// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
////////////////////////////////////////////////////////////////////////////////
goog.module('tink.CryptoFormat');
const InvalidArgumentsException = goog.require('tink.exception.InvalidArgumentsException');
const PbKeyset = goog.require('proto.google.crypto.tink.Keyset');
const PbOutputPrefixType = goog.require('proto.google.crypto.tink.OutputPrefixType');
const SecurityException = goog.require('tink.exception.SecurityException');
/**
* Constants and methods that deal with the format of the outputs handled by
* Tink.
*
* @static
* @final
*/
class CryptoFormat {
/**
* Generates the prefix for the outputs handled by the given 'key'.
* Throws an exception if the prefix type of 'key' is invalid.
*
* @param {PbKeyset.Key} key
*
* @return {!Uint8Array}
*/
static getOutputPrefix(key) {
switch (key.getOutputPrefixType()) {
case PbOutputPrefixType.LEGACY: // fall through
case PbOutputPrefixType.CRUNCHY:
return CryptoFormat.makeOutputPrefix_(
key.getKeyId(), CryptoFormat.LEGACY_START_BYTE);
case PbOutputPrefixType.TINK:
return CryptoFormat.makeOutputPrefix_(
key.getKeyId(), CryptoFormat.TINK_START_BYTE);
case PbOutputPrefixType.RAW:
return CryptoFormat.RAW_PREFIX;
default:
throw new SecurityException('Unsupported key prefix type.');
}
}
/**
* Makes output prefix which consits of 4 bytes of key id in Big Endian
* representation followed by 1 byte of key type identifier.
*
* @static
* @private
* @param {number} keyId
* @param {number} keyTypeIdentifier
*
* @return {!Uint8Array}
*/
static makeOutputPrefix_(keyId, keyTypeIdentifier) {
let /** Array */ res = [keyTypeIdentifier];
res = res.concat(CryptoFormat.numberAsBigEndian_(keyId));
return new Uint8Array(res);
}
/**
* Returns the given number as Uint8Array in Big Endian format.
*
* Given number has to be a non-negative integer smaller than 2^32.
*
* @static
* @private
* @param {number} n
*
* @return {!Array}
*/
static numberAsBigEndian_(n) {
if (!Number.isInteger(n) || n < 0 || n >= 2**32) {
throw new InvalidArgumentsException(
'Number has to be unsigned 32-bit integer.');
}
const numberOfBytes = 4;
let res = new Array(numberOfBytes);
for (let i = 0; i < numberOfBytes; i++) {
res[i] = 0xFF & (n >> 8 * (numberOfBytes - i - 1));
}
return res;
}
}
/**
* Prefix size of Tink and Legacy key types.
* @const @static {number}
*/
CryptoFormat.NON_RAW_PREFIX_SIZE = 5;
/**
* Prefix size of Legacy key types.
* @const @static {number}
*/
CryptoFormat.LEGACY_PREFIX_SIZE = CryptoFormat.NON_RAW_PREFIX_SIZE;
/**
* Legacy starts with 0 and is followed by 4-byte key id.
* @const @static {number}
*/
CryptoFormat.LEGACY_START_BYTE = 0x00;
/**
* Prefix size of Tink key types.
* @const @static {number}
*/
CryptoFormat.TINK_PREFIX_SIZE = CryptoFormat.NON_RAW_PREFIX_SIZE;
/**
* Tink starts with 1 and is followed by 4-byte key id.
* @const @static {number}
*/
CryptoFormat.TINK_START_BYTE = 0x01;
/**
* Raw prefix should have length 0.
* @const @static {number}
*/
CryptoFormat.RAW_PREFIX_SIZE = 0;
/**
* Raw prefix is empty Uint8Array.
* @const @static
* @type {!Uint8Array}
*/
CryptoFormat.RAW_PREFIX = new Uint8Array(0);
goog.exportSymbol('tink.CryptoFormat', CryptoFormat);
exports = CryptoFormat;