ message EcdsaParams {
// key_type: type.googleapis.com/google.cloud.crypto.tink.EcdsaPublicKey
message EcdsaPublicKey {
// Required.
- int32 version = 1;
+ uint32 version = 1;
// Required.
EcdsaParams params = 2;
// Affine coordinates of the public key in bigendian representation. The
@@ -67,7 +67,7 @@ message EcdsaPublicKey {
// key_type: type.googleapis.com/google.cloud.crypto.tink.EcdsaPrivateKey
message EcdsaPrivateKey {
// Required.
- int32 version = 1;
+ uint32 version = 1;
// Required.
EcdsaPublicKey public_key = 2;
// Unsigned big integer in bigendian representation.
diff --git a/proto/ecies_aead_hkdf.proto b/proto/ecies_aead_hkdf.proto
index 41c7fe184..bd2a7e852 100644
--- a/proto/ecies_aead_hkdf.proto
+++ b/proto/ecies_aead_hkdf.proto
@@ -74,7 +74,7 @@ message EciesAeadHkdfParams {
// key_type: type.googleapis.com/google.cloud.crypto.tink.EciesAeadHkdfPublicKey
message EciesAeadHkdfPublicKey {
// Required.
- int32 version = 1;
+ uint32 version = 1;
// Required.
EciesAeadHkdfParams params = 2;
@@ -90,7 +90,7 @@ message EciesAeadHkdfPublicKey {
// key_type: type.googleapis.com/google.cloud.crypto.tink.EciesAeadHkdfPrivateKey
message EciesAeadHkdfPrivateKey {
// Required.
- int32 version = 1;
+ uint32 version = 1;
// Required.
EciesAeadHkdfPublicKey public_key = 2;
diff --git a/proto/ed25519.proto b/proto/ed25519.proto
index ef77a721a..464cabeb7 100644
--- a/proto/ed25519.proto
+++ b/proto/ed25519.proto
@@ -31,7 +31,7 @@ message Ed25519Params {
// key_type: type.googleapis.com/google.cloud.crypto.tink.Ed25519PublicKey
message Ed25519PublicKey {
// Required.
- int32 version = 1;
+ uint32 version = 1;
// Required.
Ed25519Params params = 2;
// The public key is 32 bytes, encoded according to
@@ -43,7 +43,7 @@ message Ed25519PublicKey {
// key_type: type.googleapis.com/google.cloud.crypto.tink.Ed25519PrivateKey
message Ed25519PrivateKey {
// Required.
- int32 version = 1;
+ uint32 version = 1;
// Required.
Ed25519PublicKey public_key = 2;
// The private key is 32 bytes, interpreted as a little-endian integer.
diff --git a/proto/gcp_kms.proto b/proto/gcp_kms.proto
index 8c8016683..04e1c67c9 100644
--- a/proto/gcp_kms.proto
+++ b/proto/gcp_kms.proto
@@ -26,7 +26,7 @@ message GcpKmsAeadParams {
// key_type: type.googleapis.com/google.cloud.crypto.tink.GcpKmsAeadKey
message GcpKmsAeadKey {
- int32 version = 1;
+ uint32 version = 1;
GcpKmsAeadParams params = 2;
// Required.
// The location of a CryptoKey in Google Cloud KMS.
diff --git a/proto/hmac.proto b/proto/hmac.proto
index a96ac9490..4e484c799 100644
--- a/proto/hmac.proto
+++ b/proto/hmac.proto
@@ -25,17 +25,17 @@ option java_outer_classname = "HmacProto";
message HmacParams {
HashType hash = 1; // HashType is an enum.
- int32 tag_size = 2;
+ uint32 tag_size = 2;
}
// key_type: type.googleapis.com/google.cloud.crypto.tink.HmacKey
message HmacKey {
- int32 version = 1;
+ uint32 version = 1;
HmacParams params = 2;
bytes key_value = 3;
}
message HmacKeyFormat {
HmacParams params = 1;
- int32 key_size = 2;
+ uint32 key_size = 2;
}
diff --git a/proto/kms_envelope.proto b/proto/kms_envelope.proto
index f5d4dc5dd..ac76fa2e6 100644
--- a/proto/kms_envelope.proto
+++ b/proto/kms_envelope.proto
@@ -38,6 +38,6 @@ message KmsEnvelopeAeadKeyFormat {
// There is no actual key material in the key.
message KmsEnvelopeAeadKey {
- int32 version = 1;
+ uint32 version = 1;
KmsEnvelopeAeadParams params = 2;
}
diff --git a/proto/tink.proto b/proto/tink.proto
index 23f0fa1b9..20e7da37c 100644
--- a/proto/tink.proto
+++ b/proto/tink.proto
@@ -125,14 +125,14 @@ message Keyset {
// Identifies a key within a keyset, is a part of metadata
// of a ciphertext/signature.
- int32 key_id = 3;
+ uint32 key_id = 3;
OutputPrefixType output_prefix_type = 4;
}
// Identifies key used to generate new crypto data (encrypt, sign).
// Required.
- int32 primary_key_id = 1;
+ uint32 primary_key_id = 1;
// Actual keys in the Keyset.
// Required.
@@ -152,14 +152,14 @@ message KeysetInfo {
KeyStatusType status = 2;
// See Keyset.Key.key_id.
- int32 key_id = 3;
+ uint32 key_id = 3;
// See Keyset.Key.output_prefix_type.
OutputPrefixType output_prefix_type = 4;
}
// See Keyset.primary_key_id.
- int32 primary_key_id = 1;
+ uint32 primary_key_id = 1;
// KeyInfos in the KeysetInfo.
// Each KeyInfo is corresponding to a Key in the corresponding Keyset.
--
GitLab