From b3ccf388b00041c910449d34e882bb2cfee73dcf Mon Sep 17 00:00:00 2001 From: tholenst Date: Fri, 21 Jul 2023 00:22:31 -0700 Subject: Replace some calls to "KeyTemplate.create" with "KeyTemplate.createFrom", taking a Parameters object. The call to "create" will be deprecated. Note: if a user calls e.g. AesGcmKeyManager.aes128GcmTemplate() without registering the proto serialization, before this CL, it was possible to get the serialized version. After this CL, this will break. I don't think this should be an issue since users basically always register everything anyhow. PiperOrigin-RevId: 549859554 --- .../crypto/tink/aead/AesCtrHmacAeadKeyManager.java | 40 +++++++++------ .../google/crypto/tink/aead/AesEaxKeyManager.java | 57 ++++++++++++++-------- .../google/crypto/tink/aead/AesGcmKeyManager.java | 53 ++++++++++++++------ .../java/com/google/crypto/tink/aead/BUILD.bazel | 12 +++++ .../com/google/crypto/tink/internal/BUILD.bazel | 1 + .../internal/KeyTemplateProtoConverterTest.java | 6 +++ 6 files changed, 119 insertions(+), 50 deletions(-) diff --git a/java_src/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java b/java_src/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java index 6c0b39389..c7f32fa6f 100644 --- a/java_src/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java +++ b/java_src/src/main/java/com/google/crypto/tink/aead/AesCtrHmacAeadKeyManager.java @@ -16,6 +16,8 @@ package com.google.crypto.tink.aead; +import static com.google.crypto.tink.internal.TinkBugException.exceptionIsBug; + import com.google.crypto.tink.Aead; import com.google.crypto.tink.KeyTemplate; import com.google.crypto.tink.Mac; @@ -202,7 +204,17 @@ public final class AesCtrHmacAeadKeyManager extends KeyTypeManager */ public static final KeyTemplate aes128CtrHmacSha256Template() { - return createKeyTemplate(16, 16, 32, 16, HashType.SHA256); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesCtrHmacAeadParameters.builder() + .setAesKeySizeBytes(16) + .setHmacKeySizeBytes(32) + .setTagSizeBytes(16) + .setIvSizeBytes(16) + .setHashType(AesCtrHmacAeadParameters.HashType.SHA256) + .setVariant(AesCtrHmacAeadParameters.Variant.TINK) + .build())); } /** @@ -217,21 +229,17 @@ public final class AesCtrHmacAeadKeyManager extends KeyTypeManager */ public static final KeyTemplate aes256CtrHmacSha256Template() { - return createKeyTemplate(32, 16, 32, 32, HashType.SHA256); - } - - /** - * @return a {@link KeyTemplate} containing a {@link AesCtrHmacAeadKeyFormat} with some specific - * parameters. - */ - private static KeyTemplate createKeyTemplate( - int aesKeySize, int ivSize, int hmacKeySize, int tagSize, HashType hashType) { - AesCtrHmacAeadKeyFormat format = - createKeyFormat(aesKeySize, ivSize, hmacKeySize, tagSize, hashType); - return KeyTemplate.create( - new AesCtrHmacAeadKeyManager().getKeyType(), - format.toByteArray(), - KeyTemplate.OutputPrefixType.TINK); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesCtrHmacAeadParameters.builder() + .setAesKeySizeBytes(32) + .setHmacKeySizeBytes(32) + .setTagSizeBytes(32) + .setIvSizeBytes(16) + .setHashType(AesCtrHmacAeadParameters.HashType.SHA256) + .setVariant(AesCtrHmacAeadParameters.Variant.TINK) + .build())); } private static KeyFactory.KeyFormat createKeyFormat( diff --git a/java_src/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java b/java_src/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java index b85206aa3..294891267 100644 --- a/java_src/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java +++ b/java_src/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java @@ -16,6 +16,8 @@ package com.google.crypto.tink.aead; +import static com.google.crypto.tink.internal.TinkBugException.exceptionIsBug; + import com.google.crypto.tink.Aead; import com.google.crypto.tink.KeyTemplate; import com.google.crypto.tink.Registry; @@ -139,7 +141,15 @@ public final class AesEaxKeyManager extends KeyTypeManager { * */ public static final KeyTemplate aes128EaxTemplate() { - return createKeyTemplate(16, 16, KeyTemplate.OutputPrefixType.TINK); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesEaxParameters.builder() + .setKeySizeBytes(16) + .setIvSizeBytes(16) + .setTagSizeBytes(16) + .setVariant(AesEaxParameters.Variant.TINK) + .build())); } /** @@ -152,7 +162,15 @@ public final class AesEaxKeyManager extends KeyTypeManager { * */ public static final KeyTemplate rawAes128EaxTemplate() { - return createKeyTemplate(16, 16, KeyTemplate.OutputPrefixType.RAW); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesEaxParameters.builder() + .setKeySizeBytes(16) + .setIvSizeBytes(16) + .setTagSizeBytes(16) + .setVariant(AesEaxParameters.Variant.NO_PREFIX) + .build())); } /** @@ -165,7 +183,15 @@ public final class AesEaxKeyManager extends KeyTypeManager { * */ public static final KeyTemplate aes256EaxTemplate() { - return createKeyTemplate(32, 16, KeyTemplate.OutputPrefixType.TINK); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesEaxParameters.builder() + .setKeySizeBytes(32) + .setIvSizeBytes(16) + .setTagSizeBytes(16) + .setVariant(AesEaxParameters.Variant.TINK) + .build())); } /** @@ -178,22 +204,15 @@ public final class AesEaxKeyManager extends KeyTypeManager { * */ public static final KeyTemplate rawAes256EaxTemplate() { - return createKeyTemplate(32, 16, KeyTemplate.OutputPrefixType.RAW); - } - - /** - * @return a {@link KeyTemplate} containing a {@link AesEaxKeyFormat} with some specified - * parameters. - */ - private static KeyTemplate createKeyTemplate( - int keySize, int ivSize, KeyTemplate.OutputPrefixType prefixType) { - AesEaxKeyFormat format = - AesEaxKeyFormat.newBuilder() - .setKeySize(keySize) - .setParams(AesEaxParams.newBuilder().setIvSize(ivSize).build()) - .build(); - return KeyTemplate.create( - new AesEaxKeyManager().getKeyType(), format.toByteArray(), prefixType); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesEaxParameters.builder() + .setKeySizeBytes(32) + .setIvSizeBytes(16) + .setTagSizeBytes(16) + .setVariant(AesEaxParameters.Variant.NO_PREFIX) + .build())); } private static KeyFactory.KeyFormat createKeyFormat( diff --git a/java_src/src/main/java/com/google/crypto/tink/aead/AesGcmKeyManager.java b/java_src/src/main/java/com/google/crypto/tink/aead/AesGcmKeyManager.java index e1ff14cf7..11c3dd380 100644 --- a/java_src/src/main/java/com/google/crypto/tink/aead/AesGcmKeyManager.java +++ b/java_src/src/main/java/com/google/crypto/tink/aead/AesGcmKeyManager.java @@ -16,6 +16,8 @@ package com.google.crypto.tink.aead; +import static com.google.crypto.tink.internal.TinkBugException.exceptionIsBug; + import com.google.crypto.tink.Aead; import com.google.crypto.tink.KeyTemplate; import com.google.crypto.tink.Registry; @@ -149,7 +151,15 @@ public final class AesGcmKeyManager extends KeyTypeManager { * in older versions. */ public static final KeyTemplate aes128GcmTemplate() { - return createKeyTemplate(16, KeyTemplate.OutputPrefixType.TINK); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesGcmParameters.builder() + .setKeySizeBytes(16) + .setIvSizeBytes(12) + .setTagSizeBytes(16) + .setVariant(AesGcmParameters.Variant.TINK) + .build())); } /** @@ -166,7 +176,15 @@ public final class AesGcmKeyManager extends KeyTypeManager { * in older versions. */ public static final KeyTemplate rawAes128GcmTemplate() { - return createKeyTemplate(16, KeyTemplate.OutputPrefixType.RAW); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesGcmParameters.builder() + .setKeySizeBytes(16) + .setIvSizeBytes(12) + .setTagSizeBytes(16) + .setVariant(AesGcmParameters.Variant.NO_PREFIX) + .build())); } /** @@ -181,7 +199,15 @@ public final class AesGcmKeyManager extends KeyTypeManager { * in older versions. */ public static final KeyTemplate aes256GcmTemplate() { - return createKeyTemplate(32, KeyTemplate.OutputPrefixType.TINK); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesGcmParameters.builder() + .setKeySizeBytes(32) + .setIvSizeBytes(12) + .setTagSizeBytes(16) + .setVariant(AesGcmParameters.Variant.TINK) + .build())); } /** @@ -198,18 +224,15 @@ public final class AesGcmKeyManager extends KeyTypeManager { * in older versions. */ public static final KeyTemplate rawAes256GcmTemplate() { - return createKeyTemplate(32, KeyTemplate.OutputPrefixType.RAW); - } - - /** - * @return a {@link KeyTemplate} containing a {@link AesGcmKeyFormat} with some specified - * parameters. - */ - private static KeyTemplate createKeyTemplate( - int keySize, KeyTemplate.OutputPrefixType prefixType) { - AesGcmKeyFormat format = AesGcmKeyFormat.newBuilder().setKeySize(keySize).build(); - return KeyTemplate.create( - new AesGcmKeyManager().getKeyType(), format.toByteArray(), prefixType); + return exceptionIsBug( + () -> + KeyTemplate.createFrom( + AesGcmParameters.builder() + .setKeySizeBytes(32) + .setIvSizeBytes(12) + .setTagSizeBytes(16) + .setVariant(AesGcmParameters.Variant.NO_PREFIX) + .build())); } private static KeyFactory.KeyFormat createKeyFormat( diff --git a/java_src/src/main/java/com/google/crypto/tink/aead/BUILD.bazel b/java_src/src/main/java/com/google/crypto/tink/aead/BUILD.bazel index e59dbe6e8..60d69113c 100644 --- a/java_src/src/main/java/com/google/crypto/tink/aead/BUILD.bazel +++ b/java_src/src/main/java/com/google/crypto/tink/aead/BUILD.bazel @@ -8,6 +8,7 @@ java_library( name = "aes_gcm_key_manager", srcs = ["AesGcmKeyManager.java"], deps = [ + ":aes_gcm_parameters", ":aes_gcm_proto_serialization", "//proto:aes_gcm_java_proto", "//proto:tink_java_proto", @@ -17,6 +18,7 @@ java_library( "//src/main/java/com/google/crypto/tink/config/internal:tink_fips_util", "//src/main/java/com/google/crypto/tink/internal:key_type_manager", "//src/main/java/com/google/crypto/tink/internal:primitive_factory", + "//src/main/java/com/google/crypto/tink/internal:tink_bug_exception", "//src/main/java/com/google/crypto/tink/subtle:aes_gcm_jce", "//src/main/java/com/google/crypto/tink/subtle:random", "//src/main/java/com/google/crypto/tink/subtle:validators", @@ -70,6 +72,7 @@ java_library( name = "aes_ctr_hmac_aead_key_manager", srcs = ["AesCtrHmacAeadKeyManager.java"], deps = [ + ":aes_ctr_hmac_aead_parameters", ":aes_ctr_hmac_aead_proto_serialization", ":aes_ctr_key_manager", "//proto:aes_ctr_hmac_aead_java_proto", @@ -84,6 +87,7 @@ java_library( "//src/main/java/com/google/crypto/tink/config/internal:tink_fips_util", "//src/main/java/com/google/crypto/tink/internal:key_type_manager", "//src/main/java/com/google/crypto/tink/internal:primitive_factory", + "//src/main/java/com/google/crypto/tink/internal:tink_bug_exception", "//src/main/java/com/google/crypto/tink/mac:hmac_key_manager", "//src/main/java/com/google/crypto/tink/subtle:encrypt_then_authenticate", "//src/main/java/com/google/crypto/tink/subtle:ind_cpa_cipher", @@ -226,6 +230,7 @@ java_library( name = "aes_eax_key_manager", srcs = ["AesEaxKeyManager.java"], deps = [ + ":aes_eax_parameters", ":aes_eax_proto_serialization", "//proto:aes_eax_java_proto", "//proto:tink_java_proto", @@ -234,6 +239,7 @@ java_library( "//src/main/java/com/google/crypto/tink:registry", "//src/main/java/com/google/crypto/tink/internal:key_type_manager", "//src/main/java/com/google/crypto/tink/internal:primitive_factory", + "//src/main/java/com/google/crypto/tink/internal:tink_bug_exception", "//src/main/java/com/google/crypto/tink/subtle:aes_eax_jce", "//src/main/java/com/google/crypto/tink/subtle:random", "//src/main/java/com/google/crypto/tink/subtle:validators", @@ -438,6 +444,7 @@ android_library( name = "aes_gcm_key_manager-android", srcs = ["AesGcmKeyManager.java"], deps = [ + ":aes_gcm_parameters-android", ":aes_gcm_proto_serialization-android", "//proto:aes_gcm_java_proto_lite", "//proto:tink_java_proto_lite", @@ -447,6 +454,7 @@ android_library( "//src/main/java/com/google/crypto/tink/config/internal:tink_fips_util-android", "//src/main/java/com/google/crypto/tink/internal:key_type_manager-android", "//src/main/java/com/google/crypto/tink/internal:primitive_factory-android", + "//src/main/java/com/google/crypto/tink/internal:tink_bug_exception-android", "//src/main/java/com/google/crypto/tink/subtle:aes_gcm_jce-android", "//src/main/java/com/google/crypto/tink/subtle:random-android", "//src/main/java/com/google/crypto/tink/subtle:validators-android", @@ -500,6 +508,7 @@ android_library( name = "aes_ctr_hmac_aead_key_manager-android", srcs = ["AesCtrHmacAeadKeyManager.java"], deps = [ + ":aes_ctr_hmac_aead_parameters-android", ":aes_ctr_hmac_aead_proto_serialization-android", ":aes_ctr_key_manager-android", "//proto:aes_ctr_hmac_aead_java_proto_lite", @@ -514,6 +523,7 @@ android_library( "//src/main/java/com/google/crypto/tink/config/internal:tink_fips_util-android", "//src/main/java/com/google/crypto/tink/internal:key_type_manager-android", "//src/main/java/com/google/crypto/tink/internal:primitive_factory-android", + "//src/main/java/com/google/crypto/tink/internal:tink_bug_exception-android", "//src/main/java/com/google/crypto/tink/mac:hmac_key_manager-android", "//src/main/java/com/google/crypto/tink/subtle:encrypt_then_authenticate-android", "//src/main/java/com/google/crypto/tink/subtle:ind_cpa_cipher-android", @@ -656,6 +666,7 @@ android_library( name = "aes_eax_key_manager-android", srcs = ["AesEaxKeyManager.java"], deps = [ + ":aes_eax_parameters-android", ":aes_eax_proto_serialization-android", "//proto:aes_eax_java_proto_lite", "//proto:tink_java_proto_lite", @@ -664,6 +675,7 @@ android_library( "//src/main/java/com/google/crypto/tink:registry-android", "//src/main/java/com/google/crypto/tink/internal:key_type_manager-android", "//src/main/java/com/google/crypto/tink/internal:primitive_factory-android", + "//src/main/java/com/google/crypto/tink/internal:tink_bug_exception-android", "//src/main/java/com/google/crypto/tink/subtle:aes_eax_jce-android", "//src/main/java/com/google/crypto/tink/subtle:random-android", "//src/main/java/com/google/crypto/tink/subtle:validators-android", diff --git a/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel b/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel index 5f6b30d6c..baca21c84 100644 --- a/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel +++ b/java_src/src/test/java/com/google/crypto/tink/internal/BUILD.bazel @@ -9,6 +9,7 @@ java_test( deps = [ "//proto:tink_java_proto", "//src/main/java/com/google/crypto/tink:key_template", + "//src/main/java/com/google/crypto/tink/aead:aead_config", "//src/main/java/com/google/crypto/tink/aead:aes_gcm_key_manager", "//src/main/java/com/google/crypto/tink/internal:key_template_proto_converter", "@maven//:com_google_protobuf_protobuf_java", diff --git a/java_src/src/test/java/com/google/crypto/tink/internal/KeyTemplateProtoConverterTest.java b/java_src/src/test/java/com/google/crypto/tink/internal/KeyTemplateProtoConverterTest.java index ffdd2e680..1c2d5f196 100644 --- a/java_src/src/test/java/com/google/crypto/tink/internal/KeyTemplateProtoConverterTest.java +++ b/java_src/src/test/java/com/google/crypto/tink/internal/KeyTemplateProtoConverterTest.java @@ -21,10 +21,12 @@ import static java.nio.charset.StandardCharsets.UTF_8; import static org.junit.Assert.assertThrows; import com.google.crypto.tink.KeyTemplate; +import com.google.crypto.tink.aead.AeadConfig; import com.google.crypto.tink.aead.AesGcmKeyManager; import com.google.crypto.tink.proto.OutputPrefixType; import com.google.protobuf.ExtensionRegistryLite; import java.security.GeneralSecurityException; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; @@ -32,6 +34,10 @@ import org.junit.runners.JUnit4; /** Tests KeyTemplateProtoConverter. */ @RunWith(JUnit4.class) public final class KeyTemplateProtoConverterTest { + @BeforeClass + public static void register() throws Exception { + AeadConfig.register(); + } @Test public void toByteArrayFromByteArray_sameValues() throws Exception { -- cgit v1.2.3