diff options
author | wconner <wconner@google.com> | 2023-05-12 09:50:16 -0700 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2023-05-12 09:51:49 -0700 |
commit | efbb99574361c91851e828644545d5578d5c619a (patch) | |
tree | 491fcc8731424dedb0964cc6c01c019de9a330b1 /cc/aead | |
parent | 60c8ca7f5e602cd58229a72ee802441ab891faa9 (diff) | |
download | tink-efbb99574361c91851e828644545d5578d5c619a.tar.gz |
Add AEAD parameters and key types to C++ library.
PiperOrigin-RevId: 531532517
Diffstat (limited to 'cc/aead')
-rw-r--r-- | cc/aead/BUILD.bazel | 17 | ||||
-rw-r--r-- | cc/aead/CMakeLists.txt | 39 | ||||
-rw-r--r-- | cc/aead/aead_key.h | 53 | ||||
-rw-r--r-- | cc/aead/aead_parameters.h | 32 |
4 files changed, 130 insertions, 11 deletions
diff --git a/cc/aead/BUILD.bazel b/cc/aead/BUILD.bazel index db654c4e3..7d2813453 100644 --- a/cc/aead/BUILD.bazel +++ b/cc/aead/BUILD.bazel @@ -330,6 +330,23 @@ cc_library( ], ) +cc_library( + name = "aead_key", + hdrs = ["aead_key.h"], + include_prefix = "tink/aead", + deps = [ + ":aead_parameters", + "//:key", + ], +) + +cc_library( + name = "aead_parameters", + hdrs = ["aead_parameters.h"], + include_prefix = "tink/aead", + deps = ["//:parameters"], +) + # tests cc_test( diff --git a/cc/aead/CMakeLists.txt b/cc/aead/CMakeLists.txt index 485cd557f..ce0816181 100644 --- a/cc/aead/CMakeLists.txt +++ b/cc/aead/CMakeLists.txt @@ -308,6 +308,34 @@ tink_cc_library( TESTONLY ) +tink_cc_library( + NAME failing_aead + SRCS + failing_aead.cc + failing_aead.h + DEPS + absl::strings + tink::core::aead + TESTONLY +) + +tink_cc_library( + NAME aead_key + SRCS + aead_key.h + DEPS + tink::aead::aead_parameters + tink::core::key +) + +tink_cc_library( + NAME aead_parameters + SRCS + aead_parameters.h + DEPS + tink::core::parameters +) + # tests tink_cc_test( @@ -616,17 +644,6 @@ tink_cc_test( tink::proto::tink_cc_proto ) -tink_cc_library( - NAME failing_aead - SRCS - failing_aead.cc - failing_aead.h - DEPS - absl::strings - tink::core::aead - TESTONLY -) - tink_cc_test( NAME failing_aead_test SRCS diff --git a/cc/aead/aead_key.h b/cc/aead/aead_key.h new file mode 100644 index 000000000..64f7880b3 --- /dev/null +++ b/cc/aead/aead_key.h @@ -0,0 +1,53 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#ifndef TINK_AEAD_AEAD_KEY_H_ +#define TINK_AEAD_AEAD_KEY_H_ + +#include <string> + +#include "tink/aead/aead_parameters.h" +#include "tink/key.h" + +namespace crypto { +namespace tink { + +// Represents a function to encrypt and decrypt data using authenticated +// encryption with associated data (AEAD). +class AeadKey : public Key { + public: + // Returns the bytes prefixed to every ciphertext generated by this key. + // + // In order to make key rotation more efficient, Tink allows every AEAD key to + // have an associated ciphertext output prefix. When decrypting a ciphertext, + // only keys with a matching prefix have to be tried. + // + // Note that a priori, the output prefix may not be unique in a keyset + // (i.e., different keys in a keyset may have the same prefix or one prefix + // may be a prefix of another). To avoid this, built-in Tink keys use the + // convention that the prefix is either '0x00<big endian key id>' or + // '0x01<big endian key id>'. + virtual std::string GetOutputPrefix() const = 0; + + const AeadParameters& GetParameters() const override = 0; + + bool operator==(const Key& other) const override = 0; +}; + +} // namespace tink +} // namespace crypto + +#endif // TINK_AEAD_AEAD_KEY_H_ diff --git a/cc/aead/aead_parameters.h b/cc/aead/aead_parameters.h new file mode 100644 index 000000000..dc5caadbf --- /dev/null +++ b/cc/aead/aead_parameters.h @@ -0,0 +1,32 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#ifndef TINK_AEAD_AEAD_PARAMETERS_H_ +#define TINK_AEAD_AEAD_PARAMETERS_H_ + +#include "tink/parameters.h" + +namespace crypto { +namespace tink { + +// Describes an `AeadKey` (e.g., key attributes), excluding the randomly chosen +// key material. +class AeadParameters : public Parameters {}; + +} // namespace tink +} // namespace crypto + +#endif // TINK_AEAD_AEAD_PARAMETERS_H_ |