Age | Commit message (Collapse) | Author |
|
Also, added utility methods for determining HPKE key lengths from KEM id.
PiperOrigin-RevId: 551532702
|
|
the new tests.
PiperOrigin-RevId: 551486832
|
|
PiperOrigin-RevId: 551218413
|
|
PiperOrigin-RevId: 551182852
|
|
PiperOrigin-RevId: 551117542
|
|
private key.
PiperOrigin-RevId: 550921147
|
|
This function uses the new Parameters instead of the old proto KeyTemplates.
PiperOrigin-RevId: 550614620
|
|
PiperOrigin-RevId: 550503544
|
|
PiperOrigin-RevId: 549938077
|
|
taking a Parameters object.
The call to "create" will be deprecated. Note: if a user calls e.g. AesGcmKeyManager.aes128GcmTemplate() without registering the proto serialization, before this CL, it was possible to get the serialized version. After this CL, this will break.
I don't think this should be an issue since users basically always register everything anyhow.
PiperOrigin-RevId: 549932301
|
|
PiperOrigin-RevId: 549927290
|
|
PiperOrigin-RevId: 549884443
|
|
taking a Parameters object.
The call to "create" will be deprecated. Note: if a user calls e.g. AesGcmKeyManager.aes128GcmTemplate() without registering the proto serialization, before this CL, it was possible to get the serialized version. After this CL, this will break.
I don't think this should be an issue since users basically always register everything anyhow.
PiperOrigin-RevId: 549859554
|
|
PiperOrigin-RevId: 549657384
|
|
NIST curves and one for X25519
PiperOrigin-RevId: 549613138
|
|
PiperOrigin-RevId: 549607483
|
|
demand.
This means registration of the respective serializer/parser can be done later. Users might save the object, and then later use it in e.g. Keysethandle.generateNew() and only have the serializer register at the later point. Hence we do it like this.
Unfortunately, this means that we may have to throw a TinkBugException (or something else which is unchecked) since the APIs do not throw anything. Within Google nobody called these APIs outside of Tink, so I am relatively sure that this is no problem.
Within Tink, the only remaining usage is in KeysetManager, and I changed things to throw a GeneralSecurityException there.
PiperOrigin-RevId: 549594684
|
|
Registry.getUntypedKeyManager in some tests.
Instead, to verify that the key manager is registered, try to create a key.
Also, remove the initialization test. It doesn't really add any additional value.
PiperOrigin-RevId: 549582726
|
|
PiperOrigin-RevId: 549314771
|
|
the curve is 25519 it must not be set.
PiperOrigin-RevId: 549304481
|
|
some tests.
Instead, to verify that the key manager is registered, try to create a key.
Also, remove the initialization test. It doesn't really add any additional value.
PiperOrigin-RevId: 549278449
|
|
PiperOrigin-RevId: 549266939
|
|
a keymanager that is internal.
PiperOrigin-RevId: 548968754
|
|
the future.
PiperOrigin-RevId: 548076147
|
|
some tests.
Instead, to verify that the key manager is registered, try to create a key.
Also, remove the initialization test. It doesn't really add any additional value.
PiperOrigin-RevId: 547475050
|
|
PiperOrigin-RevId: 547449244
|
|
This isn't needed anymore -- we now fully support Parameters. Also, this was never in a release, so I'm sure that it's never used. Note that even if a user uses it, they can just replace
KeyTemplate keyDerivationTemplate =
KeyDerivationKeyTemplates.createPrfBasedKeyTemplate(a, b);
with
PrfBasedKeyDerivationParameters.builder()
.setPrfParameters((PrfParameters) a.toParameters())
.setDerivedKeyParameters(b.toParameters())
.build();
(Typically, one doesn't need to convert it into a KeyTemplate -- if one does, one can just call KeyTemplate.fromProto()).
PiperOrigin-RevId: 547406999
|
|
generation succeeds.
This is a bit more accurate, but has the disadvantage of being potentially slower. Anyhow, i want to change the template functions to not return these pairs (output_prefix, format) anymore, so we need to change this.
PiperOrigin-RevId: 547128537
|
|
the key generation succeeds.
This is a bit more accurate, but has the disadvantage of being potentially slower. Anyhow, i want to change the template functions to not return these pairs (output_prefix, format) anymore, so we need to change this.
PiperOrigin-RevId: 546854974
|
|
generation succeeds.
This is a bit more accurate, but has the disadvantage of being potentially slower. Anyhow, i want to change the template functions to not return these pairs (output_prefix, format) anymore, so we need to change this.
PiperOrigin-RevId: 546832073
|
|
This allows to compare two keysets, which is useful when one wants to have a guarantee that the two keysets are equal (for example, if one gets one from a KMS and the other from disk, but wants no change).
#tinkPublicApiChange
PiperOrigin-RevId: 546812109
|
|
succeeds.
This is a bit more accurate, but has the disadvantage of being potentially slower. Anyhow, i want to change the template functions to not return these pairs (output_prefix, format) anymore, so we need to change this.
PiperOrigin-RevId: 546806101
|
|
Note: in the KeyDerivationKeyTemplatesTest we need to remove the "LEGACY" test case since when deserializaing this and serializing it again it may change to "CRUNCHY".
PiperOrigin-RevId: 546274713
|
|
PiperOrigin-RevId: 546265787
|
|
some tests.
Instead, to verify that the key manager is registered, try to create a key.
Also, remove the initialization test. It doesn't really add any additional value.
PiperOrigin-RevId: 546012816
|
|
This method will be deprecated/removed.
PiperOrigin-RevId: 545928847
|
|
PiperOrigin-RevId: 545702188
|
|
PiperOrigin-RevId: 545634490
|
|
PiperOrigin-RevId: 545631681
|
|
PiperOrigin-RevId: 545623249
|
|
Also, we want to provide an additional internal function "validateUsesConscrypt" that lets us enforce to only use Conscrypt to generate randomness. For this, we move the "Random" class to internal, and add this function. The subtle class forwards calls to the internal class.
PiperOrigin-RevId: 545581282
|
|
PiperOrigin-RevId: 545437494
|
|
This will be called from the keymanager which is internal. Hence it has to be internal.
PiperOrigin-RevId: 545244314
|
|
PiperOrigin-RevId: 545208958
|
|
JwtRsaSsaPkcs1SignKeyManagerTest
PiperOrigin-RevId: 545208784
|
|
The only thing which one should call on KeyTemplate.java objects is "toParameters".
PiperOrigin-RevId: 545200541
|
|
PiperOrigin-RevId: 544367537
|
|
now-unnecessary setup in the corresponding test.
PiperOrigin-RevId: 544356043
|
|
PiperOrigin-RevId: 544084013
|
|
PiperOrigin-RevId: 544080099
|