Copy disabled (too large)
Download .txt
Showing preview only (14,655K chars total). Download the full file to get everything.
Repository: tink-crypto/tink-go
Branch: main
Commit: 93b2377d2215
Files: 767
Total size: 13.8 MB
Directory structure:
gitextract_d7r2arib/
├── LICENSE
├── README.md
├── aead/
│ ├── aead.go
│ ├── aead_benchmark_test.go
│ ├── aead_factory.go
│ ├── aead_factory_test.go
│ ├── aead_init_test.go
│ ├── aead_key_templates.go
│ ├── aead_key_templates_test.go
│ ├── aead_test.go
│ ├── aesctrhmac/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesctrhmac.go
│ │ ├── aesctrhmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_parameters.go
│ │ ├── key_parameters_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── aesgcm/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesgcm.go
│ │ ├── aesgcm_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── aesgcmsiv/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesgcmsiv.go
│ │ ├── aesgcmsiv_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── chacha20poly1305/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── chacha20poly1305.go
│ │ ├── chacha20poly1305_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── internal/
│ │ └── testutil/
│ │ ├── testutil.go
│ │ └── testutil_test.go
│ ├── kms_envelope_aead.go
│ ├── kms_envelope_aead_example_test.go
│ ├── kms_envelope_aead_key_manager.go
│ ├── kms_envelope_aead_key_manager_test.go
│ ├── kms_envelope_aead_test.go
│ ├── subtle/
│ │ ├── aes_ctr.go
│ │ ├── aes_ctr_test.go
│ │ ├── aes_gcm.go
│ │ ├── aes_gcm_siv.go
│ │ ├── aes_gcm_siv_test.go
│ │ ├── aes_gcm_test.go
│ │ ├── chacha20poly1305.go
│ │ ├── chacha20poly1305_test.go
│ │ ├── chacha20poly1305_vectors_test.go
│ │ ├── encrypt_then_authenticate.go
│ │ ├── encrypt_then_authenticate_test.go
│ │ ├── ind_cpa.go
│ │ ├── polyval.go
│ │ ├── polyval_test.go
│ │ ├── subtle.go
│ │ ├── subtle_test.go
│ │ ├── xchacha20poly1305.go
│ │ ├── xchacha20poly1305_test.go
│ │ └── xchacha20poly1305_vectors_test.go
│ ├── xaesgcm/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── xaesgcm.go
│ │ └── xaesgcm_test.go
│ └── xchacha20poly1305/
│ ├── aead.go
│ ├── aead_test.go
│ ├── key.go
│ ├── key_manager_test.go
│ ├── key_test.go
│ ├── protoserialization.go
│ ├── protoserialization_test.go
│ ├── xchacha20poly1305.go
│ └── xchacha20poly1305_test.go
├── core/
│ ├── cryptofmt/
│ │ ├── cryptofmt.go
│ │ └── cryptofmt_test.go
│ └── registry/
│ ├── custom_key_manager_test.go
│ ├── key_manager.go
│ ├── kms_client.go
│ ├── private_key_manager.go
│ ├── registry.go
│ └── registry_test.go
├── daead/
│ ├── aessiv/
│ │ ├── aessiv.go
│ │ ├── aessiv_test.go
│ │ ├── daead.go
│ │ ├── daead_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── daead.go
│ ├── daead_benchmark_test.go
│ ├── daead_factory.go
│ ├── daead_factory_test.go
│ ├── daead_init_test.go
│ ├── daead_key_templates.go
│ ├── daead_key_templates_test.go
│ ├── daead_test.go
│ └── subtle/
│ ├── aes_siv.go
│ └── aes_siv_test.go
├── docs/
│ ├── CONTRIBUTING.md
│ └── SECURITY.md
├── go.mod
├── go.sum
├── hybrid/
│ ├── ecies/
│ │ ├── ecies.go
│ │ ├── ecies_aead_hkdf_hybrid_decrypt_test.go
│ │ ├── ecies_aead_hkdf_hybrid_encrypt_test.go
│ │ ├── ecies_test.go
│ │ ├── hybrid_decrypt.go
│ │ ├── hybrid_encrypt.go
│ │ ├── hybrid_encrypt_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── private_key_manager_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ └── public_key_manager_test.go
│ ├── hpke/
│ │ ├── hpke.go
│ │ ├── hpke_test.go
│ │ ├── hybrid_decrypt.go
│ │ ├── hybrid_encrypt.go
│ │ ├── hybrid_encrypt_decrypt_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── private_key_manager_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ └── public_key_manager_test.go
│ ├── hybrid.go
│ ├── hybrid_benchmark_test.go
│ ├── hybrid_decrypt_factory.go
│ ├── hybrid_encrypt_factory.go
│ ├── hybrid_factory_test.go
│ ├── hybrid_key_templates.go
│ ├── hybrid_key_templates_test.go
│ ├── hybrid_test.go
│ ├── internal/
│ │ ├── ecies/
│ │ │ ├── dem_helper.go
│ │ │ └── dem_helper_test.go
│ │ ├── hpke/
│ │ │ ├── aead.go
│ │ │ ├── aes_gcm_aead.go
│ │ │ ├── aes_gcm_aead_test.go
│ │ │ ├── chacha20poly1305_aead.go
│ │ │ ├── chacha20poly1305_aead_test.go
│ │ │ ├── context.go
│ │ │ ├── context_test.go
│ │ │ ├── decrypt.go
│ │ │ ├── encrypt.go
│ │ │ ├── encrypt_decrypt_test.go
│ │ │ ├── hkdf_kdf.go
│ │ │ ├── hkdf_kdf_test.go
│ │ │ ├── hpke.go
│ │ │ ├── hpke_test.go
│ │ │ ├── kdf.go
│ │ │ ├── kem.go
│ │ │ ├── mlkem_kem.go
│ │ │ ├── mlkem_kem_test.go
│ │ │ ├── nist_curves_kem.go
│ │ │ ├── nist_curves_kem_test.go
│ │ │ ├── primitive_factory.go
│ │ │ ├── primitive_factory_test.go
│ │ │ ├── x25519_kem.go
│ │ │ ├── x25519_kem_test.go
│ │ │ ├── xwing_kem.go
│ │ │ └── xwing_kem_test.go
│ │ └── xwing/
│ │ ├── xwing.go
│ │ └── xwing_test.go
│ └── subtle/
│ ├── ecies_aead_hkdf_dem_helper.go
│ ├── ecies_aead_hkdf_hybrid_decrypt.go
│ ├── ecies_aead_hkdf_hybrid_encrypt.go
│ ├── ecies_hkdf_recipient_kem.go
│ ├── ecies_hkdf_sender_kem.go
│ ├── elliptic_curves.go
│ ├── elliptic_curves_test.go
│ ├── public_key.go
│ ├── public_key_test.go
│ ├── subtle.go
│ └── subtle_test.go
├── insecurecleartextkeyset/
│ ├── example_test.go
│ ├── insecurecleartextkeyset.go
│ └── insecurecleartextkeyset_test.go
├── insecuresecretdataaccess/
│ └── insecuresecretdataaccess.go
├── internal/
│ ├── aead/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesctr.go
│ │ ├── aesctr_test.go
│ │ ├── aesgcm.go
│ │ ├── aesgcm_test.go
│ │ ├── chacha20poly1305.go
│ │ └── chacha20poly1305_test.go
│ ├── config/
│ │ ├── aeadconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── config.go
│ │ ├── config_test.go
│ │ ├── daeadconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── hybridconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── jwtmacconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── jwtsignatureconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── keyderivationconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── macconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── prfconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── signatureconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ └── streamingaeadconfig/
│ │ ├── v0.go
│ │ └── v0_test.go
│ ├── ec/
│ │ ├── ec.go
│ │ └── ec_test.go
│ ├── internal.go
│ ├── internalapi/
│ │ └── token.go
│ ├── internalregistry/
│ │ ├── internal_registry.go
│ │ └── internal_registry_test.go
│ ├── jwk/
│ │ ├── jwk.go
│ │ └── jwk_test.go
│ ├── keygenregistry/
│ │ ├── keygenregistry.go
│ │ └── keygenregistry_test.go
│ ├── legacykeymanager/
│ │ ├── legacykeymanager.go
│ │ └── legacykeymanager_test.go
│ ├── mac/
│ │ ├── aescmac/
│ │ │ ├── aescmac.go
│ │ │ └── aescmac_test.go
│ │ └── hmac/
│ │ ├── hmac.go
│ │ └── hmac_test.go
│ ├── monitoringutil/
│ │ ├── monitoring_util.go
│ │ └── monitoring_util_test.go
│ ├── outputprefix/
│ │ ├── outputprefix.go
│ │ └── outputprefix_test.go
│ ├── prefixmap/
│ │ ├── prefixmap.go
│ │ └── prefixmap_test.go
│ ├── primitiveregistry/
│ │ ├── benchmark_test.go
│ │ ├── primitiveregistry.go
│ │ └── primitiveregistry_test.go
│ ├── primitiveset/
│ │ ├── primitiveset.go
│ │ └── primitiveset_test.go
│ ├── protoserialization/
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── random/
│ │ └── random.go
│ ├── registryconfig/
│ │ ├── legacyprimitive/
│ │ │ └── legacyprimitive.go
│ │ ├── registry_config.go
│ │ └── registry_config_test.go
│ ├── signature/
│ │ ├── compositemldsa/
│ │ │ ├── testing/
│ │ │ │ └── test_vectors.go
│ │ │ ├── util.go
│ │ │ └── util_test.go
│ │ ├── ecdsa/
│ │ │ ├── encoding.go
│ │ │ └── encoding_test.go
│ │ ├── mldsa/
│ │ │ ├── algebra.go
│ │ │ ├── algebra_test.go
│ │ │ ├── cctv_test.go
│ │ │ ├── marshal.go
│ │ │ ├── marshal_test.go
│ │ │ ├── mldsa.go
│ │ │ ├── mldsa_benchmark_test.go
│ │ │ ├── mldsa_test.go
│ │ │ ├── sampling.go
│ │ │ └── sampling_test.go
│ │ ├── rsa.go
│ │ ├── rsa_test.go
│ │ ├── rsassapkcs1_signer.go
│ │ ├── rsassapkcs1_signer_verifier_test.go
│ │ ├── rsassapkcs1_verifier.go
│ │ ├── rsassapss_signer.go
│ │ ├── rsassapss_signer_verifier_test.go
│ │ ├── rsassapss_verifier.go
│ │ ├── signature.go
│ │ └── slhdsa/
│ │ ├── address.go
│ │ ├── address_test.go
│ │ ├── fors.go
│ │ ├── fors_test.go
│ │ ├── hash.go
│ │ ├── hash_test.go
│ │ ├── hypertree.go
│ │ ├── hypertree_test.go
│ │ ├── slhdsa.go
│ │ ├── slhdsa_kat_vectors_test.go
│ │ ├── slhdsa_test.go
│ │ ├── support.go
│ │ ├── support_test.go
│ │ ├── wots.go
│ │ ├── wots_test.go
│ │ ├── xmss.go
│ │ └── xmss_test.go
│ ├── testing/
│ │ ├── aead/
│ │ │ └── aead.go
│ │ ├── stubkeymanager/
│ │ │ ├── stubkeymanager.go
│ │ │ └── stubkeymanager_test.go
│ │ └── wycheproof/
│ │ ├── v1.go
│ │ ├── v1_test.go
│ │ └── wycheproof.go
│ └── tinkerror/
│ ├── doc.go
│ ├── tinkerror.go
│ ├── tinkerror_test.go
│ └── tinkerrortest/
│ ├── doc.go
│ └── tinkerrortest.go
├── jwt/
│ ├── jwk_converter.go
│ ├── jwk_converter_test.go
│ ├── jwt.go
│ ├── jwt_config.go
│ ├── jwt_config_test.go
│ ├── jwt_ecdsa_signer_key_manager_test.go
│ ├── jwt_ecdsa_verifier_key_manager_test.go
│ ├── jwt_encoding.go
│ ├── jwt_encoding_test.go
│ ├── jwt_full_mac.go
│ ├── jwt_full_mac_test.go
│ ├── jwt_full_signer_verifier.go
│ ├── jwt_full_signer_verifier_test.go
│ ├── jwt_hmac_key_manager_test.go
│ ├── jwt_key_templates.go
│ ├── jwt_key_templates_test.go
│ ├── jwt_mac.go
│ ├── jwt_mac_benchmark_test.go
│ ├── jwt_mac_factory.go
│ ├── jwt_mac_factory_test.go
│ ├── jwt_mac_kid.go
│ ├── jwt_mac_kid_test.go
│ ├── jwt_rsa_ssa_pkcs1_signer_key_manager_test.go
│ ├── jwt_rsa_ssa_pkcs1_verifier_key_manager_test.go
│ ├── jwt_rsa_ssa_pss_signer_key_manager_test.go
│ ├── jwt_rsa_ssa_pss_verify_key_manager_test.go
│ ├── jwt_signature_benchmark_test.go
│ ├── jwt_signer.go
│ ├── jwt_signer_factory.go
│ ├── jwt_signer_kid.go
│ ├── jwt_signer_verifier_factory_test.go
│ ├── jwt_signer_verifier_kid_test.go
│ ├── jwt_test.go
│ ├── jwt_validator.go
│ ├── jwt_validator_test.go
│ ├── jwt_verifier.go
│ ├── jwt_verifier_factory.go
│ ├── jwt_verifier_kid.go
│ ├── jwtecdsa/
│ │ ├── jwtecdsa.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── jwthmac/
│ │ ├── jwthmac.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── jwtrsassapkcs1/
│ │ ├── jwtrsassapkcs1.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── jwtrsassapss/
│ │ ├── jwtrsassapss.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── raw_jwt.go
│ ├── raw_jwt_test.go
│ ├── verified_jwt.go
│ └── verified_jwt_test.go
├── key/
│ └── key.go
├── keyderivation/
│ ├── internal/
│ │ ├── keyderiver/
│ │ │ └── key_deriver.go
│ │ ├── keyderivers/
│ │ │ ├── keyderivers.go
│ │ │ └── keyderivers_test.go
│ │ └── streamingprf/
│ │ ├── hkdf_streaming_prf.go
│ │ ├── hkdf_streaming_prf_test.go
│ │ └── streaming_prf.go
│ ├── keyderivation.go
│ ├── keyderivation_example_test.go
│ ├── keyderivation_key_templates.go
│ ├── keyderivation_key_templates_test.go
│ ├── keyderivation_test.go
│ ├── keyset_deriver.go
│ ├── keyset_deriver_factory.go
│ ├── keyset_deriver_factory_test.go
│ ├── keyset_deriver_factory_x_test.go
│ └── prfbasedkeyderivation/
│ ├── key.go
│ ├── key_manager.go
│ ├── key_manager_test.go
│ ├── key_test.go
│ ├── keyderiver.go
│ ├── keyderiver_test.go
│ ├── parameters.go
│ ├── parameters_test.go
│ ├── prfbasedkeyderivation.go
│ ├── prfbasedkeyderivation_test.go
│ ├── protoserialization.go
│ └── protoserialization_test.go
├── keyset/
│ ├── binary_io.go
│ ├── binary_io_test.go
│ ├── handle.go
│ ├── handle_test.go
│ ├── json_io.go
│ ├── json_io_test.go
│ ├── keyset.go
│ ├── keyset_benchmark_test.go
│ ├── keyset_test.go
│ ├── manager.go
│ ├── manager_test.go
│ ├── mem_io.go
│ ├── mem_io_test.go
│ ├── option.go
│ ├── reader.go
│ ├── validation.go
│ ├── validation_test.go
│ └── writer.go
├── kokoro/
│ ├── create_github_release_branch.sh
│ ├── create_github_release_tag.sh
│ ├── gcp_ubuntu/
│ │ └── gomod/
│ │ └── run_tests.sh
│ ├── macos_external/
│ │ └── gomod/
│ │ └── run_tests.sh
│ └── testutils/
│ ├── check_go_generated_files_up_to_date.sh
│ ├── docker_execute.sh
│ ├── github_release_util.sh
│ ├── github_release_util_test.sh
│ ├── go_test_container_images.sh
│ ├── install_go.sh
│ └── test_utils.sh
├── kwp/
│ └── subtle/
│ ├── kwp.go
│ └── kwp_test.go
├── mac/
│ ├── aescmac/
│ │ ├── aescmac.go
│ │ ├── aescmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── mac.go
│ │ ├── mac_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── hmac/
│ │ ├── hmac.go
│ │ ├── hmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── mac.go
│ │ ├── mac_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── internal/
│ │ └── mactest/
│ │ ├── mactest.go
│ │ └── mactest_test.go
│ ├── mac.go
│ ├── mac_benchmark_test.go
│ ├── mac_factory.go
│ ├── mac_factory_test.go
│ ├── mac_init_test.go
│ ├── mac_key_templates.go
│ ├── mac_key_templates_test.go
│ ├── mac_test.go
│ └── subtle/
│ ├── cmac.go
│ ├── cmac_test.go
│ ├── hmac.go
│ └── hmac_test.go
├── monitoring/
│ └── monitoring.go
├── prf/
│ ├── aescmacprf/
│ │ ├── aescmacprf.go
│ │ ├── aescmacprf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── hkdfprf/
│ │ ├── hkdfprf.go
│ │ ├── hkdfprf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── hmacprf/
│ │ ├── hmacprf.go
│ │ ├── hmacprf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── prf_benchmark_test.go
│ ├── prf_key_templates.go
│ ├── prf_key_templates_test.go
│ ├── prf_set.go
│ ├── prf_set_factory.go
│ ├── prf_set_factory_test.go
│ ├── prf_test.go
│ └── subtle/
│ ├── aes_cmac.go
│ ├── aes_cmac_test.go
│ ├── hkdf.go
│ ├── hkdf_test.go
│ ├── hmac.go
│ ├── hmac_test.go
│ ├── subtle.go
│ └── subtle_test.go
├── proto/
│ ├── aes_cmac.proto
│ ├── aes_cmac_go_proto/
│ │ └── aes_cmac.pb.go
│ ├── aes_cmac_prf.proto
│ ├── aes_cmac_prf_go_proto/
│ │ └── aes_cmac_prf.pb.go
│ ├── aes_ctr.proto
│ ├── aes_ctr_go_proto/
│ │ └── aes_ctr.pb.go
│ ├── aes_ctr_hmac_aead.proto
│ ├── aes_ctr_hmac_aead_go_proto/
│ │ └── aes_ctr_hmac_aead.pb.go
│ ├── aes_ctr_hmac_streaming.proto
│ ├── aes_ctr_hmac_streaming_go_proto/
│ │ └── aes_ctr_hmac_streaming.pb.go
│ ├── aes_eax.proto
│ ├── aes_eax_go_proto/
│ │ └── aes_eax.pb.go
│ ├── aes_gcm.proto
│ ├── aes_gcm_go_proto/
│ │ └── aes_gcm.pb.go
│ ├── aes_gcm_hkdf_streaming.proto
│ ├── aes_gcm_hkdf_streaming_go_proto/
│ │ └── aes_gcm_hkdf_streaming.pb.go
│ ├── aes_gcm_siv.proto
│ ├── aes_gcm_siv_go_proto/
│ │ └── aes_gcm_siv.pb.go
│ ├── aes_siv.proto
│ ├── aes_siv_go_proto/
│ │ └── aes_siv.pb.go
│ ├── chacha20_poly1305.proto
│ ├── chacha20_poly1305_go_proto/
│ │ └── chacha20_poly1305.pb.go
│ ├── common.proto
│ ├── common_go_proto/
│ │ └── common.pb.go
│ ├── composite_ml_dsa.proto
│ ├── composite_ml_dsa_go_proto/
│ │ └── composite_ml_dsa.pb.go
│ ├── config.proto
│ ├── config_go_proto/
│ │ └── config.pb.go
│ ├── ecdsa.proto
│ ├── ecdsa_go_proto/
│ │ └── ecdsa.pb.go
│ ├── ecies_aead_hkdf.proto
│ ├── ecies_aead_hkdf_go_proto/
│ │ └── ecies_aead_hkdf.pb.go
│ ├── ed25519.proto
│ ├── ed25519_go_proto/
│ │ └── ed25519.pb.go
│ ├── empty.proto
│ ├── empty_go_proto/
│ │ └── empty.pb.go
│ ├── hkdf_prf.proto
│ ├── hkdf_prf_go_proto/
│ │ └── hkdf_prf.pb.go
│ ├── hmac.proto
│ ├── hmac_go_proto/
│ │ └── hmac.pb.go
│ ├── hmac_prf.proto
│ ├── hmac_prf_go_proto/
│ │ └── hmac_prf.pb.go
│ ├── hpke.proto
│ ├── hpke_go_proto/
│ │ └── hpke.pb.go
│ ├── jwt_ecdsa.proto
│ ├── jwt_ecdsa_go_proto/
│ │ └── jwt_ecdsa.pb.go
│ ├── jwt_hmac.proto
│ ├── jwt_hmac_go_proto/
│ │ └── jwt_hmac.pb.go
│ ├── jwt_rsa_ssa_pkcs1.proto
│ ├── jwt_rsa_ssa_pkcs1_go_proto/
│ │ └── jwt_rsa_ssa_pkcs1.pb.go
│ ├── jwt_rsa_ssa_pss.proto
│ ├── jwt_rsa_ssa_pss_go_proto/
│ │ └── jwt_rsa_ssa_pss.pb.go
│ ├── kms_aead.proto
│ ├── kms_aead_go_proto/
│ │ └── kms_aead.pb.go
│ ├── kms_envelope.proto
│ ├── kms_envelope_go_proto/
│ │ └── kms_envelope.pb.go
│ ├── ml_dsa.proto
│ ├── ml_dsa_go_proto/
│ │ └── ml_dsa.pb.go
│ ├── prf_based_deriver.proto
│ ├── prf_based_deriver_go_proto/
│ │ └── prf_based_deriver.pb.go
│ ├── rsa_ssa_pkcs1.proto
│ ├── rsa_ssa_pkcs1_go_proto/
│ │ └── rsa_ssa_pkcs1.pb.go
│ ├── rsa_ssa_pss.proto
│ ├── rsa_ssa_pss_go_proto/
│ │ └── rsa_ssa_pss.pb.go
│ ├── slh_dsa.proto
│ ├── slh_dsa_go_proto/
│ │ └── slh_dsa.pb.go
│ ├── tink.proto
│ ├── tink_go_proto/
│ │ └── tink.pb.go
│ ├── x_aes_gcm.proto
│ ├── x_aes_gcm_go_proto/
│ │ └── x_aes_gcm.pb.go
│ ├── xchacha20_poly1305.proto
│ └── xchacha20_poly1305_go_proto/
│ └── xchacha20_poly1305.pb.go
├── secretdata/
│ ├── example_test.go
│ ├── secretdata.go
│ └── secretdata_test.go
├── signature/
│ ├── compositemldsa/
│ │ ├── compositemldsa.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_verifier_test.go
│ │ └── verifier.go
│ ├── ecdsa/
│ │ ├── ecdsa.go
│ │ ├── ecdsa_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── proto.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── ed25519/
│ │ ├── ed25519.go
│ │ ├── ed25519_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── mldsa/
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── mldsa.go
│ │ ├── mldsa_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── rsassapkcs1/
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── rsassapkcs1.go
│ │ ├── rsassapkcs1_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── rsassapss/
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── rsassapss.go
│ │ ├── rsassapss_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── signature.go
│ ├── signature_benchmark_test.go
│ ├── signature_factory_test.go
│ ├── signature_init_test.go
│ ├── signature_key_templates.go
│ ├── signature_key_templates_test.go
│ ├── signature_test.go
│ ├── signer_factory.go
│ ├── slhdsa/
│ │ ├── key.go
│ │ ├── key_pairs_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── slhdsa.go
│ │ ├── slhdsa_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── subtle/
│ │ ├── ecdsa.go
│ │ ├── ecdsa_signer.go
│ │ ├── ecdsa_signer_verifier_test.go
│ │ ├── ecdsa_test.go
│ │ ├── ecdsa_verifier.go
│ │ ├── ed25519_signer.go
│ │ ├── ed25519_signer_verifier_test.go
│ │ ├── ed25519_verifier.go
│ │ ├── subtle.go
│ │ └── subtle_test.go
│ └── verifier_factory.go
├── streamingaead/
│ ├── aesctrhmac/
│ │ ├── aesctrhmac.go
│ │ ├── aesctrhmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── aesgcmhkdf/
│ │ ├── aesgcmhkdf.go
│ │ ├── aesgcmhkdf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── decrypt_reader.go
│ ├── decrypt_reader_test.go
│ ├── streamingaead.go
│ ├── streamingaead_benchmark_test.go
│ ├── streamingaead_factory.go
│ ├── streamingaead_factory_test.go
│ ├── streamingaead_key_templates.go
│ ├── streamingaead_key_templates_test.go
│ ├── streamingaead_test.go
│ └── subtle/
│ ├── aes_ctr_hmac.go
│ ├── aes_ctr_hmac_test.go
│ ├── aes_gcm_hkdf.go
│ ├── aes_gcm_hkdf_test.go
│ ├── noncebased/
│ │ ├── noncebased.go
│ │ └── noncebased_test.go
│ ├── subtle.go
│ └── subtle_test.go
├── subtle/
│ ├── hkdf.go
│ ├── hkdf_test.go
│ ├── random/
│ │ ├── random.go
│ │ └── random_test.go
│ ├── subtle.go
│ ├── subtle_test.go
│ ├── x25519.go
│ └── x25519_test.go
├── testdata/
│ └── testvectors/
│ └── hpke_boringssl.json
├── testing/
│ ├── fakekms/
│ │ ├── fakekms.go
│ │ └── fakekms_test.go
│ ├── fakemonitoring/
│ │ ├── fakemonitoring.go
│ │ └── fakemonitoring_test.go
│ └── insecuresecretdataaccesstest/
│ └── insecuresecretdataaccesstest.go
├── testkeyset/
│ ├── testkeyset.go
│ └── testkeyset_test.go
├── testutil/
│ ├── constant.go
│ ├── hexbytes.go
│ ├── hexbytes_test.go
│ ├── hybrid/
│ │ ├── private_key.go
│ │ └── private_key_test.go
│ ├── testutil.go
│ └── testutil_test.go
└── tink/
├── aead.go
├── deterministic_aead.go
├── hybrid_decrypt.go
├── hybrid_encrypt.go
├── mac.go
├── signer.go
├── streamingaead.go
├── tink.go
├── verifier.go
└── version.go
================================================
FILE CONTENTS
================================================
================================================
FILE: LICENSE
================================================
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
================================================
FILE: README.md
================================================
# Tink Go
<!-- GCP Ubuntu --->
[tink_go_gomod_badge_gcp_ubuntu]: https://storage.googleapis.com/tink-kokoro-build-badges/tink-go-gomod-gcp-ubuntu.svg
[tink_go_gomod_386_badge_gcp_ubuntu]: https://storage.googleapis.com/tink-kokoro-build-badges/tink-go-gomod-386-gcp-ubuntu.svg
<!-- MacOS --->
[tink_go_gomod_badge_macos]: https://storage.googleapis.com/tink-kokoro-build-badges/tink-go-gomod-macos-external.svg
**Test** | **GCP Ubuntu** | **MacOS**
------------------- | --------------------------------------------------------------- | ---------
Tink Gomod | [![Gomod_GcpUbuntu][tink_go_gomod_badge_gcp_ubuntu]](#) | [![Gomod_MacOs][tink_go_gomod_badge_macos]](#)
Tink Gomod (32 bit) | [![Gomod_GcpUbuntu_386][tink_go_gomod_386_badge_gcp_ubuntu]](#) | N/A
> **NOTE**: **Versions of Tink Go prior to v2.0.0 are located at
> https://github.com/tink-crypto/tink
> ([godoc](https://pkg.go.dev/github.com/tink-crypto/tink)).**
Using crypto in your application [shouldn't have to][devs_are_users_too_slides]
feel like juggling chainsaws in the dark. Tink is a crypto library written by a
group of cryptographers and security engineers at Google. It was born out of our
extensive experience working with Google's product teams,
[fixing weaknesses in implementations](https://github.com/google/wycheproof),
and providing simple APIs that can be used safely without needing a crypto
background.
Tink provides secure APIs that are easy to use correctly and hard(er) to misuse.
It reduces common crypto pitfalls with user-centered design, careful
implementation and code reviews, and extensive testing. At Google, Tink is one
of the standard crypto libraries, and has been deployed in hundreds of products
and systems.
To get a quick overview of Tink's design please take a look at
[Tink's goals](https://developers.google.com/tink/design/goals_of_tink).
The latest version is 2.6.0 ([godoc](https://pkg.go.dev/github.com/tink-crypto/tink-go/v2)).
The official documentation is available at https://developers.google.com/tink.
[devs_are_users_too_slides]: https://www.usenix.org/sites/default/files/conference/protected-files/hotsec15_slides_green.pdf
## Contact and mailing list
If you want to contribute, please read [CONTRIBUTING](docs/CONTRIBUTING.md) and
send us pull requests. You can also report bugs or file feature requests.
If you'd like to talk to the developers or get notified about major product
updates, you may want to subscribe to our
[mailing list](https://groups.google.com/forum/#!forum/tink-users).
## Maintainers
Tink is maintained by (A-Z):
- Moreno Ambrosin
- Taymon Beal
- William Conner
- Thomas Holenstein
- Stefan Kölbl
- Charles Lee
- Cindy Lin
- Fernando Lobato Meeser
- Ioana Nedelcu
- Sophie Schmieg
- Elizaveta Tretiakova
- Jürg Wullschleger
Alumni:
- Haris Andrianakis
- Daniel Bleichenbacher
- Tanuj Dhir
- Thai Duong
- Atul Luykx
- Rafael Misoczki
- Quan Nguyen
- Bartosz Przydatek
- Enzo Puig
- Laurent Simon
- Veronika Slívová
- Paula Vidas
================================================
FILE: aead/aead.go
================================================
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Package aead provides implementations of the AEAD primitive.
//
// AEAD encryption assures the confidentiality and authenticity of the data. This primitive is CPA secure.
package aead
import (
"fmt"
_ "github.com/tink-crypto/tink-go/v2/aead/aesctrhmac" // To register the AES-CTR-HMAC key manager, parsers and serializers.
_ "github.com/tink-crypto/tink-go/v2/aead/aesgcm" // To register the AES-GCM key manager, parsers and serializers.
_ "github.com/tink-crypto/tink-go/v2/aead/aesgcmsiv" // To register the AES-GCM-SIV key manager, parsers and serializers.
_ "github.com/tink-crypto/tink-go/v2/aead/chacha20poly1305" // To register the ChaCha20Poly1305 key manager, parsers and serializers.
_ "github.com/tink-crypto/tink-go/v2/aead/xaesgcm" // To register the X-AES-GCM key manager, parsers and serializers.
_ "github.com/tink-crypto/tink-go/v2/aead/xchacha20poly1305" // To register the XChaCha20Poly1305 key manager.
"github.com/tink-crypto/tink-go/v2/core/registry"
)
func init() {
if err := registry.RegisterKeyManager(new(kmsEnvelopeAEADKeyManager)); err != nil {
panic(fmt.Sprintf("aead.init() failed: %v", err))
}
}
================================================
FILE: aead/aead_benchmark_test.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aead_test
import (
"fmt"
"testing"
"github.com/tink-crypto/tink-go/v2/aead"
"github.com/tink-crypto/tink-go/v2/keyset"
"github.com/tink-crypto/tink-go/v2/subtle/random"
tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
)
// Benchmarks for AEAD algorithms.
type testCase struct {
name string
template *tinkpb.KeyTemplate
plaintextSize uint32
}
func testCases() []testCase {
tcs := []testCase{}
for _, plaintextSize := range []uint32{
1, // 1 Byte
1 * 1024, // 1 KByte,
1 * 1024 * 1024, // 1 MByte
} {
tcs = append(tcs, testCase{
name: fmt.Sprintf("AES128_GCM-%d", plaintextSize),
template: aead.AES128GCMKeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("AES256_GCM-%d", plaintextSize),
template: aead.AES256GCMKeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("CHACHA20_POLY1305-%d", plaintextSize),
template: aead.ChaCha20Poly1305KeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("XCHACHA20_POLY1305-%d", plaintextSize),
template: aead.XChaCha20Poly1305KeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("AES128_CTR_HMAC-%d", plaintextSize),
template: aead.AES128CTRHMACSHA256KeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("AES256_CTR_HMAC-%d", plaintextSize),
template: aead.AES256CTRHMACSHA256KeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("AES128_GCM_SIV-%d", plaintextSize),
template: aead.AES128GCMSIVKeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("AES256_GCM_SIV-%d", plaintextSize),
template: aead.AES256GCMSIVKeyTemplate(),
plaintextSize: plaintextSize,
})
tcs = append(tcs, testCase{
name: fmt.Sprintf("XAES256_GCM-%d", plaintextSize),
template: aead.XAES256GCM192BitNonceKeyTemplate(),
plaintextSize: plaintextSize,
})
}
return tcs
}
func BenchmarkEncrypt(b *testing.B) {
const associatedDataSize = 256
for _, tc := range testCases() {
b.Run(tc.name, func(b *testing.B) {
b.ReportAllocs()
handle, err := keyset.NewHandle(tc.template)
if err != nil {
b.Fatal(err)
}
primitive, err := aead.New(handle)
if err != nil {
b.Fatal(err)
}
plaintext := random.GetRandomBytes(tc.plaintextSize)
associatedData := random.GetRandomBytes(associatedDataSize)
b.ResetTimer()
for i := 0; i < b.N; i++ {
_, err := primitive.Encrypt(plaintext, associatedData)
if err != nil {
b.Fatal(err)
}
}
})
}
}
func BenchmarkDecrypt(b *testing.B) {
const associatedDataSize = 256
for _, tc := range testCases() {
b.Run(tc.name, func(b *testing.B) {
b.ReportAllocs()
handle, err := keyset.NewHandle(tc.template)
if err != nil {
b.Fatal(err)
}
primitive, err := aead.New(handle)
if err != nil {
b.Fatal(err)
}
plaintext := random.GetRandomBytes(tc.plaintextSize)
associatedData := random.GetRandomBytes(associatedDataSize)
ciphertext, err := primitive.Encrypt(plaintext, associatedData)
if err != nil {
b.Fatal(err)
}
b.ResetTimer()
for i := 0; i < b.N; i++ {
if _, err = primitive.Decrypt(ciphertext, associatedData); err != nil {
b.Error(err)
}
}
})
}
}
================================================
FILE: aead/aead_factory.go
================================================
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aead
import (
"fmt"
"slices"
"github.com/tink-crypto/tink-go/v2/internal/internalapi"
"github.com/tink-crypto/tink-go/v2/internal/internalregistry"
"github.com/tink-crypto/tink-go/v2/internal/monitoringutil"
"github.com/tink-crypto/tink-go/v2/internal/prefixmap"
"github.com/tink-crypto/tink-go/v2/internal/primitiveset"
"github.com/tink-crypto/tink-go/v2/internal/registryconfig"
"github.com/tink-crypto/tink-go/v2/keyset"
"github.com/tink-crypto/tink-go/v2/monitoring"
"github.com/tink-crypto/tink-go/v2/tink"
)
// New returns an AEAD primitive from the given keyset handle.
func New(handle *keyset.Handle) (tink.AEAD, error) {
ps, err := keyset.Primitives[tink.AEAD](handle, ®istryconfig.RegistryConfig{}, internalapi.Token{})
if err != nil {
return nil, fmt.Errorf("aead_factory: cannot obtain primitive set: %s", err)
}
return newWrappedAead(ps)
}
// NewWithConfig creates an AEAD primitive from the given [keyset.Handle] using
// the provided [Config].
func NewWithConfig(handle *keyset.Handle, config keyset.Config) (tink.AEAD, error) {
ps, err := keyset.Primitives[tink.AEAD](handle, config, internalapi.Token{})
if err != nil {
return nil, fmt.Errorf("aead_factory: cannot obtain primitive set with config: %s", err)
}
return newWrappedAead(ps)
}
// wrappedAead is an AEAD implementation that uses the underlying primitive set for encryption
// and decryption.
type wrappedAead struct {
primary aeadAndKeyID
primitives *prefixmap.PrefixMap[aeadAndKeyID]
encLogger monitoring.Logger
decLogger monitoring.Logger
}
type aeadAndKeyID struct {
primitive tink.AEAD
keyID uint32
}
func (a *aeadAndKeyID) Encrypt(plaintext, associatedData []byte) ([]byte, error) {
return a.primitive.Encrypt(plaintext, associatedData)
}
func (a *aeadAndKeyID) Decrypt(ciphertext, associatedData []byte) ([]byte, error) {
return a.primitive.Decrypt(ciphertext, associatedData)
}
// aeadPrimitiveAdapter is an adapter that turns a non-full [tink.AEAD]
// primitive into a full [tink.AEAD] primitive.
type fullAEADPrimitiveAdapter struct {
primitive tink.AEAD
prefix []byte
}
func (a *fullAEADPrimitiveAdapter) Encrypt(plaintext, associatedData []byte) ([]byte, error) {
ct, err := a.primitive.Encrypt(plaintext, associatedData)
if err != nil {
return nil, err
}
return slices.Concat(a.prefix, ct), nil
}
func (a *fullAEADPrimitiveAdapter) Decrypt(ciphertext, associatedData []byte) ([]byte, error) {
return a.primitive.Decrypt(ciphertext[len(a.prefix):], associatedData)
}
// extractFullAEAD returns a full aeadAndKeyID primitive from the given
// [primitiveset.Entry[tink.AEAD]].
func extractFullAEAD(entry *primitiveset.Entry[tink.AEAD]) (*aeadAndKeyID, error) {
if entry.FullPrimitive != nil {
return &aeadAndKeyID{primitive: entry.FullPrimitive, keyID: entry.KeyID}, nil
}
return &aeadAndKeyID{
primitive: &fullAEADPrimitiveAdapter{primitive: entry.Primitive, prefix: entry.OutputPrefix()},
keyID: entry.KeyID,
}, nil
}
func newWrappedAead(ps *primitiveset.PrimitiveSet[tink.AEAD]) (*wrappedAead, error) {
primary, err := extractFullAEAD(ps.Primary)
if err != nil {
return nil, err
}
primitives := prefixmap.New[aeadAndKeyID]()
for _, entries := range ps.Entries {
for _, e := range entries {
p, err := extractFullAEAD(e)
if err != nil {
return nil, err
}
primitives.Insert(string(e.OutputPrefix()), *p)
}
}
encLogger, decLogger, err := createLoggers(ps)
if err != nil {
return nil, err
}
return &wrappedAead{
primary: *primary,
primitives: primitives,
encLogger: encLogger,
decLogger: decLogger,
}, nil
}
func createLoggers(ps *primitiveset.PrimitiveSet[tink.AEAD]) (monitoring.Logger, monitoring.Logger, error) {
if len(ps.Annotations) == 0 {
return &monitoringutil.DoNothingLogger{}, &monitoringutil.DoNothingLogger{}, nil
}
client := internalregistry.GetMonitoringClient()
keysetInfo, err := monitoringutil.KeysetInfoFromPrimitiveSet(ps)
if err != nil {
return nil, nil, err
}
encLogger, err := client.NewLogger(&monitoring.Context{
Primitive: "aead",
APIFunction: "encrypt",
KeysetInfo: keysetInfo,
})
if err != nil {
return nil, nil, err
}
decLogger, err := client.NewLogger(&monitoring.Context{
Primitive: "aead",
APIFunction: "decrypt",
KeysetInfo: keysetInfo,
})
if err != nil {
return nil, nil, err
}
return encLogger, decLogger, nil
}
// Encrypt encrypts the given plaintext with the given associatedData.
// It returns the concatenation of the primary's identifier and the ciphertext.
func (a *wrappedAead) Encrypt(plaintext, associatedData []byte) ([]byte, error) {
ct, err := a.primary.Encrypt(plaintext, associatedData)
if err != nil {
a.encLogger.LogFailure()
return nil, err
}
a.encLogger.Log(a.primary.keyID, len(plaintext))
return ct, nil
}
// Decrypt decrypts the given ciphertext and authenticates it with the given
// associatedData. It returns the corresponding plaintext if the
// ciphertext is authenticated.
func (a *wrappedAead) Decrypt(ciphertext, associatedData []byte) ([]byte, error) {
it := a.primitives.PrimitivesMatchingPrefix(ciphertext)
for primitive, ok := it.Next(); ok; primitive, ok = it.Next() {
pt, err := primitive.Decrypt(ciphertext, associatedData)
if err != nil {
continue
}
a.decLogger.Log(primitive.keyID, len(ciphertext))
return pt, nil
}
// Nothing worked.
a.decLogger.LogFailure()
return nil, fmt.Errorf("aead_factory: decryption failed")
}
================================================
FILE: aead/aead_factory_test.go
================================================
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aead_test
import (
"bytes"
"errors"
"fmt"
"reflect"
"slices"
"strings"
"testing"
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
"github.com/tink-crypto/tink-go/v2/aead"
"github.com/tink-crypto/tink-go/v2/aead/aesgcm"
"github.com/tink-crypto/tink-go/v2/aead/subtle"
"github.com/tink-crypto/tink-go/v2/core/cryptofmt"
"github.com/tink-crypto/tink-go/v2/core/registry"
"github.com/tink-crypto/tink-go/v2/internal/config"
"github.com/tink-crypto/tink-go/v2/internal/internalapi"
"github.com/tink-crypto/tink-go/v2/internal/internalregistry"
"github.com/tink-crypto/tink-go/v2/internal/testing/stubkeymanager"
"github.com/tink-crypto/tink-go/v2/key"
"github.com/tink-crypto/tink-go/v2/keyset"
"github.com/tink-crypto/tink-go/v2/monitoring"
"github.com/tink-crypto/tink-go/v2/signature"
"github.com/tink-crypto/tink-go/v2/subtle/random"
"github.com/tink-crypto/tink-go/v2/testing/fakemonitoring"
"github.com/tink-crypto/tink-go/v2/testkeyset"
"github.com/tink-crypto/tink-go/v2/testutil"
"github.com/tink-crypto/tink-go/v2/tink"
agpb "github.com/tink-crypto/tink-go/v2/proto/aes_gcm_go_proto"
tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
)
func TestFactoryMultipleKeys(t *testing.T) {
// encrypt with non-raw key
keyset := testutil.NewTestAESGCMKeyset(tinkpb.OutputPrefixType_TINK)
primaryKey := keyset.Key[0]
if primaryKey.OutputPrefixType == tinkpb.OutputPrefixType_RAW {
t.Errorf("expect a non-raw key")
}
keysetHandle, err := testkeyset.NewHandle(keyset)
if err != nil {
t.Fatalf("testkeyset.NewHandle() err = %s, want err", err)
}
a, err := aead.New(keysetHandle)
if err != nil {
t.Errorf("aead.New failed: %s", err)
}
expectedPrefix, err := cryptofmt.OutputPrefix(primaryKey)
if err != nil {
t.Errorf("cryptofmt.OutputPrefix() err = %s, want nil", err)
}
if err := validateAEADFactoryCipher(a, a, expectedPrefix); err != nil {
t.Errorf("invalid cipher: %s", err)
}
// encrypt with a non-primary RAW key and decrypt with the keyset
rawKey := keyset.Key[1]
if rawKey.OutputPrefixType != tinkpb.OutputPrefixType_RAW {
t.Errorf("expect a raw key")
}
keyset2 := testutil.NewKeyset(rawKey.KeyId, []*tinkpb.Keyset_Key{rawKey})
keysetHandle2, err := testkeyset.NewHandle(keyset2)
if err != nil {
t.Fatalf("testkeyset.NewHandle() err = %s, want err", err)
}
a2, err := aead.New(keysetHandle2)
if err != nil {
t.Errorf("aead.New failed: %s", err)
}
if err := validateAEADFactoryCipher(a2, a, cryptofmt.RawPrefix); err != nil {
t.Errorf("invalid cipher: %s", err)
}
// encrypt with a random key not in the keyset, decrypt with the keyset should fail
keyset2 = testutil.NewTestAESGCMKeyset(tinkpb.OutputPrefixType_TINK)
primaryKey = keyset2.Key[0]
expectedPrefix, err = cryptofmt.OutputPrefix(primaryKey)
if err != nil {
t.Errorf("cryptofmt.OutputPrefix() err = %s, want err", err)
}
keysetHandle2, err = testkeyset.NewHandle(keyset2)
if err != nil {
t.Fatalf("testkeyset.NewHandle() err = %s, want err", err)
}
a2, err = aead.New(keysetHandle2)
if err != nil {
t.Errorf("aead.New failed: %s", err)
}
err = validateAEADFactoryCipher(a2, a, expectedPrefix)
if err == nil || !strings.Contains(err.Error(), "decryption failed") {
t.Errorf("expect decryption to fail with random key: %s", err)
}
}
type stubAEAD struct {
prefix []byte
}
func (a *stubAEAD) Encrypt(p, _ []byte) ([]byte, error) {
return slices.Concat(a.prefix, p), nil
}
func (a *stubAEAD) Decrypt(c, _ []byte) ([]byte, error) {
if !bytes.HasPrefix(c, a.prefix) {
return nil, errors.New("ciphertext does not start with prefix")
}
return c[len(a.prefix):], nil
}
func TestNewWithConfig(t *testing.T) {
annotations := map[string]string{"foo": "bar"}
// Last key is primary.
keysetHandleWithPrimaryWithPrefix := mustCreateHandle(t, annotations, aead.AES256GCMNoPrefixKeyTemplate(), aead.AES256GCMKeyTemplate())
keysetHandleWithPrimaryWithoutPrefix := mustCreateHandle(t, annotations, aead.AES256GCMKeyTemplate(), aead.AES256GCMNoPrefixKeyTemplate())
cb := config.NewBuilder()
if err := cb.RegisterPrimitiveConstructor(reflect.TypeFor[*aesgcm.Key](), func(key key.Key) (any, error) {
return &stubAEAD{prefix: key.(*aesgcm.Key).OutputPrefix()}, nil
}, internalapi.Token{}); err != nil {
t.Fatalf("cb.RegisterPrimitiveConstructor() err = %v, want nil", err)
}
c := cb.Build()
for _, tc := range []struct {
name string
kh *keyset.Handle
wantPrefix bool
}{
{
name: "full primitive primary with prefix",
kh: keysetHandleWithPrimaryWithPrefix,
wantPrefix: true,
},
{
name: "full primitive primary without prefix",
kh: keysetHandleWithPrimaryWithoutPrefix,
},
} {
t.Run(tc.name, func(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
a, err := aead.NewWithConfig(tc.kh, &c)
if err != nil {
t.Fatalf("aead.NewWithConfig(tc.kh, config) err = %v, want nil", err)
}
plaintext := []byte("message")
associatedData := []byte("aad")
ct, err := a.Encrypt(plaintext, associatedData)
if err != nil {
t.Fatalf("aead.Encrypt() err = %v, want nil", err)
}
primaryEntry, err := tc.kh.Primary()
if err != nil {
t.Fatalf("kh.Primary() err = %v, want nil", err)
}
prefix := primaryEntry.Key().(*aesgcm.Key).OutputPrefix()
if tc.wantPrefix && len(prefix) == 0 {
t.Fatalf("want prefix, got empty prefix")
}
if got, want := ct, slices.Concat(prefix, plaintext); !bytes.Equal(got, want) {
t.Errorf("aead.Encrypt() = %q, want %q", got, want)
}
pt, err := a.Decrypt(ct, associatedData)
if err != nil {
t.Fatalf("aead.Decrypt() err = %v, want nil", err)
}
if !bytes.Equal(pt, plaintext) {
t.Errorf("aead.Decrypt() = %q, want %q", pt, plaintext)
}
// Make sure that the monitoring logs the correct number of bytes.
gotEvents := client.Events()
if len(gotEvents) != 2 {
t.Fatalf("len(client.Events()) = %d, want 1", len(gotEvents))
}
wantEvents := []*fakemonitoring.LogEvent{
{
KeyID: primaryEntry.KeyID(),
NumBytes: len(plaintext),
Context: monitoring.NewContext("aead", "encrypt", nil), // KeysetInfo is not relevant for this test.
},
{
KeyID: primaryEntry.KeyID(),
NumBytes: len(ct),
Context: monitoring.NewContext("aead", "decrypt", nil), // KeysetInfo is not relevant for this test.
},
}
if diff := cmp.Diff(gotEvents, wantEvents, cmpopts.IgnoreFields(fakemonitoring.LogEvent{}, "Context.KeysetInfo")); diff != "" {
t.Errorf("got != want, diff: %v", diff)
}
})
}
}
func TestFactoryRawKeyAsPrimary(t *testing.T) {
keyset := testutil.NewTestAESGCMKeyset(tinkpb.OutputPrefixType_RAW)
if keyset.Key[0].OutputPrefixType != tinkpb.OutputPrefixType_RAW {
t.Errorf("primary key is not a raw key")
}
keysetHandle, err := testkeyset.NewHandle(keyset)
if err != nil {
t.Fatalf("testkeyset.NewHandle() err = %s, want err", err)
}
a, err := aead.New(keysetHandle)
if err != nil {
t.Errorf("cannot get primitive from keyset handle: %s", err)
}
if err := validateAEADFactoryCipher(a, a, cryptofmt.RawPrefix); err != nil {
t.Errorf("invalid cipher: %s", err)
}
}
func validateAEADFactoryCipher(encryptCipher, decryptCipher tink.AEAD, expectedPrefix string) error {
prefixSize := len(expectedPrefix)
// regular plaintext
pt := random.GetRandomBytes(20)
ad := random.GetRandomBytes(20)
ct, err := encryptCipher.Encrypt(pt, ad)
if err != nil {
return fmt.Errorf("encryption failed with regular plaintext: %s", err)
}
decrypted, err := decryptCipher.Decrypt(ct, ad)
if err != nil || !bytes.Equal(decrypted, pt) {
return fmt.Errorf("decryption failed with regular plaintext: err: %s, pt: %s, decrypted: %s",
err, pt, decrypted)
}
if string(ct[:prefixSize]) != expectedPrefix {
return fmt.Errorf("incorrect prefix with regular plaintext")
}
if prefixSize+len(pt)+subtle.AESGCMIVSize+subtle.AESGCMTagSize != len(ct) {
return fmt.Errorf("lengths of plaintext and ciphertext don't match with regular plaintext")
}
// short plaintext
pt = random.GetRandomBytes(1)
ct, err = encryptCipher.Encrypt(pt, ad)
if err != nil {
return fmt.Errorf("encryption failed with short plaintext: %s", err)
}
decrypted, err = decryptCipher.Decrypt(ct, ad)
if err != nil || !bytes.Equal(decrypted, pt) {
return fmt.Errorf("decryption failed with short plaintext: err: %s, pt: %s, decrypted: %s",
err, pt, decrypted)
}
if string(ct[:prefixSize]) != expectedPrefix {
return fmt.Errorf("incorrect prefix with short plaintext")
}
if prefixSize+len(pt)+subtle.AESGCMIVSize+subtle.AESGCMTagSize != len(ct) {
return fmt.Errorf("lengths of plaintext and ciphertext don't match with short plaintext")
}
return nil
}
func TestFactoryWithInvalidPrimitiveSetType(t *testing.T) {
wrongKH, err := keyset.NewHandle(signature.ECDSAP256KeyTemplate())
if err != nil {
t.Fatalf("failed to build *keyset.Handle: %s", err)
}
_, err = aead.New(wrongKH)
if err == nil {
t.Fatalf("calling New() with wrong *keyset.Handle should fail")
}
}
func TestFactoryWithValidPrimitiveSetType(t *testing.T) {
goodKH, err := keyset.NewHandle(aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("failed to build *keyset.Handle: %s", err)
}
_, err = aead.New(goodKH)
if err != nil {
t.Fatalf("calling New() with good *keyset.Handle failed: %s", err)
}
}
func TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecryptionWithPrefix(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
kh := mustCreateHandle(t, annotations, aead.AES128GCMKeyTemplate())
p, err := aead.New(kh)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
data := []byte("HELLO_WORLD")
ad := []byte("_!")
ct, err := p.Encrypt(data, ad)
if err != nil {
t.Fatalf("p.Encrypt() err = %v, want nil", err)
}
if _, err := p.Decrypt(ct, ad); err != nil {
t.Fatalf("p.Decrypt() err = %v, want nil", err)
}
failures := client.Failures()
if len(failures) != 0 {
t.Errorf("len(client.Failures()) = %d, want = 0", len(failures))
}
got := client.Events()
wantKeysetInfo := monitoring.NewKeysetInfo(
annotations,
kh.KeysetInfo().GetPrimaryKeyId(),
[]*monitoring.Entry{
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.AesGcmKey",
KeyPrefix: "TINK",
},
},
)
want := []*fakemonitoring.LogEvent{
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(data),
Context: monitoring.NewContext("aead", "encrypt", wantKeysetInfo),
},
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(ct),
Context: monitoring.NewContext("aead", "decrypt", wantKeysetInfo),
},
}
if diff := cmp.Diff(got, want); diff != "" {
t.Errorf("got != want, diff: %v", diff)
}
}
func TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecryptionWithoutPrefix(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
kh := mustCreateHandle(t, annotations, aead.AES256GCMNoPrefixKeyTemplate())
p, err := aead.New(kh)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
data := []byte("HELLO_WORLD")
ct, err := p.Encrypt(data, nil)
if err != nil {
t.Fatalf("p.Encrypt() err = %v, want nil", err)
}
if _, err := p.Decrypt(ct, nil); err != nil {
t.Fatalf("p.Decrypt() err = %v, want nil", err)
}
failures := client.Failures()
if len(failures) != 0 {
t.Errorf("len(client.Failures()) = %d, want = 0", len(failures))
}
got := client.Events()
wantKeysetInfo := monitoring.NewKeysetInfo(
annotations,
kh.KeysetInfo().GetPrimaryKeyId(),
[]*monitoring.Entry{
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.AesGcmKey",
KeyPrefix: "RAW",
},
},
)
want := []*fakemonitoring.LogEvent{
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(data),
Context: monitoring.NewContext("aead", "encrypt", wantKeysetInfo),
},
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(ct),
Context: monitoring.NewContext("aead", "decrypt", wantKeysetInfo),
},
}
if cmp.Diff(got, want) != "" {
t.Errorf("%v", cmp.Diff(got, want))
}
}
func TestPrimitiveFactoryMonitoringWithAnnotatiosMultipleKeysLogsEncryptionDecryption(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("registry.RegisterMonitoringClient() err = %v, want nil", err)
}
manager := keyset.NewManager()
keyTemplates := []*tinkpb.KeyTemplate{
aead.AES128GCMKeyTemplate(),
aead.AES256GCMNoPrefixKeyTemplate(),
aead.AES128CTRHMACSHA256KeyTemplate(),
aead.XChaCha20Poly1305KeyTemplate(),
}
keyIDs := make([]uint32, len(keyTemplates), len(keyTemplates))
var err error
for i, kt := range keyTemplates {
keyIDs[i], err = manager.Add(kt)
if err != nil {
t.Fatalf("manager.Add(%v) err = %v, want nil", kt, err)
}
}
if err := manager.SetPrimary(keyIDs[1]); err != nil {
t.Fatalf("manager.SetPrimary(%d) err = %v, want nil", keyIDs[1], err)
}
if err := manager.Disable(keyIDs[0]); err != nil {
t.Fatalf("manager.Disable(%d) err = %v, want nil", keyIDs[0], err)
}
annotations := map[string]string{"foo": "bar"}
if err := manager.SetAnnotations(annotations); err != nil {
t.Fatalf("manager.SetAnnotations(%v) err = %v, want nil", annotations, err)
}
kh, err := manager.Handle()
if err != nil {
t.Fatalf("manager.Handle() err = %v, want nil", err)
}
p, err := aead.New(kh)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
failures := len(client.Failures())
if failures != 0 {
t.Errorf("len(client.Failures()) = %d, want 0", failures)
}
data := []byte("YELLOW_ORANGE")
ct, err := p.Encrypt(data, nil)
if err != nil {
t.Fatalf("p.Encrypt() err = %v, want nil", err)
}
if _, err := p.Decrypt(ct, nil); err != nil {
t.Fatalf("p.Decrypt() err = %v, want nil", err)
}
got := client.Events()
wantKeysetInfo := monitoring.NewKeysetInfo(annotations, keyIDs[1], []*monitoring.Entry{
{
KeyID: keyIDs[1],
Status: monitoring.Enabled,
KeyType: "tink.AesGcmKey",
KeyPrefix: "RAW",
},
{
KeyID: keyIDs[2],
Status: monitoring.Enabled,
KeyType: "tink.AesCtrHmacAeadKey",
KeyPrefix: "TINK",
},
{
KeyID: keyIDs[3],
Status: monitoring.Enabled,
KeyType: "tink.XChaCha20Poly1305Key",
KeyPrefix: "TINK",
},
})
want := []*fakemonitoring.LogEvent{
{
KeyID: keyIDs[1],
NumBytes: len(data),
Context: monitoring.NewContext(
"aead",
"encrypt",
wantKeysetInfo,
),
},
{
KeyID: keyIDs[1],
NumBytes: len(ct),
Context: monitoring.NewContext(
"aead",
"decrypt",
wantKeysetInfo,
),
},
}
// sort by keyID to avoid non deterministic order.
entryLessFunc := func(a, b *monitoring.Entry) bool {
return a.KeyID < b.KeyID
}
if !cmp.Equal(got, want, cmpopts.SortSlices(entryLessFunc)) {
t.Errorf("got = %v, want = %v, with diff: %v", got, want, cmp.Diff(got, want))
}
}
func TestPrimitiveFactoryWithMonitoringAnnotationsEncryptionFailureIsLogged(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := &fakemonitoring.Client{Name: ""}
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
typeURL := "TestFactoryWithMonitoringPrimitiveEncryptionFailureIsLogged"
template := &tinkpb.KeyTemplate{
TypeUrl: typeURL,
OutputPrefixType: tinkpb.OutputPrefixType_LEGACY,
}
km := &stubkeymanager.StubKeyManager{
URL: typeURL,
Key: &agpb.AesGcmKey{},
Prim: &testutil.AlwaysFailingAead{Error: errors.New("failed")},
KeyData: &tinkpb.KeyData{
TypeUrl: typeURL,
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
Value: []byte("serialized_key"),
},
}
if err := registry.RegisterKeyManager(km); err != nil {
t.Fatalf("registry.RegisterKeyManager() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
kh := mustCreateHandle(t, annotations, template)
p, err := aead.New(kh)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
if _, err := p.Encrypt(nil, nil); err == nil {
t.Fatalf("Encrypt() err = nil, want error")
}
got := client.Failures()
want := []*fakemonitoring.LogFailure{
{
Context: monitoring.NewContext(
"aead",
"encrypt",
monitoring.NewKeysetInfo(
annotations,
kh.KeysetInfo().GetPrimaryKeyId(),
[]*monitoring.Entry{
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: typeURL,
KeyPrefix: "LEGACY",
},
},
),
),
},
}
if cmp.Diff(got, want) != "" {
t.Errorf("%v", cmp.Diff(got, want))
}
}
func TestPrimitiveFactoryWithMonitoringAnnotationsDecryptionFailureIsLogged(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
kh := mustCreateHandle(t, annotations, aead.AES128GCMKeyTemplate())
p, err := aead.New(kh)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
if _, err := p.Decrypt([]byte("invalid_data"), nil); err == nil {
t.Fatalf("Decrypt() err = nil, want error")
}
got := client.Failures()
want := []*fakemonitoring.LogFailure{
{
Context: monitoring.NewContext(
"aead",
"decrypt",
monitoring.NewKeysetInfo(
annotations,
kh.KeysetInfo().GetPrimaryKeyId(),
[]*monitoring.Entry{
{
KeyID: kh.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.AesGcmKey",
KeyPrefix: "TINK",
},
},
),
),
},
}
if cmp.Diff(got, want) != "" {
t.Errorf("%v", cmp.Diff(got, want))
}
}
func mustCreateHandle(t *testing.T, annotations map[string]string, templates ...*tinkpb.KeyTemplate) *keyset.Handle {
t.Helper()
km := keyset.NewManager()
for _, template := range templates {
keyID, err := km.Add(template)
if err != nil {
t.Fatalf("km.Add(%v) err = %v, want nil", template, err)
}
if err := km.SetPrimary(keyID); err != nil {
t.Fatalf("km.SetPrimary(%d) err = %v, want nil", keyID, err)
}
}
if err := km.SetAnnotations(annotations); err != nil {
t.Fatalf("km.SetAnnotations(%v) err = %v, want nil", annotations, err)
}
kh, err := km.Handle()
if err != nil {
t.Fatalf("km.Handle() err = %v, want nil", err)
}
return kh
}
func TestFactoryWithMonitoringMultiplePrimitivesLogOperations(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := &fakemonitoring.Client{Name: ""}
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
annotations := map[string]string{"foo": "bar"}
kh1 := mustCreateHandle(t, annotations, aead.AES128GCMKeyTemplate())
p1, err := aead.New(kh1)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
kh2 := mustCreateHandle(t, annotations, aead.AES128CTRHMACSHA256KeyTemplate())
if err != nil {
t.Fatalf("keyset.NewHandle() err = %v, want nil", err)
}
p2, err := aead.New(kh2)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
d1 := []byte("YELLOW_ORANGE")
if _, err := p1.Encrypt(d1, nil); err != nil {
t.Fatalf("p1.Encrypt() err = %v, want nil", err)
}
d2 := []byte("ORANGE_BLUE")
if _, err := p2.Encrypt(d2, nil); err != nil {
t.Fatalf("p2.Encrypt() err = %v, want nil", err)
}
got := client.Events()
want := []*fakemonitoring.LogEvent{
{
KeyID: kh1.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(d1),
Context: monitoring.NewContext(
"aead",
"encrypt",
monitoring.NewKeysetInfo(
annotations,
kh1.KeysetInfo().GetPrimaryKeyId(),
[]*monitoring.Entry{
{
KeyID: kh1.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.AesGcmKey",
KeyPrefix: "TINK",
},
},
),
),
},
{
KeyID: kh2.KeysetInfo().GetPrimaryKeyId(),
NumBytes: len(d2),
Context: monitoring.NewContext(
"aead",
"encrypt",
monitoring.NewKeysetInfo(
annotations,
kh2.KeysetInfo().GetPrimaryKeyId(),
[]*monitoring.Entry{
{
KeyID: kh2.KeysetInfo().GetPrimaryKeyId(),
Status: monitoring.Enabled,
KeyType: "tink.AesCtrHmacAeadKey",
KeyPrefix: "TINK",
},
},
),
),
},
}
if !cmp.Equal(got, want) {
t.Errorf("got = %v, want = %v, with diff: %v", got, want, cmp.Diff(got, want))
}
}
func TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNothing(t *testing.T) {
defer internalregistry.ClearMonitoringClient()
client := fakemonitoring.NewClient("fake-client")
if err := internalregistry.RegisterMonitoringClient(client); err != nil {
t.Fatalf("internalregistry.RegisterMonitoringClient() err = %v, want nil", err)
}
kh, err := keyset.NewHandle(aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("keyset.NewHandle() err = %v, want nil", err)
}
p, err := aead.New(kh)
if err != nil {
t.Fatalf("aead.New() err = %v, want nil", err)
}
data := []byte("YELLOW_ORANGE")
ct, err := p.Encrypt(data, nil)
if err != nil {
t.Fatalf("p.Encrypt() err = %v, want nil", err)
}
if _, err := p.Decrypt(ct, nil); err != nil {
t.Fatalf("p.Decrypt() err = %v, want nil", err)
}
got := client.Events()
if len(got) != 0 {
t.Errorf("len(client.Events()) = %d, want 0", len(got))
}
failures := len(client.Failures())
if failures != 0 {
t.Errorf("len(client.Failures()) = %d, want 0", failures)
}
}
================================================
FILE: aead/aead_init_test.go
================================================
// Copyright 2023 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aead_test
import (
"testing"
"github.com/tink-crypto/tink-go/v2/core/registry"
"github.com/tink-crypto/tink-go/v2/testutil"
)
func TestAEADInit(t *testing.T) {
// Check that the AES-GCM key manager is in the global registry.
_, err := registry.GetKeyManager(testutil.AESGCMTypeURL)
if err != nil {
t.Errorf("unexpected error: %s", err)
}
// Check that the ChaCha20Poly1305 key manager is in the global registry.
_, err = registry.GetKeyManager(testutil.ChaCha20Poly1305TypeURL)
if err != nil {
t.Errorf("unexpected error: %s", err)
}
// Check that the XChaCha20Poly1305 key manager is in the global registry.
_, err = registry.GetKeyManager(testutil.XChaCha20Poly1305TypeURL)
if err != nil {
t.Errorf("unexpected error: %s", err)
}
}
================================================
FILE: aead/aead_key_templates.go
================================================
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aead
import (
"fmt"
"google.golang.org/protobuf/proto"
"github.com/tink-crypto/tink-go/v2/internal/tinkerror"
ctrpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_go_proto"
ctrhmacpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_hmac_aead_go_proto"
gcmpb "github.com/tink-crypto/tink-go/v2/proto/aes_gcm_go_proto"
gcmsivpb "github.com/tink-crypto/tink-go/v2/proto/aes_gcm_siv_go_proto"
commonpb "github.com/tink-crypto/tink-go/v2/proto/common_go_proto"
hmacpb "github.com/tink-crypto/tink-go/v2/proto/hmac_go_proto"
kmsenvpb "github.com/tink-crypto/tink-go/v2/proto/kms_envelope_go_proto"
tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
xaesgcmpb "github.com/tink-crypto/tink-go/v2/proto/x_aes_gcm_go_proto"
)
const (
aesGCMTypeURL = "type.googleapis.com/google.crypto.tink.AesGcmKey"
xAESGCMTypeURL = "type.googleapis.com/google.crypto.tink.XAesGcmKey"
chaCha20Poly1305TypeURL = "type.googleapis.com/google.crypto.tink.ChaCha20Poly1305Key"
xChaCha20Poly1305TypeURL = "type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key"
aesCTRHMACAEADTypeURL = "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey"
aesGCMSIVTypeURL = "type.googleapis.com/google.crypto.tink.AesGcmSivKey"
)
// This file contains pre-generated KeyTemplates for AEAD keys. One can use these templates
// to generate new Keysets.
// AES128GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
// - Key size: 16 bytes
// - Output prefix type: TINK
func AES128GCMKeyTemplate() *tinkpb.KeyTemplate {
return createAESGCMKeyTemplate(16, tinkpb.OutputPrefixType_TINK)
}
// AES256GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
// - Key size: 32 bytes
// - Output prefix type: TINK
func AES256GCMKeyTemplate() *tinkpb.KeyTemplate {
return createAESGCMKeyTemplate(32, tinkpb.OutputPrefixType_TINK)
}
// AES256GCMNoPrefixKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
// - Key size: 32 bytes
// - Output prefix type: RAW
func AES256GCMNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
return createAESGCMKeyTemplate(32, tinkpb.OutputPrefixType_RAW)
}
// XAES256GCM192BitNonceKeyTemplate is a KeyTemplate that generates an
// X-AES-GCM key with the following parameters:
// - Salt size: 12 bytes
// - Output prefix type: TINK
func XAES256GCM192BitNonceKeyTemplate() *tinkpb.KeyTemplate {
return createXAESGCMKeyTemplate(12, tinkpb.OutputPrefixType_TINK)
}
// XAES256GCM192BitNonceNoPrefixKeyTemplate is a KeyTemplate that generates an
// X-AES-GCM key with the following parameters:
// - Salt size: 12 bytes
// - Output prefix type: RAW
func XAES256GCM192BitNonceNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
return createXAESGCMKeyTemplate(12, tinkpb.OutputPrefixType_RAW)
}
// XAES256GCM160BitNonceKeyTemplate is a KeyTemplate that generates an
// X-AES-GCM key with the following parameters:
// - Salt size: 8 bytes
// - Output prefix type: TINK
func XAES256GCM160BitNonceKeyTemplate() *tinkpb.KeyTemplate {
return createXAESGCMKeyTemplate(8, tinkpb.OutputPrefixType_TINK)
}
// XAES256GCM160BitNonceNoPrefixKeyTemplate is a KeyTemplate that generates an
// X-AES-GCM key with the following parameters:
// - Salt size: 8 bytes
// - Output prefix type: RAW
func XAES256GCM160BitNonceNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
return createXAESGCMKeyTemplate(8, tinkpb.OutputPrefixType_RAW)
}
// AES128GCMSIVKeyTemplate is a KeyTemplate that generates an AES-GCM-SIV key with the following parameters:
// - Key size: 16 bytes
// - Output prefix type: TINK
func AES128GCMSIVKeyTemplate() *tinkpb.KeyTemplate {
return createAESGCMSIVKeyTemplate(16, tinkpb.OutputPrefixType_TINK)
}
// AES256GCMSIVKeyTemplate is a KeyTemplate that generates an AES-GCM-SIV key with the following parameters:
// - Key size: 32 bytes
// - Output prefix type: TINK
func AES256GCMSIVKeyTemplate() *tinkpb.KeyTemplate {
return createAESGCMSIVKeyTemplate(32, tinkpb.OutputPrefixType_TINK)
}
// AES256GCMSIVNoPrefixKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:
// - Key size: 32 bytes
// - Output prefix type: RAW
func AES256GCMSIVNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
return createAESGCMSIVKeyTemplate(32, tinkpb.OutputPrefixType_RAW)
}
// AES128CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:
// - AES key size: 16 bytes
// - AES CTR IV size: 16 bytes
// - HMAC key size: 32 bytes
// - HMAC tag size: 16 bytes
// - HMAC hash function: SHA256
func AES128CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
return createAESCTRHMACAEADKeyTemplate(16, 16, 32, 16, commonpb.HashType_SHA256)
}
// AES256CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:
// - AES key size: 32 bytes
// - AES CTR IV size: 16 bytes
// - HMAC key size: 32 bytes
// - HMAC tag size: 32 bytes
// - HMAC hash function: SHA256
func AES256CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
return createAESCTRHMACAEADKeyTemplate(32, 16, 32, 32, commonpb.HashType_SHA256)
}
// ChaCha20Poly1305KeyTemplate is a KeyTemplate that generates a CHACHA20_POLY1305 key.
func ChaCha20Poly1305KeyTemplate() *tinkpb.KeyTemplate {
return &tinkpb.KeyTemplate{
// Don't set value because KeyFormat is not required.
TypeUrl: chaCha20Poly1305TypeURL,
OutputPrefixType: tinkpb.OutputPrefixType_TINK,
}
}
// XChaCha20Poly1305KeyTemplate is a KeyTemplate that generates a XCHACHA20_POLY1305 key.
func XChaCha20Poly1305KeyTemplate() *tinkpb.KeyTemplate {
return &tinkpb.KeyTemplate{
// Don't set value because KeyFormat is not required.
TypeUrl: xChaCha20Poly1305TypeURL,
OutputPrefixType: tinkpb.OutputPrefixType_TINK,
}
}
// CreateKMSEnvelopeAEADKeyTemplate returns a key template that generates a
// KMSEnvelopeAEAD key for a given key encryption key (KEK) in a remote key
// management service (KMS).
//
// When performing encrypt operations, a data encryption key (DEK) is generated
// for each ciphertext. The DEK is wrapped by the remote KMS using the KEK and
// stored alongside the ciphertext.
//
// dekTemplate must be a KeyTemplate for any of these Tink AEAD key types (any
// other key template will be rejected):
// - AesCtrHmacAeadKey
// - AesGcmKey
// - ChaCha20Poly1305Key
// - XChaCha20Poly1305
// - AesGcmSivKey
//
// DEKs generated by this key template use the RAW output prefix to make them
// compatible with remote KMS encrypt/decrypt operations.
//
// Unlike other templates, when you generate new keys with this template, Tink
// does not generate new key material, but only creates a reference to the
// remote KEK.
//
// If either uri or dekTemplate contain invalid input, an error is returned.
//
// It is often not necessary to use this function. Instead, you can call
// kmsClient.GetAEAD to get a remote AEAD, and create an envelope AEAD using
// [NewKMSEnvelopeAEAD2].
//
// There is no need to call registry.RegisterKMSClient anymore.
func CreateKMSEnvelopeAEADKeyTemplate(uri string, dekTemplate *tinkpb.KeyTemplate) (*tinkpb.KeyTemplate, error) {
if !isSupportedKMSEnvelopeDEK(dekTemplate.GetTypeUrl()) {
return nil, fmt.Errorf("unsupported DEK key type %s. Only Tink AEAD key types are supported", dekTemplate.GetTypeUrl())
}
f := &kmsenvpb.KmsEnvelopeAeadKeyFormat{
KekUri: uri,
DekTemplate: dekTemplate,
}
serializedFormat, err := proto.Marshal(f)
if err != nil {
return nil, fmt.Errorf("failed to marshal key format: %s", err)
}
return &tinkpb.KeyTemplate{
Value: serializedFormat,
TypeUrl: kmsEnvelopeAEADTypeURL,
OutputPrefixType: tinkpb.OutputPrefixType_RAW,
}, nil
}
// KMSEnvelopeAEADKeyTemplate returns a KeyTemplate that generates a
// KMSEnvelopeAEAD key for a given key encryption key (KEK) in a remote key
// management service (KMS).
//
// If either uri or dekTemplate contain invalid input, program execution will
// be interrupted.
//
// Deprecated: Use [CreateKMSEnvelopeAEADKeyTemplate], which returns an error
// value instead of interrupting the program.
func KMSEnvelopeAEADKeyTemplate(uri string, dekTemplate *tinkpb.KeyTemplate) *tinkpb.KeyTemplate {
t, err := CreateKMSEnvelopeAEADKeyTemplate(uri, dekTemplate)
if err != nil {
tinkerror.Fail(err.Error())
}
return t
}
// createAESGCMKeyTemplate creates a new AES-GCM key template with the given key
// size in bytes.
func createAESGCMKeyTemplate(keySize uint32, outputPrefixType tinkpb.OutputPrefixType) *tinkpb.KeyTemplate {
format := &gcmpb.AesGcmKeyFormat{
KeySize: keySize,
}
serializedFormat, err := proto.Marshal(format)
if err != nil {
tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err))
}
return &tinkpb.KeyTemplate{
TypeUrl: aesGCMTypeURL,
Value: serializedFormat,
OutputPrefixType: outputPrefixType,
}
}
// createXAESGCMKeyTemplate creates a new X-AES-GCM key template with the given
// salt size in bytes.
func createXAESGCMKeyTemplate(saltSize uint32, outputPrefixType tinkpb.OutputPrefixType) *tinkpb.KeyTemplate {
format := &xaesgcmpb.XAesGcmKeyFormat{
Params: &xaesgcmpb.XAesGcmParams{
SaltSize: saltSize,
},
}
serializedFormat, err := proto.Marshal(format)
if err != nil {
tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err))
}
return &tinkpb.KeyTemplate{
TypeUrl: xAESGCMTypeURL,
Value: serializedFormat,
OutputPrefixType: outputPrefixType,
}
}
// createAESGCMSIVKeyTemplate creates a new AES-GCM-SIV key template with the given key
// size in bytes.
func createAESGCMSIVKeyTemplate(keySize uint32, outputPrefixType tinkpb.OutputPrefixType) *tinkpb.KeyTemplate {
format := &gcmsivpb.AesGcmSivKeyFormat{
KeySize: keySize,
}
serializedFormat, err := proto.Marshal(format)
if err != nil {
tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err))
}
return &tinkpb.KeyTemplate{
TypeUrl: aesGCMSIVTypeURL,
Value: serializedFormat,
OutputPrefixType: outputPrefixType,
}
}
func createAESCTRHMACAEADKeyTemplate(aesKeySize, ivSize, hmacKeySize, tagSize uint32, hash commonpb.HashType) *tinkpb.KeyTemplate {
format := &ctrhmacpb.AesCtrHmacAeadKeyFormat{
AesCtrKeyFormat: &ctrpb.AesCtrKeyFormat{
Params: &ctrpb.AesCtrParams{IvSize: ivSize},
KeySize: aesKeySize,
},
HmacKeyFormat: &hmacpb.HmacKeyFormat{
Params: &hmacpb.HmacParams{Hash: hash, TagSize: tagSize},
KeySize: hmacKeySize,
},
}
serializedFormat, err := proto.Marshal(format)
if err != nil {
tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err))
}
return &tinkpb.KeyTemplate{
Value: serializedFormat,
TypeUrl: aesCTRHMACAEADTypeURL,
OutputPrefixType: tinkpb.OutputPrefixType_TINK,
}
}
================================================
FILE: aead/aead_key_templates_test.go
================================================
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aead_test
import (
"bytes"
"fmt"
"testing"
"github.com/tink-crypto/tink-go/v2/aead"
"github.com/tink-crypto/tink-go/v2/core/registry"
"github.com/tink-crypto/tink-go/v2/internal/tinkerror/tinkerrortest"
"github.com/tink-crypto/tink-go/v2/keyset"
"github.com/tink-crypto/tink-go/v2/mac"
"github.com/tink-crypto/tink-go/v2/testing/fakekms"
tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
)
func TestKeyTemplates(t *testing.T) {
var testCases = []struct {
name string
template *tinkpb.KeyTemplate
}{
{
name: "AES128_GCM",
template: aead.AES128GCMKeyTemplate(),
}, {
name: "AES256_GCM",
template: aead.AES256GCMKeyTemplate(),
}, {
name: "AES256_GCM_NO_PREFIX",
template: aead.AES256GCMNoPrefixKeyTemplate(),
}, {
name: "XAES256_GCM_192_BIT_NONCE",
template: aead.XAES256GCM192BitNonceKeyTemplate(),
}, {
name: "XAES256_GCM_192_BIT_NONCE_NO_PREFIX",
template: aead.XAES256GCM192BitNonceNoPrefixKeyTemplate(),
}, {
name: "XAES256_GCM_160_BIT_NONCE",
template: aead.XAES256GCM160BitNonceKeyTemplate(),
}, {
name: "XAES256_GCM_160_BIT_NONCE_NO_PREFIX",
template: aead.XAES256GCM160BitNonceNoPrefixKeyTemplate(),
}, {
name: "AES128_GCM_SIV",
template: aead.AES128GCMSIVKeyTemplate(),
}, {
name: "AES256_GCM_SIV",
template: aead.AES256GCMSIVKeyTemplate(),
}, {
name: "AES256_GCM_SIV_NO_PREFIX",
template: aead.AES256GCMSIVNoPrefixKeyTemplate(),
}, {
name: "AES128_CTR_HMAC_SHA256",
template: aead.AES128CTRHMACSHA256KeyTemplate(),
}, {
name: "AES256_CTR_HMAC_SHA256",
template: aead.AES256CTRHMACSHA256KeyTemplate(),
}, {
name: "CHACHA20_POLY1305",
template: aead.ChaCha20Poly1305KeyTemplate(),
}, {
name: "XCHACHA20_POLY1305",
template: aead.XChaCha20Poly1305KeyTemplate(),
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
if err := testEncryptDecrypt(tc.template); err != nil {
t.Errorf("%v", err)
}
})
}
}
func TestKMSEnvelopeAEADKeyTemplate(t *testing.T) {
fakeKmsClient, err := fakekms.NewClient("fake-kms://")
if err != nil {
t.Fatalf("fakekms.NewClient('fake-kms://') failed: %v", err)
}
registry.RegisterKMSClient(fakeKmsClient)
fixedKeyURI := "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEIK75t5L-adlUwVhWvRuWUwYARABGM2b3_MDIAE"
newKeyURI, err := fakekms.NewKeyURI()
if err != nil {
t.Fatalf("fakekms.NewKeyURI() failed: %v", err)
}
fixedKeyTemplate, err := aead.CreateKMSEnvelopeAEADKeyTemplate(fixedKeyURI, aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("CreateKMSEnvelopeAEADKeyTemplate() err = %v", err)
}
newKeyTemplate, err := aead.CreateKMSEnvelopeAEADKeyTemplate(newKeyURI, aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("CreateKMSEnvelopeAEADKeyTemplate() err = %v", err)
}
var testCases = []struct {
name string
template *tinkpb.KeyTemplate
}{
{
name: "Fixed Fake KMS Envelope AEAD Key with AES128_GCM",
template: fixedKeyTemplate,
}, {
name: "New Fake KMS Envelope AEAD Key with AES128_GCM",
template: newKeyTemplate,
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
if tc.template.GetOutputPrefixType() != tinkpb.OutputPrefixType_RAW {
t.Errorf("KMS envelope template %s does not use RAW prefix, found '%s'", tc.name, tc.template.GetOutputPrefixType())
}
if err := testEncryptDecrypt(tc.template); err != nil {
t.Errorf("%v", err)
}
})
}
}
// Tests that two KMSEnvelopeAEAD keys that use the same KEK and DEK template
// should be able to decrypt each other's ciphertexts.
func TestKMSEnvelopeAEADKeyTemplateMultipleKeysSameKEK(t *testing.T) {
fakeKmsClient, err := fakekms.NewClient("fake-kms://")
if err != nil {
t.Fatalf("fakekms.NewClient('fake-kms://') failed: %v", err)
}
registry.RegisterKMSClient(fakeKmsClient)
fixedKeyURI := "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEIK75t5L-adlUwVhWvRuWUwYARABGM2b3_MDIAE"
template1, err := aead.CreateKMSEnvelopeAEADKeyTemplate(fixedKeyURI, aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("CreateKMSEnvelopeAEADKeyTemplate() err = %v", err)
}
template2, err := aead.CreateKMSEnvelopeAEADKeyTemplate(fixedKeyURI, aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("CreateKMSEnvelopeAEADKeyTemplate() err = %v", err)
}
handle1, err := keyset.NewHandle(template1)
if err != nil {
t.Fatalf("keyset.NewHandle(template1) failed: %v", err)
}
aead1, err := aead.New(handle1)
if err != nil {
t.Fatalf("aead.New(handle) failed: %v", err)
}
handle2, err := keyset.NewHandle(template2)
if err != nil {
t.Fatalf("keyset.NewHandle(template2) failed: %v", err)
}
aead2, err := aead.New(handle2)
if err != nil {
t.Fatalf("aead.New(handle) failed: %v", err)
}
plaintext := []byte("some data to encrypt")
aad := []byte("extra data to authenticate")
ciphertext, err := aead1.Encrypt(plaintext, aad)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
decrypted, err := aead2.Decrypt(ciphertext, aad)
if err != nil {
t.Fatalf("decryption failed, error: %v", err)
}
if !bytes.Equal(plaintext, decrypted) {
t.Fatalf("decrypted data doesn't match plaintext, got: %q, want: %q", decrypted, plaintext)
}
}
// This test shows how migrate away from CreateKMSEnvelopeAEADKeyTemplate.
func TestMigrateFromCreateKMSEnvelopeAEADKeyTemplateToNewKMSEnvelopeAEAD2(t *testing.T) {
kmsClient, err := fakekms.NewClient("fake-kms://")
if err != nil {
t.Fatalf("fakekms.NewClient('fake-kms://') failed: %v", err)
}
kekURI := "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEIK75t5L-adlUwVhWvRuWUwYARABGM2b3_MDIAE"
// This code:
registry.RegisterKMSClient(kmsClient)
kmsEnvelopeAEADTemplate, err := aead.CreateKMSEnvelopeAEADKeyTemplate(kekURI, aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("CreateKMSEnvelopeAEADKeyTemplate() failed: %v", err)
}
handle, err := keyset.NewHandle(kmsEnvelopeAEADTemplate)
if err != nil {
t.Fatalf("keyset.NewHandle(kmsEnvelopeAEADTemplate) failed: %v", err)
}
aead1, err := aead.New(handle)
if err != nil {
t.Fatalf("aead.New(handle) failed: %v", err)
}
// can be replace by this:
kekAEAD, err := kmsClient.GetAEAD(kekURI)
if err != nil {
t.Fatalf("kmsClient.GetAEAD(kekURI) failed: %v", err)
}
aead2 := aead.NewKMSEnvelopeAEAD2(aead.AES128GCMKeyTemplate(), kekAEAD)
// Check that aead1 and aead2 are compatible.
plaintext := []byte("plaintext")
associatedData := []byte("associatedData")
ciphertext, err := aead1.Encrypt(plaintext, associatedData)
if err != nil {
t.Fatalf("aead1.Encrypt(plaintext, associatedData) failed: %v", err)
}
decrypted, err := aead2.Decrypt(ciphertext, associatedData)
if err != nil {
t.Fatalf("aead2.Decrypt(ciphertext, associatedData) failed: %v", err)
}
if !bytes.Equal(plaintext, decrypted) {
t.Fatalf("decrypted data doesn't match plaintext, got: %q, want: %q", decrypted, plaintext)
}
}
// Testing deprecated function, ignoring GoDeprecated.
func TestCreateKMSEnvelopeAEADKeyTemplateCompatibleWithKMSEnevelopeAEADKeyTemplate(t *testing.T) {
fakeKmsClient, err := fakekms.NewClient("fake-kms://")
if err != nil {
t.Fatalf("fakekms.NewClient('fake-kms://') failed: %v", err)
}
registry.RegisterKMSClient(fakeKmsClient)
fixedKeyURI := "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEIK75t5L-adlUwVhWvRuWUwYARABGM2b3_MDIAE"
template1, err := aead.CreateKMSEnvelopeAEADKeyTemplate(fixedKeyURI, aead.AES128GCMKeyTemplate())
if err != nil {
t.Fatalf("CreateKMSEnvelopeAEADKeyTemplate() err = %v", err)
}
template2 := aead.KMSEnvelopeAEADKeyTemplate(fixedKeyURI, aead.AES128GCMKeyTemplate())
handle1, err := keyset.NewHandle(template1)
if err != nil {
t.Fatalf("keyset.NewHandle(template1) failed: %v", err)
}
aead1, err := aead.New(handle1)
if err != nil {
t.Fatalf("aead.New(handle) failed: %v", err)
}
handle2, err := keyset.NewHandle(template2)
if err != nil {
t.Fatalf("keyset.NewHandle(template2) failed: %v", err)
}
aead2, err := aead.New(handle2)
if err != nil {
t.Fatalf("aead.New(handle) failed: %v", err)
}
plaintext := []byte("some data to encrypt")
aad := []byte("extra data to authenticate")
ciphertext, err := aead1.Encrypt(plaintext, aad)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
decrypted, err := aead2.Decrypt(ciphertext, aad)
if err != nil {
t.Fatalf("decryption failed, error: %v", err)
}
if !bytes.Equal(plaintext, decrypted) {
t.Fatalf("decrypted data doesn't match plaintext, got: %q, want: %q", decrypted, plaintext)
}
}
// Testing deprecated function, ignoring GoDeprecated.
func TestKMSEnvelopeAEADKeyTemplateFails(t *testing.T) {
keyURI, err := fakekms.NewKeyURI()
if err != nil {
t.Fatalf("fakekms.NewKeyURI() err = %v", err)
}
invalidTemplate := &tinkpb.KeyTemplate{
// String fields cannot contain invalid UTF-8 characters.
TypeUrl: "\xff",
}
var template *tinkpb.KeyTemplate
err = tinkerrortest.RecoverFromFail(func() {
template = aead.KMSEnvelopeAEADKeyTemplate(keyURI, invalidTemplate)
})
if err == nil {
t.Errorf("aead.KMSEnvelopAEADKeyTemplate() err = nil, want non-nil")
}
t.Logf("template: %+v", template)
}
func TestCreateKMSEnvelopeAEADKeyTemplateFails(t *testing.T) {
keyURI, err := fakekms.NewKeyURI()
if err != nil {
t.Fatalf("fakekms.NewKeyURI() err = %v", err)
}
invalidTemplate := &tinkpb.KeyTemplate{
// String fields cannot contain invalid UTF-8 characters.
TypeUrl: "\xff",
}
if _, err := aead.CreateKMSEnvelopeAEADKeyTemplate(keyURI, invalidTemplate); err == nil {
t.Errorf("aead.CreateKMSEnvelopAEADKeyTemplate(keyURI, invalidTemplate) err = nil, want non-nil")
}
}
func TestCreateKMSEnvelopeAEADKeyTemplateWithUnsupportedTemplateFails(t *testing.T) {
keyURI, err := fakekms.NewKeyURI()
if err != nil {
t.Fatalf("fakekms.NewKeyURI() err = %v", err)
}
unsupportedTemplate := mac.HMACSHA256Tag128KeyTemplate()
if _, err := aead.CreateKMSEnvelopeAEADKeyTemplate(keyURI, unsupportedTemplate); err == nil {
t.Errorf("aead.CreateKMSEnvelopAEADKeyTemplate(keyURI, unsupportedTemplate) err = nil, want non-nil")
}
}
func testEncryptDecrypt(template *tinkpb.KeyTemplate) error {
handle, err := keyset.NewHandle(template)
if err != nil {
return fmt.Errorf("keyset.NewHandle(template) failed: %v", err)
}
primitive, err := aead.New(handle)
if err != nil {
return fmt.Errorf("aead.New(handle) failed: %v", err)
}
var testInputs = []struct {
plaintext []byte
aad1 []byte
aad2 []byte
}{
{
plaintext: []byte("some data to encrypt"),
aad1: []byte("extra data to authenticate"),
aad2: []byte("extra data to authenticate"),
}, {
plaintext: []byte("some data to encrypt"),
aad1: []byte(""),
aad2: []byte(""),
}, {
plaintext: []byte("some data to encrypt"),
aad1: nil,
aad2: nil,
}, {
plaintext: []byte(""),
aad1: nil,
aad2: nil,
}, {
plaintext: nil,
aad1: []byte("extra data to authenticate"),
aad2: []byte("extra data to authenticate"),
}, {
plaintext: nil,
aad1: []byte(""),
aad2: []byte(""),
}, {
plaintext: nil,
aad1: nil,
aad2: nil,
}, {
plaintext: []byte("some data to encrypt"),
aad1: []byte(""),
aad2: nil,
}, {
plaintext: []byte("some data to encrypt"),
aad1: nil,
aad2: []byte(""),
},
}
for _, ti := range testInputs {
ciphertext, err := primitive.Encrypt(ti.plaintext, ti.aad1)
if err != nil {
return fmt.Errorf("encryption failed, error: %v", err)
}
decrypted, err := primitive.Decrypt(ciphertext, ti.aad2)
if err != nil {
return fmt.Errorf("decryption failed, error: %v", err)
}
if !bytes.Equal(ti.plaintext, decrypted) {
return fmt.Errorf("decrypted data doesn't match plaintext, got: %q, want: %q", decrypted, ti.plaintext)
}
}
return nil
}
================================================
FILE: aead/aead_test.go
================================================
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aead_test
// [START aead-example]
import (
"bytes"
"fmt"
"log"
"github.com/tink-crypto/tink-go/v2/aead"
"github.com/tink-crypto/tink-go/v2/insecurecleartextkeyset"
"github.com/tink-crypto/tink-go/v2/keyset"
)
func Example() {
// A keyset created with "tinkey create-keyset --key-template=AES256_GCM". Note
// that this keyset has the secret key information in cleartext.
jsonKeyset := `{
"key": [{
"keyData": {
"keyMaterialType":
"SYMMETRIC",
"typeUrl":
"type.googleapis.com/google.crypto.tink.AesGcmKey",
"value":
"GiBWyUfGgYk3RTRhj/LIUzSudIWlyjCftCOypTr0jCNSLg=="
},
"keyId": 294406504,
"outputPrefixType": "TINK",
"status": "ENABLED"
}],
"primaryKeyId": 294406504
}`
// Create a keyset handle from the cleartext keyset in the previous
// step. The keyset handle provides abstract access to the underlying keyset to
// limit the exposure of accessing the raw key material.
//
// WARNING: In practice, it is unlikely you will want to use a insecurecleartextkeyset,
// as it implies that your key material is passed in cleartext, which is a security risk.
// Consider encrypting it with a remote key in Cloud KMS, AWS KMS or HashiCorp Vault.
// See https://developers.google.com/tink/key-management-overview.
keysetHandle, err := insecurecleartextkeyset.Read(
keyset.NewJSONReader(bytes.NewBufferString(jsonKeyset)))
if err != nil {
log.Fatal(err)
}
// Retrieve the AEAD primitive we want to use from the keyset handle.
primitive, err := aead.New(keysetHandle)
if err != nil {
log.Fatal(err)
}
// Use the primitive to encrypt a message. In this case the primary key of the
// keyset will be used (which is also the only key in this example).
plaintext := []byte("message")
associatedData := []byte("associated data")
ciphertext, err := primitive.Encrypt(plaintext, associatedData)
if err != nil {
log.Fatal(err)
}
// Use the primitive to decrypt the message. Decrypt finds the correct key in
// the keyset and decrypts the ciphertext. If no key is found or decryption
// fails, it returns an error.
decrypted, err := primitive.Decrypt(ciphertext, associatedData)
if err != nil {
log.Fatal(err)
}
fmt.Println(string(decrypted))
// Output: message
}
// [END aead-example]
================================================
FILE: aead/aesctrhmac/aead.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac
import (
"bytes"
"encoding/binary"
"errors"
"fmt"
"github.com/tink-crypto/tink-go/v2/insecuresecretdataaccess"
"github.com/tink-crypto/tink-go/v2/internal/aead"
"github.com/tink-crypto/tink-go/v2/internal/mac/hmac"
"github.com/tink-crypto/tink-go/v2/key"
"github.com/tink-crypto/tink-go/v2/tink"
)
type fullAEAD struct {
aesCTR *aead.AESCTR
hmac *hmac.HMAC
ivSize int
tagSize int
prefix []byte
variant Variant
}
var _ tink.AEAD = (*fullAEAD)(nil)
func newAEAD(key *Key) (tink.AEAD, error) {
tagSize := key.parameters.TagSizeInBytes()
ivSize := key.parameters.IVSizeInBytes()
aesCTR, err := aead.NewAESCTR(key.AESKeyBytes().Data(insecuresecretdataaccess.Token{}), ivSize)
if err != nil {
return nil, err
}
hmac, err := hmac.New(key.parameters.HashType().String(), key.HMACKeyBytes().Data(insecuresecretdataaccess.Token{}), uint32(tagSize))
if err != nil {
return nil, err
}
return &fullAEAD{
aesCTR: aesCTR,
hmac: hmac,
ivSize: ivSize,
tagSize: tagSize,
prefix: key.OutputPrefix(),
variant: key.parameters.Variant(),
}, nil
}
func aadSizeInBits(associatedData []byte) []byte {
n := uint64(len(associatedData)) * 8
buf := make([]byte, 8)
binary.BigEndian.PutUint64(buf, n)
return buf
}
// Encrypt encrypts plaintext with associatedData.
//
// The plaintext is encrypted with an AES-CTR, then HMAC is computed over
// (associatedData || ciphertext || n) where n is associatedData's length
// in bits represented as a 64-bit big endian unsigned integer. The final
// ciphertext format is (IND-CPA ciphertext || mac).
func (a *fullAEAD) Encrypt(plaintext, associatedData []byte) ([]byte, error) {
ctSize := len(a.prefix) + a.ivSize + len(plaintext)
ciphertext := make([]byte, ctSize, ctSize+a.tagSize)
if n := copy(ciphertext, a.prefix); n != len(a.prefix) {
return nil, fmt.Errorf("aesctrhmac: failed to copy prefix")
}
ctNoPrefix, err := a.aesCTR.Encrypt(ciphertext[len(a.prefix):], plaintext)
if err != nil {
return nil, err
}
tag, err := a.hmac.ComputeMAC(associatedData, ctNoPrefix, aadSizeInBits(associatedData))
if err != nil {
return nil, err
}
if len(tag) != a.tagSize {
return nil, errors.New("aesctrhmac: invalid tag size")
}
return append(ciphertext, tag...), nil
}
// Decrypt decrypts ciphertext with associatedData.
func (a *fullAEAD) Decrypt(ciphertext, associatedData []byte) ([]byte, error) {
prefixSize := len(a.prefix)
if len(ciphertext) < prefixSize+a.ivSize+a.tagSize {
return nil, fmt.Errorf("aesctrhmac: ciphertext with size %d is too short", len(ciphertext))
}
prefix := ciphertext[:prefixSize]
if !bytes.Equal(prefix, a.prefix) {
return nil, fmt.Errorf("aesctrhmac: ciphertext prefix does not match: got %x, want %x", prefix, a.prefix)
}
payload := ciphertext[prefixSize : len(ciphertext)-a.tagSize]
tag := ciphertext[len(ciphertext)-a.tagSize:]
if err := a.hmac.VerifyMAC(tag, associatedData, payload, aadSizeInBits(associatedData)); err != nil {
return nil, fmt.Errorf("aesctrhmac: %v", err)
}
return a.aesCTR.Decrypt(nil, payload)
}
// primitiveConstructor creates a [tink.AEAD] from a [key.Key].
//
// The key must be of type [aesctrhmac.Key].
func primitiveConstructor(k key.Key) (any, error) {
that, ok := k.(*Key)
if !ok {
return nil, fmt.Errorf("invalid key type: got %T, want *aesctrhmac.Key", k)
}
return newAEAD(that)
}
================================================
FILE: aead/aesctrhmac/aead_test.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac_test
import (
"bytes"
"encoding/hex"
"testing"
"github.com/tink-crypto/tink-go/v2/aead"
"github.com/tink-crypto/tink-go/v2/aead/aesctrhmac"
"github.com/tink-crypto/tink-go/v2/insecuresecretdataaccess"
"github.com/tink-crypto/tink-go/v2/keyset"
"github.com/tink-crypto/tink-go/v2/secretdata"
"github.com/tink-crypto/tink-go/v2/subtle/random"
"github.com/tink-crypto/tink-go/v2/tink"
)
func createAEAD(encryptionKey []byte, ivSize int, hashType aesctrhmac.HashType, macKey []byte, tagSize int, variant aesctrhmac.Variant, idRequirement uint32) (tink.AEAD, error) {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: len(encryptionKey),
HMACKeySizeInBytes: len(macKey),
IVSizeInBytes: ivSize,
TagSizeInBytes: tagSize,
HashType: hashType,
Variant: variant,
}
params, err := aesctrhmac.NewParameters(opts)
if err != nil {
return nil, err
}
key, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(encryptionKey, insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(macKey, insecuresecretdataaccess.Token{}),
IDRequirement: idRequirement,
Parameters: params,
})
if err != nil {
return nil, err
}
km := keyset.NewManager()
keyID, err := km.AddKey(key)
if err != nil {
return nil, err
}
if err := km.SetPrimary(keyID); err != nil {
return nil, err
}
h, err := km.Handle()
if err != nil {
return nil, err
}
a, err := aead.New(h)
if err != nil {
return nil, err
}
return a, nil
}
// Copied from
// https://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-05.
//
// We use CTR but the RFC uses CBC mode, so it's not possible to compare
// plaintexts. However, the tests are still valuable to ensure that we
// correctly compute HMAC over ciphertext and associatedData.
var rfcTestVectors = []struct {
macKey string
encryptionKey string
ciphertext string
associatedData string
hashAlgo aesctrhmac.HashType
ivSize int
tagSize int
}{
{
macKey: "000102030405060708090a0b0c0d0e0f",
encryptionKey: "101112131415161718191a1b1c1d1e1f",
ciphertext: "" +
"1af38c2dc2b96ffdd86694092341bc04" +
"c80edfa32ddf39d5ef00c0b468834279" +
"a2e46a1b8049f792f76bfe54b903a9c9" +
"a94ac9b47ad2655c5f10f9aef71427e2" +
"fc6f9b3f399a221489f16362c7032336" +
"09d45ac69864e3321cf82935ac4096c8" +
"6e133314c54019e8ca7980dfa4b9cf1b" +
"384c486f3a54c51078158ee5d79de59f" +
"bd34d848b3d69550a67646344427ade5" +
"4b8851ffb598f7f80074b9473c82e2db" +
"652c3fa36b0a7c5b3219fab3a30bc1c4",
associatedData: "" +
"546865207365636f6e64207072696e63" +
"69706c65206f66204175677573746520" +
"4b6572636b686f666673",
hashAlgo: aesctrhmac.SHA256,
ivSize: 16,
tagSize: 16,
},
{
macKey: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
encryptionKey: "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
ciphertext: "" +
"1af38c2dc2b96ffdd86694092341bc04" +
"4affaaadb78c31c5da4b1b590d10ffbd" +
"3dd8d5d302423526912da037ecbcc7bd" +
"822c301dd67c373bccb584ad3e9279c2" +
"e6d12a1374b77f077553df829410446b" +
"36ebd97066296ae6427ea75c2e0846a1" +
"1a09ccf5370dc80bfecbad28c73f09b3" +
"a3b75e662a2594410ae496b2e2e6609e" +
"31e6e02cc837f053d21f37ff4f51950b" +
"be2638d09dd7a4930930806d0703b1f6" +
"4dd3b4c088a7f45c216839645b2012bf" +
"2e6269a8c56a816dbc1b267761955bc5",
associatedData: "" +
"546865207365636f6e64207072696e63" +
"69706c65206f66204175677573746520" +
"4b6572636b686f666673",
hashAlgo: aesctrhmac.SHA512,
ivSize: 16,
tagSize: 32,
},
}
func mustDecodeHex(t *testing.T, data string) []byte {
t.Helper()
decoded, err := hex.DecodeString(data)
if err != nil {
t.Fatal(err)
}
return decoded
}
func TestAEADRFCTestVectors(t *testing.T) {
for _, tc := range []struct {
name string
macKey string
encryptionKey string
ciphertext string
associatedData string
hashAlgo aesctrhmac.HashType
ivSize int
tagSize int
idRequirement uint32
variant aesctrhmac.Variant
}{
{
name: "SHA256-NoPrefix",
macKey: rfcTestVectors[0].macKey,
encryptionKey: rfcTestVectors[0].encryptionKey,
ciphertext: rfcTestVectors[0].ciphertext,
associatedData: rfcTestVectors[0].associatedData,
hashAlgo: rfcTestVectors[0].hashAlgo,
ivSize: rfcTestVectors[0].ivSize,
tagSize: rfcTestVectors[0].tagSize,
variant: aesctrhmac.VariantNoPrefix,
idRequirement: 0,
},
{
name: "SHA512-NoPrefix",
macKey: rfcTestVectors[1].macKey,
encryptionKey: rfcTestVectors[1].encryptionKey,
ciphertext: rfcTestVectors[1].ciphertext,
associatedData: rfcTestVectors[1].associatedData,
hashAlgo: rfcTestVectors[1].hashAlgo,
ivSize: rfcTestVectors[1].ivSize,
tagSize: rfcTestVectors[1].tagSize,
variant: aesctrhmac.VariantNoPrefix,
idRequirement: 0,
},
{
name: "SHA256-Tink",
macKey: rfcTestVectors[0].macKey,
encryptionKey: rfcTestVectors[0].encryptionKey,
ciphertext: "0111223344" + rfcTestVectors[0].ciphertext,
associatedData: rfcTestVectors[0].associatedData,
hashAlgo: rfcTestVectors[0].hashAlgo,
ivSize: rfcTestVectors[0].ivSize,
tagSize: rfcTestVectors[0].tagSize,
variant: aesctrhmac.VariantTink,
idRequirement: 0x11223344,
},
{
name: "SHA512-Tink",
macKey: rfcTestVectors[1].macKey,
encryptionKey: rfcTestVectors[1].encryptionKey,
ciphertext: "0111223344" + rfcTestVectors[1].ciphertext,
associatedData: rfcTestVectors[1].associatedData,
hashAlgo: rfcTestVectors[1].hashAlgo,
ivSize: rfcTestVectors[1].ivSize,
tagSize: rfcTestVectors[1].tagSize,
variant: aesctrhmac.VariantTink,
idRequirement: 0x11223344,
},
{
name: "SHA256-Crunchy",
macKey: rfcTestVectors[0].macKey,
encryptionKey: rfcTestVectors[0].encryptionKey,
ciphertext: "0011223344" + rfcTestVectors[0].ciphertext,
associatedData: rfcTestVectors[0].associatedData,
hashAlgo: rfcTestVectors[0].hashAlgo,
ivSize: rfcTestVectors[0].ivSize,
tagSize: rfcTestVectors[0].tagSize,
variant: aesctrhmac.VariantCrunchy,
idRequirement: 0x11223344,
},
{
name: "SHA512-Crunchy",
macKey: rfcTestVectors[1].macKey,
encryptionKey: rfcTestVectors[1].encryptionKey,
ciphertext: "0011223344" + rfcTestVectors[1].ciphertext,
associatedData: rfcTestVectors[1].associatedData,
hashAlgo: rfcTestVectors[1].hashAlgo,
ivSize: rfcTestVectors[1].ivSize,
tagSize: rfcTestVectors[1].tagSize,
variant: aesctrhmac.VariantCrunchy,
idRequirement: 0x11223344,
},
} {
t.Run(tc.name, func(t *testing.T) {
macKey := mustDecodeHex(t, tc.macKey)
encryptionKey := mustDecodeHex(t, tc.encryptionKey)
ciphertext := mustDecodeHex(t, tc.ciphertext)
associatedData := mustDecodeHex(t, tc.associatedData)
a, err := createAEAD(encryptionKey, tc.ivSize, tc.hashAlgo, macKey, tc.tagSize, tc.variant, tc.idRequirement)
if err != nil {
t.Fatalf("failed to create AEAD from RFC test vector: %v %v", tc, err)
}
if _, err := a.Decrypt(ciphertext, associatedData); err != nil {
t.Errorf("decryption failed to RFC test vector: %v, error: %v", tc, err)
}
})
}
}
func TestAEADEncryptDecrypt(t *testing.T) {
const ivSize = 12
const tagSize = 16
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantNoPrefix, aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy} {
t.Run(variant.String(), func(t *testing.T) {
cipher, err := createAEAD([]byte("1111111111111111"), ivSize, aesctrhmac.SHA1, []byte("2222222222222222"), tagSize, variant, 0)
if err != nil {
t.Fatalf("got: %v, want: success", err)
}
message := []byte("Some data to encrypt.")
associatedData := []byte("Some data to authenticate.")
ciphertext, err := cipher.Encrypt(message, associatedData)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
wantCiphertextSize := len(message) + ivSize + tagSize
if variant != aesctrhmac.VariantNoPrefix {
wantCiphertextSize += 5
}
if len(ciphertext) != wantCiphertextSize {
t.Errorf("invalid ciphertext size, got: %d, want: %d", len(ciphertext), wantCiphertextSize)
}
plaintext, err := cipher.Decrypt(ciphertext, associatedData)
if err != nil {
t.Fatalf("decryption failed, error: %v", err)
}
if !bytes.Equal(plaintext, message) {
t.Errorf("invalid plaintext, got: %q, want: %q", plaintext, message)
}
})
}
}
func TestAEADWithAssociatedDataSlice(t *testing.T) {
const ivSize = 12
const tagSize = 16
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantNoPrefix, aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy} {
t.Run(variant.String(), func(t *testing.T) {
cipher, err := createAEAD([]byte("1111111111111111"), ivSize, aesctrhmac.SHA1, []byte("2222222222222222"), tagSize, variant, 0)
if err != nil {
t.Fatalf("got: %v, want: success", err)
}
message := []byte("message")
largeData := []byte("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
associatedData := largeData[:1]
_, err = cipher.Encrypt(message, associatedData)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
wantLargeData := []byte("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
if !bytes.Equal(largeData, wantLargeData) {
t.Errorf("largeData = %q, want: %q", largeData, wantLargeData)
}
})
}
}
func TestAEADEncryptDecryptRandomMessage(t *testing.T) {
const ivSize = 12
const tagSize = 16
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantNoPrefix, aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy} {
t.Run(variant.String(), func(t *testing.T) {
cipher, err := createAEAD([]byte("1111111111111111"), ivSize, aesctrhmac.SHA1, []byte("2222222222222222"), tagSize, aesctrhmac.VariantTink, 0)
if err != nil {
t.Fatalf("got: %v, want: success", err)
}
for i := 0; i < 256; i++ {
message := random.GetRandomBytes(uint32(i))
associatedData := random.GetRandomBytes(uint32(i))
ciphertext, err := cipher.Encrypt(message, associatedData)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
plaintext, err := cipher.Decrypt(ciphertext, associatedData)
if err != nil {
t.Fatalf("decryption failed, error: %v", err)
}
if !bytes.Equal(plaintext, message) {
t.Errorf("invalid plaintext, got: %q, want: %q", plaintext, message)
}
}
})
}
}
func TestAEADMultipleEncrypt(t *testing.T) {
const ivSize = 12
const tagSize = 16
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantNoPrefix, aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy} {
t.Run(variant.String(), func(t *testing.T) {
cipher, err := createAEAD([]byte("1111111111111111"), ivSize, aesctrhmac.SHA256, []byte("2222222222222222"), tagSize, variant, 0)
if err != nil {
t.Fatalf("got: %v, want: success", err)
}
message := []byte("Some data to encrypt.")
associatedData := []byte("Some data to authenticate.")
ciphertext1, err := cipher.Encrypt(message, associatedData)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
ciphertext2, err := cipher.Encrypt(message, associatedData)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
if bytes.Equal(ciphertext1, ciphertext2) {
t.Error("ciphertexts must not be the same")
}
})
}
}
func TestAEADInvalidTagSize(t *testing.T) {
const keySize = 16
const ivSize = 12
const macKeySize = 16
const tagSize = 9 // Invalid!
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantNoPrefix, aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy} {
t.Run(variant.String(), func(t *testing.T) {
if _, err := createAEAD([]byte("1111111111111111"), ivSize, aesctrhmac.SHA256, []byte("2222222222222222"), tagSize, variant, 0); err == nil {
t.Error("got: success, want: error invalid tag size")
}
})
}
}
func TestAEADDecryptModifiedCiphertext(t *testing.T) {
const ivSize = 12
const tagSize = 16
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantNoPrefix, aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy} {
t.Run(variant.String(), func(t *testing.T) {
cipher, err := createAEAD([]byte("1111111111111111"), ivSize, aesctrhmac.SHA256, []byte("2222222222222222"), tagSize, variant, 0)
if err != nil {
t.Fatalf("got: %v, want: success", err)
}
message := []byte("Some data to encrypt.")
associatedData := []byte("Some data to authenticate.")
ciphertext, err := cipher.Encrypt(message, associatedData)
if err != nil {
t.Fatalf("encryption failed, error: %v", err)
}
// Modify the ciphertext and try to decrypt.
modCiphertext := make([]byte, len(ciphertext))
copy(modCiphertext, ciphertext)
for i := 0; i < len(ciphertext)*8; i++ {
// Save the byte to be modified.
b := modCiphertext[i/8]
modCiphertext[i/8] ^= (1 << uint(i%8))
if bytes.Equal(ciphertext, modCiphertext) {
t.Errorf("modCiphertext shouldn't be the same as ciphertext")
}
if _, err := cipher.Decrypt(modCiphertext, associatedData); err == nil {
t.Errorf("successfully decrypted modified ciphertext (i = %d)", i)
}
// Restore the modified byte.
modCiphertext[i/8] = b
}
// Modify the associated data.
modAssociatedData := make([]byte, len(associatedData))
copy(modAssociatedData, associatedData)
for i := 0; i < len(associatedData)*8; i++ {
// Save the byte to be modified.
b := modAssociatedData[i/8]
modAssociatedData[i/8] ^= (1 << uint(i%8))
if bytes.Equal(associatedData, modAssociatedData) {
t.Errorf("modAssociatedData shouldn't be the same as associatedData")
}
if _, err := cipher.Decrypt(ciphertext, modAssociatedData); err == nil {
t.Errorf("successfully decrypted with modified associated data (i = %d)", i)
}
// Restore the modified byte.
modAssociatedData[i/8] = b
}
// Truncate the ciphertext.
truncatedCiphertext := make([]byte, len(ciphertext))
copy(truncatedCiphertext, ciphertext)
for i := 1; i <= len(ciphertext); i++ {
truncatedCiphertext = truncatedCiphertext[:len(ciphertext)-i]
if _, err := cipher.Decrypt(truncatedCiphertext, associatedData); err == nil {
t.Errorf("successfully decrypted truncated ciphertext (i = %d)", i)
}
}
})
}
}
func TestAEADEmptyParams(t *testing.T) {
const ivSize = 12
const tagSize = 16
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantNoPrefix, aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy} {
t.Run(variant.String(), func(t *testing.T) {
cipher, err := createAEAD([]byte("1111111111111111"), ivSize, aesctrhmac.SHA256, []byte("2222222222222222"), tagSize, variant, 0)
if err != nil {
t.Fatalf("got: %v, want: success", err)
}
message := []byte("Some data to encrypt.")
if _, err := cipher.Encrypt(message, []byte{}); err != nil {
t.Errorf("encryption failed with empty associatedData")
}
if _, err := cipher.Encrypt([]byte{}, []byte{}); err != nil {
t.Errorf("encryption failed with empty ciphertext and associatedData")
}
})
}
}
================================================
FILE: aead/aesctrhmac/aesctrhmac.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Package aesctrhmac provides a key manager for the AES-CTR-HMAC AEAD.
package aesctrhmac
import (
"fmt"
"reflect"
"google.golang.org/protobuf/proto"
"github.com/tink-crypto/tink-go/v2/core/registry"
"github.com/tink-crypto/tink-go/v2/internal/config"
"github.com/tink-crypto/tink-go/v2/internal/internalapi"
"github.com/tink-crypto/tink-go/v2/internal/keygenregistry"
"github.com/tink-crypto/tink-go/v2/internal/legacykeymanager"
"github.com/tink-crypto/tink-go/v2/internal/primitiveregistry"
"github.com/tink-crypto/tink-go/v2/internal/protoserialization"
aesctrhmacpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_hmac_aead_go_proto"
tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
)
func newKeyManager() registry.KeyManager {
return legacykeymanager.New(typeURL, primitiveConstructor, tinkpb.KeyData_SYMMETRIC, func(b []byte) (proto.Message, error) {
protoKey := &aesctrhmacpb.AesCtrHmacAeadKey{}
if err := proto.Unmarshal(b, protoKey); err != nil {
return nil, err
}
return protoKey, nil
})
}
// RegisterPrimitiveConstructor accepts a config object and registers the
// AES-CTR-HMAC AEAD primitive constructor to the provided config.
//
// It is *NOT* part of the public API.
func RegisterPrimitiveConstructor(b *config.Builder, t internalapi.Token) error {
return b.RegisterPrimitiveConstructor(reflect.TypeFor[*Key](), primitiveConstructor, t)
}
func init() {
if err := registry.RegisterKeyManager(newKeyManager()); err != nil {
panic(fmt.Sprintf("aesctrhmac.init() failed: %v", err))
}
if err := protoserialization.RegisterKeySerializer[*Key](&keySerializer{}); err != nil {
panic(fmt.Sprintf("aesctrhmac.init() failed: %v", err))
}
if err := protoserialization.RegisterKeyParser(typeURL, &keyParser{}); err != nil {
panic(fmt.Sprintf("aesctrhmac.init() failed: %v", err))
}
if err := protoserialization.RegisterParametersSerializer[*Parameters](¶metersSerializer{}); err != nil {
panic(fmt.Sprintf("aesctrhmac.init() failed: %v", err))
}
if err := protoserialization.RegisterParametersParser(typeURL, ¶metersParser{}); err != nil {
panic(fmt.Sprintf("aesctrhmac.init() failed: %v", err))
}
if err := primitiveregistry.RegisterPrimitiveConstructor[*Key](primitiveConstructor); err != nil {
panic(fmt.Sprintf("aesctrhmac.init() failed: %v", err))
}
if err := keygenregistry.RegisterKeyCreator[*Parameters](createKey); err != nil {
panic(fmt.Sprintf("aesctrhmac.init() failed: %v", err))
}
}
================================================
FILE: aead/aesctrhmac/aesctrhmac_test.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac_test
import (
"bytes"
"testing"
"github.com/google/go-cmp/cmp"
"github.com/tink-crypto/tink-go/v2/aead"
"github.com/tink-crypto/tink-go/v2/aead/aesctrhmac"
"github.com/tink-crypto/tink-go/v2/core/registry"
"github.com/tink-crypto/tink-go/v2/insecuresecretdataaccess"
"github.com/tink-crypto/tink-go/v2/internal/config"
"github.com/tink-crypto/tink-go/v2/internal/internalapi"
"github.com/tink-crypto/tink-go/v2/internal/protoserialization"
"github.com/tink-crypto/tink-go/v2/keyset"
"github.com/tink-crypto/tink-go/v2/secretdata"
"github.com/tink-crypto/tink-go/v2/testutil"
"github.com/tink-crypto/tink-go/v2/tink"
)
func TestGetKeyFromHandle(t *testing.T) {
keysetHandle, err := keyset.NewHandle(aead.AES128CTRHMACSHA256KeyTemplate())
if err != nil {
t.Fatalf("keyset.NewHandle(aead.AES128CTRHMACSHA256KeyTemplate()) err = %v, want nil", err)
}
entry, err := keysetHandle.Entry(0)
if err != nil {
t.Fatalf("keysetHandle.Entry(0) err = %v, want nil", err)
}
key, ok := entry.Key().(*aesctrhmac.Key)
if !ok {
t.Fatalf("entry.Key() type = %T, want *aesctrhmac.Key", entry.Key())
}
aesKeySizeInBytes := 16
hmacKeySizeInBytes := 32
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: aesKeySizeInBytes,
HMACKeySizeInBytes: hmacKeySizeInBytes,
IVSizeInBytes: 16,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
}
wantParams, err := aesctrhmac.NewParameters(opts)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", opts, err)
}
if diff := cmp.Diff(key.Parameters(), wantParams); diff != "" {
t.Errorf("key.Parameters() diff (-want +got):\n%s", diff)
}
if _, hasIDRequirement := key.IDRequirement(); !hasIDRequirement {
t.Errorf("expected ID requirement, got none")
}
// Validate key length.
aesKeyBytes := key.AESKeyBytes()
if aesKeyBytes.Len() != aesKeySizeInBytes {
t.Errorf("aesKeyBytes.Len() = %v, want %v", aesKeyBytes.Len(), aesKeySizeInBytes)
}
hmacKeyBytes := key.HMACKeyBytes()
if hmacKeyBytes.Len() != hmacKeySizeInBytes {
t.Errorf("hmacKeyBytes.Len() = %v, want %v", hmacKeyBytes.Len(), hmacKeySizeInBytes)
}
}
func TestCreateKeysetHandleFromKey(t *testing.T) {
keysetHandle, err := keyset.NewHandle(aead.AES128CTRHMACSHA256KeyTemplate())
if err != nil {
t.Fatalf("keyset.NewHandle(aead.AES128CTRHMACSHA256KeyTemplate()) err = %v, want nil", err)
}
aeadPrimitive, err := aead.New(keysetHandle)
if err != nil {
t.Fatalf("aead.New(keysetHandle) err = %v, want nil", err)
}
plaintext := []byte("plaintext")
additionalData := []byte("additionalData")
ciphertext, err := aeadPrimitive.Encrypt(plaintext, additionalData)
if err != nil {
t.Fatalf("aeadPrimitive.Encrypt(%v, %v) err = %v, want nil", plaintext, additionalData, err)
}
entry, err := keysetHandle.Entry(0)
if err != nil {
t.Fatalf("keysetHandle.Entry(0) err = %v, want nil", err)
}
key, ok := entry.Key().(*aesctrhmac.Key)
if !ok {
t.Errorf("entry.Key() is not *aesctrhmac.Key")
}
// Create a new keyset handle with the same key.
manager := keyset.NewManager()
keyID, err := manager.AddKey(key)
if err != nil {
t.Fatalf("manager.AddKey(key) err = %v, want nil", err)
}
if err = manager.SetPrimary(keyID); err != nil {
t.Fatalf("manager.SetPrimary(%v) err = %v, want nil", keyID, err)
}
newHandle, err := manager.Handle()
if err != nil {
t.Fatalf("manager.Handle() err = %v, want nil", err)
}
// Get an AEAD primitive from the new handle and decrypt the ciphertext.
newAEAD, err := aead.New(newHandle)
if err != nil {
t.Fatalf("aead.New(newHandle) err = %v, want nil", err)
}
decrypt, err := newAEAD.Decrypt(ciphertext, additionalData)
if err != nil {
t.Fatalf("decrypt.New(otherAEADPrimitivce, %v, %v) err = %v, want nil", ciphertext, additionalData, err)
}
if !bytes.Equal(decrypt, plaintext) {
t.Errorf("decrypt = %v, want %v", decrypt, plaintext)
}
}
func TestCreateKeysetHandleFromParameters(t *testing.T) {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 16,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA512,
Variant: aesctrhmac.VariantTink,
}
params, err := aesctrhmac.NewParameters(opts)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", opts, err)
}
manager := keyset.NewManager()
keyID, err := manager.AddNewKeyFromParameters(params)
if err != nil {
t.Fatalf("manager.AddNewKeyFromParameters(%v) err = %v, want nil", params, err)
}
manager.SetPrimary(keyID)
handle, err := manager.Handle()
if err != nil {
t.Fatalf("manager.Handle() err = %v, want nil", err)
}
aeadPrimitive, err := aead.New(handle)
if err != nil {
t.Fatalf("aead.New(handle) err = %v, want nil", err)
}
plaintext := []byte("plaintext")
additionalData := []byte("additionalData")
ciphertext, err := aeadPrimitive.Encrypt(plaintext, additionalData)
if err != nil {
t.Fatalf("aeadPrimitive.Encrypt(%v, %v) err = %v, want nil", plaintext, additionalData, err)
}
decrypted, err := aeadPrimitive.Decrypt(ciphertext, additionalData)
if err != nil {
t.Fatalf("aeadPrimitive.Decrypt(%v, %v) err = %v, want nil", ciphertext, additionalData, err)
}
if !bytes.Equal(decrypted, plaintext) {
t.Errorf("decrypted = %v, want %v", decrypted, plaintext)
}
}
func TestRegisterPrimitiveConstructor(t *testing.T) {
cb := config.NewBuilder()
err := aesctrhmac.RegisterPrimitiveConstructor(cb, internalapi.Token{})
if err != nil {
t.Fatalf("aesctrhmac.RegisterPrimitiveConstructor() err = %v, want nil", err)
}
c := cb.Build()
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 16,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
}
params, err := aesctrhmac.NewParameters(opts)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", opts, err)
}
key, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(make([]byte, 16), insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(make([]byte, 32), insecuresecretdataaccess.Token{}),
IDRequirement: 0x1234,
Parameters: params,
})
if err != nil {
t.Fatalf("aesctrhmac.NewKey() err = %v, want nil", err)
}
if _, err := c.PrimitiveFromKey(key, internalapi.Token{}); err != nil {
t.Errorf("c.PrimitiveFromKey(key) err = %v, want nil", err)
}
}
func TestGetKeyManager(t *testing.T) {
// From https://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-05.
//
// We use CTR but the RFC uses CBC mode, so it's not possible to compare
// plaintexts. However, the tests are still valuable to ensure that we
// correctly compute HMAC over ciphertext and associatedData.
macKeyBytes := mustDecodeHex(t, "000102030405060708090a0b0c0d0e0f")
aesKeyBytes := mustDecodeHex(t, "101112131415161718191a1b1c1d1e1f")
ciphertext := mustDecodeHex(t, ""+
"1af38c2dc2b96ffdd86694092341bc04"+
"c80edfa32ddf39d5ef00c0b468834279"+
"a2e46a1b8049f792f76bfe54b903a9c9"+
"a94ac9b47ad2655c5f10f9aef71427e2"+
"fc6f9b3f399a221489f16362c7032336"+
"09d45ac69864e3321cf82935ac4096c8"+
"6e133314c54019e8ca7980dfa4b9cf1b"+
"384c486f3a54c51078158ee5d79de59f"+
"bd34d848b3d69550a67646344427ade5"+
"4b8851ffb598f7f80074b9473c82e2db"+
"652c3fa36b0a7c5b3219fab3a30bc1c4")
associatedData := mustDecodeHex(t, ""+
"546865207365636f6e64207072696e63"+
"69706c65206f66204175677573746520"+
"4b6572636b686f666673")
params, err := aesctrhmac.NewParameters(aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 16,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
})
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
key, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(aesKeyBytes, insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(macKeyBytes, insecuresecretdataaccess.Token{}),
IDRequirement: 0x1234,
Parameters: params,
})
if err != nil {
t.Fatalf("aesctrhmac.NewKey() err = %v, want nil", err)
}
keySerialization, err := protoserialization.SerializeKey(key)
if err != nil {
t.Fatalf("protoserialization.SerializeKey() err = %v, want nil", err)
}
km, err := registry.GetKeyManager(testutil.AESCTRHMACAEADTypeURL)
if err != nil {
t.Fatalf("registry.GetKeyManager() err = %v, want nil", err)
}
km.Primitive(keySerialization.KeyData().GetValue())
// It is expected to ignore the output prefix.
primitive, err := km.Primitive(keySerialization.KeyData().GetValue())
if err != nil {
t.Fatalf("GetPrimitive() err = %v, want nil", err)
}
aead, ok := primitive.(tink.AEAD)
if !ok {
t.Errorf("GetPrimitive() = %T, want tink.AEAD", primitive)
}
if _, err := aead.Decrypt(ciphertext, associatedData); err != nil {
t.Fatalf("Decrypt() err = %v, want nil", err)
}
}
================================================
FILE: aead/aesctrhmac/key.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac
import (
"bytes"
"fmt"
internalaead "github.com/tink-crypto/tink-go/v2/internal/aead"
"github.com/tink-crypto/tink-go/v2/key"
"github.com/tink-crypto/tink-go/v2/secretdata"
)
// Key represents an AES-CTR-HMAC AEAD function.
type Key struct {
aesKeyBytes secretdata.Bytes
hmacKeyBytes secretdata.Bytes
idRequirement uint32
outputPrefix []byte
parameters *Parameters
}
var _ key.Key = (*Key)(nil)
// KeyOpts specifies parameters to [NewKey].
type KeyOpts struct {
AESKeyBytes, HMACKeyBytes secretdata.Bytes
IDRequirement uint32
Parameters *Parameters
}
// NewKey creates a new AES-CTR-HMAC key with key, idRequirement and parameters.
//
// The idRequirement is the ID requirement to be included in the output of the
// AES-CTR-HMAC function. If parameters.HasIDRequirement() == false, idRequirement
// must be zero.
func NewKey(params KeyOpts) (*Key, error) {
// Make sure that parameters is not nil and that is not as struct literal
// with default values.
if params.Parameters == nil || params.Parameters.AESKeySizeInBytes() == 0 {
return nil, fmt.Errorf("aesctrhmac.NewKey: invalid input params.Parameters")
}
if !params.Parameters.HasIDRequirement() && params.IDRequirement != 0 {
return nil, fmt.Errorf("aesctrhmac.NewKey: params.IDRequirement = %v and params.Parameters.HasIDRequirement() = false, want 0", params.IDRequirement)
}
if params.AESKeyBytes.Len() != int(params.Parameters.AESKeySizeInBytes()) {
return nil, fmt.Errorf("aesctrhmac.NewKey: AES key length = %v, want %v", params.AESKeyBytes.Len(), params.Parameters.AESKeySizeInBytes())
}
if params.HMACKeyBytes.Len() != int(params.Parameters.HMACKeySizeInBytes()) {
return nil, fmt.Errorf("aesctrhmac.NewKey: HMAC key length = %v, want %v", params.HMACKeyBytes.Len(), params.Parameters.HMACKeySizeInBytes())
}
outputPrefix, err := calculateOutputPrefix(params.Parameters.Variant(), params.IDRequirement)
if err != nil {
return nil, fmt.Errorf("aesctrhmac.NewKey: %v", err)
}
return &Key{
aesKeyBytes: params.AESKeyBytes,
hmacKeyBytes: params.HMACKeyBytes,
idRequirement: params.IDRequirement,
outputPrefix: outputPrefix,
parameters: params.Parameters,
}, nil
}
// AESKeyBytes returns the key material.
//
// This function provides access to partial key material. See
// https://developers.google.com/tink/design/access_control#access_of_parts_of_a_key
// for more information.
func (k *Key) AESKeyBytes() secretdata.Bytes { return k.aesKeyBytes }
// HMACKeyBytes returns the key material.
//
// This function provides access to partial key material. See
// https://developers.google.com/tink/design/access_control#access_of_parts_of_a_key
// for more information.
func (k *Key) HMACKeyBytes() secretdata.Bytes { return k.hmacKeyBytes }
// Parameters returns the parameters of this key.
func (k *Key) Parameters() key.Parameters { return k.parameters }
// IDRequirement returns required to indicate if this key requires an
// identifier. If it does, id will contain that identifier.
func (k *Key) IDRequirement() (uint32, bool) {
return k.idRequirement, k.Parameters().HasIDRequirement()
}
// OutputPrefix returns the output prefix.
func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefix) }
// Equal returns whether this key object is equal to other.
func (k *Key) Equal(other key.Key) bool {
that, ok := other.(*Key)
return ok && k.Parameters().Equal(that.Parameters()) &&
k.idRequirement == that.idRequirement &&
k.aesKeyBytes.Equal(that.aesKeyBytes) &&
k.hmacKeyBytes.Equal(that.hmacKeyBytes) &&
bytes.Equal(k.outputPrefix, that.outputPrefix)
}
func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
aesCTRHMACParams, ok := p.(*Parameters)
if !ok {
return nil, fmt.Errorf("key is of type %T; needed %T", p, (*Parameters)(nil))
}
// Make sure AES key size is either 16 or 32 bytes for consistency with other Tink
// implementations.
if err := internalaead.ValidateAESKeySize(uint32(aesCTRHMACParams.AESKeySizeInBytes())); err != nil {
return nil, err
}
aesKeyBytes, err := secretdata.NewBytesFromRand(uint32(aesCTRHMACParams.AESKeySizeInBytes()))
if err != nil {
return nil, err
}
macKeyBytes, err := secretdata.NewBytesFromRand(uint32(aesCTRHMACParams.HMACKeySizeInBytes()))
if err != nil {
return nil, err
}
return NewKey(KeyOpts{
AESKeyBytes: aesKeyBytes,
HMACKeyBytes: macKeyBytes,
IDRequirement: idRequirement,
Parameters: aesCTRHMACParams,
})
}
================================================
FILE: aead/aesctrhmac/key_manager_test.go
================================================
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac_test
import (
"testing"
"google.golang.org/protobuf/proto"
"github.com/tink-crypto/tink-go/v2/aead"
aeadtestutil "github.com/tink-crypto/tink-go/v2/aead/internal/testutil"
"github.com/tink-crypto/tink-go/v2/aead/subtle"
"github.com/tink-crypto/tink-go/v2/core/registry"
subtleMac "github.com/tink-crypto/tink-go/v2/mac/subtle"
"github.com/tink-crypto/tink-go/v2/testutil"
"github.com/tink-crypto/tink-go/v2/tink"
ctrpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_go_proto"
achpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_hmac_aead_go_proto"
commonpb "github.com/tink-crypto/tink-go/v2/proto/common_go_proto"
hmacpb "github.com/tink-crypto/tink-go/v2/proto/hmac_go_proto"
)
func TestKeyManagerNewKeyMultipleTimes(t *testing.T) {
keyTemplate := aead.AES128CTRHMACSHA256KeyTemplate()
aeadKeyFormat := new(achpb.AesCtrHmacAeadKeyFormat)
if err := proto.Unmarshal(keyTemplate.Value, aeadKeyFormat); err != nil {
t.Fatalf("proto.Unmarshal(keyTemplate.Value, aeadKeyFormat) err = %v, want nil", err)
}
keyManager, err := registry.GetKeyManager(testutil.AESCTRHMACAEADTypeURL)
if err != nil {
t.Errorf("registry.GetKeyManager(%s) err = %v, want nil", testutil.AESCTRHMACAEADTypeURL, err)
}
keys := make(map[string]bool)
const numTests = 24
for i := 0; i < numTests/2; i++ {
k, err := keyManager.NewKey(keyTemplate.Value)
if err != nil {
t.Fatalf("keyManager.NewKey() err = %q, want nil", err)
}
sk, err := proto.Marshal(k)
if err != nil {
t.Fatalf("cannot serialize key, error: %v", err)
}
key := new(achpb.AesCtrHmacAeadKey)
proto.Unmarshal(sk, key)
keys[string(key.AesCtrKey.KeyValue)] = true
keys[string(key.HmacKey.KeyValue)] = true
if len(key.AesCtrKey.KeyValue) != 16 {
t.Errorf("unexpected AES key size, got: %d, want: 16", len(key.AesCtrKey.KeyValue))
}
if len(key.HmacKey.KeyValue) != 32 {
t.Errorf("unexpected HMAC key size, got: %d, want: 32", len(key.HmacKey.KeyValue))
}
}
if len(keys) != numTests {
t.Errorf("unexpected number of keys in set, got: %d, want: %d", len(keys), numTests)
}
}
func TestKeyManagerNewKeyWithInvalidSerializedKeyFormat(t *testing.T) {
keyManager, err := registry.GetKeyManager(testutil.AESCTRHMACAEADTypeURL)
if err != nil {
t.Errorf("registry.GetKeyManager(%s) err = %v, want nil", testutil.AESCTRHMACAEADTypeURL, err)
}
keyFormatWithNilParams := &achpb.AesCtrHmacAeadKeyFormat{
AesCtrKeyFormat: &ctrpb.AesCtrKeyFormat{
Params: nil,
KeySize: 32,
},
HmacKeyFormat: &hmacpb.HmacKeyFormat{
Params: nil,
KeySize: 32,
},
}
serializedKeyFormatWithNilParams, err := proto.Marshal(keyFormatWithNilParams)
if err != nil {
t.Fatalf("failed to marshal key: %s", err)
}
keyFormatWithNilNestedKeyFormats := &achpb.AesCtrHmacAeadKeyFormat{
AesCtrKeyFormat: nil,
HmacKeyFormat: nil,
}
serializedKeyFormatWithNilNestedKeyFormats, err := proto.Marshal(keyFormatWithNilNestedKeyFormats)
if err != nil {
t.Fatalf("failed to marshal key: %s", err)
}
testcases := []struct {
name string
serializedKeyFormat []byte
}{
{
name: "nil",
serializedKeyFormat: nil,
},
{
name: "empty slice",
serializedKeyFormat: []byte{},
},
{
name: "slice with invalid data",
serializedKeyFormat: make([]byte, 128),
},
{
name: "unset params",
serializedKeyFormat: serializedKeyFormatWithNilParams,
},
{
name: "unset nested key formats",
serializedKeyFormat: serializedKeyFormatWithNilNestedKeyFormats,
},
}
for _, tc := range testcases {
t.Run(tc.name, func(t *testing.T) {
_, err = keyManager.NewKey(tc.serializedKeyFormat)
if err == nil {
t.Error("NewKey() err = nil, want not error")
}
_, err = keyManager.NewKeyData(tc.serializedKeyFormat)
if err == nil {
t.Error("NewKeyData() err = nil, want error")
}
})
}
}
func mustCreateSubtleAEAD(t *testing.T, key []byte, ivSize int, hashAlgo string, macKey []byte, tagSize int) tink.AEAD {
ctr, err := subtle.NewAESCTR(key, ivSize)
if err != nil {
t.Fatalf("subtle.NewAESCTR(key, ivSize) err = %v, want nil", err)
}
mac, err := subtleMac.NewHMAC(hashAlgo, macKey, uint32(tagSize))
if err != nil {
t.Fatalf("subtleMac.NewHMAC(hashAlgo, macKey, uint32(tagSize)) err = %v, want nil", err)
}
cipher, err := subtle.NewEncryptThenAuthenticate(ctr, mac, tagSize)
if err != nil {
t.Fatalf("subtle.NewEncryptThenAuthenticate(ctr, mac, tagSize) err = %v, want nil", err)
}
return cipher
}
func TestKeyManagerPrimitive(t *testing.T) {
keyManager, err := registry.GetKeyManager(testutil.AESCTRHMACAEADTypeURL)
if err != nil {
t.Errorf("registry.GetKeyManager(%s) err = %v, want nil", testutil.AESCTRHMACAEADTypeURL, err)
}
key := &achpb.AesCtrHmacAeadKey{
Version: 0,
AesCtrKey: &ctrpb.AesCtrKey{
Version: 0,
KeyValue: []byte("0123456789abcdef0123456789abcdef"),
Params: &ctrpb.AesCtrParams{IvSize: 16},
},
HmacKey: &hmacpb.HmacKey{
Version: 0,
KeyValue: []byte("fedba9876543210fedcba9876543210"),
Params: &hmacpb.HmacParams{Hash: commonpb.HashType_SHA256, TagSize: 32},
},
}
serializedKey, err := proto.Marshal(key)
if err != nil {
t.Fatalf("failed to marshal key: %s", err)
}
p, err := keyManager.Primitive(serializedKey)
if err != nil {
t.Errorf("Primitive() err = %v, want nil", err)
}
aesCTRHMACAEAD, ok := p.(tink.AEAD)
if !ok {
t.Errorf("Primitive() returned %T, want tink.AEAD", p)
}
other := mustCreateSubtleAEAD(t, key.AesCtrKey.GetKeyValue(), 16, "SHA256", key.HmacKey.GetKeyValue(), 32)
if err := aeadtestutil.EncryptDecrypt(aesCTRHMACAEAD, other); err != nil {
t.Errorf("aeadtestutil.EncryptDecrypt(aesCTRHMACAEAD, other) err = %v, want nil", err)
}
if err := aeadtestutil.EncryptDecrypt(other, aesCTRHMACAEAD); err != nil {
t.Errorf("aeadtestutil.EncryptDecrypt(other, aesCTRHMACAEAD) err = %v, want nil", err)
}
}
func TestKeyManagerPrimitiveWithInvalidKey(t *testing.T) {
keyManager, err := registry.GetKeyManager(testutil.AESCTRHMACAEADTypeURL)
if err != nil {
t.Errorf("registry.GetKeyManager(%s) err = %v, want nil", testutil.AESCTRHMACAEADTypeURL, err)
}
emptyKey := &achpb.AesCtrHmacAeadKey{}
serializedEmptyKey, err := proto.Marshal(emptyKey)
if err != nil {
t.Fatalf("failed to marshal key: %s", err)
}
keyWithNilKeyParams := &achpb.AesCtrHmacAeadKey{
Version: 0,
AesCtrKey: &ctrpb.AesCtrKey{
Version: 0,
KeyValue: make([]byte, 32),
Params: nil,
},
HmacKey: &hmacpb.HmacKey{
Version: 0,
KeyValue: make([]byte, 32),
Params: nil,
},
}
serializedkeyWithNilKeyParams, err := proto.Marshal(keyWithNilKeyParams)
if err != nil {
t.Fatalf("failed to marshal key: %s", err)
}
wrongKeyType := &hmacpb.HmacKey{
Version: 0,
KeyValue: make([]byte, 32),
Params: nil,
}
serializedWronKeyType, err := proto.Marshal(wrongKeyType)
if err != nil {
t.Fatalf("failed to marshal key: %s", err)
}
testcases := []struct {
name string
key []byte
}{
{
name: "nil input",
key: nil,
},
{
name: "empty slice",
key: []byte{},
},
{
name: "empty key",
key: serializedEmptyKey,
},
{
name: "key with nil params",
key: serializedkeyWithNilKeyParams,
},
{
name: "wrong key type",
key: serializedWronKeyType,
},
}
for _, tc := range testcases {
t.Run(tc.name, func(t *testing.T) {
_, err = keyManager.Primitive(tc.key)
if err == nil {
t.Error("Primitive() err = nil, want error")
}
})
}
}
================================================
FILE: aead/aesctrhmac/key_parameters.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac
import (
"fmt"
"github.com/tink-crypto/tink-go/v2/internal/outputprefix"
"github.com/tink-crypto/tink-go/v2/key"
)
// Variant is the prefix variant of AES-CTR-HMAC keys.
//
// It describes how the prefix of the ciphertext is constructed. For AEAD there
// are three options:
//
// * TINK: prepends '0x01<big endian key id>' to the ciphertext.
// * CRUNCHY: prepends '0x00<big endian key id>' to the ciphertext.
// * NO_PREFIX: adds no prefix to the ciphertext.
type Variant int
const (
// VariantUnknown is the default and invalid value of Variant.
VariantUnknown Variant = iota
// VariantTink prefixes '0x01<big endian key id>' to the ciphertext.
VariantTink
// VariantCrunchy prefixes '0x00<big endian key id>' to the ciphertext.
VariantCrunchy
// VariantNoPrefix adds no prefix to the ciphertext.
VariantNoPrefix
)
func (variant Variant) String() string {
switch variant {
case VariantTink:
return "TINK"
case VariantCrunchy:
return "CRUNCHY"
case VariantNoPrefix:
return "NO_PREFIX"
default:
return "UNKNOWN"
}
}
// HashType is the hash type of the AES-CTR-HMAC key.
type HashType int
const (
// UnknownHashType is the default value of HashType.
UnknownHashType HashType = iota
// SHA1 is the SHA1 hash type.
SHA1
// SHA224 is the SHA224 hash type.
SHA224
// SHA256 is the SHA256 hash type.
SHA256
// SHA384 is the SHA384 hash type.
SHA384
// SHA512 is the SHA512 hash type.
SHA512
)
func (ht HashType) String() string {
switch ht {
case SHA1:
return "SHA1"
case SHA224:
return "SHA224"
case SHA256:
return "SHA256"
case SHA384:
return "SHA384"
case SHA512:
return "SHA512"
default:
return "UNKNOWN"
}
}
// calculateOutputPrefix calculates the output prefix from keyID.
func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
switch variant {
case VariantTink:
return outputprefix.Tink(keyID), nil
case VariantCrunchy:
return outputprefix.Legacy(keyID), nil
case VariantNoPrefix:
return nil, nil
default:
return nil, fmt.Errorf("invalid output prefix variant: %v", variant)
}
}
// Parameters specifies a AES-CTR-HMAC key.
type Parameters struct {
aesKeySizeInBytes int
hmacKeySizeInBytes int
ivSizeInBytes int
tagSizeInBytes int
hashType HashType
variant Variant
}
var _ key.Parameters = (*Parameters)(nil)
// AESKeySizeInBytes returns the size of the key in bytes.
func (p *Parameters) AESKeySizeInBytes() int { return p.aesKeySizeInBytes }
// HMACKeySizeInBytes returns the size of the HMAC key in bytes.
func (p *Parameters) HMACKeySizeInBytes() int { return p.hmacKeySizeInBytes }
// IVSizeInBytes returns the size of the IV in bytes.
func (p *Parameters) IVSizeInBytes() int { return p.ivSizeInBytes }
// TagSizeInBytes returns the size of the tag in bytes.
func (p *Parameters) TagSizeInBytes() int { return p.tagSizeInBytes }
// HashType returns the hash type.
func (p *Parameters) HashType() HashType { return p.hashType }
// Variant returns the variant of the key.
func (p *Parameters) Variant() Variant { return p.variant }
// ParametersOpts specifies options for creating AES-CTR-HMAC parameters.
type ParametersOpts struct {
AESKeySizeInBytes int
HMACKeySizeInBytes int
IVSizeInBytes int
TagSizeInBytes int
HashType HashType
Variant Variant
}
func maxTagSize(ht HashType) (int, error) {
switch ht {
case SHA1:
return 20, nil
case SHA224:
return 28, nil
case SHA256:
return 32, nil
case SHA384:
return 48, nil
case SHA512:
return 64, nil
default:
return 0, fmt.Errorf("unsupported hash type: %v", ht)
}
}
const minTagSize = 10
func validateOpts(opts *ParametersOpts) error {
if opts.AESKeySizeInBytes != 16 && opts.AESKeySizeInBytes != 24 && opts.AESKeySizeInBytes != 32 {
return fmt.Errorf("unsupported key size: got: %v, want 16, 24, or 32", opts.AESKeySizeInBytes)
}
if opts.IVSizeInBytes < 12 || opts.IVSizeInBytes > 16 {
return fmt.Errorf("unsupported IV size: got: %v, want between 12 and 16", opts.IVSizeInBytes)
}
if opts.HMACKeySizeInBytes < 16 {
return fmt.Errorf("unsupported HMAC key size: got: %v, want >= 16", opts.HMACKeySizeInBytes)
}
maxTagSize, err := maxTagSize(opts.HashType)
if err != nil {
return fmt.Errorf("unsupported hash type: %v", opts.HashType)
}
if opts.TagSizeInBytes < minTagSize || opts.TagSizeInBytes > maxTagSize {
return fmt.Errorf("unsupported tag size: got: %v, want between 10 and %v", opts.TagSizeInBytes, maxTagSize)
}
if opts.Variant == VariantUnknown {
return fmt.Errorf("unsupported variant: %v", opts.Variant)
}
return nil
}
// NewParameters creates a new AES-CTR-HMAC Parameters object.
func NewParameters(opts ParametersOpts) (*Parameters, error) {
if err := validateOpts(&opts); err != nil {
return nil, fmt.Errorf("aesctrhmac.NewParameters: %v", err)
}
return &Parameters{
aesKeySizeInBytes: opts.AESKeySizeInBytes,
hmacKeySizeInBytes: opts.HMACKeySizeInBytes,
ivSizeInBytes: opts.IVSizeInBytes,
tagSizeInBytes: opts.TagSizeInBytes,
hashType: opts.HashType,
variant: opts.Variant,
}, nil
}
// HasIDRequirement returns whether the key has an ID requirement.
func (p *Parameters) HasIDRequirement() bool { return p.variant != VariantNoPrefix }
// Equal returns whether this Parameters object is equal to other.
func (p *Parameters) Equal(other key.Parameters) bool {
actualParams, ok := other.(*Parameters)
return ok && p.HasIDRequirement() == actualParams.HasIDRequirement() &&
p.aesKeySizeInBytes == actualParams.aesKeySizeInBytes &&
p.hmacKeySizeInBytes == actualParams.hmacKeySizeInBytes &&
p.ivSizeInBytes == actualParams.ivSizeInBytes &&
p.tagSizeInBytes == actualParams.tagSizeInBytes &&
p.hashType == actualParams.hashType &&
p.variant == actualParams.variant
}
================================================
FILE: aead/aesctrhmac/key_parameters_test.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac_test
import (
"fmt"
"testing"
"github.com/tink-crypto/tink-go/v2/aead/aesctrhmac"
)
func TestNewParametersInvalidAESKeySize(t *testing.T) {
for _, keySize := range []int{1, 15, 17, 31, 33} {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: keySize,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
}
if _, err := aesctrhmac.NewParameters(opts); err == nil {
t.Errorf("aesctrhmac.NewParameters(%v) err = nil, want error", opts)
}
}
}
func TestNewParametersInvalidIVSize(t *testing.T) {
for _, ivSize := range []int{11, 17} {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: ivSize,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
}
if _, err := aesctrhmac.NewParameters(opts); err == nil {
t.Errorf("aesctrhmac.NewParameters(%v) err = nil, want error", opts)
}
}
}
func TestNewParametersInvalidHMACKeySize(t *testing.T) {
for _, hmacKeySize := range []int{1, 15} {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
}
if _, err := aesctrhmac.NewParameters(opts); err == nil {
t.Errorf("aesctrhmac.NewParameters(%v) err = nil, want error", opts)
}
}
}
func TestNewParametersInvalidTagSize(t *testing.T) {
for _, tc := range []struct {
name string
hashType aesctrhmac.HashType
tagSize int
}{
{
name: "SHA1",
hashType: aesctrhmac.SHA1,
tagSize: 21,
},
{
name: "SHA224",
hashType: aesctrhmac.SHA224,
tagSize: 29,
},
{
name: "SHA256",
hashType: aesctrhmac.SHA256,
tagSize: 33,
},
{
name: "SHA384",
hashType: aesctrhmac.SHA384,
tagSize: 49,
},
{
name: "SHA512",
hashType: aesctrhmac.SHA512,
tagSize: 65,
},
} {
t.Run(tc.name, func(t *testing.T) {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: tc.tagSize,
HashType: tc.hashType,
Variant: aesctrhmac.VariantTink,
}
if _, err := aesctrhmac.NewParameters(opts); err == nil {
t.Errorf("aesctrhmac.NewParameters(%v) err = nil, want error", opts)
}
})
}
}
func TestNewParametersInvalidVariant(t *testing.T) {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantUnknown,
}
if _, err := aesctrhmac.NewParameters(opts); err == nil {
t.Errorf("aesctrhmac.NewParameters(%v) err = nil, want error", opts)
}
}
type paramsTestVector struct {
name string
paramsOpts aesctrhmac.ParametersOpts
}
func paramsTestVectors() []paramsTestVector {
testVectors := []paramsTestVector{}
for _, keySize := range []int{16, 24, 32} {
for _, hmacKeySize := range []int{16, 32} {
for _, ivSize := range []int{12, 16} {
for _, variant := range []aesctrhmac.Variant{aesctrhmac.VariantTink, aesctrhmac.VariantCrunchy, aesctrhmac.VariantNoPrefix} {
testVectors = append(testVectors, paramsTestVector{
name: fmt.Sprintf("AES%d-CTR-HMAC-%d-iv%d-tag%d-%s-%s", keySize, hmacKeySize, ivSize, 20, aesctrhmac.SHA1, variant),
paramsOpts: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: keySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 20,
HashType: aesctrhmac.SHA1,
Variant: variant,
},
})
testVectors = append(testVectors, paramsTestVector{
name: fmt.Sprintf("AES%d-CTR-HMAC-%d-iv%d-tag%d-%s-%s", keySize, hmacKeySize, ivSize, 28, aesctrhmac.SHA224, variant),
paramsOpts: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: keySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 28,
HashType: aesctrhmac.SHA224,
Variant: variant,
},
})
testVectors = append(testVectors, paramsTestVector{
name: fmt.Sprintf("AES%d-CTR-HMAC-%d-iv%d-tag%d-%s-%s", keySize, hmacKeySize, ivSize, 32, aesctrhmac.SHA256, variant),
paramsOpts: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: keySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 32,
HashType: aesctrhmac.SHA256,
Variant: variant,
},
})
testVectors = append(testVectors, paramsTestVector{
name: fmt.Sprintf("AES%d-CTR-HMAC-%d-iv%d-tag%d-%s-%s", keySize, hmacKeySize, ivSize, 48, aesctrhmac.SHA384, variant),
paramsOpts: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: keySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 48,
HashType: aesctrhmac.SHA384,
Variant: variant,
},
})
testVectors = append(testVectors, paramsTestVector{
name: fmt.Sprintf("AES%d-CTR-HMAC-%d-iv%d-tag%d-%s-%s", keySize, hmacKeySize, ivSize, 64, aesctrhmac.SHA512, variant),
paramsOpts: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: keySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 64,
HashType: aesctrhmac.SHA512,
Variant: variant,
},
})
}
}
}
}
return testVectors
}
func TestNewParametersWorks(t *testing.T) {
for _, tc := range paramsTestVectors() {
t.Run(tc.name, func(t *testing.T) {
params, err := aesctrhmac.NewParameters(tc.paramsOpts)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", tc.paramsOpts, err)
}
if params.HasIDRequirement() != (tc.paramsOpts.Variant != aesctrhmac.VariantNoPrefix) {
t.Errorf("params.HasIDRequirement() = %v, want %v", params.HasIDRequirement(), (tc.paramsOpts.Variant != aesctrhmac.VariantNoPrefix))
}
if params.AESKeySizeInBytes() != tc.paramsOpts.AESKeySizeInBytes {
t.Errorf("params.AESKeySizeInBytes() = %v, want %v", params.AESKeySizeInBytes(), tc.paramsOpts.AESKeySizeInBytes)
}
if params.HMACKeySizeInBytes() != tc.paramsOpts.HMACKeySizeInBytes {
t.Errorf("params.HMACKeySizeInBytes() = %v, want %v", params.HMACKeySizeInBytes(), tc.paramsOpts.HMACKeySizeInBytes)
}
if params.TagSizeInBytes() != tc.paramsOpts.TagSizeInBytes {
t.Errorf("params.TagSizeInBytes() = %v, want %d", params.TagSizeInBytes(), tc.paramsOpts.TagSizeInBytes)
}
if params.IVSizeInBytes() != tc.paramsOpts.IVSizeInBytes {
t.Errorf("params.IVSizeInBytes() = %v, want %d", params.IVSizeInBytes(), tc.paramsOpts.IVSizeInBytes)
}
if params.Variant() != tc.paramsOpts.Variant {
t.Errorf("params.Variant() = %v, want %v", params.Variant(), tc.paramsOpts.Variant)
}
otherParams, err := aesctrhmac.NewParameters(tc.paramsOpts)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", tc.paramsOpts, err)
}
if !params.Equal(otherParams) {
t.Errorf("params.Equal(otherParams) = %v, want true", params.Equal(otherParams))
}
})
}
}
func TestParametersEqualFalseIfDifferent(t *testing.T) {
for _, tc := range []struct {
name string
opts1 aesctrhmac.ParametersOpts
opts2 aesctrhmac.ParametersOpts
}{
{
name: "different AES key size",
opts1: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
opts2: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "different HMAC key size",
opts1: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
opts2: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "different IV size",
opts1: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
opts2: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 16,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "different tag size",
opts1: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
opts2: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 20,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "different hash",
opts1: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
opts2: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA224,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "different vairant",
opts1: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
opts2: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantCrunchy,
},
},
} {
t.Run(tc.name, func(t *testing.T) {
params1, err := aesctrhmac.NewParameters(tc.opts1)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", tc.opts1, err)
}
params2, err := aesctrhmac.NewParameters(tc.opts2)
if err != nil {
t.Errorf("aesctrhmac.NewParameters(%v) err = %v, want nil", tc.opts2, err)
}
if params1.Equal(params2) {
t.Errorf("params.Equal(params2) = %v, want false", params1.Equal(params2))
}
})
}
}
================================================
FILE: aead/aesctrhmac/key_test.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac_test
import (
"bytes"
"testing"
"github.com/google/go-cmp/cmp"
"github.com/tink-crypto/tink-go/v2/aead/aesctrhmac"
"github.com/tink-crypto/tink-go/v2/core/cryptofmt"
"github.com/tink-crypto/tink-go/v2/insecuresecretdataaccess"
"github.com/tink-crypto/tink-go/v2/internal/keygenregistry"
"github.com/tink-crypto/tink-go/v2/key"
"github.com/tink-crypto/tink-go/v2/secretdata"
)
var (
aes256KeyBytes = secretdata.NewBytesFromData([]byte("11111111111111111111111111111111"), insecuresecretdataaccess.Token{})
hmac256KeyBytes = secretdata.NewBytesFromData([]byte("22222222222222222222222222222222"), insecuresecretdataaccess.Token{})
aes128KeyBytes = secretdata.NewBytesFromData([]byte("1111111111111111"), insecuresecretdataaccess.Token{})
hmac128KeyBytes = secretdata.NewBytesFromData([]byte("2222222222222222"), insecuresecretdataaccess.Token{})
)
func TestNewKeyFails(t *testing.T) {
params, err := aesctrhmac.NewParameters(aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
})
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
paramsNoPrefix, err := aesctrhmac.NewParameters(aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantNoPrefix,
})
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
for _, tc := range []struct {
name string
aesKeyBytes secretdata.Bytes
hmacKeyBytes secretdata.Bytes
params *aesctrhmac.Parameters
}{
{
name: "nil parameters",
aesKeyBytes: aes128KeyBytes,
hmacKeyBytes: hmac128KeyBytes,
params: nil,
},
{
name: "invalid parameters",
aesKeyBytes: aes128KeyBytes,
hmacKeyBytes: hmac128KeyBytes,
params: &aesctrhmac.Parameters{},
},
{
name: "invalid AES key size",
aesKeyBytes: aes128KeyBytes,
hmacKeyBytes: hmac256KeyBytes,
params: params,
},
{
name: "invalid HMAC key size",
aesKeyBytes: aes256KeyBytes,
hmacKeyBytes: hmac128KeyBytes,
params: params,
},
{
name: "invalid HMAC key size",
aesKeyBytes: aes256KeyBytes,
hmacKeyBytes: hmac128KeyBytes,
params: params,
},
{
name: "invalid ID requirement",
aesKeyBytes: aes256KeyBytes,
hmacKeyBytes: hmac256KeyBytes,
params: paramsNoPrefix,
},
} {
t.Run(tc.name, func(t *testing.T) {
opts := aesctrhmac.KeyOpts{
AESKeyBytes: tc.aesKeyBytes,
HMACKeyBytes: tc.hmacKeyBytes,
IDRequirement: 123,
Parameters: tc.params,
}
if _, err := aesctrhmac.NewKey(opts); err == nil {
t.Errorf("aesctrhmac.NewKey() err = nil, want error")
}
})
}
}
func TestOutputPrefix(t *testing.T) {
for _, test := range []struct {
name string
variant aesctrhmac.Variant
id uint32
want []byte
}{
{
name: "Tink",
variant: aesctrhmac.VariantTink,
id: uint32(0x11223344),
want: []byte{cryptofmt.TinkStartByte, 0x11, 0x22, 0x33, 0x44},
},
{
name: "Crunchy",
variant: aesctrhmac.VariantCrunchy,
id: uint32(0x11223344),
want: []byte{cryptofmt.LegacyStartByte, 0x11, 0x22, 0x33, 0x44},
},
{
name: "No prefix",
variant: aesctrhmac.VariantNoPrefix,
id: 0,
want: nil,
},
} {
t.Run(test.name, func(t *testing.T) {
opts := aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: test.variant,
}
params, err := aesctrhmac.NewParameters(opts)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", opts, err)
}
aesKeyBytes, err := secretdata.NewBytesFromRand(uint32(params.AESKeySizeInBytes()))
if err != nil {
t.Fatalf("secretdata.NewBytes() err = %v, want nil", err)
}
hmacKeyBytes, err := secretdata.NewBytesFromRand(uint32(params.HMACKeySizeInBytes()))
if err != nil {
t.Fatalf("secretdata.NewBytes() err = %v, want nil", err)
}
keyOpts := aesctrhmac.KeyOpts{
AESKeyBytes: aesKeyBytes,
HMACKeyBytes: hmacKeyBytes,
IDRequirement: test.id,
Parameters: params,
}
key, err := aesctrhmac.NewKey(keyOpts)
if err != nil {
t.Fatalf("aesctrhmac.NewKey(aesKeyBytes, %v, %v) err = %v, want nil", test.id, params, err)
}
if got := key.OutputPrefix(); !bytes.Equal(got, test.want) {
t.Errorf("params.OutputPrefix() = %v, want %v", got, test.want)
}
})
}
}
type TestKey struct {
name string
id uint32
aesKey secretdata.Bytes
hmacKey secretdata.Bytes
parameterOps aesctrhmac.ParametersOpts
}
func TestNewKeyWorks(t *testing.T) {
for _, test := range []TestKey{
{
name: "AES128-HMAC128-SHA256-Tink",
id: 1,
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "AES128-HMAC128-SHA256-Crunchy",
id: 1,
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantCrunchy,
},
},
{
name: "AES128-HMAC128-SHA256-NoPrefix",
id: 0,
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantNoPrefix,
},
},
{
name: "AES128-HMAC256-SHA256-Tink",
id: 1,
aesKey: aes128KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "AES128-HMAC256-SHA256-Crunchy",
id: 1,
aesKey: aes128KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantCrunchy,
},
},
{
name: "AES128-HMAC256-SHA256-NoPrefix",
id: 0,
aesKey: aes128KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantNoPrefix,
},
},
{
name: "AES256-HMAC128-SHA256-Tink",
id: 1,
aesKey: aes256KeyBytes,
hmacKey: hmac128KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "AES256-HMAC128-SHA256-Crunchy",
id: 1,
aesKey: aes256KeyBytes,
hmacKey: hmac128KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantCrunchy,
},
},
{
name: "AES256-HMAC128-SHA256-NoPrefix",
id: 0,
aesKey: aes256KeyBytes,
hmacKey: hmac128KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantNoPrefix,
},
},
{
name: "AES256-HMAC256-SHA256-Tink",
id: 1,
aesKey: aes256KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "AES256-HMAC256-SHA256-Crunchy",
id: 1,
aesKey: aes256KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantCrunchy,
},
},
{
name: "AES256-HMAC256-SHA256-NoPrefix",
id: 0,
aesKey: aes256KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantNoPrefix,
},
},
{
name: "AES256-HMAC256-SHA512-Tink",
id: 1,
aesKey: aes256KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA512,
Variant: aesctrhmac.VariantTink,
},
},
{
name: "AES256-HMAC256-SHA512-Crunchy",
id: 1,
aesKey: aes256KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA512,
Variant: aesctrhmac.VariantCrunchy,
},
},
{
name: "AES256-HMAC256-SHA512-NoPrefix",
id: 0,
aesKey: aes256KeyBytes,
hmacKey: hmac256KeyBytes,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA512,
Variant: aesctrhmac.VariantNoPrefix,
},
},
} {
t.Run(test.name, func(t *testing.T) {
params, err := aesctrhmac.NewParameters(test.parameterOps)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters(%v) err = %v, want nil", test.parameterOps, err)
}
// Create two keys with the same parameters and key bytes.
key1, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: test.aesKey,
HMACKeyBytes: test.hmacKey,
IDRequirement: test.id,
Parameters: params,
})
if err != nil {
t.Fatalf("aesctrhmac.NewKey() err = %v, want nil", err)
}
if !key1.Parameters().Equal(params) {
t.Errorf("key1.Parameters() = %v, want %v", key1.Parameters(), params)
}
aesKey1Bytes := key1.AESKeyBytes()
if !aesKey1Bytes.Equal(test.aesKey) {
t.Errorf("aesKey1Bytes.Equal(test.aesKey) = false, want true")
}
hmacKey1Bytes := key1.HMACKeyBytes()
if !hmacKey1Bytes.Equal(test.hmacKey) {
t.Errorf("hmacKey1Bytes.Equal(test.hmacKey) = false, want true")
}
keyID1, required := key1.IDRequirement()
if wantRequired := test.parameterOps.Variant != aesctrhmac.VariantNoPrefix; required != wantRequired {
t.Errorf("required = %v, want %v", required, wantRequired)
}
wantID := test.id
if !required {
wantID = 0
}
if keyID1 != wantID {
t.Errorf("keyID1 = %v, want %v", keyID1, wantID)
}
key2, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: test.aesKey,
HMACKeyBytes: test.hmacKey,
IDRequirement: test.id,
Parameters: params,
})
if err != nil {
t.Fatalf("aesctrhmac.NewKey() err = %v, want nil", err)
}
// Test Equal.
if !key1.Equal(key2) {
t.Errorf("key1.Equal(key2) = %v, want true", key1.Equal(key2))
}
if diff := cmp.Diff(key1, key2); diff != "" {
t.Errorf("key1 diff (-want +got):\n%s", diff)
}
})
}
}
type stubKey struct{}
var _ key.Key = (*stubKey)(nil)
func (k *stubKey) Parameters() key.Parameters { return nil }
func (k *stubKey) Equal(other key.Key) bool { return true }
func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
func TestKeyEqual_FalseIfDifferentType(t *testing.T) {
params, err := aesctrhmac.NewParameters(aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 32,
TagSizeInBytes: 16,
IVSizeInBytes: 12,
Variant: aesctrhmac.VariantTink,
HashType: aesctrhmac.SHA256,
})
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
keyBytes := secretdata.NewBytesFromData([]byte("01234567890123450123456789012345"), insecuresecretdataaccess.Token{})
key, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: keyBytes,
HMACKeyBytes: keyBytes,
IDRequirement: 1234,
Parameters: params,
})
if err != nil {
t.Fatalf("aesctrhmac.NewKey() err = %v, want nil", err)
}
if key.Equal(&stubKey{}) {
t.Errorf("key.Equal(&stubKey{}) = true, want false")
}
}
func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
aes128Key2Bytes := secretdata.NewBytesFromData([]byte("3333333333333333"), insecuresecretdataaccess.Token{})
hmac128Key2Bytes := secretdata.NewBytesFromData([]byte("4444444444444444"), insecuresecretdataaccess.Token{})
for _, test := range []struct {
name string
first TestKey
second TestKey
}{
{
name: "different AES key size",
first: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
second: TestKey{
aesKey: aes256KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 32,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
},
{
name: "different HMAC key size",
first: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
second: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac256KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
},
{
name: "different variant",
first: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantCrunchy,
},
},
second: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
},
{
name: "different key IDs",
first: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantCrunchy,
},
},
second: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x02,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
},
{
name: "different AES key bytes",
first: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
second: TestKey{
aesKey: aes128Key2Bytes,
hmacKey: hmac128KeyBytes,
id: 0x02,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
},
{
name: "different HMAC key bytes",
first: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
second: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128Key2Bytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
},
{
name: "different hash function",
first: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
},
},
second: TestKey{
aesKey: aes128KeyBytes,
hmacKey: hmac128KeyBytes,
id: 0x01,
parameterOps: aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 16,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA384,
Variant: aesctrhmac.VariantTink,
},
},
},
} {
t.Run(test.name, func(t *testing.T) {
firstParams, err := aesctrhmac.NewParameters(test.first.parameterOps)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
firstKey, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: test.first.aesKey,
HMACKeyBytes: test.first.hmacKey,
IDRequirement: test.first.id,
Parameters: firstParams,
})
if err != nil {
t.Fatalf("aesctrhmac.NewKey() err = %v, want nil", err)
}
secondParams, err := aesctrhmac.NewParameters(test.second.parameterOps)
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
secondKey, err := aesctrhmac.NewKey(aesctrhmac.KeyOpts{
AESKeyBytes: test.second.aesKey,
HMACKeyBytes: test.second.hmacKey,
IDRequirement: test.second.id,
Parameters: secondParams,
})
if err != nil {
t.Fatalf("aesctrhmac.NewKey() err = %v, want nil", err)
}
if firstKey.Equal(secondKey) {
t.Errorf("firstKey.Equal(secondKey) = true, want false")
}
// Use cmp.Equal to compare the keys.
if cmp.Equal(firstKey, secondKey) {
t.Errorf("firstKey.Equal(secondKey) = true, want false")
}
})
}
}
func TestKeyCreator(t *testing.T) {
params, err := aesctrhmac.NewParameters(aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 16,
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
})
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
key, err := keygenregistry.CreateKey(params, 123)
if err != nil {
t.Fatalf("keygenregistry.CreateKey(%v, 123) err = %v, want nil", params, err)
}
then, ok := key.(*aesctrhmac.Key)
if !ok {
t.Fatalf("keygenregistry.CreateKey(%v, 123) returned key of type %T, want %T", params, key, (*aesctrhmac.Key)(nil))
}
idRequirement, hasIDRequirement := then.IDRequirement()
if !hasIDRequirement || idRequirement != 123 {
t.Errorf("then.IDRequirement() (%v, %v), want (%v, %v)", idRequirement, hasIDRequirement, 123, true)
}
if got := then.AESKeyBytes().Len(); got != params.AESKeySizeInBytes() {
t.Errorf("then.AESKeyBytes().Len() = %d, want 32", then.AESKeyBytes().Len())
}
if got := then.HMACKeyBytes().Len(); got != params.HMACKeySizeInBytes() {
t.Errorf("then.HMACKeyBytes().Len() = %d, want 32", got)
}
if diff := cmp.Diff(then.Parameters(), params); diff != "" {
t.Errorf("then.Parameters() diff (-want +got):\n%s", diff)
}
}
func TestKeyCreator_FailsForWrongAESKeySize(t *testing.T) {
params, err := aesctrhmac.NewParameters(aesctrhmac.ParametersOpts{
AESKeySizeInBytes: 24, // Only 16 and 32 are supported.
HMACKeySizeInBytes: 32,
IVSizeInBytes: 12,
TagSizeInBytes: 16,
HashType: aesctrhmac.SHA256,
Variant: aesctrhmac.VariantTink,
})
if err != nil {
t.Fatalf("aesctrhmac.NewParameters() err = %v, want nil", err)
}
if _, err := keygenregistry.CreateKey(params, 123); err == nil {
t.Fatalf("keygenregistry.CreateKey(%v, 123) err = nil, want error", params)
}
}
================================================
FILE: aead/aesctrhmac/protoserialization.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac
import (
"fmt"
"google.golang.org/protobuf/proto"
"github.com/tink-crypto/tink-go/v2/insecuresecretdataaccess"
"github.com/tink-crypto/tink-go/v2/internal/protoserialization"
"github.com/tink-crypto/tink-go/v2/key"
"github.com/tink-crypto/tink-go/v2/secretdata"
aesctrpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_go_proto"
aesctrhmacpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_hmac_aead_go_proto"
commonpb "github.com/tink-crypto/tink-go/v2/proto/common_go_proto"
hmacpb "github.com/tink-crypto/tink-go/v2/proto/hmac_go_proto"
tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
)
const typeURL = "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey"
type keySerializer struct{}
var _ protoserialization.KeySerializer = (*keySerializer)(nil)
func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPrefixType, error) {
switch variant {
case VariantTink:
return tinkpb.OutputPrefixType_TINK, nil
case VariantCrunchy:
return tinkpb.OutputPrefixType_CRUNCHY, nil
case VariantNoPrefix:
return tinkpb.OutputPrefixType_RAW, nil
default:
return tinkpb.OutputPrefixType_UNKNOWN_PREFIX, fmt.Errorf("unknown output prefix variant: %v", variant)
}
}
func hashTypeToProto(ht HashType) (commonpb.HashType, error) {
switch ht {
case SHA1:
return commonpb.HashType_SHA1, nil
case SHA224:
return commonpb.HashType_SHA224, nil
case SHA256:
return commonpb.HashType_SHA256, nil
case SHA384:
return commonpb.HashType_SHA384, nil
case SHA512:
return commonpb.HashType_SHA512, nil
default:
return commonpb.HashType_UNKNOWN_HASH, fmt.Errorf("unknown hash type: %v", ht)
}
}
func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization.KeySerialization, error) {
actualKey, ok := key.(*Key)
if !ok {
return nil, fmt.Errorf("key is not a Key")
}
actualParameters, ok := actualKey.Parameters().(*Parameters)
if !ok {
return nil, fmt.Errorf("key parameters is not a Parameters")
}
outputPrefixType, err := protoOutputPrefixTypeFromVariant(actualParameters.Variant())
if err != nil {
return nil, err
}
hash, err := hashTypeToProto(actualParameters.HashType())
if err != nil {
return nil, err
}
protoKey := &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Version: 0,
Params: &aesctrpb.AesCtrParams{
IvSize: uint32(actualParameters.IVSizeInBytes()),
},
KeyValue: actualKey.AESKeyBytes().Data(insecuresecretdataaccess.Token{}),
},
HmacKey: &hmacpb.HmacKey{
Version: 0,
Params: &hmacpb.HmacParams{
Hash: hash,
TagSize: uint32(actualParameters.TagSizeInBytes()),
},
KeyValue: actualKey.HMACKeyBytes().Data(insecuresecretdataaccess.Token{}),
},
Version: 0,
}
serializedKey, err := proto.Marshal(protoKey)
if err != nil {
return nil, err
}
// idRequirement is zero if the key doesn't have a key requirement.
idRequirement, _ := actualKey.IDRequirement()
keyData := &tinkpb.KeyData{
TypeUrl: typeURL,
Value: serializedKey,
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
}
return protoserialization.NewKeySerialization(keyData, outputPrefixType, idRequirement)
}
type keyParser struct{}
var _ protoserialization.KeyParser = (*keyParser)(nil)
func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, error) {
switch prefixType {
case tinkpb.OutputPrefixType_TINK:
return VariantTink, nil
case tinkpb.OutputPrefixType_CRUNCHY, tinkpb.OutputPrefixType_LEGACY:
return VariantCrunchy, nil
case tinkpb.OutputPrefixType_RAW:
return VariantNoPrefix, nil
default:
return VariantUnknown, fmt.Errorf("unsupported output prefix type: %v", prefixType)
}
}
func hashTypeFromProto(ht commonpb.HashType) (HashType, error) {
switch ht {
case commonpb.HashType_SHA1:
return SHA1, nil
case commonpb.HashType_SHA224:
return SHA224, nil
case commonpb.HashType_SHA256:
return SHA256, nil
case commonpb.HashType_SHA384:
return SHA384, nil
case commonpb.HashType_SHA512:
return SHA512, nil
default:
return UnknownHashType, fmt.Errorf("unknown hash type: %v", ht)
}
}
func (s *keyParser) ParseKey(keySerialization *protoserialization.KeySerialization) (key.Key, error) {
if keySerialization == nil {
return nil, fmt.Errorf("key serialization is nil")
}
keyData := keySerialization.KeyData()
if keyData.GetTypeUrl() != typeURL {
return nil, fmt.Errorf("invalid type URL: got %q, want %q", keyData.GetTypeUrl(), typeURL)
}
if keyData.GetKeyMaterialType() != tinkpb.KeyData_SYMMETRIC {
return nil, fmt.Errorf("key is not a SYMMETRIC key")
}
protoKey := new(aesctrhmacpb.AesCtrHmacAeadKey)
if err := proto.Unmarshal(keyData.GetValue(), protoKey); err != nil {
return nil, err
}
if protoKey.GetVersion() != 0 {
return nil, fmt.Errorf("unsupported aesctrhmacpb.AesCtrHmacAeadKey version: got %q, want %q", protoKey.GetVersion(), 0)
}
if protoKey.GetAesCtrKey().GetVersion() != 0 {
return nil, fmt.Errorf("unsupported aesctrpb.AesCtrKey version: got %q, want %q", protoKey.GetAesCtrKey().GetVersion(), 0)
}
if protoKey.GetHmacKey().GetVersion() != 0 {
return nil, fmt.Errorf("unsupported hmacpb.HmacKey version: got %q, want %q", protoKey.GetHmacKey().GetVersion(), 0)
}
variant, err := variantFromProto(keySerialization.OutputPrefixType())
if err != nil {
return nil, err
}
aesKeySizeInBytes := len(protoKey.GetAesCtrKey().GetKeyValue())
hmacKeySizeInBytes := len(protoKey.GetHmacKey().GetKeyValue())
hashType, err := hashTypeFromProto(protoKey.GetHmacKey().GetParams().GetHash())
if err != nil {
return nil, err
}
params, err := NewParameters(ParametersOpts{
AESKeySizeInBytes: aesKeySizeInBytes,
HMACKeySizeInBytes: hmacKeySizeInBytes,
IVSizeInBytes: int(protoKey.GetAesCtrKey().GetParams().GetIvSize()),
TagSizeInBytes: int(protoKey.GetHmacKey().GetParams().GetTagSize()),
HashType: hashType,
Variant: variant,
})
if err != nil {
return nil, err
}
aesKeyMaterial := secretdata.NewBytesFromData(protoKey.GetAesCtrKey().GetKeyValue(), insecuresecretdataaccess.Token{})
hmacKeyMaterial := secretdata.NewBytesFromData(protoKey.GetHmacKey().GetKeyValue(), insecuresecretdataaccess.Token{})
// keySerialization.IDRequirement() returns zero if the key doesn't have a
// key requirement.
keyID, _ := keySerialization.IDRequirement()
return NewKey(KeyOpts{
AESKeyBytes: aesKeyMaterial,
HMACKeyBytes: hmacKeyMaterial,
IDRequirement: keyID,
Parameters: params})
}
type parametersSerializer struct{}
var _ protoserialization.ParametersSerializer = (*parametersSerializer)(nil)
func (s *parametersSerializer) Serialize(parameters key.Parameters) (*tinkpb.KeyTemplate, error) {
actualParameters, ok := parameters.(*Parameters)
if !ok {
return nil, fmt.Errorf("invalid parameters type: got %T, want *aesctrhmac.Parameters", parameters)
}
outputPrefixType, err := protoOutputPrefixTypeFromVariant(actualParameters.Variant())
if err != nil {
return nil, err
}
hashType, err := hashTypeToProto(actualParameters.HashType())
if err != nil {
return nil, err
}
format := &aesctrhmacpb.AesCtrHmacAeadKeyFormat{
AesCtrKeyFormat: &aesctrpb.AesCtrKeyFormat{
KeySize: uint32(actualParameters.AESKeySizeInBytes()),
Params: &aesctrpb.AesCtrParams{
IvSize: uint32(actualParameters.IVSizeInBytes()),
},
},
HmacKeyFormat: &hmacpb.HmacKeyFormat{
KeySize: uint32(actualParameters.HMACKeySizeInBytes()),
Params: &hmacpb.HmacParams{
Hash: hashType,
TagSize: uint32(actualParameters.TagSizeInBytes()),
},
Version: 0,
},
}
serializedFormat, err := proto.Marshal(format)
if err != nil {
return nil, err
}
return &tinkpb.KeyTemplate{
TypeUrl: typeURL,
OutputPrefixType: outputPrefixType,
Value: serializedFormat,
}, nil
}
type parametersParser struct{}
var _ protoserialization.ParametersParser = (*parametersParser)(nil)
func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key.Parameters, error) {
if keyTemplate.GetTypeUrl() != typeURL {
return nil, fmt.Errorf("invalid type URL: got %q, want %q", keyTemplate.GetTypeUrl(), typeURL)
}
format := new(aesctrhmacpb.AesCtrHmacAeadKeyFormat)
if err := proto.Unmarshal(keyTemplate.GetValue(), format); err != nil {
return nil, err
}
if format.GetHmacKeyFormat().GetVersion() != 0 {
return nil, fmt.Errorf("unsupported hmacpb.HmacKeyFormat version: got %q, want %q", format.GetHmacKeyFormat().GetVersion(), 0)
}
variant, err := variantFromProto(keyTemplate.GetOutputPrefixType())
if err != nil {
return nil, err
}
hashType, err := hashTypeFromProto(format.GetHmacKeyFormat().GetParams().GetHash())
if err != nil {
return nil, err
}
return NewParameters(ParametersOpts{
AESKeySizeInBytes: int(format.GetAesCtrKeyFormat().GetKeySize()),
HMACKeySizeInBytes: int(format.GetHmacKeyFormat().GetKeySize()),
IVSizeInBytes: int(format.GetAesCtrKeyFormat().GetParams().GetIvSize()),
TagSizeInBytes: int(format.GetHmacKeyFormat().GetParams().GetTagSize()),
HashType: hashType,
Variant: variant,
})
}
================================================
FILE: aead/aesctrhmac/protoserialization_test.go
================================================
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package aesctrhmac
import (
"fmt"
"testing"
"github.com/google/go-cmp/cmp"
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/testing/protocmp"
"github.com/tink-crypto/tink-go/v2/insecuresecretdataaccess"
"github.com/tink-crypto/tink-go/v2/internal/protoserialization"
"github.com/tink-crypto/tink-go/v2/key"
"github.com/tink-crypto/tink-go/v2/secretdata"
aesctrpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_go_proto"
aesctrhmacpb "github.com/tink-crypto/tink-go/v2/proto/aes_ctr_hmac_aead_go_proto"
commonpb "github.com/tink-crypto/tink-go/v2/proto/common_go_proto"
hmacpb "github.com/tink-crypto/tink-go/v2/proto/hmac_go_proto"
tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
)
func TestParseKeyFails(t *testing.T) {
key := aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: 12,
},
KeyValue: []byte("1234567890123456"),
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: []byte("1234567890123456"),
},
}
for _, tc := range []struct {
name string
keyData *tinkpb.KeyData
outputPrefixType tinkpb.OutputPrefixType
keyID uint32
}{
{
name: "key data is nil",
keyData: nil,
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "wrong type URL",
keyData: &tinkpb.KeyData{
TypeUrl: "invalid_type_url",
Value: mustSerializeProto(t, &key),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid AES key size",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: 12,
},
KeyValue: []byte("123"),
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: []byte("1234567890123456"),
},
}),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid HMAC key size",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: 12,
},
KeyValue: []byte("1234567890123456"),
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: []byte("123"),
},
}),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid IV size",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: 1,
},
KeyValue: []byte("1234567890123456"),
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: []byte("1234567890123456"),
},
}),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid tag size",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: 12,
},
KeyValue: []byte("1234567890123456"),
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 2,
},
KeyValue: []byte("1234567890123456"),
},
}),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid proto serialization",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: []byte("invalid proto"),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid key version",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &aesctrhmacpb.AesCtrHmacAeadKey{
Version: 1,
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: 12,
},
KeyValue: []byte("123"),
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: []byte("1234567890123456"),
},
}),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid AesCtrKey version",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Version: 1,
Params: &aesctrpb.AesCtrParams{
IvSize: 12,
},
KeyValue: []byte("123"),
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: []byte("1234567890123456"),
},
}),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid HmacKey version",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: 12,
},
KeyValue: []byte("123"),
},
HmacKey: &hmacpb.HmacKey{
Version: 1,
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: []byte("1234567890123456"),
},
}),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid key material type",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &key),
KeyMaterialType: tinkpb.KeyData_ASYMMETRIC_PRIVATE,
},
outputPrefixType: tinkpb.OutputPrefixType_TINK,
keyID: 12345,
},
{
name: "invalid output prefix type",
keyData: &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, &key),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
},
outputPrefixType: tinkpb.OutputPrefixType_UNKNOWN_PREFIX,
keyID: 12345,
},
} {
t.Run(tc.name, func(t *testing.T) {
p := &keyParser{}
keySerialization, err := protoserialization.NewKeySerialization(tc.keyData, tc.outputPrefixType, tc.keyID)
if err != nil {
t.Fatalf("protoserialization.NewKeySerialization(%v, %v, %v) err = %v, want nil", tc.keyData, tc.outputPrefixType, tc.keyID, err)
}
if _, err := p.ParseKey(keySerialization); err == nil {
t.Errorf("p.ParseKey(%v) err = nil, want non-nil", keySerialization)
}
})
}
}
func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, outputPrefixType tinkpb.OutputPrefixType, idRequirement uint32) *protoserialization.KeySerialization {
t.Helper()
ks, err := protoserialization.NewKeySerialization(keyData, outputPrefixType, idRequirement)
if err != nil {
t.Fatalf("protoserialization.NewKeySerialization(%v, %v, %v) err = %v, want nil", keyData, outputPrefixType, idRequirement, err)
}
return ks
}
func mustSerializeProto(t *testing.T, m proto.Message) []byte {
t.Helper()
serialized, err := proto.Marshal(m)
if err != nil {
t.Fatalf("proto.Marshal(%v) err = %v, want nil", m, err)
}
return serialized
}
type keyParsingTestCase struct {
name string
keySerialization *protoserialization.KeySerialization
key *Key
}
func testCases(t *testing.T) []*keyParsingTestCase {
// t.Helper()
tcs := []*keyParsingTestCase{}
aesKey := []byte("11111111111111111111111111111111")
hmacKey := []byte("22222222222222222222222222222222")
for _, aesKeySize := range []int{16, 32} {
for _, hmacKeySize := range []int{16, 32} {
for _, ivSize := range []int{12, 16} {
// SHA1.
protoKeyWithSHA1 := &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: uint32(ivSize),
},
KeyValue: aesKey[:aesKeySize],
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA1,
TagSize: 16,
},
KeyValue: hmacKey[:hmacKeySize],
},
}
paramsSHA1, err := NewParameters(ParametersOpts{
AESKeySizeInBytes: aesKeySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 16,
HashType: SHA1,
Variant: VariantNoPrefix,
})
if err != nil {
t.Fatalf("NewParameters() err = %v, want nil", err)
}
keySHA1, err := NewKey(KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(aesKey[:aesKeySize], insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(hmacKey[:hmacKeySize], insecuresecretdataaccess.Token{}),
IDRequirement: 0,
Parameters: paramsSHA1,
})
if err != nil {
t.Fatalf("NewKey() err = %v, want nil", err)
}
tcs = append(tcs, &keyParsingTestCase{
name: fmt.Sprintf("AES%d_HMAC%d_IV%d_SHA1-NoPrefix", aesKeySize*8, hmacKeySize*8, ivSize),
keySerialization: mustCreateKeySerialization(t, &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, protoKeyWithSHA1),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
}, tinkpb.OutputPrefixType_RAW, 0),
key: keySHA1,
})
// SHA224.
protoKeyWithSHA224 := &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: uint32(ivSize),
},
KeyValue: aesKey[:aesKeySize],
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA224,
TagSize: 16,
},
KeyValue: hmacKey[:hmacKeySize],
},
}
paramsSHA224, err := NewParameters(ParametersOpts{
AESKeySizeInBytes: aesKeySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 16,
HashType: SHA224,
Variant: VariantTink,
})
if err != nil {
t.Fatalf("NewParameters() err = %v, want nil", err)
}
keySHA224, err := NewKey(KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(aesKey[:aesKeySize], insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(hmacKey[:hmacKeySize], insecuresecretdataaccess.Token{}),
IDRequirement: 0x22334455,
Parameters: paramsSHA224,
})
if err != nil {
t.Fatalf("NewKey() err = %v, want nil", err)
}
tcs = append(tcs, &keyParsingTestCase{
name: fmt.Sprintf("AES%d_HMAC%d_IV%d_SHA224-Tink", aesKeySize*8, hmacKeySize*8, ivSize),
keySerialization: mustCreateKeySerialization(t, &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, protoKeyWithSHA224),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
}, tinkpb.OutputPrefixType_TINK, 0x22334455),
key: keySHA224,
})
// SHA256.
protoKeyWithSHA256 := &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: uint32(ivSize),
},
KeyValue: aesKey[:aesKeySize],
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA256,
TagSize: 16,
},
KeyValue: hmacKey[:hmacKeySize],
},
}
paramsSHA256, err := NewParameters(ParametersOpts{
AESKeySizeInBytes: aesKeySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 16,
HashType: SHA256,
Variant: VariantTink,
})
if err != nil {
t.Fatalf("NewParameters() err = %v, want nil", err)
}
keySHA256, err := NewKey(KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(aesKey[:aesKeySize], insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(hmacKey[:hmacKeySize], insecuresecretdataaccess.Token{}),
IDRequirement: 0x22334455,
Parameters: paramsSHA256,
})
if err != nil {
t.Fatalf("NewKey() err = %v, want nil", err)
}
tcs = append(tcs, &keyParsingTestCase{
name: fmt.Sprintf("AES%d_HMAC%d_IV%d_SHA256-Tink", aesKeySize*8, hmacKeySize*8, ivSize),
keySerialization: mustCreateKeySerialization(t, &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, protoKeyWithSHA256),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
}, tinkpb.OutputPrefixType_TINK, 0x22334455),
key: keySHA256,
})
// SHA384.
protoKeyWithSHA384 := &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: uint32(ivSize),
},
KeyValue: aesKey[:aesKeySize],
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA384,
TagSize: 16,
},
KeyValue: hmacKey[:hmacKeySize],
},
}
paramsSHA384, err := NewParameters(ParametersOpts{
AESKeySizeInBytes: aesKeySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 16,
HashType: SHA384,
Variant: VariantTink,
})
if err != nil {
t.Fatalf("NewParameters() err = %v, want nil", err)
}
keySHA384, err := NewKey(KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(aesKey[:aesKeySize], insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(hmacKey[:hmacKeySize], insecuresecretdataaccess.Token{}),
IDRequirement: 0x22334455,
Parameters: paramsSHA384,
})
if err != nil {
t.Fatalf("NewKey() err = %v, want nil", err)
}
tcs = append(tcs, &keyParsingTestCase{
name: fmt.Sprintf("AES%d_HMAC%d_IV%d_SHA384-Tink", aesKeySize*8, hmacKeySize*8, ivSize),
keySerialization: mustCreateKeySerialization(t, &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, protoKeyWithSHA384),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
}, tinkpb.OutputPrefixType_TINK, 0x22334455),
key: keySHA384,
})
// SHA512.
protoKeyWith512 := &aesctrhmacpb.AesCtrHmacAeadKey{
AesCtrKey: &aesctrpb.AesCtrKey{
Params: &aesctrpb.AesCtrParams{
IvSize: uint32(ivSize),
},
KeyValue: aesKey[:aesKeySize],
},
HmacKey: &hmacpb.HmacKey{
Params: &hmacpb.HmacParams{
Hash: commonpb.HashType_SHA512,
TagSize: 16,
},
KeyValue: hmacKey[:hmacKeySize],
},
}
paramsSHA512, err := NewParameters(ParametersOpts{
AESKeySizeInBytes: aesKeySize,
HMACKeySizeInBytes: hmacKeySize,
IVSizeInBytes: ivSize,
TagSizeInBytes: 16,
HashType: SHA512,
Variant: VariantCrunchy,
})
if err != nil {
t.Fatalf("NewParameters() err = %v, want nil", err)
}
key512, err := NewKey(KeyOpts{
AESKeyBytes: secretdata.NewBytesFromData(aesKey[:aesKeySize], insecuresecretdataaccess.Token{}),
HMACKeyBytes: secretdata.NewBytesFromData(hmacKey[:hmacKeySize], insecuresecretdataaccess.Token{}),
IDRequirement: 0x11223344,
Parameters: paramsSHA512,
})
if err != nil {
t.Fatalf("NewKey() err = %v, want nil", err)
}
tcs = append(tcs, &keyParsingTestCase{
name: fmt.Sprintf("AES%d_HMAC%d_IV%d_SHA512-Crunchy", aesKeySize*8, hmacKeySize*8, ivSize),
keySerialization: mustCreateKeySerialization(t, &tinkpb.KeyData{
TypeUrl: "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey",
Value: mustSerializeProto(t, protoKeyWith512),
KeyMaterialType: tinkpb.KeyData_SYMMETRIC,
}, tinkpb.OutputPrefixType_CRUNCHY, 0x11223344),
key: key512,
})
}
}
}
return tcs
}
func TestParseKey(t *testing.T) {
for _, tc := range testCases(t) {
t.Run(tc.name, func(t *testing.T) {
p := &keyParser{}
got, err := p.ParseKey(tc.keySerialization)
if err != nil {
t.Errorf("p.ParseKey(%v) err = %v, want nil", tc.keySerialization, err)
}
if diff := cmp.Diff(got, tc.key); diff != "" {
t.Errorf("s.ParseKey() diff (-want +got):\n%s", diff)
}
})
}
}
type testParams struct {
hasIDRequirement bool
}
func (p *testParams) HasIDRequirement() bool { return p.hasIDRequirement }
func (p *testParams) Equal(params key.Parameters) bool {
_, ok := params.(*testParams)
return ok && p.hasIDRequirement == params.HasIDRequirement()
}
type testKey struct {
keyBytes []byte
id uint32
params testParams
}
func (k *testKey) Parameters() key.Parameters { return &k.params }
func (k *testKey) Equal(other key.Key) bool {
fallbackProtoKey, ok := other.(*testKey)
if !ok {
return false
}
return k.params.Equal(fallbackProtoKey.Parameters())
}
func (k *testKey) IDRequirement() (uint32, bool) { return k.id, k.params.HasIDRequirement() }
func TestSerializeKeyFails(t *testing.T) {
for _, tc := range []struct {
name string
key key.Key
}{
{
name: "key is nil",
key: nil,
},
{
name: "key is not an AES GCM key",
key: &testKey{},
},
} {
t.Run(tc.name, func(t *testing.T) {
aesGCMSerializer := &keySerializer{}
_, err := aesGCMSerializer.SerializeKey(tc.key)
if err == nil {
t.Errorf("protoserialization.SerializeKey(&testKey{}) err = nil, want non-nil")
}
})
}
}
func TestSerializeKey(t *testing.T) {
for _, tc := range testCases(t) {
t.Run(tc.name, func(t *testing.T) {
s := &keySerializer{}
got, err := s.SerializeKey(tc.key)
if err != nil {
t.Errorf("s.SerializeKey() err = %v, want nil", err)
}
if diff := cmp.Diff(got, tc.keySerialization); diff != "" {
t.Errorf("s.SerializeKey() diff (-want +got):\n%s", diff)
}
})
}
}
func TestSerializeParametersFailsWithWrongParameters(t *testing.T) {
for _, tc := range []struct {
name string
parameters key.Parameters
}{
{
name: "struct literal",
parameters: &Parameters{},
},
{
name: "nil",
parameters: nil,
},
{
name: "wrong type",
parameters: &testParams{},
},
} {
t.Run(tc.name, func(t *testing.T) {
serializer := ¶metersSerializer{}
if _, err := serializer.Serialize(tc.parameters); err == nil {
t.Errorf("serializer.Serialize(%v) err = nil, want error", tc.parameters)
}
})
}
}
func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputPrefixType, aesKeySizeInBytes, hmacKeySizeInBytes, ivSizeInBytes, tagSizeInBytes uint32, hashType commonpb.HashType) *tinkpb.KeyTemplate {
t.Helper()
format := &aesctrhmacpb.AesCtrHmacAeadKeyFormat{
AesCtrKeyFormat: &aesctrpb.AesCtrKeyFormat{
Params: &aesctrpb.AesCtrParams{
IvSize: ivSizeInBytes,
},
KeySize: uint32(aesKeySizeInBytes),
},
HmacKeyFormat: &hmacpb.HmacKeyFormat{
Params: &hmacpb.HmacParams{
Hash: hashType,
TagSize: tagSizeInBytes,
},
KeySize: uint32(hmacKeySizeInBytes),
},
}
seriali
gitextract_d7r2arib/
├── LICENSE
├── README.md
├── aead/
│ ├── aead.go
│ ├── aead_benchmark_test.go
│ ├── aead_factory.go
│ ├── aead_factory_test.go
│ ├── aead_init_test.go
│ ├── aead_key_templates.go
│ ├── aead_key_templates_test.go
│ ├── aead_test.go
│ ├── aesctrhmac/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesctrhmac.go
│ │ ├── aesctrhmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_parameters.go
│ │ ├── key_parameters_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── aesgcm/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesgcm.go
│ │ ├── aesgcm_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── aesgcmsiv/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesgcmsiv.go
│ │ ├── aesgcmsiv_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── chacha20poly1305/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── chacha20poly1305.go
│ │ ├── chacha20poly1305_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── internal/
│ │ └── testutil/
│ │ ├── testutil.go
│ │ └── testutil_test.go
│ ├── kms_envelope_aead.go
│ ├── kms_envelope_aead_example_test.go
│ ├── kms_envelope_aead_key_manager.go
│ ├── kms_envelope_aead_key_manager_test.go
│ ├── kms_envelope_aead_test.go
│ ├── subtle/
│ │ ├── aes_ctr.go
│ │ ├── aes_ctr_test.go
│ │ ├── aes_gcm.go
│ │ ├── aes_gcm_siv.go
│ │ ├── aes_gcm_siv_test.go
│ │ ├── aes_gcm_test.go
│ │ ├── chacha20poly1305.go
│ │ ├── chacha20poly1305_test.go
│ │ ├── chacha20poly1305_vectors_test.go
│ │ ├── encrypt_then_authenticate.go
│ │ ├── encrypt_then_authenticate_test.go
│ │ ├── ind_cpa.go
│ │ ├── polyval.go
│ │ ├── polyval_test.go
│ │ ├── subtle.go
│ │ ├── subtle_test.go
│ │ ├── xchacha20poly1305.go
│ │ ├── xchacha20poly1305_test.go
│ │ └── xchacha20poly1305_vectors_test.go
│ ├── xaesgcm/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── xaesgcm.go
│ │ └── xaesgcm_test.go
│ └── xchacha20poly1305/
│ ├── aead.go
│ ├── aead_test.go
│ ├── key.go
│ ├── key_manager_test.go
│ ├── key_test.go
│ ├── protoserialization.go
│ ├── protoserialization_test.go
│ ├── xchacha20poly1305.go
│ └── xchacha20poly1305_test.go
├── core/
│ ├── cryptofmt/
│ │ ├── cryptofmt.go
│ │ └── cryptofmt_test.go
│ └── registry/
│ ├── custom_key_manager_test.go
│ ├── key_manager.go
│ ├── kms_client.go
│ ├── private_key_manager.go
│ ├── registry.go
│ └── registry_test.go
├── daead/
│ ├── aessiv/
│ │ ├── aessiv.go
│ │ ├── aessiv_test.go
│ │ ├── daead.go
│ │ ├── daead_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── daead.go
│ ├── daead_benchmark_test.go
│ ├── daead_factory.go
│ ├── daead_factory_test.go
│ ├── daead_init_test.go
│ ├── daead_key_templates.go
│ ├── daead_key_templates_test.go
│ ├── daead_test.go
│ └── subtle/
│ ├── aes_siv.go
│ └── aes_siv_test.go
├── docs/
│ ├── CONTRIBUTING.md
│ └── SECURITY.md
├── go.mod
├── go.sum
├── hybrid/
│ ├── ecies/
│ │ ├── ecies.go
│ │ ├── ecies_aead_hkdf_hybrid_decrypt_test.go
│ │ ├── ecies_aead_hkdf_hybrid_encrypt_test.go
│ │ ├── ecies_test.go
│ │ ├── hybrid_decrypt.go
│ │ ├── hybrid_encrypt.go
│ │ ├── hybrid_encrypt_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── private_key_manager_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ └── public_key_manager_test.go
│ ├── hpke/
│ │ ├── hpke.go
│ │ ├── hpke_test.go
│ │ ├── hybrid_decrypt.go
│ │ ├── hybrid_encrypt.go
│ │ ├── hybrid_encrypt_decrypt_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── private_key_manager_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ └── public_key_manager_test.go
│ ├── hybrid.go
│ ├── hybrid_benchmark_test.go
│ ├── hybrid_decrypt_factory.go
│ ├── hybrid_encrypt_factory.go
│ ├── hybrid_factory_test.go
│ ├── hybrid_key_templates.go
│ ├── hybrid_key_templates_test.go
│ ├── hybrid_test.go
│ ├── internal/
│ │ ├── ecies/
│ │ │ ├── dem_helper.go
│ │ │ └── dem_helper_test.go
│ │ ├── hpke/
│ │ │ ├── aead.go
│ │ │ ├── aes_gcm_aead.go
│ │ │ ├── aes_gcm_aead_test.go
│ │ │ ├── chacha20poly1305_aead.go
│ │ │ ├── chacha20poly1305_aead_test.go
│ │ │ ├── context.go
│ │ │ ├── context_test.go
│ │ │ ├── decrypt.go
│ │ │ ├── encrypt.go
│ │ │ ├── encrypt_decrypt_test.go
│ │ │ ├── hkdf_kdf.go
│ │ │ ├── hkdf_kdf_test.go
│ │ │ ├── hpke.go
│ │ │ ├── hpke_test.go
│ │ │ ├── kdf.go
│ │ │ ├── kem.go
│ │ │ ├── mlkem_kem.go
│ │ │ ├── mlkem_kem_test.go
│ │ │ ├── nist_curves_kem.go
│ │ │ ├── nist_curves_kem_test.go
│ │ │ ├── primitive_factory.go
│ │ │ ├── primitive_factory_test.go
│ │ │ ├── x25519_kem.go
│ │ │ ├── x25519_kem_test.go
│ │ │ ├── xwing_kem.go
│ │ │ └── xwing_kem_test.go
│ │ └── xwing/
│ │ ├── xwing.go
│ │ └── xwing_test.go
│ └── subtle/
│ ├── ecies_aead_hkdf_dem_helper.go
│ ├── ecies_aead_hkdf_hybrid_decrypt.go
│ ├── ecies_aead_hkdf_hybrid_encrypt.go
│ ├── ecies_hkdf_recipient_kem.go
│ ├── ecies_hkdf_sender_kem.go
│ ├── elliptic_curves.go
│ ├── elliptic_curves_test.go
│ ├── public_key.go
│ ├── public_key_test.go
│ ├── subtle.go
│ └── subtle_test.go
├── insecurecleartextkeyset/
│ ├── example_test.go
│ ├── insecurecleartextkeyset.go
│ └── insecurecleartextkeyset_test.go
├── insecuresecretdataaccess/
│ └── insecuresecretdataaccess.go
├── internal/
│ ├── aead/
│ │ ├── aead.go
│ │ ├── aead_test.go
│ │ ├── aesctr.go
│ │ ├── aesctr_test.go
│ │ ├── aesgcm.go
│ │ ├── aesgcm_test.go
│ │ ├── chacha20poly1305.go
│ │ └── chacha20poly1305_test.go
│ ├── config/
│ │ ├── aeadconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── config.go
│ │ ├── config_test.go
│ │ ├── daeadconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── hybridconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── jwtmacconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── jwtsignatureconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── keyderivationconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── macconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── prfconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ ├── signatureconfig/
│ │ │ ├── v0.go
│ │ │ └── v0_test.go
│ │ └── streamingaeadconfig/
│ │ ├── v0.go
│ │ └── v0_test.go
│ ├── ec/
│ │ ├── ec.go
│ │ └── ec_test.go
│ ├── internal.go
│ ├── internalapi/
│ │ └── token.go
│ ├── internalregistry/
│ │ ├── internal_registry.go
│ │ └── internal_registry_test.go
│ ├── jwk/
│ │ ├── jwk.go
│ │ └── jwk_test.go
│ ├── keygenregistry/
│ │ ├── keygenregistry.go
│ │ └── keygenregistry_test.go
│ ├── legacykeymanager/
│ │ ├── legacykeymanager.go
│ │ └── legacykeymanager_test.go
│ ├── mac/
│ │ ├── aescmac/
│ │ │ ├── aescmac.go
│ │ │ └── aescmac_test.go
│ │ └── hmac/
│ │ ├── hmac.go
│ │ └── hmac_test.go
│ ├── monitoringutil/
│ │ ├── monitoring_util.go
│ │ └── monitoring_util_test.go
│ ├── outputprefix/
│ │ ├── outputprefix.go
│ │ └── outputprefix_test.go
│ ├── prefixmap/
│ │ ├── prefixmap.go
│ │ └── prefixmap_test.go
│ ├── primitiveregistry/
│ │ ├── benchmark_test.go
│ │ ├── primitiveregistry.go
│ │ └── primitiveregistry_test.go
│ ├── primitiveset/
│ │ ├── primitiveset.go
│ │ └── primitiveset_test.go
│ ├── protoserialization/
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── random/
│ │ └── random.go
│ ├── registryconfig/
│ │ ├── legacyprimitive/
│ │ │ └── legacyprimitive.go
│ │ ├── registry_config.go
│ │ └── registry_config_test.go
│ ├── signature/
│ │ ├── compositemldsa/
│ │ │ ├── testing/
│ │ │ │ └── test_vectors.go
│ │ │ ├── util.go
│ │ │ └── util_test.go
│ │ ├── ecdsa/
│ │ │ ├── encoding.go
│ │ │ └── encoding_test.go
│ │ ├── mldsa/
│ │ │ ├── algebra.go
│ │ │ ├── algebra_test.go
│ │ │ ├── cctv_test.go
│ │ │ ├── marshal.go
│ │ │ ├── marshal_test.go
│ │ │ ├── mldsa.go
│ │ │ ├── mldsa_benchmark_test.go
│ │ │ ├── mldsa_test.go
│ │ │ ├── sampling.go
│ │ │ └── sampling_test.go
│ │ ├── rsa.go
│ │ ├── rsa_test.go
│ │ ├── rsassapkcs1_signer.go
│ │ ├── rsassapkcs1_signer_verifier_test.go
│ │ ├── rsassapkcs1_verifier.go
│ │ ├── rsassapss_signer.go
│ │ ├── rsassapss_signer_verifier_test.go
│ │ ├── rsassapss_verifier.go
│ │ ├── signature.go
│ │ └── slhdsa/
│ │ ├── address.go
│ │ ├── address_test.go
│ │ ├── fors.go
│ │ ├── fors_test.go
│ │ ├── hash.go
│ │ ├── hash_test.go
│ │ ├── hypertree.go
│ │ ├── hypertree_test.go
│ │ ├── slhdsa.go
│ │ ├── slhdsa_kat_vectors_test.go
│ │ ├── slhdsa_test.go
│ │ ├── support.go
│ │ ├── support_test.go
│ │ ├── wots.go
│ │ ├── wots_test.go
│ │ ├── xmss.go
│ │ └── xmss_test.go
│ ├── testing/
│ │ ├── aead/
│ │ │ └── aead.go
│ │ ├── stubkeymanager/
│ │ │ ├── stubkeymanager.go
│ │ │ └── stubkeymanager_test.go
│ │ └── wycheproof/
│ │ ├── v1.go
│ │ ├── v1_test.go
│ │ └── wycheproof.go
│ └── tinkerror/
│ ├── doc.go
│ ├── tinkerror.go
│ ├── tinkerror_test.go
│ └── tinkerrortest/
│ ├── doc.go
│ └── tinkerrortest.go
├── jwt/
│ ├── jwk_converter.go
│ ├── jwk_converter_test.go
│ ├── jwt.go
│ ├── jwt_config.go
│ ├── jwt_config_test.go
│ ├── jwt_ecdsa_signer_key_manager_test.go
│ ├── jwt_ecdsa_verifier_key_manager_test.go
│ ├── jwt_encoding.go
│ ├── jwt_encoding_test.go
│ ├── jwt_full_mac.go
│ ├── jwt_full_mac_test.go
│ ├── jwt_full_signer_verifier.go
│ ├── jwt_full_signer_verifier_test.go
│ ├── jwt_hmac_key_manager_test.go
│ ├── jwt_key_templates.go
│ ├── jwt_key_templates_test.go
│ ├── jwt_mac.go
│ ├── jwt_mac_benchmark_test.go
│ ├── jwt_mac_factory.go
│ ├── jwt_mac_factory_test.go
│ ├── jwt_mac_kid.go
│ ├── jwt_mac_kid_test.go
│ ├── jwt_rsa_ssa_pkcs1_signer_key_manager_test.go
│ ├── jwt_rsa_ssa_pkcs1_verifier_key_manager_test.go
│ ├── jwt_rsa_ssa_pss_signer_key_manager_test.go
│ ├── jwt_rsa_ssa_pss_verify_key_manager_test.go
│ ├── jwt_signature_benchmark_test.go
│ ├── jwt_signer.go
│ ├── jwt_signer_factory.go
│ ├── jwt_signer_kid.go
│ ├── jwt_signer_verifier_factory_test.go
│ ├── jwt_signer_verifier_kid_test.go
│ ├── jwt_test.go
│ ├── jwt_validator.go
│ ├── jwt_validator_test.go
│ ├── jwt_verifier.go
│ ├── jwt_verifier_factory.go
│ ├── jwt_verifier_kid.go
│ ├── jwtecdsa/
│ │ ├── jwtecdsa.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── jwthmac/
│ │ ├── jwthmac.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── jwtrsassapkcs1/
│ │ ├── jwtrsassapkcs1.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── jwtrsassapss/
│ │ ├── jwtrsassapss.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── raw_jwt.go
│ ├── raw_jwt_test.go
│ ├── verified_jwt.go
│ └── verified_jwt_test.go
├── key/
│ └── key.go
├── keyderivation/
│ ├── internal/
│ │ ├── keyderiver/
│ │ │ └── key_deriver.go
│ │ ├── keyderivers/
│ │ │ ├── keyderivers.go
│ │ │ └── keyderivers_test.go
│ │ └── streamingprf/
│ │ ├── hkdf_streaming_prf.go
│ │ ├── hkdf_streaming_prf_test.go
│ │ └── streaming_prf.go
│ ├── keyderivation.go
│ ├── keyderivation_example_test.go
│ ├── keyderivation_key_templates.go
│ ├── keyderivation_key_templates_test.go
│ ├── keyderivation_test.go
│ ├── keyset_deriver.go
│ ├── keyset_deriver_factory.go
│ ├── keyset_deriver_factory_test.go
│ ├── keyset_deriver_factory_x_test.go
│ └── prfbasedkeyderivation/
│ ├── key.go
│ ├── key_manager.go
│ ├── key_manager_test.go
│ ├── key_test.go
│ ├── keyderiver.go
│ ├── keyderiver_test.go
│ ├── parameters.go
│ ├── parameters_test.go
│ ├── prfbasedkeyderivation.go
│ ├── prfbasedkeyderivation_test.go
│ ├── protoserialization.go
│ └── protoserialization_test.go
├── keyset/
│ ├── binary_io.go
│ ├── binary_io_test.go
│ ├── handle.go
│ ├── handle_test.go
│ ├── json_io.go
│ ├── json_io_test.go
│ ├── keyset.go
│ ├── keyset_benchmark_test.go
│ ├── keyset_test.go
│ ├── manager.go
│ ├── manager_test.go
│ ├── mem_io.go
│ ├── mem_io_test.go
│ ├── option.go
│ ├── reader.go
│ ├── validation.go
│ ├── validation_test.go
│ └── writer.go
├── kokoro/
│ ├── create_github_release_branch.sh
│ ├── create_github_release_tag.sh
│ ├── gcp_ubuntu/
│ │ └── gomod/
│ │ └── run_tests.sh
│ ├── macos_external/
│ │ └── gomod/
│ │ └── run_tests.sh
│ └── testutils/
│ ├── check_go_generated_files_up_to_date.sh
│ ├── docker_execute.sh
│ ├── github_release_util.sh
│ ├── github_release_util_test.sh
│ ├── go_test_container_images.sh
│ ├── install_go.sh
│ └── test_utils.sh
├── kwp/
│ └── subtle/
│ ├── kwp.go
│ └── kwp_test.go
├── mac/
│ ├── aescmac/
│ │ ├── aescmac.go
│ │ ├── aescmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── mac.go
│ │ ├── mac_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── hmac/
│ │ ├── hmac.go
│ │ ├── hmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── mac.go
│ │ ├── mac_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── internal/
│ │ └── mactest/
│ │ ├── mactest.go
│ │ └── mactest_test.go
│ ├── mac.go
│ ├── mac_benchmark_test.go
│ ├── mac_factory.go
│ ├── mac_factory_test.go
│ ├── mac_init_test.go
│ ├── mac_key_templates.go
│ ├── mac_key_templates_test.go
│ ├── mac_test.go
│ └── subtle/
│ ├── cmac.go
│ ├── cmac_test.go
│ ├── hmac.go
│ └── hmac_test.go
├── monitoring/
│ └── monitoring.go
├── prf/
│ ├── aescmacprf/
│ │ ├── aescmacprf.go
│ │ ├── aescmacprf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── hkdfprf/
│ │ ├── hkdfprf.go
│ │ ├── hkdfprf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── hmacprf/
│ │ ├── hmacprf.go
│ │ ├── hmacprf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── prf_benchmark_test.go
│ ├── prf_key_templates.go
│ ├── prf_key_templates_test.go
│ ├── prf_set.go
│ ├── prf_set_factory.go
│ ├── prf_set_factory_test.go
│ ├── prf_test.go
│ └── subtle/
│ ├── aes_cmac.go
│ ├── aes_cmac_test.go
│ ├── hkdf.go
│ ├── hkdf_test.go
│ ├── hmac.go
│ ├── hmac_test.go
│ ├── subtle.go
│ └── subtle_test.go
├── proto/
│ ├── aes_cmac.proto
│ ├── aes_cmac_go_proto/
│ │ └── aes_cmac.pb.go
│ ├── aes_cmac_prf.proto
│ ├── aes_cmac_prf_go_proto/
│ │ └── aes_cmac_prf.pb.go
│ ├── aes_ctr.proto
│ ├── aes_ctr_go_proto/
│ │ └── aes_ctr.pb.go
│ ├── aes_ctr_hmac_aead.proto
│ ├── aes_ctr_hmac_aead_go_proto/
│ │ └── aes_ctr_hmac_aead.pb.go
│ ├── aes_ctr_hmac_streaming.proto
│ ├── aes_ctr_hmac_streaming_go_proto/
│ │ └── aes_ctr_hmac_streaming.pb.go
│ ├── aes_eax.proto
│ ├── aes_eax_go_proto/
│ │ └── aes_eax.pb.go
│ ├── aes_gcm.proto
│ ├── aes_gcm_go_proto/
│ │ └── aes_gcm.pb.go
│ ├── aes_gcm_hkdf_streaming.proto
│ ├── aes_gcm_hkdf_streaming_go_proto/
│ │ └── aes_gcm_hkdf_streaming.pb.go
│ ├── aes_gcm_siv.proto
│ ├── aes_gcm_siv_go_proto/
│ │ └── aes_gcm_siv.pb.go
│ ├── aes_siv.proto
│ ├── aes_siv_go_proto/
│ │ └── aes_siv.pb.go
│ ├── chacha20_poly1305.proto
│ ├── chacha20_poly1305_go_proto/
│ │ └── chacha20_poly1305.pb.go
│ ├── common.proto
│ ├── common_go_proto/
│ │ └── common.pb.go
│ ├── composite_ml_dsa.proto
│ ├── composite_ml_dsa_go_proto/
│ │ └── composite_ml_dsa.pb.go
│ ├── config.proto
│ ├── config_go_proto/
│ │ └── config.pb.go
│ ├── ecdsa.proto
│ ├── ecdsa_go_proto/
│ │ └── ecdsa.pb.go
│ ├── ecies_aead_hkdf.proto
│ ├── ecies_aead_hkdf_go_proto/
│ │ └── ecies_aead_hkdf.pb.go
│ ├── ed25519.proto
│ ├── ed25519_go_proto/
│ │ └── ed25519.pb.go
│ ├── empty.proto
│ ├── empty_go_proto/
│ │ └── empty.pb.go
│ ├── hkdf_prf.proto
│ ├── hkdf_prf_go_proto/
│ │ └── hkdf_prf.pb.go
│ ├── hmac.proto
│ ├── hmac_go_proto/
│ │ └── hmac.pb.go
│ ├── hmac_prf.proto
│ ├── hmac_prf_go_proto/
│ │ └── hmac_prf.pb.go
│ ├── hpke.proto
│ ├── hpke_go_proto/
│ │ └── hpke.pb.go
│ ├── jwt_ecdsa.proto
│ ├── jwt_ecdsa_go_proto/
│ │ └── jwt_ecdsa.pb.go
│ ├── jwt_hmac.proto
│ ├── jwt_hmac_go_proto/
│ │ └── jwt_hmac.pb.go
│ ├── jwt_rsa_ssa_pkcs1.proto
│ ├── jwt_rsa_ssa_pkcs1_go_proto/
│ │ └── jwt_rsa_ssa_pkcs1.pb.go
│ ├── jwt_rsa_ssa_pss.proto
│ ├── jwt_rsa_ssa_pss_go_proto/
│ │ └── jwt_rsa_ssa_pss.pb.go
│ ├── kms_aead.proto
│ ├── kms_aead_go_proto/
│ │ └── kms_aead.pb.go
│ ├── kms_envelope.proto
│ ├── kms_envelope_go_proto/
│ │ └── kms_envelope.pb.go
│ ├── ml_dsa.proto
│ ├── ml_dsa_go_proto/
│ │ └── ml_dsa.pb.go
│ ├── prf_based_deriver.proto
│ ├── prf_based_deriver_go_proto/
│ │ └── prf_based_deriver.pb.go
│ ├── rsa_ssa_pkcs1.proto
│ ├── rsa_ssa_pkcs1_go_proto/
│ │ └── rsa_ssa_pkcs1.pb.go
│ ├── rsa_ssa_pss.proto
│ ├── rsa_ssa_pss_go_proto/
│ │ └── rsa_ssa_pss.pb.go
│ ├── slh_dsa.proto
│ ├── slh_dsa_go_proto/
│ │ └── slh_dsa.pb.go
│ ├── tink.proto
│ ├── tink_go_proto/
│ │ └── tink.pb.go
│ ├── x_aes_gcm.proto
│ ├── x_aes_gcm_go_proto/
│ │ └── x_aes_gcm.pb.go
│ ├── xchacha20_poly1305.proto
│ └── xchacha20_poly1305_go_proto/
│ └── xchacha20_poly1305.pb.go
├── secretdata/
│ ├── example_test.go
│ ├── secretdata.go
│ └── secretdata_test.go
├── signature/
│ ├── compositemldsa/
│ │ ├── compositemldsa.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_verifier_test.go
│ │ └── verifier.go
│ ├── ecdsa/
│ │ ├── ecdsa.go
│ │ ├── ecdsa_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── proto.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── ed25519/
│ │ ├── ed25519.go
│ │ ├── ed25519_test.go
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── mldsa/
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── mldsa.go
│ │ ├── mldsa_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── rsassapkcs1/
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── rsassapkcs1.go
│ │ ├── rsassapkcs1_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── rsassapss/
│ │ ├── key.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── rsassapss.go
│ │ ├── rsassapss_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── signature.go
│ ├── signature_benchmark_test.go
│ ├── signature_factory_test.go
│ ├── signature_init_test.go
│ ├── signature_key_templates.go
│ ├── signature_key_templates_test.go
│ ├── signature_test.go
│ ├── signer_factory.go
│ ├── slhdsa/
│ │ ├── key.go
│ │ ├── key_pairs_test.go
│ │ ├── key_test.go
│ │ ├── protoserialization.go
│ │ ├── protoserialization_test.go
│ │ ├── signer.go
│ │ ├── signer_key_manager_test.go
│ │ ├── signer_verifier_test.go
│ │ ├── slhdsa.go
│ │ ├── slhdsa_test.go
│ │ ├── verifier.go
│ │ └── verifier_key_manager_test.go
│ ├── subtle/
│ │ ├── ecdsa.go
│ │ ├── ecdsa_signer.go
│ │ ├── ecdsa_signer_verifier_test.go
│ │ ├── ecdsa_test.go
│ │ ├── ecdsa_verifier.go
│ │ ├── ed25519_signer.go
│ │ ├── ed25519_signer_verifier_test.go
│ │ ├── ed25519_verifier.go
│ │ ├── subtle.go
│ │ └── subtle_test.go
│ └── verifier_factory.go
├── streamingaead/
│ ├── aesctrhmac/
│ │ ├── aesctrhmac.go
│ │ ├── aesctrhmac_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── aesgcmhkdf/
│ │ ├── aesgcmhkdf.go
│ │ ├── aesgcmhkdf_test.go
│ │ ├── key.go
│ │ ├── key_manager_test.go
│ │ ├── key_test.go
│ │ ├── parameters.go
│ │ ├── parameters_test.go
│ │ ├── protoserialization.go
│ │ └── protoserialization_test.go
│ ├── decrypt_reader.go
│ ├── decrypt_reader_test.go
│ ├── streamingaead.go
│ ├── streamingaead_benchmark_test.go
│ ├── streamingaead_factory.go
│ ├── streamingaead_factory_test.go
│ ├── streamingaead_key_templates.go
│ ├── streamingaead_key_templates_test.go
│ ├── streamingaead_test.go
│ └── subtle/
│ ├── aes_ctr_hmac.go
│ ├── aes_ctr_hmac_test.go
│ ├── aes_gcm_hkdf.go
│ ├── aes_gcm_hkdf_test.go
│ ├── noncebased/
│ │ ├── noncebased.go
│ │ └── noncebased_test.go
│ ├── subtle.go
│ └── subtle_test.go
├── subtle/
│ ├── hkdf.go
│ ├── hkdf_test.go
│ ├── random/
│ │ ├── random.go
│ │ └── random_test.go
│ ├── subtle.go
│ ├── subtle_test.go
│ ├── x25519.go
│ └── x25519_test.go
├── testdata/
│ └── testvectors/
│ └── hpke_boringssl.json
├── testing/
│ ├── fakekms/
│ │ ├── fakekms.go
│ │ └── fakekms_test.go
│ ├── fakemonitoring/
│ │ ├── fakemonitoring.go
│ │ └── fakemonitoring_test.go
│ └── insecuresecretdataaccesstest/
│ └── insecuresecretdataaccesstest.go
├── testkeyset/
│ ├── testkeyset.go
│ └── testkeyset_test.go
├── testutil/
│ ├── constant.go
│ ├── hexbytes.go
│ ├── hexbytes_test.go
│ ├── hybrid/
│ │ ├── private_key.go
│ │ └── private_key_test.go
│ ├── testutil.go
│ └── testutil_test.go
└── tink/
├── aead.go
├── deterministic_aead.go
├── hybrid_decrypt.go
├── hybrid_encrypt.go
├── mac.go
├── signer.go
├── streamingaead.go
├── tink.go
├── verifier.go
└── version.go
Showing preview only (826K chars total). Download the full file or copy to clipboard to get everything.
SYMBOL INDEX (8468 symbols across 695 files)
FILE: aead/aead.go
function init (line 32) | func init() {
FILE: aead/aead_benchmark_test.go
type testCase (line 29) | type testCase struct
function testCases (line 35) | func testCases() []testCase {
function BenchmarkEncrypt (line 91) | func BenchmarkEncrypt(b *testing.B) {
function BenchmarkDecrypt (line 118) | func BenchmarkDecrypt(b *testing.B) {
FILE: aead/aead_factory.go
function New (line 33) | func New(handle *keyset.Handle) (tink.AEAD, error) {
function NewWithConfig (line 43) | func NewWithConfig(handle *keyset.Handle, config keyset.Config) (tink.AE...
type wrappedAead (line 53) | type wrappedAead struct
method Encrypt (line 162) | func (a *wrappedAead) Encrypt(plaintext, associatedData []byte) ([]byt...
method Decrypt (line 175) | func (a *wrappedAead) Decrypt(ciphertext, associatedData []byte) ([]by...
type aeadAndKeyID (line 61) | type aeadAndKeyID struct
method Encrypt (line 66) | func (a *aeadAndKeyID) Encrypt(plaintext, associatedData []byte) ([]by...
method Decrypt (line 70) | func (a *aeadAndKeyID) Decrypt(ciphertext, associatedData []byte) ([]b...
type fullAEADPrimitiveAdapter (line 76) | type fullAEADPrimitiveAdapter struct
method Encrypt (line 81) | func (a *fullAEADPrimitiveAdapter) Encrypt(plaintext, associatedData [...
method Decrypt (line 89) | func (a *fullAEADPrimitiveAdapter) Decrypt(ciphertext, associatedData ...
function extractFullAEAD (line 95) | func extractFullAEAD(entry *primitiveset.Entry[tink.AEAD]) (*aeadAndKeyI...
function newWrappedAead (line 105) | func newWrappedAead(ps *primitiveset.PrimitiveSet[tink.AEAD]) (*wrappedA...
function createLoggers (line 132) | func createLoggers(ps *primitiveset.PrimitiveSet[tink.AEAD]) (monitoring...
FILE: aead/aead_factory_test.go
function TestFactoryMultipleKeys (line 51) | func TestFactoryMultipleKeys(t *testing.T) {
type stubAEAD (line 113) | type stubAEAD struct
method Encrypt (line 117) | func (a *stubAEAD) Encrypt(p, _ []byte) ([]byte, error) {
method Decrypt (line 120) | func (a *stubAEAD) Decrypt(c, _ []byte) ([]byte, error) {
function TestNewWithConfig (line 127) | func TestNewWithConfig(t *testing.T) {
function TestFactoryRawKeyAsPrimary (line 217) | func TestFactoryRawKeyAsPrimary(t *testing.T) {
function validateAEADFactoryCipher (line 236) | func validateAEADFactoryCipher(encryptCipher, decryptCipher tink.AEAD, e...
function TestFactoryWithInvalidPrimitiveSetType (line 277) | func TestFactoryWithInvalidPrimitiveSetType(t *testing.T) {
function TestFactoryWithValidPrimitiveSetType (line 289) | func TestFactoryWithValidPrimitiveSetType(t *testing.T) {
function TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecryptionWithPrefix (line 301) | func TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecrypti...
function TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecryptionWithoutPrefix (line 356) | func TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecrypti...
function TestPrimitiveFactoryMonitoringWithAnnotatiosMultipleKeysLogsEncryptionDecryption (line 410) | func TestPrimitiveFactoryMonitoringWithAnnotatiosMultipleKeysLogsEncrypt...
function TestPrimitiveFactoryWithMonitoringAnnotationsEncryptionFailureIsLogged (line 511) | func TestPrimitiveFactoryWithMonitoringAnnotationsEncryptionFailureIsLog...
function TestPrimitiveFactoryWithMonitoringAnnotationsDecryptionFailureIsLogged (line 570) | func TestPrimitiveFactoryWithMonitoringAnnotationsDecryptionFailureIsLog...
function mustCreateHandle (line 611) | func mustCreateHandle(t *testing.T, annotations map[string]string, templ...
function TestFactoryWithMonitoringMultiplePrimitivesLogOperations (line 633) | func TestFactoryWithMonitoringMultiplePrimitivesLogOperations(t *testing...
function TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNothing (line 710) | func TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNothing(t *...
FILE: aead/aead_init_test.go
function TestAEADInit (line 24) | func TestAEADInit(t *testing.T) {
FILE: aead/aead_key_templates.go
constant aesGCMTypeURL (line 34) | aesGCMTypeURL = "type.googleapis.com/google.crypto.tink.AesGc...
constant xAESGCMTypeURL (line 35) | xAESGCMTypeURL = "type.googleapis.com/google.crypto.tink.XAesG...
constant chaCha20Poly1305TypeURL (line 36) | chaCha20Poly1305TypeURL = "type.googleapis.com/google.crypto.tink.ChaCh...
constant xChaCha20Poly1305TypeURL (line 37) | xChaCha20Poly1305TypeURL = "type.googleapis.com/google.crypto.tink.XChaC...
constant aesCTRHMACAEADTypeURL (line 38) | aesCTRHMACAEADTypeURL = "type.googleapis.com/google.crypto.tink.AesCt...
constant aesGCMSIVTypeURL (line 39) | aesGCMSIVTypeURL = "type.googleapis.com/google.crypto.tink.AesGc...
function AES128GCMKeyTemplate (line 48) | func AES128GCMKeyTemplate() *tinkpb.KeyTemplate {
function AES256GCMKeyTemplate (line 55) | func AES256GCMKeyTemplate() *tinkpb.KeyTemplate {
function AES256GCMNoPrefixKeyTemplate (line 62) | func AES256GCMNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
function XAES256GCM192BitNonceKeyTemplate (line 70) | func XAES256GCM192BitNonceKeyTemplate() *tinkpb.KeyTemplate {
function XAES256GCM192BitNonceNoPrefixKeyTemplate (line 78) | func XAES256GCM192BitNonceNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
function XAES256GCM160BitNonceKeyTemplate (line 86) | func XAES256GCM160BitNonceKeyTemplate() *tinkpb.KeyTemplate {
function XAES256GCM160BitNonceNoPrefixKeyTemplate (line 94) | func XAES256GCM160BitNonceNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
function AES128GCMSIVKeyTemplate (line 101) | func AES128GCMSIVKeyTemplate() *tinkpb.KeyTemplate {
function AES256GCMSIVKeyTemplate (line 108) | func AES256GCMSIVKeyTemplate() *tinkpb.KeyTemplate {
function AES256GCMSIVNoPrefixKeyTemplate (line 115) | func AES256GCMSIVNoPrefixKeyTemplate() *tinkpb.KeyTemplate {
function AES128CTRHMACSHA256KeyTemplate (line 125) | func AES128CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
function AES256CTRHMACSHA256KeyTemplate (line 135) | func AES256CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
function ChaCha20Poly1305KeyTemplate (line 140) | func ChaCha20Poly1305KeyTemplate() *tinkpb.KeyTemplate {
function XChaCha20Poly1305KeyTemplate (line 149) | func XChaCha20Poly1305KeyTemplate() *tinkpb.KeyTemplate {
function CreateKMSEnvelopeAEADKeyTemplate (line 187) | func CreateKMSEnvelopeAEADKeyTemplate(uri string, dekTemplate *tinkpb.Ke...
function KMSEnvelopeAEADKeyTemplate (line 216) | func KMSEnvelopeAEADKeyTemplate(uri string, dekTemplate *tinkpb.KeyTempl...
function createAESGCMKeyTemplate (line 226) | func createAESGCMKeyTemplate(keySize uint32, outputPrefixType tinkpb.Out...
function createXAESGCMKeyTemplate (line 243) | func createXAESGCMKeyTemplate(saltSize uint32, outputPrefixType tinkpb.O...
function createAESGCMSIVKeyTemplate (line 262) | func createAESGCMSIVKeyTemplate(keySize uint32, outputPrefixType tinkpb....
function createAESCTRHMACAEADKeyTemplate (line 277) | func createAESCTRHMACAEADKeyTemplate(aesKeySize, ivSize, hmacKeySize, ta...
FILE: aead/aead_key_templates_test.go
function TestKeyTemplates (line 31) | func TestKeyTemplates(t *testing.T) {
function TestKMSEnvelopeAEADKeyTemplate (line 89) | func TestKMSEnvelopeAEADKeyTemplate(t *testing.T) {
function TestKMSEnvelopeAEADKeyTemplateMultipleKeysSameKEK (line 136) | func TestKMSEnvelopeAEADKeyTemplateMultipleKeysSameKEK(t *testing.T) {
function TestMigrateFromCreateKMSEnvelopeAEADKeyTemplateToNewKMSEnvelopeAEAD2 (line 188) | func TestMigrateFromCreateKMSEnvelopeAEADKeyTemplateToNewKMSEnvelopeAEAD...
function TestCreateKMSEnvelopeAEADKeyTemplateCompatibleWithKMSEnevelopeAEADKeyTemplate (line 234) | func TestCreateKMSEnvelopeAEADKeyTemplateCompatibleWithKMSEnevelopeAEADK...
function TestKMSEnvelopeAEADKeyTemplateFails (line 283) | func TestKMSEnvelopeAEADKeyTemplateFails(t *testing.T) {
function TestCreateKMSEnvelopeAEADKeyTemplateFails (line 302) | func TestCreateKMSEnvelopeAEADKeyTemplateFails(t *testing.T) {
function TestCreateKMSEnvelopeAEADKeyTemplateWithUnsupportedTemplateFails (line 316) | func TestCreateKMSEnvelopeAEADKeyTemplateWithUnsupportedTemplateFails(t ...
function testEncryptDecrypt (line 327) | func testEncryptDecrypt(template *tinkpb.KeyTemplate) error {
FILE: aead/aead_test.go
function Example (line 29) | func Example() {
FILE: aead/aesctrhmac/aead.go
type fullAEAD (line 30) | type fullAEAD struct
method Encrypt (line 75) | func (a *fullAEAD) Encrypt(plaintext, associatedData []byte) ([]byte, ...
method Decrypt (line 96) | func (a *fullAEAD) Decrypt(ciphertext, associatedData []byte) ([]byte,...
function newAEAD (line 41) | func newAEAD(key *Key) (tink.AEAD, error) {
function aadSizeInBits (line 62) | func aadSizeInBits(associatedData []byte) []byte {
function primitiveConstructor (line 116) | func primitiveConstructor(k key.Key) (any, error) {
FILE: aead/aesctrhmac/aead_test.go
function createAEAD (line 31) | func createAEAD(encryptionKey []byte, ivSize int, hashType aesctrhmac.Ha...
function mustDecodeHex (line 136) | func mustDecodeHex(t *testing.T, data string) []byte {
function TestAEADRFCTestVectors (line 145) | func TestAEADRFCTestVectors(t *testing.T) {
function TestAEADEncryptDecrypt (line 247) | func TestAEADEncryptDecrypt(t *testing.T) {
function TestAEADWithAssociatedDataSlice (line 285) | func TestAEADWithAssociatedDataSlice(t *testing.T) {
function TestAEADEncryptDecryptRandomMessage (line 309) | func TestAEADEncryptDecryptRandomMessage(t *testing.T) {
function TestAEADMultipleEncrypt (line 337) | func TestAEADMultipleEncrypt(t *testing.T) {
function TestAEADInvalidTagSize (line 368) | func TestAEADInvalidTagSize(t *testing.T) {
function TestAEADDecryptModifiedCiphertext (line 382) | func TestAEADDecryptModifiedCiphertext(t *testing.T) {
function TestAEADEmptyParams (line 446) | func TestAEADEmptyParams(t *testing.T) {
FILE: aead/aesctrhmac/aesctrhmac.go
function newKeyManager (line 34) | func newKeyManager() registry.KeyManager {
function RegisterPrimitiveConstructor (line 48) | func RegisterPrimitiveConstructor(b *config.Builder, t internalapi.Token...
function init (line 52) | func init() {
FILE: aead/aesctrhmac/aesctrhmac_test.go
function TestGetKeyFromHandle (line 35) | func TestGetKeyFromHandle(t *testing.T) {
function TestCreateKeysetHandleFromKey (line 79) | func TestCreateKeysetHandleFromKey(t *testing.T) {
function TestCreateKeysetHandleFromParameters (line 132) | func TestCreateKeysetHandleFromParameters(t *testing.T) {
function TestRegisterPrimitiveConstructor (line 174) | func TestRegisterPrimitiveConstructor(t *testing.T) {
function TestGetKeyManager (line 208) | func TestGetKeyManager(t *testing.T) {
FILE: aead/aesctrhmac/key.go
type Key (line 27) | type Key struct
method AESKeyBytes (line 82) | func (k *Key) AESKeyBytes() secretdata.Bytes { return k.aesKeyBytes }
method HMACKeyBytes (line 89) | func (k *Key) HMACKeyBytes() secretdata.Bytes { return k.hmacKeyBytes }
method Parameters (line 92) | func (k *Key) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 96) | func (k *Key) IDRequirement() (uint32, bool) {
method OutputPrefix (line 101) | func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefi...
method Equal (line 104) | func (k *Key) Equal(other key.Key) bool {
type KeyOpts (line 38) | type KeyOpts struct
function NewKey (line 49) | func NewKey(params KeyOpts) (*Key, error) {
function createKey (line 113) | func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
FILE: aead/aesctrhmac/key_manager_test.go
function TestKeyManagerNewKeyMultipleTimes (line 34) | func TestKeyManagerNewKeyMultipleTimes(t *testing.T) {
function TestKeyManagerNewKeyWithInvalidSerializedKeyFormat (line 75) | func TestKeyManagerNewKeyWithInvalidSerializedKeyFormat(t *testing.T) {
function mustCreateSubtleAEAD (line 145) | func mustCreateSubtleAEAD(t *testing.T, key []byte, ivSize int, hashAlgo...
function TestKeyManagerPrimitive (line 163) | func TestKeyManagerPrimitive(t *testing.T) {
function TestKeyManagerPrimitiveWithInvalidKey (line 205) | func TestKeyManagerPrimitiveWithInvalidKey(t *testing.T) {
FILE: aead/aesctrhmac/key_parameters.go
type Variant (line 32) | type Variant
method String (line 45) | func (variant Variant) String() string {
constant VariantUnknown (line 36) | VariantUnknown Variant = iota
constant VariantTink (line 38) | VariantTink
constant VariantCrunchy (line 40) | VariantCrunchy
constant VariantNoPrefix (line 42) | VariantNoPrefix
type HashType (line 59) | type HashType
method String (line 76) | func (ht HashType) String() string {
constant UnknownHashType (line 63) | UnknownHashType HashType = iota
constant SHA1 (line 65) | SHA1
constant SHA224 (line 67) | SHA224
constant SHA256 (line 69) | SHA256
constant SHA384 (line 71) | SHA384
constant SHA512 (line 73) | SHA512
function calculateOutputPrefix (line 94) | func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
type Parameters (line 108) | type Parameters struct
method AESKeySizeInBytes (line 120) | func (p *Parameters) AESKeySizeInBytes() int { return p.aesKeySizeInBy...
method HMACKeySizeInBytes (line 123) | func (p *Parameters) HMACKeySizeInBytes() int { return p.hmacKeySizeIn...
method IVSizeInBytes (line 126) | func (p *Parameters) IVSizeInBytes() int { return p.ivSizeInBytes }
method TagSizeInBytes (line 129) | func (p *Parameters) TagSizeInBytes() int { return p.tagSizeInBytes }
method HashType (line 132) | func (p *Parameters) HashType() HashType { return p.hashType }
method Variant (line 135) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 205) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 208) | func (p *Parameters) Equal(other key.Parameters) bool {
type ParametersOpts (line 138) | type ParametersOpts struct
function maxTagSize (line 147) | func maxTagSize(ht HashType) (int, error) {
constant minTagSize (line 164) | minTagSize = 10
function validateOpts (line 166) | func validateOpts(opts *ParametersOpts) error {
function NewParameters (line 190) | func NewParameters(opts ParametersOpts) (*Parameters, error) {
FILE: aead/aesctrhmac/key_parameters_test.go
function TestNewParametersInvalidAESKeySize (line 24) | func TestNewParametersInvalidAESKeySize(t *testing.T) {
function TestNewParametersInvalidIVSize (line 40) | func TestNewParametersInvalidIVSize(t *testing.T) {
function TestNewParametersInvalidHMACKeySize (line 56) | func TestNewParametersInvalidHMACKeySize(t *testing.T) {
function TestNewParametersInvalidTagSize (line 72) | func TestNewParametersInvalidTagSize(t *testing.T) {
function TestNewParametersInvalidVariant (line 120) | func TestNewParametersInvalidVariant(t *testing.T) {
type paramsTestVector (line 134) | type paramsTestVector struct
function paramsTestVectors (line 139) | func paramsTestVectors() []paramsTestVector {
function TestNewParametersWorks (line 207) | func TestNewParametersWorks(t *testing.T) {
function TestParametersEqualFalseIfDifferent (line 243) | func TestParametersEqualFalseIfDifferent(t *testing.T) {
FILE: aead/aesctrhmac/key_test.go
function TestNewKeyFails (line 37) | func TestNewKeyFails(t *testing.T) {
function TestOutputPrefix (line 117) | func TestOutputPrefix(t *testing.T) {
type TestKey (line 181) | type TestKey struct
function TestNewKeyWorks (line 189) | func TestNewKeyWorks(t *testing.T) {
type stubKey (line 459) | type stubKey struct
method Parameters (line 463) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 464) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 465) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestKeyEqual_FalseIfDifferentType (line 467) | func TestKeyEqual_FalseIfDifferentType(t *testing.T) {
function TestKeyEqualReturnsFalseIfDifferent (line 494) | func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
function TestKeyCreator (line 744) | func TestKeyCreator(t *testing.T) {
function TestKeyCreator_FailsForWrongAESKeySize (line 781) | func TestKeyCreator_FailsForWrongAESKeySize(t *testing.T) {
FILE: aead/aesctrhmac/protoserialization.go
constant typeURL (line 32) | typeURL = "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey"
type keySerializer (line 34) | type keySerializer struct
method SerializeKey (line 68) | func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization...
function protoOutputPrefixTypeFromVariant (line 38) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
function hashTypeToProto (line 51) | func hashTypeToProto(ht HashType) (commonpb.HashType, error) {
type keyParser (line 117) | type keyParser struct
method ParseKey (line 151) | func (s *keyParser) ParseKey(keySerialization *protoserialization.KeyS...
function variantFromProto (line 121) | func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, erro...
function hashTypeFromProto (line 134) | func hashTypeFromProto(ht commonpb.HashType) (HashType, error) {
type parametersSerializer (line 208) | type parametersSerializer struct
method Serialize (line 212) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 254) | type parametersParser struct
method Parse (line 258) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: aead/aesctrhmac/protoserialization_test.go
function TestParseKeyFails (line 35) | func TestParseKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 289) | func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, o...
function mustSerializeProto (line 298) | func mustSerializeProto(t *testing.T, m proto.Message) []byte {
type keyParsingTestCase (line 307) | type keyParsingTestCase struct
function testCases (line 313) | func testCases(t *testing.T) []*keyParsingTestCase {
function TestParseKey (line 560) | func TestParseKey(t *testing.T) {
type testParams (line 575) | type testParams struct
method HasIDRequirement (line 579) | func (p *testParams) HasIDRequirement() bool { return p.hasIDRequireme...
method Equal (line 581) | func (p *testParams) Equal(params key.Parameters) bool {
type testKey (line 586) | type testKey struct
method Parameters (line 592) | func (k *testKey) Parameters() key.Parameters { return &k.params }
method Equal (line 594) | func (k *testKey) Equal(other key.Key) bool {
method IDRequirement (line 602) | func (k *testKey) IDRequirement() (uint32, bool) { return k.id, k.para...
function TestSerializeKeyFails (line 604) | func TestSerializeKeyFails(t *testing.T) {
function TestSerializeKey (line 628) | func TestSerializeKey(t *testing.T) {
function TestSerializeParametersFailsWithWrongParameters (line 643) | func TestSerializeParametersFailsWithWrongParameters(t *testing.T) {
function mustCreateKeyTemplate (line 670) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
type parametersSerializationTestCase (line 698) | type parametersSerializationTestCase struct
function mustCreateParametersTestParameters (line 704) | func mustCreateParametersTestParameters(t *testing.T) []parametersSerial...
function TestSerializeParameters (line 805) | func TestSerializeParameters(t *testing.T) {
function mustCreateParameters (line 819) | func mustCreateParameters(t *testing.T, parametersOpts ParametersOpts) *...
function TestParseParameters (line 828) | func TestParseParameters(t *testing.T) {
function mustMarshal (line 842) | func mustMarshal(t *testing.T, message proto.Message) []byte {
function TestParseParametersFailsWithWrongKeyTemplate (line 851) | func TestParseParametersFailsWithWrongKeyTemplate(t *testing.T) {
FILE: aead/aesgcm/aead.go
constant ivSize (line 32) | ivSize = 12
constant tagSize (line 34) | tagSize = 16
type fullAEAD (line 41) | type fullAEAD struct
method Encrypt (line 56) | func (a *fullAEAD) Encrypt(plaintext, associatedData []byte) ([]byte, ...
method Decrypt (line 76) | func (a *fullAEAD) Decrypt(ciphertext, associatedData []byte) ([]byte,...
function NewAEAD (line 96) | func NewAEAD(k *Key) (tink.AEAD, error) {
function primitiveConstructor (line 123) | func primitiveConstructor(k key.Key) (any, error) {
FILE: aead/aesgcm/aead_test.go
type testCase (line 34) | type testCase struct
constant ivSize (line 39) | ivSize = 12
constant tagSize (line 40) | tagSize = 16
function TestNewAEADFailures (line 43) | func TestNewAEADFailures(t *testing.T) {
function TestAEAD (line 78) | func TestAEAD(t *testing.T) {
function TestAEADDecryptFailsIfCiphertextIsCorruptedOrTruncated (line 252) | func TestAEADDecryptFailsIfCiphertextIsCorruptedOrTruncated(t *testing.T) {
function TestAEADEncryptUsesRandomNonce (line 309) | func TestAEADEncryptUsesRandomNonce(t *testing.T) {
function TestAEADWycheproofCases (line 340) | func TestAEADWycheproofCases(t *testing.T) {
function TestPrimitiveCreator (line 388) | func TestPrimitiveCreator(t *testing.T) {
function TestPrimitiveCreatorInvalidParameters (line 499) | func TestPrimitiveCreatorInvalidParameters(t *testing.T) {
FILE: aead/aesgcm/aesgcm.go
function newKeyManager (line 34) | func newKeyManager() registry.KeyManager {
function RegisterPrimitiveConstructor (line 48) | func RegisterPrimitiveConstructor(b *config.Builder, t internalapi.Token...
function init (line 52) | func init() {
FILE: aead/aesgcm/aesgcm_test.go
function TestGetKeyFromHandle (line 38) | func TestGetKeyFromHandle(t *testing.T) {
function TestCreateKeysetHandleFromKey (line 74) | func TestCreateKeysetHandleFromKey(t *testing.T) {
function TestCreateKeysetHandleFromParameters (line 127) | func TestCreateKeysetHandleFromParameters(t *testing.T) {
function mustDecodeHex (line 167) | func mustDecodeHex(t *testing.T, hexStr string) []byte {
function mustCreateKey (line 176) | func mustCreateKey(t *testing.T, keyValue []byte, keyID uint32, opts aes...
function TestAESGCMAEADWorks (line 190) | func TestAESGCMAEADWorks(t *testing.T) {
function TestRegisterPrimitiveConstructor (line 319) | func TestRegisterPrimitiveConstructor(t *testing.T) {
function TestGetKeyManager (line 346) | func TestGetKeyManager(t *testing.T) {
FILE: aead/aesgcm/key.go
type Variant (line 35) | type Variant
method String (line 48) | func (variant Variant) String() string {
constant VariantUnknown (line 39) | VariantUnknown Variant = iota
constant VariantTink (line 41) | VariantTink
constant VariantCrunchy (line 43) | VariantCrunchy
constant VariantNoPrefix (line 45) | VariantNoPrefix
function calculateOutputPrefix (line 62) | func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
type Parameters (line 76) | type Parameters struct
method KeySizeInBytes (line 86) | func (p *Parameters) KeySizeInBytes() int { return p.keySizeInBytes }
method IVSizeInBytes (line 89) | func (p *Parameters) IVSizeInBytes() int { return p.ivSizeInBytes }
method TagSizeInBytes (line 92) | func (p *Parameters) TagSizeInBytes() int { return p.tagSizeInBytes }
method Variant (line 95) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 135) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 138) | func (p *Parameters) Equal(other key.Parameters) bool {
type ParametersOpts (line 98) | type ParametersOpts struct
function validateOpts (line 105) | func validateOpts(opts *ParametersOpts) error {
function NewParameters (line 122) | func NewParameters(opts ParametersOpts) (*Parameters, error) {
type Key (line 148) | type Key struct
method KeyBytes (line 201) | func (k *Key) KeyBytes() secretdata.Bytes { return k.keyBytes }
method Parameters (line 204) | func (k *Key) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 208) | func (k *Key) IDRequirement() (uint32, bool) {
method OutputPrefix (line 213) | func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefi...
method Equal (line 216) | func (k *Key) Equal(other key.Key) bool {
function NewKey (line 165) | func NewKey(keyBytes secretdata.Bytes, idRequirement uint32, parameters ...
function createKey (line 224) | func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
FILE: aead/aesgcm/key_manager_test.go
function TestAESGCMGetPrimitiveBasic (line 36) | func TestAESGCMGetPrimitiveBasic(t *testing.T) {
function TestAESGCMGetPrimitiveWithInvalidInput (line 68) | func TestAESGCMGetPrimitiveWithInvalidInput(t *testing.T) {
function TestAESGCMNewKeyMultipleTimes (line 94) | func TestAESGCMNewKeyMultipleTimes(t *testing.T) {
function TestAESGCMNewKeyBasic (line 129) | func TestAESGCMNewKeyBasic(t *testing.T) {
function TestAESGCMNewKeyWithInvalidInput (line 151) | func TestAESGCMNewKeyWithInvalidInput(t *testing.T) {
function TestAESGCMNewKeyDataBasic (line 177) | func TestAESGCMNewKeyDataBasic(t *testing.T) {
function TestAESGCMNewKeyDataWithInvalidInput (line 208) | func TestAESGCMNewKeyDataWithInvalidInput(t *testing.T) {
function TestAESGCMDoesSupport (line 233) | func TestAESGCMDoesSupport(t *testing.T) {
function TestAESGCMTypeURL (line 246) | func TestAESGCMTypeURL(t *testing.T) {
function genInvalidAESGCMKeys (line 256) | func genInvalidAESGCMKeys() []proto.Message {
function genInvalidAESGCMKeyFormats (line 269) | func genInvalidAESGCMKeyFormats() []proto.Message {
function validateAESGCMKey (line 280) | func validateAESGCMKey(key *gcmpb.AesGcmKey, format *gcmpb.AesGcmKeyForm...
FILE: aead/aesgcm/key_test.go
function TestNewParametersInvalidKeySize (line 43) | func TestNewParametersInvalidKeySize(t *testing.T) {
function TestNewParametersInvalidIVSize (line 57) | func TestNewParametersInvalidIVSize(t *testing.T) {
function TestNewParametersInvalidTagSize (line 71) | func TestNewParametersInvalidTagSize(t *testing.T) {
function TestNewParametersInvalidVariant (line 85) | func TestNewParametersInvalidVariant(t *testing.T) {
function TestNewKeyFailsIfParametersIsNil (line 97) | func TestNewKeyFailsIfParametersIsNil(t *testing.T) {
function TestNewKeyFailsIfKeySizeIsDifferentThanParameters (line 107) | func TestNewKeyFailsIfKeySizeIsDifferentThanParameters(t *testing.T) {
function TestNewKeyFailsIfInvalidParams (line 150) | func TestNewKeyFailsIfInvalidParams(t *testing.T) {
function TestNewKeyFailsIfNoPrefixAndIDIsNotZero (line 161) | func TestNewKeyFailsIfNoPrefixAndIDIsNotZero(t *testing.T) {
function TestOutputPrefix (line 178) | func TestOutputPrefix(t *testing.T) {
function TestNewParametersWorks (line 230) | func TestNewParametersWorks(t *testing.T) {
function TestParametersEqualFalseIfDifferent (line 304) | func TestParametersEqualFalseIfDifferent(t *testing.T) {
type TestKey (line 355) | type TestKey struct
function TestNewKeyWorks (line 363) | func TestNewKeyWorks(t *testing.T) {
type stubKey (line 456) | type stubKey struct
method Parameters (line 460) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 461) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 462) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestKeyEqual_FalseIfDifferentType (line 464) | func TestKeyEqual_FalseIfDifferentType(t *testing.T) {
function TestKeyEqualReturnsFalseIfDifferent (line 484) | func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
function TestKeyCreator (line 593) | func TestKeyCreator(t *testing.T) {
function TestKeyCreator_FailsIfInvalidKeySize (line 625) | func TestKeyCreator_FailsIfInvalidKeySize(t *testing.T) {
FILE: aead/aesgcm/protoserialization.go
constant protoVersion (line 33) | protoVersion = 0
constant typeURL (line 34) | typeURL = "type.googleapis.com/google.crypto.tink.AesGcmKey"
type keySerializer (line 37) | type keySerializer struct
method SerializeKey (line 54) | func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization...
function protoOutputPrefixTypeFromVariant (line 41) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type keyParser (line 86) | type keyParser struct
method ParseKey (line 103) | func (s *keyParser) ParseKey(keySerialization *protoserialization.KeyS...
function variantFromProto (line 90) | func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, erro...
type parametersSerializer (line 142) | type parametersSerializer struct
method Serialize (line 146) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 169) | type parametersParser struct
method Parse (line 173) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: aead/aesgcm/protoserialization_test.go
function TestParseKeyFails (line 32) | func TestParseKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 143) | func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, o...
function TestParseKey (line 152) | func TestParseKey(t *testing.T) {
type testParams (line 227) | type testParams struct
method HasIDRequirement (line 231) | func (p *testParams) HasIDRequirement() bool { return p.hasIDRequireme...
method Equal (line 233) | func (p *testParams) Equal(params key.Parameters) bool {
type testKey (line 238) | type testKey struct
method Parameters (line 244) | func (k *testKey) Parameters() key.Parameters { return &k.params }
method Equal (line 246) | func (k *testKey) Equal(other key.Key) bool {
method IDRequirement (line 254) | func (k *testKey) IDRequirement() (uint32, bool) { return k.id, k.para...
function TestSerializeKeyFails (line 256) | func TestSerializeKeyFails(t *testing.T) {
function TestSerializeKey (line 280) | func TestSerializeKey(t *testing.T) {
function TestSerializeParametersFailsWithWrongParameters (line 355) | func TestSerializeParametersFailsWithWrongParameters(t *testing.T) {
function mustCreateKeyTemplate (line 382) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
type parametersSerializationTestCase (line 398) | type parametersSerializationTestCase struct
function mustCreateParametersTestParameters (line 404) | func mustCreateParametersTestParameters(t *testing.T) []parametersSerial...
function TestSerializeParameters (line 430) | func TestSerializeParameters(t *testing.T) {
function TestParseParameters (line 444) | func TestParseParameters(t *testing.T) {
function mustMarshal (line 458) | func mustMarshal(t *testing.T, message proto.Message) []byte {
function TestParseParametersFailsWithWrongKeyTemplate (line 467) | func TestParseParametersFailsWithWrongKeyTemplate(t *testing.T) {
FILE: aead/aesgcmsiv/aead.go
type aead (line 28) | type aead struct
method Encrypt (line 49) | func (ca *aead) Encrypt(plaintext []byte, associatedData []byte) ([]by...
method Decrypt (line 58) | func (ca *aead) Decrypt(ciphertext []byte, associatedData []byte) ([]b...
function newAEAD (line 36) | func newAEAD(key *Key) (tink.AEAD, error) {
function primitiveConstructor (line 70) | func primitiveConstructor(key key.Key) (any, error) {
FILE: aead/aesgcmsiv/aead_test.go
function TestEncryptDecrypt (line 28) | func TestEncryptDecrypt(t *testing.T) {
function TestDecryptFailsWithWrongPrefix (line 102) | func TestDecryptFailsWithWrongPrefix(t *testing.T) {
function mustDecodeHex (line 169) | func mustDecodeHex(t *testing.T, hexStr string) []byte {
function TestDecryptCorrectness (line 178) | func TestDecryptCorrectness(t *testing.T) {
FILE: aead/aesgcmsiv/aesgcmsiv.go
function newKeyManager (line 36) | func newKeyManager() registry.KeyManager {
function RegisterPrimitiveConstructor (line 50) | func RegisterPrimitiveConstructor(b *config.Builder, t internalapi.Token...
function init (line 54) | func init() {
FILE: aead/aesgcmsiv/aesgcmsiv_test.go
function TestGetKeyFromHandle (line 35) | func TestGetKeyFromHandle(t *testing.T) {
function TestCreateKeysetHandleFromKey (line 65) | func TestCreateKeysetHandleFromKey(t *testing.T) {
function TestCreateKeysetHandleFromParameters (line 118) | func TestCreateKeysetHandleFromParameters(t *testing.T) {
function TestRegisterPrimitiveConstructor (line 152) | func TestRegisterPrimitiveConstructor(t *testing.T) {
function mustDecodeHex (line 173) | func mustDecodeHex(t *testing.T, hexStr string) []byte {
function TestGetKeyManager (line 182) | func TestGetKeyManager(t *testing.T) {
FILE: aead/aesgcmsiv/key.go
type Variant (line 34) | type Variant
method String (line 47) | func (variant Variant) String() string {
constant VariantUnknown (line 38) | VariantUnknown Variant = iota
constant VariantTink (line 40) | VariantTink
constant VariantCrunchy (line 42) | VariantCrunchy
constant VariantNoPrefix (line 44) | VariantNoPrefix
function calculateOutputPrefix (line 61) | func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
type Parameters (line 75) | type Parameters struct
method KeySizeInBytes (line 83) | func (p *Parameters) KeySizeInBytes() int { return p.keySizeInBytes }
method Variant (line 86) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 113) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 116) | func (p *Parameters) Equal(other key.Parameters) bool {
function validateParams (line 88) | func validateParams(params *Parameters) error {
function NewParameters (line 101) | func NewParameters(keySizeInBytes int, variant Variant) (*Parameters, er...
type Key (line 124) | type Key struct
method KeyBytes (line 171) | func (k *Key) KeyBytes() secretdata.Bytes { return k.keyBytes }
method Parameters (line 174) | func (k *Key) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 178) | func (k *Key) IDRequirement() (uint32, bool) {
method OutputPrefix (line 183) | func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefi...
method Equal (line 186) | func (k *Key) Equal(other key.Key) bool {
function NewKey (line 141) | func NewKey(keyBytes secretdata.Bytes, idRequirement uint32, parameters ...
function createKey (line 194) | func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
FILE: aead/aesgcmsiv/key_manager_test.go
function TestKeyManagerGetPrimitiveBasic (line 33) | func TestKeyManagerGetPrimitiveBasic(t *testing.T) {
function TestKeyManagerGetPrimitiveWithInvalidInput (line 68) | func TestKeyManagerGetPrimitiveWithInvalidInput(t *testing.T) {
function TestKeyManagerNewKeyMultipleTimes (line 94) | func TestKeyManagerNewKeyMultipleTimes(t *testing.T) {
function TestKeyManagerNewKeyBasic (line 129) | func TestKeyManagerNewKeyBasic(t *testing.T) {
function TestKeyManagerNewKeyWithInvalidInput (line 153) | func TestKeyManagerNewKeyWithInvalidInput(t *testing.T) {
function TestKeyManagerNewKeyDataBasic (line 179) | func TestKeyManagerNewKeyDataBasic(t *testing.T) {
function TestKeyManagerNewKeyDataWithInvalidInput (line 234) | func TestKeyManagerNewKeyDataWithInvalidInput(t *testing.T) {
function TestKeyManagerDoesSupport (line 260) | func TestKeyManagerDoesSupport(t *testing.T) {
function TestKeyManagerTypeURL (line 273) | func TestKeyManagerTypeURL(t *testing.T) {
function genInvalidAESGCMSIVKeys (line 283) | func genInvalidAESGCMSIVKeys() []proto.Message {
function genInvalidAESGCMSIVKeyFormats (line 296) | func genInvalidAESGCMSIVKeyFormats() []proto.Message {
function validateAESGCMSIVKey (line 307) | func validateAESGCMSIVKey(key *gcmsivpb.AesGcmSivKey, format *gcmsivpb.A...
FILE: aead/aesgcmsiv/key_test.go
function TestNewParametersInvalidKeySize (line 43) | func TestNewParametersInvalidKeySize(t *testing.T) {
function TestNewParametersInvalidVariant (line 51) | func TestNewParametersInvalidVariant(t *testing.T) {
function TestNewKeyFailsIfParametersIsNil (line 57) | func TestNewKeyFailsIfParametersIsNil(t *testing.T) {
function TestNewKeyFailsIfKeySizeIsDifferentThanParameters (line 67) | func TestNewKeyFailsIfKeySizeIsDifferentThanParameters(t *testing.T) {
function TestNewKeyFailsIfInvalidParams (line 103) | func TestNewKeyFailsIfInvalidParams(t *testing.T) {
function TestNewKeyFailsIfNoPrefixAndIDIsNotZero (line 114) | func TestNewKeyFailsIfNoPrefixAndIDIsNotZero(t *testing.T) {
function TestOutputPrefix (line 125) | func TestOutputPrefix(t *testing.T) {
function TestNewParametersWorks (line 171) | func TestNewParametersWorks(t *testing.T) {
function TestParametersEqualFalseIfDifferent (line 233) | func TestParametersEqualFalseIfDifferent(t *testing.T) {
type TestKey (line 272) | type TestKey struct
function TestNewKeyWorks (line 280) | func TestNewKeyWorks(t *testing.T) {
type stubKey (line 367) | type stubKey struct
method Parameters (line 371) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 372) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 373) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestKeyEqual_FalseIfDifferentType (line 375) | func TestKeyEqual_FalseIfDifferentType(t *testing.T) {
function TestKeyEqualReturnsFalseIfDifferent (line 390) | func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
function TestKeyCreator (line 487) | func TestKeyCreator(t *testing.T) {
FILE: aead/aesgcmsiv/protoserialization.go
constant protoVersion (line 33) | protoVersion = 0
constant typeURL (line 34) | typeURL = "type.googleapis.com/google.crypto.tink.AesGcmSivKey"
type keySerializer (line 37) | type keySerializer struct
method SerializeKey (line 54) | func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization...
function protoOutputPrefixTypeFromVariant (line 41) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type keyParser (line 82) | type keyParser struct
method ParseKey (line 99) | func (s *keyParser) ParseKey(keySerialization *protoserialization.KeyS...
function variantFromProto (line 86) | func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, erro...
type parametersSerializer (line 133) | type parametersSerializer struct
method Serialize (line 137) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 160) | type parametersParser struct
method Parse (line 164) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: aead/aesgcmsiv/protoserialization_test.go
function TestParseKeyFails (line 32) | func TestParseKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 143) | func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, o...
function TestParseKey (line 152) | func TestParseKey(t *testing.T) {
type testParams (line 222) | type testParams struct
method HasIDRequirement (line 226) | func (p *testParams) HasIDRequirement() bool { return p.hasIDRequireme...
method Equal (line 228) | func (p *testParams) Equal(params key.Parameters) bool {
type testKey (line 233) | type testKey struct
method Parameters (line 239) | func (k *testKey) Parameters() key.Parameters { return &k.params }
method Equal (line 241) | func (k *testKey) Equal(other key.Key) bool {
method IDRequirement (line 249) | func (k *testKey) IDRequirement() (uint32, bool) { return k.id, k.para...
function TestSerializeKeyFails (line 251) | func TestSerializeKeyFails(t *testing.T) {
function TestSerializeKey (line 275) | func TestSerializeKey(t *testing.T) {
function TestSerializeParametersFailsWithWrongParameters (line 344) | func TestSerializeParametersFailsWithWrongParameters(t *testing.T) {
function mustCreateKeyTemplate (line 371) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
type parametersSerializationTestCase (line 387) | type parametersSerializationTestCase struct
function mustCreateParametersTestParameters (line 393) | func mustCreateParametersTestParameters(t *testing.T) []parametersSerial...
function TestSerializeParameters (line 418) | func TestSerializeParameters(t *testing.T) {
function TestParseParameters (line 432) | func TestParseParameters(t *testing.T) {
function mustMarshal (line 446) | func mustMarshal(t *testing.T, message proto.Message) []byte {
function TestParseParametersFailsWithWrongKeyTemplate (line 455) | func TestParseParametersFailsWithWrongKeyTemplate(t *testing.T) {
FILE: aead/chacha20poly1305/aead.go
type fullAEAD (line 30) | type fullAEAD struct
method Encrypt (line 54) | func (ca *fullAEAD) Encrypt(plaintext []byte, associatedData []byte) (...
method Decrypt (line 67) | func (ca *fullAEAD) Decrypt(ciphertext []byte, associatedData []byte) ...
function newAEAD (line 38) | func newAEAD(key *Key) (tink.AEAD, error) {
function primitiveConstructor (line 85) | func primitiveConstructor(key key.Key) (any, error) {
FILE: aead/chacha20poly1305/aead_test.go
function TestEncryptDecrypt (line 28) | func TestEncryptDecrypt(t *testing.T) {
function TestDecryptFailsCiphertextTooShort (line 85) | func TestDecryptFailsCiphertextTooShort(t *testing.T) {
function TestDecryptFailsWithWrongPrefix (line 139) | func TestDecryptFailsWithWrongPrefix(t *testing.T) {
function mustDecodeHex (line 193) | func mustDecodeHex(t *testing.T, hexStr string) []byte {
function TestDecryptCorrectness (line 202) | func TestDecryptCorrectness(t *testing.T) {
FILE: aead/chacha20poly1305/chacha20poly1305.go
function newKeyManager (line 33) | func newKeyManager() registry.KeyManager {
function RegisterPrimitiveConstructor (line 47) | func RegisterPrimitiveConstructor(b *config.Builder, t internalapi.Token...
function init (line 51) | func init() {
FILE: aead/chacha20poly1305/chacha20poly1305_test.go
function TestGetKeyFromHandle (line 35) | func TestGetKeyFromHandle(t *testing.T) {
function TestCreateKeysetHandleFromKey (line 64) | func TestCreateKeysetHandleFromKey(t *testing.T) {
function TestCreateKeysetHandleFromParameters (line 117) | func TestCreateKeysetHandleFromParameters(t *testing.T) {
function TestRegisterPrimitiveConstructor (line 151) | func TestRegisterPrimitiveConstructor(t *testing.T) {
function mustDecodeHex (line 172) | func mustDecodeHex(t *testing.T, hexStr string) []byte {
function TestGetKeyManager (line 181) | func TestGetKeyManager(t *testing.T) {
FILE: aead/chacha20poly1305/key.go
type Variant (line 35) | type Variant
method String (line 48) | func (variant Variant) String() string {
constant VariantUnknown (line 39) | VariantUnknown Variant = iota
constant VariantTink (line 41) | VariantTink
constant VariantCrunchy (line 43) | VariantCrunchy
constant VariantNoPrefix (line 45) | VariantNoPrefix
function calculateOutputPrefix (line 62) | func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
type Parameters (line 76) | type Parameters struct
method Variant (line 83) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 96) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 99) | func (p *Parameters) Equal(other key.Parameters) bool {
function NewParameters (line 86) | func NewParameters(variant Variant) (*Parameters, error) {
type Key (line 105) | type Key struct
method KeyBytes (line 142) | func (k *Key) KeyBytes() secretdata.Bytes { return k.keyBytes }
method Parameters (line 145) | func (k *Key) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 150) | func (k *Key) IDRequirement() (uint32, bool) {
method OutputPrefix (line 155) | func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefi...
method Equal (line 158) | func (k *Key) Equal(other key.Key) bool {
function NewKey (line 115) | func NewKey(keyBytes secretdata.Bytes, idRequirement uint32, parameters ...
function createKey (line 165) | func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
FILE: aead/chacha20poly1305/key_manager_test.go
function TestKeyManagerGetPrimitive (line 34) | func TestKeyManagerGetPrimitive(t *testing.T) {
function TestKeyManagerGetPrimitiveWithInvalidKeys (line 71) | func TestKeyManagerGetPrimitiveWithInvalidKeys(t *testing.T) {
function TestKeyManagerNewKey (line 88) | func TestKeyManagerNewKey(t *testing.T) {
function TestKeyManagerNewKeyData (line 106) | func TestKeyManagerNewKeyData(t *testing.T) {
function TestKeyManagerDoesSupport (line 148) | func TestKeyManagerDoesSupport(t *testing.T) {
function TestKeyManagerTypeURL (line 161) | func TestKeyManagerTypeURL(t *testing.T) {
function genInvalidChaCha20Poly1305Keys (line 171) | func genInvalidChaCha20Poly1305Keys() []*cppb.ChaCha20Poly1305Key {
function validateChaCha20Poly1305Key (line 194) | func validateChaCha20Poly1305Key(key *cppb.ChaCha20Poly1305Key) error {
FILE: aead/chacha20poly1305/key_test.go
function TestNewParametersInvalidVariant (line 39) | func TestNewParametersInvalidVariant(t *testing.T) {
function TestOutputPrefix (line 45) | func TestOutputPrefix(t *testing.T) {
function TestNewParametersWorks (line 91) | func TestNewParametersWorks(t *testing.T) {
function TestParametersEqualFalseIfDifferentVariant (line 132) | func TestParametersEqualFalseIfDifferentVariant(t *testing.T) {
type TestKey (line 170) | type TestKey struct
function TestNewKeyWorks (line 177) | func TestNewKeyWorks(t *testing.T) {
function TestNewKeyFailsIfNoPrefixAndIDIsNotZero (line 234) | func TestNewKeyFailsIfNoPrefixAndIDIsNotZero(t *testing.T) {
type stubKey (line 245) | type stubKey struct
method Parameters (line 249) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 250) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 251) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestKeyEqual_FalseIfDifferentType (line 253) | func TestKeyEqual_FalseIfDifferentType(t *testing.T) {
function TestKeyEqualReturnsFalseIfDifferent (line 268) | func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
function TestKeyCreator (line 345) | func TestKeyCreator(t *testing.T) {
FILE: aead/chacha20poly1305/protoserialization.go
constant protoVersion (line 33) | protoVersion = 0
constant typeURL (line 34) | typeURL = "type.googleapis.com/google.crypto.tink.ChaCha20Poly1305Key"
type keySerializer (line 37) | type keySerializer struct
method SerializeKey (line 54) | func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization...
function protoOutputPrefixTypeFromVariant (line 41) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type keyParser (line 86) | type keyParser struct
method ParseKey (line 103) | func (s *keyParser) ParseKey(keySerialization *protoserialization.KeyS...
function variantFromProto (line 90) | func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, erro...
type parametersSerializer (line 136) | type parametersSerializer struct
method Serialize (line 140) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 161) | type parametersParser struct
method Parse (line 165) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: aead/chacha20poly1305/protoserialization_test.go
function TestParseKeyFails (line 31) | func TestParseKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 142) | func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, o...
function TestParseKey (line 151) | func TestParseKey(t *testing.T) {
type testParams (line 220) | type testParams struct
method HasIDRequirement (line 224) | func (p *testParams) HasIDRequirement() bool { return p.hasIDRequireme...
method Equal (line 226) | func (p *testParams) Equal(params key.Parameters) bool {
type testKey (line 231) | type testKey struct
method Parameters (line 237) | func (k *testKey) Parameters() key.Parameters { return &k.params }
method Equal (line 239) | func (k *testKey) Equal(other key.Key) bool {
method IDRequirement (line 247) | func (k *testKey) IDRequirement() (uint32, bool) { return k.id, k.para...
function TestSerializeKeyFails (line 249) | func TestSerializeKeyFails(t *testing.T) {
function TestSerializeKey (line 273) | func TestSerializeKey(t *testing.T) {
function TestSerializeParametersFailsWithWrongParameters (line 343) | func TestSerializeParametersFailsWithWrongParameters(t *testing.T) {
function mustCreateKeyTemplate (line 370) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
function TestSerializeParameters (line 384) | func TestSerializeParameters(t *testing.T) {
function TestParseParameters (line 425) | func TestParseParameters(t *testing.T) {
function mustMarshal (line 465) | func mustMarshal(t *testing.T, message proto.Message) []byte {
function TestParseParametersFailsWithWrongKeyTemplate (line 474) | func TestParseParametersFailsWithWrongKeyTemplate(t *testing.T) {
FILE: aead/internal/testutil/testutil.go
function EncryptDecrypt (line 28) | func EncryptDecrypt(encryptor, decryptor tink.AEAD) error {
FILE: aead/internal/testutil/testutil_test.go
function TestEncryptDecryptFailsWithFailingAEAD (line 27) | func TestEncryptDecryptFailsWithFailingAEAD(t *testing.T) {
function TestEncryptDecryptWorks (line 44) | func TestEncryptDecryptWorks(t *testing.T) {
FILE: aead/kms_envelope_aead.go
constant lenDEK (line 29) | lenDEK = 4
constant maxLengthEncryptedDEK (line 30) | maxLengthEncryptedDEK = 4096
type KMSEnvelopeAEAD (line 35) | type KMSEnvelopeAEAD struct
method Encrypt (line 151) | func (a *KMSEnvelopeAEAD) Encrypt(plaintext, associatedData []byte) ([...
method Decrypt (line 200) | func (a *KMSEnvelopeAEAD) Decrypt(ciphertext, associatedData []byte) (...
function isSupportedKMSEnvelopeDEK (line 51) | func isSupportedKMSEnvelopeDEK(dekKeyTypeURL string) bool {
type KMSEnvelopeAEADWithContext (line 58) | type KMSEnvelopeAEADWithContext struct
method EncryptWithContext (line 219) | func (a *KMSEnvelopeAEADWithContext) EncryptWithContext(ctx context.Co...
method DecryptWithContext (line 232) | func (a *KMSEnvelopeAEADWithContext) DecryptWithContext(ctx context.Co...
function NewKMSEnvelopeAEADWithContext (line 75) | func NewKMSEnvelopeAEADWithContext(dekTemplate *tinkpb.KeyTemplate, keyE...
function NewKMSEnvelopeAEAD2 (line 98) | func NewKMSEnvelopeAEAD2(dekTemplate *tinkpb.KeyTemplate, keyEncryptionA...
function newDEK (line 113) | func newDEK(template *tinkpb.KeyTemplate) ([]byte, error) {
function encryptDataAndSerializeEnvelope (line 121) | func encryptDataAndSerializeEnvelope(dekTypeURL string, dek, encryptedDE...
function parseEnvelope (line 167) | func parseEnvelope(ciphertext []byte) ([]byte, []byte, error) {
function decryptDataWithDEK (line 185) | func decryptDataWithDEK(dekTypeURL string, dek []byte, payload, associat...
FILE: aead/kms_envelope_aead_example_test.go
constant keyURI (line 28) | keyURI = "fake-kms://CM2b3_MDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGU...
function Example_kmsEnvelopeAEAD (line 30) | func Example_kmsEnvelopeAEAD() {
FILE: aead/kms_envelope_aead_key_manager.go
constant kmsEnvelopeAEADKeyVersion (line 29) | kmsEnvelopeAEADKeyVersion = 0
constant kmsEnvelopeAEADTypeURL (line 30) | kmsEnvelopeAEADTypeURL = "type.googleapis.com/google.crypto.tink.KmsE...
type kmsEnvelopeAEADKeyManager (line 35) | type kmsEnvelopeAEADKeyManager struct
method Primitive (line 38) | func (km *kmsEnvelopeAEADKeyManager) Primitive(serializedKey []byte) (...
method NewKey (line 63) | func (km *kmsEnvelopeAEADKeyManager) NewKey(serializedKeyFormat []byte...
method NewKeyData (line 83) | func (km *kmsEnvelopeAEADKeyManager) NewKeyData(serializedKeyFormat []...
method DoesSupport (line 100) | func (km *kmsEnvelopeAEADKeyManager) DoesSupport(typeURL string) bool {
method TypeURL (line 105) | func (km *kmsEnvelopeAEADKeyManager) TypeURL() string {
method validateKey (line 110) | func (km *kmsEnvelopeAEADKeyManager) validateKey(key *kmsepb.KmsEnvelo...
method validateKeyFormat (line 120) | func (km *kmsEnvelopeAEADKeyManager) validateKeyFormat(keyFormat *kmse...
FILE: aead/kms_envelope_aead_key_manager_test.go
function TestNewKMSEnvelopeAEADKeyWithInvalidDEK (line 36) | func TestNewKMSEnvelopeAEADKeyWithInvalidDEK(t *testing.T) {
function TestNewKMSEnvelopeAEADKeyWithInvalidSerializedKeyFormat (line 63) | func TestNewKMSEnvelopeAEADKeyWithInvalidSerializedKeyFormat(t *testing....
function TestKMSEnvelopeAEADWithTinkPrefix (line 131) | func TestKMSEnvelopeAEADWithTinkPrefix(t *testing.T) {
FILE: aead/kms_envelope_aead_test.go
function TestKMSEnvelopeWorksWithTinkKeyTemplatesAsDekTemplate (line 28) | func TestKMSEnvelopeWorksWithTinkKeyTemplatesAsDekTemplate(t *testing.T) {
function TestKMSEnvelopeDecryptTestVector (line 135) | func TestKMSEnvelopeDecryptTestVector(t *testing.T) {
function TestKMSEnvelopeWithKmsEnvelopeKeyTemplatesAsDekTemplate_fails (line 179) | func TestKMSEnvelopeWithKmsEnvelopeKeyTemplatesAsDekTemplate_fails(t *te...
function TestKMSEnvelopeShortCiphertext (line 211) | func TestKMSEnvelopeShortCiphertext(t *testing.T) {
function TestKMSEnvelopeDecryptHugeEncryptedDek (line 238) | func TestKMSEnvelopeDecryptHugeEncryptedDek(t *testing.T) {
type invalidAEAD (line 269) | type invalidAEAD struct
method Encrypt (line 272) | func (a *invalidAEAD) Encrypt(plaintext, associatedData []byte) ([]byt...
method Decrypt (line 276) | func (a *invalidAEAD) Decrypt(ciphertext, associatedData []byte) ([]by...
function TestKMSEnvelopeEncryptWithInvalidAEADFails (line 280) | func TestKMSEnvelopeEncryptWithInvalidAEADFails(t *testing.T) {
FILE: aead/subtle/aes_ctr.go
constant AESCTRMinIVSize (line 25) | AESCTRMinIVSize = 12
type AESCTR (line 29) | type AESCTR struct
method Encrypt (line 49) | func (a *AESCTR) Encrypt(plaintext []byte) ([]byte, error) {
method Decrypt (line 54) | func (a *AESCTR) Decrypt(ciphertext []byte) ([]byte, error) {
function NewAESCTR (line 38) | func NewAESCTR(key []byte, ivSize int) (*AESCTR, error) {
FILE: aead/subtle/aes_ctr_test.go
function TestNewAESCTR (line 28) | func TestNewAESCTR(t *testing.T) {
function TestNistTestVector (line 74) | func TestNistTestVector(t *testing.T) {
function TestMultipleEncrypt (line 118) | func TestMultipleEncrypt(t *testing.T) {
function TestEncryptDecrypt (line 153) | func TestEncryptDecrypt(t *testing.T) {
function TestEncryptRandomMessage (line 184) | func TestEncryptRandomMessage(t *testing.T) {
function TestEncryptRandomKeyAndMessage (line 213) | func TestEncryptRandomKeyAndMessage(t *testing.T) {
FILE: aead/subtle/aes_gcm.go
constant AESGCMIVSize (line 28) | AESGCMIVSize = 12
constant AESGCMTagSize (line 30) | AESGCMTagSize = 16
type AESGCM (line 36) | type AESGCM struct
method Encrypt (line 67) | func (a *AESGCM) Encrypt(plaintext, associatedData []byte) ([]byte, er...
method Decrypt (line 72) | func (a *AESGCM) Decrypt(ciphertext, associatedData []byte) ([]byte, e...
function NewAESGCM (line 44) | func NewAESGCM(key []byte) (*AESGCM, error) {
FILE: aead/subtle/aes_gcm_siv.go
constant AESGCMSIVNonceSize (line 32) | AESGCMSIVNonceSize = 12
constant aesgcmsivBlockSize (line 37) | aesgcmsivBlockSize = 16
constant aesgcmsivTagSize (line 41) | aesgcmsivTagSize = aesgcmsivBlockSize
constant aesgcmsivPolyvalSize (line 45) | aesgcmsivPolyvalSize = aesgcmsivBlockSize
constant maxAESGCMSIVKeySize (line 47) | maxAESGCMSIVKeySize = 32
type AESGCMSIV (line 51) | type AESGCMSIV struct
method Encrypt (line 77) | func (a *AESGCMSIV) Encrypt(plaintext, associatedData []byte) ([]byte,...
method Decrypt (line 117) | func (a *AESGCMSIV) Decrypt(ciphertext, associatedData []byte) ([]byte...
method deriveKeys (line 167) | func (a *AESGCMSIV) deriveKeys(nonce, authKey, encKey []byte) error {
method computePolyval (line 200) | func (a *AESGCMSIV) computePolyval(authKey, pt, ad []byte) ([]byte, er...
method computeTag (line 218) | func (a *AESGCMSIV) computeTag(polyval, nonce, encKey, out []byte) err...
function NewAESGCMSIV (line 59) | func NewAESGCMSIV(key []byte) (*AESGCMSIV, error) {
function aesCTR (line 243) | func aesCTR(key, tag, in, out []byte) error {
FILE: aead/subtle/aes_gcm_siv_test.go
function TestAESGCMSIVRejectsInvalidKeyLength (line 29) | func TestAESGCMSIVRejectsInvalidKeyLength(t *testing.T) {
function TestAESGCMSIVRandomNonceProducesDifferentCiphertexts (line 41) | func TestAESGCMSIVRandomNonceProducesDifferentCiphertexts(t *testing.T) {
function TestAESGCMSIVModifyCiphertext (line 66) | func TestAESGCMSIVModifyCiphertext(t *testing.T) {
function TestAESGCMSIVWycheproofCases (line 108) | func TestAESGCMSIVWycheproofCases(t *testing.T) {
function runWycheproofDecryptOnly (line 120) | func runWycheproofDecryptOnly(t *testing.T, testCase *aead.WycheproofCas...
function runWycheproofEncryptDecrypt (line 149) | func runWycheproofEncryptDecrypt(t *testing.T, testCase *aead.Wycheproof...
FILE: aead/subtle/aes_gcm_test.go
function TestAESGCMTagLength (line 36) | func TestAESGCMTagLength(t *testing.T) {
function TestAESGCMKeySize (line 56) | func TestAESGCMKeySize(t *testing.T) {
function TestAESGCMEncryptDecrypt (line 67) | func TestAESGCMEncryptDecrypt(t *testing.T) {
function TestAESGCMLongMessages (line 92) | func TestAESGCMLongMessages(t *testing.T) {
function TestAESGCMModifyCiphertext (line 119) | func TestAESGCMModifyCiphertext(t *testing.T) {
function TestAESGCMRandomNonce (line 174) | func TestAESGCMRandomNonce(t *testing.T) {
function TestAESGCMWycheproofCases (line 198) | func TestAESGCMWycheproofCases(t *testing.T) {
function runAESGCMWycheproofCase (line 216) | func runAESGCMWycheproofCase(t *testing.T, tc *aead.WycheproofCase) {
FILE: aead/subtle/chacha20poly1305.go
type ChaCha20Poly1305 (line 29) | type ChaCha20Poly1305 struct
method Encrypt (line 52) | func (ca *ChaCha20Poly1305) Encrypt(plaintext []byte, associatedData [...
method Decrypt (line 65) | func (ca *ChaCha20Poly1305) Decrypt(ciphertext []byte, associatedData ...
function NewChaCha20Poly1305 (line 38) | func NewChaCha20Poly1305(key []byte) (*ChaCha20Poly1305, error) {
FILE: aead/subtle/chacha20poly1305_test.go
function TestChaCha20Poly1305EncryptDecrypt (line 31) | func TestChaCha20Poly1305EncryptDecrypt(t *testing.T) {
function TestChaCha20Poly1305EmptyAssociatedData (line 79) | func TestChaCha20Poly1305EmptyAssociatedData(t *testing.T) {
function TestChaCha20Poly1305LongMessages (line 129) | func TestChaCha20Poly1305LongMessages(t *testing.T) {
function TestChaCha20Poly1305ModifyCiphertext (line 156) | func TestChaCha20Poly1305ModifyCiphertext(t *testing.T) {
function TestChaCha20Poly1305RandomNonce (line 204) | func TestChaCha20Poly1305RandomNonce(t *testing.T) {
function TestChaCha20Poly1305WycheproofCases (line 224) | func TestChaCha20Poly1305WycheproofCases(t *testing.T) {
function runChaCha20Poly1305WycheproofCase (line 242) | func runChaCha20Poly1305WycheproofCase(t *testing.T, tc *aead.Wycheproof...
FILE: aead/subtle/encrypt_then_authenticate.go
type EncryptThenAuthenticate (line 29) | type EncryptThenAuthenticate struct
method Encrypt (line 65) | func (e *EncryptThenAuthenticate) Encrypt(plaintext, associatedData []...
method Decrypt (line 91) | func (e *EncryptThenAuthenticate) Decrypt(ciphertext, associatedData [...
constant minTagSizeInBytes (line 36) | minTagSizeInBytes = 10
function uint64ToByte (line 43) | func uint64ToByte(n uint64) []byte {
function NewEncryptThenAuthenticate (line 50) | func NewEncryptThenAuthenticate(indCPACipher INDCPACipher, mac tink.MAC,...
FILE: aead/subtle/encrypt_then_authenticate_test.go
function createAEADWithKeys (line 28) | func createAEADWithKeys(encryptionKey []byte, ivSize int, hashAlgo strin...
function createAEAD (line 46) | func createAEAD(keySize, ivSize int, hashAlgo string, macKeySize int, ta...
function mustDecodeHex (line 130) | func mustDecodeHex(t *testing.T, data string) []byte {
function TestETARFCTestVectors (line 139) | func TestETARFCTestVectors(t *testing.T) {
function TestETAEncryptDecrypt (line 157) | func TestETAEncryptDecrypt(t *testing.T) {
function TestETAWithAssociatedDataSlice (line 190) | func TestETAWithAssociatedDataSlice(t *testing.T) {
function TestETAEncryptDecryptRandomMessage (line 215) | func TestETAEncryptDecryptRandomMessage(t *testing.T) {
function TestETAMultipleEncrypt (line 250) | func TestETAMultipleEncrypt(t *testing.T) {
function TestETAInvalidTagSize (line 279) | func TestETAInvalidTagSize(t *testing.T) {
function TestETADecryptModifiedCiphertext (line 290) | func TestETADecryptModifiedCiphertext(t *testing.T) {
function TestETAEmptyParams (line 353) | func TestETAEmptyParams(t *testing.T) {
FILE: aead/subtle/ind_cpa.go
type INDCPACipher (line 21) | type INDCPACipher interface
FILE: aead/subtle/polyval.go
constant PolyvalBlockSize (line 24) | PolyvalBlockSize = 16
constant u32Sel0 (line 26) | u32Sel0 uint32 = 0x11111111
constant u32Sel1 (line 27) | u32Sel1 uint32 = 0x22222222
constant u32Sel2 (line 28) | u32Sel2 uint32 = 0x44444444
constant u32Sel3 (line 29) | u32Sel3 uint32 = 0x88888888
constant u64Sel0 (line 31) | u64Sel0 uint64 = 0x1111111111111111
constant u64Sel1 (line 32) | u64Sel1 uint64 = 0x2222222222222222
constant u64Sel2 (line 33) | u64Sel2 uint64 = 0x4444444444444444
constant u64Sel3 (line 34) | u64Sel3 uint64 = 0x8888888888888888
type Polyval (line 40) | type Polyval interface
type fieldElement (line 57) | type fieldElement struct
type polyval (line 62) | type polyval struct
method Update (line 173) | func (p *polyval) Update(data []byte) {
method Finish (line 192) | func (p *polyval) Finish() (hash [PolyvalBlockSize]byte) {
function mul32 (line 71) | func mul32(a uint32, b uint32) uint64 {
function mul64 (line 91) | func mul64(a uint64, b uint64) fieldElement {
function polyvalDot (line 111) | func polyvalDot(a fieldElement, b fieldElement) fieldElement {
function NewPolyval (line 160) | func NewPolyval(key []byte) (Polyval, error) {
FILE: aead/subtle/polyval_test.go
function TestPolyval (line 87) | func TestPolyval(t *testing.T) {
function TestPolyvalRejectsInvalidKeyLength (line 122) | func TestPolyvalRejectsInvalidKeyLength(t *testing.T) {
FILE: aead/subtle/subtle.go
constant intSize (line 21) | intSize = 32 << (^uint(0) >> 63)
constant maxInt (line 22) | maxInt = 1<<(intSize-1) - 1
function ValidateAESKeySize (line 26) | func ValidateAESKeySize(sizeInBytes uint32) error {
FILE: aead/subtle/subtle_test.go
function TestValidateAESKeySize (line 23) | func TestValidateAESKeySize(t *testing.T) {
FILE: aead/subtle/xchacha20poly1305.go
type XChaCha20Poly1305 (line 28) | type XChaCha20Poly1305 struct
method Encrypt (line 53) | func (x *XChaCha20Poly1305) Encrypt(plaintext []byte, associatedData [...
method Decrypt (line 71) | func (x *XChaCha20Poly1305) Decrypt(ciphertext []byte, associatedData ...
function NewXChaCha20Poly1305 (line 37) | func NewXChaCha20Poly1305(key []byte) (*XChaCha20Poly1305, error) {
FILE: aead/subtle/xchacha20poly1305_test.go
function TestXChaCha20Poly1305EncryptDecrypt (line 31) | func TestXChaCha20Poly1305EncryptDecrypt(t *testing.T) {
function TestXChaCha20Poly1305EmptyAssociatedData (line 84) | func TestXChaCha20Poly1305EmptyAssociatedData(t *testing.T) {
function TestXChaCha20Poly1305LongMessages (line 134) | func TestXChaCha20Poly1305LongMessages(t *testing.T) {
function TestXChaCha20Poly1305ModifyCiphertext (line 161) | func TestXChaCha20Poly1305ModifyCiphertext(t *testing.T) {
function TestXChaCha20Poly1305RandomNonce (line 209) | func TestXChaCha20Poly1305RandomNonce(t *testing.T) {
function TestXChaCha20Poly1305WycheproofCases (line 229) | func TestXChaCha20Poly1305WycheproofCases(t *testing.T) {
function runXChaCha20Poly1305WycheproofCase (line 246) | func runXChaCha20Poly1305WycheproofCase(t *testing.T, tc *aead.Wycheproo...
function TestPreallocatedCiphertextMemoryInXChaCha20Poly1305IsExact (line 277) | func TestPreallocatedCiphertextMemoryInXChaCha20Poly1305IsExact(t *testi...
FILE: aead/xaesgcm/aead.go
constant ivSize (line 33) | ivSize = 12
constant tagSize (line 34) | tagSize = 16
constant intSize (line 36) | intSize = 32 << (^uint(0) >> 63)
constant maxInt (line 37) | maxInt = 1<<(intSize-1) - 1
type aead (line 45) | type aead struct
method derivePerMessageKey (line 71) | func (a *aead) derivePerMessageKey(salt []byte) ([]byte, error) {
method Encrypt (line 97) | func (a *aead) Encrypt(plaintext, associatedData []byte) ([]byte, erro...
method Decrypt (line 122) | func (a *aead) Decrypt(ciphertext, associatedData []byte) ([]byte, err...
function NewAEAD (line 54) | func NewAEAD(key *Key, _ internalapi.Token) (tink.AEAD, error) {
function newAESGCMCipher (line 85) | func newAESGCMCipher(key []byte) (cipher.AEAD, error) {
function primitiveConstructor (line 149) | func primitiveConstructor(k key.Key) (any, error) {
FILE: aead/xaesgcm/aead_test.go
constant ivSize (line 31) | ivSize = 12
constant tagSize (line 32) | tagSize = 16
type testVector (line 35) | type testVector struct
function mustHexDecode (line 45) | func mustHexDecode(t *testing.T, s string) []byte {
function testVectors (line 56) | func testVectors(t *testing.T) []testVector {
function TestAEADTestVectors (line 135) | func TestAEADTestVectors(t *testing.T) {
function TestAEADEncryptAndDecrypt (line 175) | func TestAEADEncryptAndDecrypt(t *testing.T) {
function TestAEADDecryptModifiedCiphertext (line 259) | func TestAEADDecryptModifiedCiphertext(t *testing.T) {
FILE: aead/xaesgcm/key.go
type Variant (line 33) | type Variant
method String (line 44) | func (variant Variant) String() string {
constant VariantUnknown (line 37) | VariantUnknown Variant = iota
constant VariantTink (line 39) | VariantTink
constant VariantNoPrefix (line 41) | VariantNoPrefix
function calculateOutputPrefix (line 56) | func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
type Parameters (line 68) | type Parameters struct
method Variant (line 76) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 98) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method SaltSizeInBytes (line 101) | func (p *Parameters) SaltSizeInBytes() int { return p.saltSizeInBytes }
method Equal (line 104) | func (p *Parameters) Equal(other key.Parameters) bool {
function NewParameters (line 84) | func NewParameters(variant Variant, saltSizeInBytes int) (*Parameters, e...
type Key (line 111) | type Key struct
method KeyBytes (line 151) | func (k *Key) KeyBytes() secretdata.Bytes { return k.keyBytes }
method Parameters (line 154) | func (k *Key) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 159) | func (k *Key) IDRequirement() (uint32, bool) {
method OutputPrefix (line 164) | func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefi...
method Equal (line 167) | func (k *Key) Equal(other key.Key) bool {
function NewKey (line 124) | func NewKey(keyBytes secretdata.Bytes, idRequirement uint32, parameters ...
function createKey (line 174) | func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
FILE: aead/xaesgcm/key_manager_test.go
constant typeURL (line 34) | typeURL = "type.googleapis.com/google.crypto.tink.XAesGcmKey"
function TestKeyManagerGetPrimitive (line 37) | func TestKeyManagerGetPrimitive(t *testing.T) {
function TestKeyManagerGetPrimitiveWithInvalidKeys (line 71) | func TestKeyManagerGetPrimitiveWithInvalidKeys(t *testing.T) {
function TestKeyManagerNewKey (line 140) | func TestKeyManagerNewKey(t *testing.T) {
function TestKeyManagerNewKeyData (line 165) | func TestKeyManagerNewKeyData(t *testing.T) {
function TestKeyManagerDoesSupport (line 204) | func TestKeyManagerDoesSupport(t *testing.T) {
function TestKeyManagerTypeURL (line 217) | func TestKeyManagerTypeURL(t *testing.T) {
function validateXAESGCMKey (line 227) | func validateXAESGCMKey(t *testing.T, key *xaesgcmpb.XAesGcmKey) error {
FILE: aead/xaesgcm/key_test.go
function TestNewParametersInvalidValues (line 39) | func TestNewParametersInvalidValues(t *testing.T) {
function TestOutputPrefix (line 54) | func TestOutputPrefix(t *testing.T) {
function TestNewParametersWorks (line 94) | func TestNewParametersWorks(t *testing.T) {
function TestParametersEqualFalseIfDifferentVariant (line 134) | func TestParametersEqualFalseIfDifferentVariant(t *testing.T) {
type TestKey (line 173) | type TestKey struct
function TestNewKeyWorks (line 180) | func TestNewKeyWorks(t *testing.T) {
function TestNewKeyFailsIfNoPrefixAndIDIsNotZero (line 231) | func TestNewKeyFailsIfNoPrefixAndIDIsNotZero(t *testing.T) {
type stubKey (line 242) | type stubKey struct
method Parameters (line 246) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 247) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 248) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestKeyEqual_FalseIfDifferentType (line 250) | func TestKeyEqual_FalseIfDifferentType(t *testing.T) {
function TestKeyEqualReturnsFalseIfDifferent (line 265) | func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
function TestKeyCreator (line 342) | func TestKeyCreator(t *testing.T) {
FILE: aead/xaesgcm/protoserialization.go
constant protoVersion (line 33) | protoVersion = 0
constant typeURL (line 34) | typeURL = "type.googleapis.com/google.crypto.tink.XAesGcmKey"
type keySerializer (line 37) | type keySerializer struct
method SerializeKey (line 52) | func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization...
function protoOutputPrefixTypeFromVariant (line 41) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type keyParser (line 84) | type keyParser struct
method ParseKey (line 99) | func (s *keyParser) ParseKey(keySerialization *protoserialization.KeyS...
function variantFromProto (line 88) | func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, erro...
type parametersSerializer (line 134) | type parametersSerializer struct
method Serialize (line 138) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 164) | type parametersParser struct
method Parse (line 168) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: aead/xaesgcm/protoserialization_test.go
function mustMarshalProto (line 32) | func mustMarshalProto(t *testing.T, message proto.Message) []byte {
function TestParseKeyFails (line 41) | func TestParseKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 146) | func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, o...
function mustCreateKey (line 155) | func mustCreateKey(t *testing.T, keyValue []byte, variant xaesgcm.Varian...
function TestParseKey (line 169) | func TestParseKey(t *testing.T) {
function TestSerializeKey (line 216) | func TestSerializeKey(t *testing.T) {
function mustCreateKeyTemplate (line 264) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
function mustCreateParameters (line 278) | func mustCreateParameters(t *testing.T, variant xaesgcm.Variant, saltSiz...
function TestSerializeParameters (line 287) | func TestSerializeParameters(t *testing.T) {
function TestParseParameters (line 326) | func TestParseParameters(t *testing.T) {
function mustMarshal (line 365) | func mustMarshal(t *testing.T, message proto.Message) []byte {
function TestParseParametersFailsWithWrongKeyTemplate (line 374) | func TestParseParametersFailsWithWrongKeyTemplate(t *testing.T) {
FILE: aead/xaesgcm/xaesgcm.go
function newKeyManager (line 32) | func newKeyManager() registry.KeyManager {
function init (line 42) | func init() {
FILE: aead/xaesgcm/xaesgcm_test.go
function TestCreateKeysetHandleFromKeysetKey (line 33) | func TestCreateKeysetHandleFromKeysetKey(t *testing.T) {
function TestCreateKeysetHandleFromKey (line 86) | func TestCreateKeysetHandleFromKey(t *testing.T) {
function TestCreateKeysetHandleFromParameters (line 132) | func TestCreateKeysetHandleFromParameters(t *testing.T) {
function TestGetKeyManager (line 166) | func TestGetKeyManager(t *testing.T) {
FILE: aead/xchacha20poly1305/aead.go
constant intSize (line 30) | intSize = 32 << (^uint(0) >> 63)
constant maxInt (line 31) | maxInt = 1<<(intSize-1) - 1
constant maxPlaintextSize (line 32) | maxPlaintextSize = maxInt - chacha20poly1305.NonceSizeX - chacha20poly1...
constant maxCiphertextSize (line 33) | maxCiphertextSize = maxInt
type aead (line 39) | type aead struct
method Encrypt (line 60) | func (a *aead) Encrypt(plaintext []byte, associatedData []byte) ([]byt...
method Decrypt (line 73) | func (a *aead) Decrypt(ciphertext []byte, associatedData []byte) ([]by...
function newAEAD (line 47) | func newAEAD(key *Key) (tink.AEAD, error) {
function primitiveConstructor (line 94) | func primitiveConstructor(key key.Key) (any, error) {
FILE: aead/xchacha20poly1305/aead_test.go
function mustCreateAEAD (line 36) | func mustCreateAEAD(t *testing.T, key *xchacha20poly1305.Key) tink.AEAD {
function TestEncryptDecrypt (line 57) | func TestEncryptDecrypt(t *testing.T) {
function TestDecryptFailsWithInvalidCiphertext (line 121) | func TestDecryptFailsWithInvalidCiphertext(t *testing.T) {
function mustDecodeHex (line 211) | func mustDecodeHex(t *testing.T, hexStr string) []byte {
function TestDecryptCorrectness (line 220) | func TestDecryptCorrectness(t *testing.T) {
function TestWycheproofCases (line 286) | func TestWycheproofCases(t *testing.T) {
function runXChaCha20Poly1305WycheproofCase (line 303) | func runXChaCha20Poly1305WycheproofCase(t *testing.T, tc *testingaead.Wy...
FILE: aead/xchacha20poly1305/key.go
type Variant (line 34) | type Variant
method String (line 47) | func (variant Variant) String() string {
constant VariantUnknown (line 38) | VariantUnknown Variant = iota
constant VariantTink (line 40) | VariantTink
constant VariantCrunchy (line 42) | VariantCrunchy
constant VariantNoPrefix (line 44) | VariantNoPrefix
function calculateOutputPrefix (line 61) | func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
type Parameters (line 75) | type Parameters struct
method Variant (line 82) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 95) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 98) | func (p *Parameters) Equal(other key.Parameters) bool {
function NewParameters (line 85) | func NewParameters(variant Variant) (*Parameters, error) {
type Key (line 104) | type Key struct
method KeyBytes (line 142) | func (k *Key) KeyBytes() secretdata.Bytes { return k.keyBytes }
method Parameters (line 145) | func (k *Key) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 150) | func (k *Key) IDRequirement() (uint32, bool) {
method OutputPrefix (line 155) | func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefi...
method Equal (line 158) | func (k *Key) Equal(other key.Key) bool {
function NewKey (line 115) | func NewKey(keyBytes secretdata.Bytes, idRequirement uint32, parameters ...
function createKey (line 165) | func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
FILE: aead/xchacha20poly1305/key_manager_test.go
function TestKeyManagerGetPrimitive (line 34) | func TestKeyManagerGetPrimitive(t *testing.T) {
function TestKeyManagerGetPrimitiveWithInvalidKeys (line 71) | func TestKeyManagerGetPrimitiveWithInvalidKeys(t *testing.T) {
function TestKeyManagerNewKey (line 107) | func TestKeyManagerNewKey(t *testing.T) {
function TestKeyManagerNewKeyData (line 125) | func TestKeyManagerNewKeyData(t *testing.T) {
function TestKeyManagerDoesSupport (line 167) | func TestKeyManagerDoesSupport(t *testing.T) {
function TestKeyManagerTypeURL (line 180) | func TestKeyManagerTypeURL(t *testing.T) {
function validateXChaCha20Poly1305Key (line 190) | func validateXChaCha20Poly1305Key(key *xpb.XChaCha20Poly1305Key) error {
FILE: aead/xchacha20poly1305/key_test.go
function TestNewParametersInvalidVariant (line 39) | func TestNewParametersInvalidVariant(t *testing.T) {
function TestOutputPrefix (line 45) | func TestOutputPrefix(t *testing.T) {
function TestNewParametersWorks (line 91) | func TestNewParametersWorks(t *testing.T) {
function TestParametersEqualFalseIfDifferentVariant (line 132) | func TestParametersEqualFalseIfDifferentVariant(t *testing.T) {
type TestKey (line 170) | type TestKey struct
function TestNewKeyWorks (line 177) | func TestNewKeyWorks(t *testing.T) {
function TestNewKeyFailsIfNoPrefixAndIDIsNotZero (line 234) | func TestNewKeyFailsIfNoPrefixAndIDIsNotZero(t *testing.T) {
type stubKey (line 245) | type stubKey struct
method Parameters (line 249) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 250) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 251) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestKeyEqual_FalseIfDifferentType (line 253) | func TestKeyEqual_FalseIfDifferentType(t *testing.T) {
function TestKeyEqualReturnsFalseIfDifferent (line 268) | func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
function TestKeyCreator (line 345) | func TestKeyCreator(t *testing.T) {
FILE: aead/xchacha20poly1305/protoserialization.go
constant protoVersion (line 33) | protoVersion = 0
constant typeURL (line 34) | typeURL = "type.googleapis.com/google.crypto.tink.XChaCha20Poly1305...
type keySerializer (line 37) | type keySerializer struct
method SerializeKey (line 54) | func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization...
function protoOutputPrefixTypeFromVariant (line 41) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type keyParser (line 83) | type keyParser struct
method ParseKey (line 100) | func (s *keyParser) ParseKey(keySerialization *protoserialization.KeyS...
function variantFromProto (line 87) | func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, erro...
type parametersSerializer (line 133) | type parametersSerializer struct
method Serialize (line 137) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 158) | type parametersParser struct
method Parse (line 162) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: aead/xchacha20poly1305/protoserialization_test.go
function TestParseKeyFails (line 31) | func TestParseKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 142) | func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, o...
function TestParseKey (line 151) | func TestParseKey(t *testing.T) {
type testParams (line 220) | type testParams struct
method HasIDRequirement (line 224) | func (p *testParams) HasIDRequirement() bool { return p.hasIDRequireme...
method Equal (line 226) | func (p *testParams) Equal(params key.Parameters) bool {
type testKey (line 231) | type testKey struct
method Parameters (line 237) | func (k *testKey) Parameters() key.Parameters { return &k.params }
method Equal (line 239) | func (k *testKey) Equal(other key.Key) bool {
method IDRequirement (line 247) | func (k *testKey) IDRequirement() (uint32, bool) { return k.id, k.para...
function TestSerializeKeyFails (line 249) | func TestSerializeKeyFails(t *testing.T) {
function TestSerializeKey (line 273) | func TestSerializeKey(t *testing.T) {
function TestSerializeParametersFailsWithWrongParameters (line 343) | func TestSerializeParametersFailsWithWrongParameters(t *testing.T) {
function mustCreateKeyTemplate (line 370) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
function TestSerializeParameters (line 384) | func TestSerializeParameters(t *testing.T) {
function TestParseParameters (line 425) | func TestParseParameters(t *testing.T) {
function mustMarshal (line 465) | func mustMarshal(t *testing.T, message proto.Message) []byte {
function TestParseParametersFailsWithWrongKeyTemplate (line 474) | func TestParseParametersFailsWithWrongKeyTemplate(t *testing.T) {
FILE: aead/xchacha20poly1305/xchacha20poly1305.go
function newKeyManager (line 35) | func newKeyManager() registry.KeyManager {
function RegisterPrimitiveConstructor (line 49) | func RegisterPrimitiveConstructor(b *config.Builder, t internalapi.Token...
function init (line 53) | func init() {
FILE: aead/xchacha20poly1305/xchacha20poly1305_test.go
function TestGetKeyFromHandle (line 34) | func TestGetKeyFromHandle(t *testing.T) {
function TestCreateKeysetHandleFromKey (line 63) | func TestCreateKeysetHandleFromKey(t *testing.T) {
function TestCreateKeysetHandleFromParameters (line 116) | func TestCreateKeysetHandleFromParameters(t *testing.T) {
function TestRegisterPrimitiveConstructor (line 150) | func TestRegisterPrimitiveConstructor(t *testing.T) {
function TestGetKeyManager (line 171) | func TestGetKeyManager(t *testing.T) {
FILE: core/cryptofmt/cryptofmt.go
constant NonRawPrefixSize (line 29) | NonRawPrefixSize = 5
constant LegacyPrefixSize (line 33) | LegacyPrefixSize = NonRawPrefixSize
constant LegacyStartByte (line 35) | LegacyStartByte = byte(0)
constant TinkPrefixSize (line 39) | TinkPrefixSize = NonRawPrefixSize
constant TinkStartByte (line 41) | TinkStartByte = byte(1)
constant RawPrefixSize (line 45) | RawPrefixSize = 0
constant RawPrefix (line 47) | RawPrefix = ""
function OutputPrefix (line 54) | func OutputPrefix(key *tinkpb.Keyset_Key) (string, error) {
FILE: core/cryptofmt/cryptofmt_test.go
function TestOutputPrefix (line 42) | func TestOutputPrefix(t *testing.T) {
function validatePrefix (line 78) | func validatePrefix(prefix string, startByte byte, key string) bool {
FILE: core/registry/custom_key_manager_test.go
constant customTypeURL (line 36) | customTypeURL = "type.googleapis.com/google.crypto.tink.CustomAesGcmKey"
type customKeyManager (line 40) | type customKeyManager struct
method Primitive (line 45) | func (km *customKeyManager) Primitive(serializedKey []byte) (any, erro...
method NewKey (line 58) | func (km *customKeyManager) NewKey(serializedKeyFormat []byte) (proto....
method NewKeyData (line 62) | func (km *customKeyManager) NewKeyData(serializedKeyFormat []byte) (*t...
method DoesSupport (line 85) | func (km *customKeyManager) DoesSupport(typeURL string) bool {
method TypeURL (line 89) | func (km *customKeyManager) TypeURL() string {
method KeyMaterialType (line 93) | func (km *customKeyManager) KeyMaterialType() tinkpb.KeyData_KeyMateri...
function aesGCM128KeyTemplate (line 98) | func aesGCM128KeyTemplate() *tinkpb.KeyTemplate {
function aesGCM128KeyToKeysetHandle (line 114) | func aesGCM128KeyToKeysetHandle(rawAESKey []byte, keyID uint32, prefixTy...
function TestCreateEncryptDecrypt (line 146) | func TestCreateEncryptDecrypt(t *testing.T) {
function TestImportExistingKeyDecryptsExistingCiphertext (line 172) | func TestImportExistingKeyDecryptsExistingCiphertext(t *testing.T) {
function TestEncryptAndDecryptWithTinkPrefix (line 205) | func TestEncryptAndDecryptWithTinkPrefix(t *testing.T) {
function TestMixedKeysetWorks (line 253) | func TestMixedKeysetWorks(t *testing.T) {
function TestSerializeAndParseKeysetWorks (line 301) | func TestSerializeAndParseKeysetWorks(t *testing.T) {
function init (line 347) | func init() { registry.RegisterKeyManager(&customKeyManager{}) }
FILE: core/registry/key_manager.go
type KeyManager (line 26) | type KeyManager interface
FILE: core/registry/kms_client.go
type KMSClient (line 20) | type KMSClient interface
FILE: core/registry/private_key_manager.go
type PrivateKeyManager (line 22) | type PrivateKeyManager interface
FILE: core/registry/registry.go
function RegisterKeyManager (line 49) | func RegisterKeyManager(keyManager KeyManager) error {
function GetKeyManager (line 61) | func GetKeyManager(typeURL string) (KeyManager, error) {
function NewKeyData (line 72) | func NewKeyData(template *tinkpb.KeyTemplate) (*tinkpb.KeyData, error) {
function NewKey (line 86) | func NewKey(template *tinkpb.KeyTemplate) (proto.Message, error) {
function PrimitiveFromKeyData (line 100) | func PrimitiveFromKeyData(keyData *tinkpb.KeyData) (any, error) {
function Primitive (line 111) | func Primitive(typeURL string, serializedKey []byte) (any, error) {
function RegisterKMSClient (line 131) | func RegisterKMSClient(kmsClient KMSClient) {
function GetKMSClient (line 138) | func GetKMSClient(keyURI string) (KMSClient, error) {
function ClearKMSClients (line 152) | func ClearKMSClients() {
function UnregisterKeyManager (line 162) | func UnregisterKeyManager(typeURL string, _ internalapi.Token) {
FILE: core/registry/registry_test.go
function TestRegisterKeyManager (line 33) | func TestRegisterKeyManager(t *testing.T) {
function TestRegisterKeyManagerWithCollision (line 50) | func TestRegisterKeyManagerWithCollision(t *testing.T) {
function TestNewKeyData (line 70) | func TestNewKeyData(t *testing.T) {
function TestNewKey (line 94) | func TestNewKey(t *testing.T) {
function TestPrimitiveFromKeyData (line 120) | func TestPrimitiveFromKeyData(t *testing.T) {
function TestPrimitive (line 146) | func TestPrimitive(t *testing.T) {
function TestRegisterKmsClient (line 180) | func TestRegisterKmsClient(t *testing.T) {
function TestRegisterTwoKmsClientsForSameUri_firstGetsReturned (line 215) | func TestRegisterTwoKmsClientsForSameUri_firstGetsReturned(t *testing.T) {
function TestClearKMSClients (line 238) | func TestClearKMSClients(t *testing.T) {
FILE: daead/aessiv/aessiv.go
function RegisterPrimitiveConstructor (line 38) | func RegisterPrimitiveConstructor(b *config.Builder, t internalapi.Token...
function init (line 45) | func init() {
FILE: daead/aessiv/aessiv_test.go
function TestRegisterPrimitiveConstructor (line 30) | func TestRegisterPrimitiveConstructor(t *testing.T) {
FILE: daead/aessiv/daead.go
type fullDAEAD (line 28) | type fullDAEAD struct
method EncryptDeterministically (line 50) | func (a *fullDAEAD) EncryptDeterministically(plaintext, associatedData...
method DecryptDeterministically (line 58) | func (a *fullDAEAD) DecryptDeterministically(ciphertext, associatedDat...
function NewDeterministicAEAD (line 39) | func NewDeterministicAEAD(key *Key, _ internalapi.Token) (tink.Determini...
function primitiveConstructor (line 71) | func primitiveConstructor(k key.Key) (any, error) {
FILE: daead/aessiv/daead_test.go
function mustHexDecode (line 30) | func mustHexDecode(t *testing.T, s string) []byte {
function mustCreateParameters (line 39) | func mustCreateParameters(t *testing.T, keySize int, variant aessiv.Vari...
function mustCreateKey (line 48) | func mustCreateKey(t *testing.T, keyBytes []byte, idRequirement uint32, ...
constant aesSIVKeyHex (line 59) | aesSIVKeyHex = "c25cafc6018b98dfbb79a40ec89c575a4f88c4116489bba27...
constant aesSIVMsgHex (line 60) | aesSIVMsgHex = "beec61030fa3d670337196beade6aeaa"
constant aesSIVAad (line 61) | aesSIVAad = "deeb0ccf3aef47a296ed1ca8f4ae5907"
constant aesSIVCiphertextHex (line 62) | aesSIVCiphertextHex = "5865208eab9163db85cab9f96d846234a2626aae22f5c17c9...
function TestDeterministicAEAD (line 65) | func TestDeterministicAEAD(t *testing.T) {
function TestDeterministicAEADDecryptFailsWithInvalidCiphertext (line 115) | func TestDeterministicAEADDecryptFailsWithInvalidCiphertext(t *testing.T) {
FILE: daead/aessiv/key.go
type Key (line 28) | type Key struct
method KeyBytes (line 86) | func (k *Key) KeyBytes() secretdata.Bytes { return k.keyBytes }
method Parameters (line 89) | func (k *Key) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 94) | func (k *Key) IDRequirement() (uint32, bool) {
method OutputPrefix (line 99) | func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefi...
method Equal (line 102) | func (k *Key) Equal(other key.Key) bool {
function calculateOutputPrefix (line 38) | func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
function NewKey (line 56) | func NewKey(keyBytes secretdata.Bytes, idRequirement uint32, parameters ...
function createKey (line 110) | func createKey(p key.Parameters, idRequirement uint32) (key.Key, error) {
FILE: daead/aessiv/key_manager_test.go
function TestKeyManagerPrimitive (line 34) | func TestKeyManagerPrimitive(t *testing.T) {
function TestKeyManagerPrimitiveWithInvalidKeys (line 77) | func TestKeyManagerPrimitiveWithInvalidKeys(t *testing.T) {
function TestKeyManagerNewKey (line 117) | func TestKeyManagerNewKey(t *testing.T) {
function TestKeyManagerNewKeyData (line 139) | func TestKeyManagerNewKeyData(t *testing.T) {
function TestKeyManagerNewKeyInvalid (line 167) | func TestKeyManagerNewKeyInvalid(t *testing.T) {
function TestKeyManagerDoesSupport (line 206) | func TestKeyManagerDoesSupport(t *testing.T) {
function TestKeyManagerTypeURL (line 219) | func TestKeyManagerTypeURL(t *testing.T) {
function validateAESSIVKey (line 229) | func validateAESSIVKey(key *aspb.AesSivKey) error {
function encryptDecrypt (line 245) | func encryptDecrypt(encryptor, decryptor tink.DeterministicAEAD) error {
FILE: daead/aessiv/key_test.go
function TestNewKeyFailsIfParametersIsNil (line 61) | func TestNewKeyFailsIfParametersIsNil(t *testing.T) {
function TestNewKeyFailsIfKeySizeIsDifferentThanParameters (line 71) | func TestNewKeyFailsIfKeySizeIsDifferentThanParameters(t *testing.T) {
function TestNewKeyFailsIfInvalidParams (line 107) | func TestNewKeyFailsIfInvalidParams(t *testing.T) {
function TestNewKeyFailsIfNoPrefixAndIDIsNotZero (line 118) | func TestNewKeyFailsIfNoPrefixAndIDIsNotZero(t *testing.T) {
function TestOutputPrefix (line 129) | func TestOutputPrefix(t *testing.T) {
type testKey (line 175) | type testKey struct
function TestNewKeyWorks (line 183) | func TestNewKeyWorks(t *testing.T) {
type stubKey (line 292) | type stubKey struct
method Parameters (line 296) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 297) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 298) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestKey_Equal_FalseIfDifferentType (line 300) | func TestKey_Equal_FalseIfDifferentType(t *testing.T) {
function TestKeyEqualReturnsFalseIfDifferent (line 315) | func TestKeyEqualReturnsFalseIfDifferent(t *testing.T) {
function TestKeyCreator (line 412) | func TestKeyCreator(t *testing.T) {
function TestKeyCreator_FailsIfInvalidKeySize (line 463) | func TestKeyCreator_FailsIfInvalidKeySize(t *testing.T) {
FILE: daead/aessiv/parameters.go
type Variant (line 31) | type Variant
method String (line 44) | func (variant Variant) String() string {
constant VariantUnknown (line 35) | VariantUnknown Variant = iota
constant VariantTink (line 37) | VariantTink
constant VariantCrunchy (line 39) | VariantCrunchy
constant VariantNoPrefix (line 41) | VariantNoPrefix
type Parameters (line 58) | type Parameters struct
method KeySizeInBytes (line 66) | func (p *Parameters) KeySizeInBytes() int { return p.keySizeInBytes }
method Variant (line 69) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 96) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 99) | func (p *Parameters) Equal(other key.Parameters) bool {
function validateParams (line 71) | func validateParams(params *Parameters) error {
function NewParameters (line 84) | func NewParameters(keySizeInBytes int, variant Variant) (*Parameters, er...
FILE: daead/aessiv/parameters_test.go
function TestNewParametersInvalidKeySize (line 23) | func TestNewParametersInvalidKeySize(t *testing.T) {
function TestNewParametersInvalidVariant (line 31) | func TestNewParametersInvalidVariant(t *testing.T) {
function TestNewParametersWorks (line 37) | func TestNewParametersWorks(t *testing.T) {
function TestParametersEqualFalseIfDifferent (line 114) | func TestParametersEqualFalseIfDifferent(t *testing.T) {
FILE: daead/aessiv/protoserialization.go
constant protoVersion (line 33) | protoVersion = 0
constant typeURL (line 34) | typeURL = "type.googleapis.com/google.crypto.tink.AesSivKey"
type keySerializer (line 37) | type keySerializer struct
method SerializeKey (line 54) | func (s *keySerializer) SerializeKey(key key.Key) (*protoserialization...
function protoOutputPrefixTypeFromVariant (line 41) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type keyParser (line 81) | type keyParser struct
method ParseKey (line 98) | func (s *keyParser) ParseKey(keySerialization *protoserialization.KeyS...
function variantFromProto (line 85) | func variantFromProto(prefixType tinkpb.OutputPrefixType) (Variant, erro...
type parametersSerializer (line 132) | type parametersSerializer struct
method Serialize (line 136) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 159) | type parametersParser struct
method Parse (line 163) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: daead/aessiv/protoserialization_test.go
function TestParseKeyFails (line 33) | func TestParseKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 127) | func mustCreateKeySerialization(t *testing.T, keyData *tinkpb.KeyData, o...
function TestParseKey (line 136) | func TestParseKey(t *testing.T) {
type testParams (line 205) | type testParams struct
method HasIDRequirement (line 209) | func (p *testParams) HasIDRequirement() bool { return p.hasIDRequireme...
method Equal (line 211) | func (p *testParams) Equal(params key.Parameters) bool {
type protoSerializationTestKey (line 216) | type protoSerializationTestKey struct
method Parameters (line 222) | func (k *protoSerializationTestKey) Parameters() key.Parameters { retu...
method Equal (line 224) | func (k *protoSerializationTestKey) Equal(other key.Key) bool {
method IDRequirement (line 232) | func (k *protoSerializationTestKey) IDRequirement() (uint32, bool) {
function TestSerializeKeyFails (line 236) | func TestSerializeKeyFails(t *testing.T) {
function TestSerializeKey (line 259) | func TestSerializeKey(t *testing.T) {
function TestSerializeParametersFailsWithWrongParameters (line 327) | func TestSerializeParametersFailsWithWrongParameters(t *testing.T) {
function mustCreateKeyTemplate (line 353) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
type parametersSerializationTestCase (line 369) | type parametersSerializationTestCase struct
function mustCreateParametersTestParameters (line 375) | func mustCreateParametersTestParameters(t *testing.T) []parametersSerial...
function TestSerializeParameters (line 400) | func TestSerializeParameters(t *testing.T) {
function TestParseParameters (line 414) | func TestParseParameters(t *testing.T) {
function mustMarshal (line 428) | func mustMarshal(t *testing.T, message proto.Message) []byte {
function TestParseParametersFailsWithWrongKeyTemplate (line 437) | func TestParseParametersFailsWithWrongKeyTemplate(t *testing.T) {
FILE: daead/daead_benchmark_test.go
function BenchmarkAESSIV (line 28) | func BenchmarkAESSIV(b *testing.B) {
FILE: daead/daead_factory.go
function New (line 33) | func New(handle *keyset.Handle) (tink.DeterministicAEAD, error) {
function NewWithConfig (line 39) | func NewWithConfig(handle *keyset.Handle, config keyset.Config) (tink.De...
type daeadAndKeyID (line 47) | type daeadAndKeyID struct
method EncryptDeterministically (line 52) | func (a *daeadAndKeyID) EncryptDeterministically(plaintext, associated...
method DecryptDeterministically (line 56) | func (a *daeadAndKeyID) DecryptDeterministically(ciphertext, associate...
type fullDAEADPrimitiveAdapter (line 62) | type fullDAEADPrimitiveAdapter struct
method EncryptDeterministically (line 69) | func (a *fullDAEADPrimitiveAdapter) EncryptDeterministically(plaintext...
method DecryptDeterministically (line 77) | func (a *fullDAEADPrimitiveAdapter) DecryptDeterministically(ciphertex...
function extractFullDAEAD (line 81) | func extractFullDAEAD(entry *primitiveset.Entry[tink.DeterministicAEAD])...
type wrappedDAEAD (line 99) | type wrappedDAEAD struct
method EncryptDeterministically (line 167) | func (d *wrappedDAEAD) EncryptDeterministically(pt, aad []byte) ([]byt...
method DecryptDeterministically (line 180) | func (d *wrappedDAEAD) DecryptDeterministically(ct, aad []byte) ([]byt...
function newWrappedDeterministicAEAD (line 109) | func newWrappedDeterministicAEAD(ps *primitiveset.PrimitiveSet[tink.Dete...
function createLoggers (line 137) | func createLoggers(ps *primitiveset.PrimitiveSet[tink.DeterministicAEAD]...
FILE: daead/daead_factory_test.go
function TestFactoryMultipleKeys (line 51) | func TestFactoryMultipleKeys(t *testing.T) {
function TestFactoryRawKeyAsPrimary (line 120) | func TestFactoryRawKeyAsPrimary(t *testing.T) {
function validateDAEADFactoryCipher (line 138) | func validateDAEADFactoryCipher(encryptCipher, decryptCipher tink.Determ...
function TestFactoryWithInvalidPrimitiveSetType (line 172) | func TestFactoryWithInvalidPrimitiveSetType(t *testing.T) {
function TestFactoryWithValidPrimitiveSetType (line 184) | func TestFactoryWithValidPrimitiveSetType(t *testing.T) {
function TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecryptionWithPrefix (line 196) | func TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecrypti...
function TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecryptionWithoutPrefix (line 258) | func TestPrimitiveFactoryWithMonitoringAnnotationsLogsEncryptionDecrypti...
function TestFactoryWithMonitoringPrimitiveWithMultipleKeysLogsEncryptionDecryption (line 325) | func TestFactoryWithMonitoringPrimitiveWithMultipleKeysLogsEncryptionDec...
function TestPrimitiveFactoryWithMonitoringAnnotationsEncryptionFailureIsLogged (line 427) | func TestPrimitiveFactoryWithMonitoringAnnotationsEncryptionFailureIsLog...
function TestPrimitiveFactoryWithMonitoringAnnotationsDecryptionFailureIsLogged (line 497) | func TestPrimitiveFactoryWithMonitoringAnnotationsDecryptionFailureIsLog...
function TestFactoryWithMonitoringMultiplePrimitivesLogOperations (line 550) | func TestFactoryWithMonitoringMultiplePrimitivesLogOperations(t *testing...
function TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNotMonitor (line 646) | func TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNotMonitor(...
constant stubKeyURL (line 675) | stubKeyURL = "type.googleapis.com/google.crypto.tink.SomeKey"
constant fullDAEADPrefix (line 676) | fullDAEADPrefix = "full_dead_prefix"
constant legacyDAEADPrefix (line 677) | legacyDAEADPrefix = "legacy_dead_prefix"
type stubFullDEAD (line 680) | type stubFullDEAD struct
method EncryptDeterministically (line 684) | func (s *stubFullDEAD) EncryptDeterministically(pt, ad []byte) ([]byte...
method DecryptDeterministically (line 688) | func (s *stubFullDEAD) DecryptDeterministically(ct, ad []byte) ([]byte...
type stubParams (line 692) | type stubParams struct
method Equal (line 696) | func (p *stubParams) Equal(_ key.Parameters) bool { return true }
method HasIDRequirement (line 697) | func (p *stubParams) HasIDRequirement() bool { return true }
type stubKey (line 699) | type stubKey struct
method Equal (line 706) | func (p *stubKey) Equal(_ key.Key) bool { return true }
method Parameters (line 707) | func (p *stubKey) Parameters() key.Parameters { return &stubParams{} }
method IDRequirement (line 708) | func (p *stubKey) IDRequirement() (uint32, bool) { return p.idRequirem...
method HasIDRequirement (line 709) | func (p *stubKey) HasIDRequirement() bool { return p.prefixType...
method OutputPrefix (line 710) | func (p *stubKey) OutputPrefix() []byte {
type stubKeySerialization (line 718) | type stubKeySerialization struct
method SerializeKey (line 722) | func (s *stubKeySerialization) SerializeKey(key key.Key) (*protoserial...
type stubKeyParser (line 734) | type stubKeyParser struct
method ParseKey (line 738) | func (s *stubKeyParser) ParseKey(serialization *protoserialization.Key...
function mustCreateKeyset (line 743) | func mustCreateKeyset(t *testing.T, key key.Key) *keyset.Handle {
function TestPrimitiveFactoryUsesFullPrimitiveIfRegistered (line 760) | func TestPrimitiveFactoryUsesFullPrimitiveIfRegistered(t *testing.T) {
type stubLegacyDEAD (line 797) | type stubLegacyDEAD struct
method EncryptDeterministically (line 801) | func (s *stubLegacyDEAD) EncryptDeterministically(pt, ad []byte) ([]by...
method DecryptDeterministically (line 805) | func (s *stubLegacyDEAD) DecryptDeterministically(ct, ad []byte) ([]by...
type stubKeyManager (line 809) | type stubKeyManager struct
method NewKey (line 813) | func (km *stubKeyManager) NewKey(_ []byte) (proto.Message, error) {
method NewKeyData (line 816) | func (km *stubKeyManager) NewKeyData(_ []byte) (*tinkpb.KeyData, error) {
method DoesSupport (line 819) | func (km *stubKeyManager) DoesSupport(keyURL string) bool { return ke...
method TypeURL (line 820) | func (km *stubKeyManager) TypeURL() string { return st...
method Primitive (line 821) | func (km *stubKeyManager) Primitive(_ []byte) (any, error) { return &s...
function TestPrimitiveFactoryUsesLegacyPrimitive (line 823) | func TestPrimitiveFactoryUsesLegacyPrimitive(t *testing.T) {
function TestNewWithConfig (line 878) | func TestNewWithConfig(t *testing.T) {
FILE: daead/daead_init_test.go
function TestDeterministicAEADInit (line 24) | func TestDeterministicAEADInit(t *testing.T) {
FILE: daead/daead_key_templates.go
function AESSIVKeyTemplate (line 27) | func AESSIVKeyTemplate() *tinkpb.KeyTemplate {
FILE: daead/daead_key_templates_test.go
function TestKeyTemplates (line 28) | func TestKeyTemplates(t *testing.T) {
function testEncryptDecrypt (line 45) | func testEncryptDecrypt(template *tinkpb.KeyTemplate) error {
FILE: daead/daead_test.go
function Example (line 29) | func Example() {
FILE: daead/subtle/aes_siv.go
type AESSIV (line 54) | type AESSIV struct
method EncryptDeterministically (line 97) | func (asc *AESSIV) EncryptDeterministically(plaintext, associatedData ...
method DecryptDeterministically (line 112) | func (asc *AESSIV) DecryptDeterministically(ciphertext, associatedData...
method ctrCrypt (line 135) | func (asc *AESSIV) ctrCrypt(siv, in, out []byte) error {
method s2v (line 155) | func (asc *AESSIV) s2v(msg, ad []byte) []byte {
constant AESSIVKeySize (line 61) | AESSIVKeySize = 64
constant intSize (line 63) | intSize = 32 << (^uint(0) >> 63)
constant maxInt (line 64) | maxInt = 1<<(intSize-1) - 1
function NewAESSIV (line 68) | func NewAESSIV(key []byte) (*AESSIV, error) {
function multiplyByX (line 87) | func multiplyByX(block []byte) {
FILE: daead/subtle/aes_siv_test.go
function TestAESSIV_EncryptDecrypt (line 28) | func TestAESSIV_EncryptDecrypt(t *testing.T) {
function TestAESSIV_EmptyPlaintext (line 56) | func TestAESSIV_EmptyPlaintext(t *testing.T) {
function TestAESSIV_EmptyAdditionalData (line 92) | func TestAESSIV_EmptyAdditionalData(t *testing.T) {
function TestAESSIV_KeySizes (line 123) | func TestAESSIV_KeySizes(t *testing.T) {
function TestAESSIV_MessageSizes (line 145) | func TestAESSIV_MessageSizes(t *testing.T) {
function TestAESSIV_AdditionalDataSizes (line 187) | func TestAESSIV_AdditionalDataSizes(t *testing.T) {
function TestAESSIV_CiphertextModifications (line 216) | func TestAESSIV_CiphertextModifications(t *testing.T) {
type AESSIVSuite (line 249) | type AESSIVSuite struct
type testGroup (line 254) | type testGroup struct
type testCase (line 260) | type testCase struct
function TestAESSIV_WycheproofVectors (line 268) | func TestAESSIV_WycheproofVectors(t *testing.T) {
FILE: hybrid/ecies/ecies.go
function init (line 48) | func init() {
function RegisterPrimitiveConstructor (line 100) | func RegisterPrimitiveConstructor(c *config.Builder, t internalapi.Token...
FILE: hybrid/ecies/ecies_aead_hkdf_hybrid_decrypt_test.go
function modifyDecrypt (line 32) | func modifyDecrypt(t *testing.T, c string, keyTemplate *tinkpb.KeyTempla...
function TestECAESCTRHMACSHA256Decrypt (line 101) | func TestECAESCTRHMACSHA256Decrypt(t *testing.T) {
function TestECAES256GCMDecrypt (line 113) | func TestECAES256GCMDecrypt(t *testing.T) {
function TestECAESSIVDecrypt (line 125) | func TestECAESSIVDecrypt(t *testing.T) {
function aesSIVKeyTemplateNoPrefix (line 132) | func aesSIVKeyTemplateNoPrefix() *tinkpb.KeyTemplate {
function TestECAESSIVTestVectors (line 138) | func TestECAESSIVTestVectors(t *testing.T) {
FILE: hybrid/ecies/ecies_aead_hkdf_hybrid_encrypt_test.go
function basicMultipleEncrypts (line 30) | func basicMultipleEncrypts(t *testing.T, c string, keyTemplate *tinkpb.K...
function TestECAESCTRHMACSHA256Encrypt (line 85) | func TestECAESCTRHMACSHA256Encrypt(t *testing.T) {
function TestECAES256GCMEncrypt (line 97) | func TestECAES256GCMEncrypt(t *testing.T) {
function TestECAESSIVEncrypt (line 109) | func TestECAESSIVEncrypt(t *testing.T) {
FILE: hybrid/ecies/ecies_test.go
function mustCreateKeysetHandle (line 27) | func mustCreateKeysetHandle(t *testing.T, privateKey *ecies.PrivateKey) ...
function TestEncryptDecryptFromPublicAPI (line 44) | func TestEncryptDecryptFromPublicAPI(t *testing.T) {
function TestEncryptDecryptFromWithKeysetFromParameters (line 90) | func TestEncryptDecryptFromWithKeysetFromParameters(t *testing.T) {
FILE: hybrid/ecies/hybrid_decrypt.go
type hybridDecrypt (line 29) | type hybridDecrypt struct
method Decrypt (line 80) | func (e *hybridDecrypt) Decrypt(ciphertext, contextInfo []byte) ([]byt...
function pointFormatToSubtleString (line 35) | func pointFormatToSubtleString(pointFormat PointFormat) string {
function NewHybridDecrypt (line 52) | func NewHybridDecrypt(privateKey *PrivateKey, _ internalapi.Token) (tink...
function hybridDecryptConstructor (line 90) | func hybridDecryptConstructor(k key.Key) (any, error) {
FILE: hybrid/ecies/hybrid_encrypt.go
type hybridEncrypt (line 29) | type hybridEncrypt struct
method Encrypt (line 77) | func (e *hybridEncrypt) Encrypt(plaintext, contextInfo []byte) ([]byte...
function NewHybridEncrypt (line 39) | func NewHybridEncrypt(publicKey *PublicKey, _ internalapi.Token) (tink.H...
function hybridEncryptConstructor (line 85) | func hybridEncryptConstructor(k key.Key) (any, error) {
FILE: hybrid/ecies/hybrid_encrypt_test.go
type hybridEncryptTestVector (line 28) | type hybridEncryptTestVector struct
function hybridTestVectors (line 40) | func hybridTestVectors(t *testing.T) []hybridEncryptTestVector {
function TestNewHybridEncryptAndDecryptFailsIfX25519 (line 322) | func TestNewHybridEncryptAndDecryptFailsIfX25519(t *testing.T) {
function TestEncryptDecrypt (line 353) | func TestEncryptDecrypt(t *testing.T) {
function mustEncrypt (line 396) | func mustEncrypt(t *testing.T, publicKey *ecies.PublicKey, plaintext, co...
function TestDecryptFails (line 409) | func TestDecryptFails(t *testing.T) {
FILE: hybrid/ecies/key.go
type PublicKey (line 30) | type PublicKey struct
method PublicKeyBytes (line 99) | func (k *PublicKey) PublicKeyBytes() []byte { return k.publicKeyBytes }
method Parameters (line 102) | func (k *PublicKey) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 105) | func (k *PublicKey) IDRequirement() (uint32, bool) {
method OutputPrefix (line 110) | func (k *PublicKey) OutputPrefix() []byte { return bytes.Clone(k.outpu...
method Equal (line 113) | func (k *PublicKey) Equal(other key.Key) bool {
function calculateOutputPrefix (line 42) | func calculateOutputPrefix(variant Variant, idRequirement uint32) ([]byt...
function ecdhCurveFromCurveType (line 56) | func ecdhCurveFromCurveType(ct CurveType) (ecdh.Curve, error) {
function NewPublicKey (line 74) | func NewPublicKey(publicKeyBytes []byte, idRequirement uint32, parameter...
type PrivateKey (line 121) | type PrivateKey struct
method PrivateKeyBytes (line 189) | func (k *PrivateKey) PrivateKeyBytes() secretdata.Bytes { return k.pri...
method PublicKey (line 194) | func (k *PrivateKey) PublicKey() (key.Key, error) { return k.publicKey...
method Parameters (line 197) | func (k *PrivateKey) Parameters() key.Parameters { return k.publicKey....
method IDRequirement (line 201) | func (k *PrivateKey) IDRequirement() (uint32, bool) { return k.publicK...
method OutputPrefix (line 204) | func (k *PrivateKey) OutputPrefix() []byte { return bytes.Clone(k.publ...
method Equal (line 207) | func (k *PrivateKey) Equal(other key.Key) bool {
function NewPrivateKey (line 136) | func NewPrivateKey(privateKeyBytes secretdata.Bytes, idRequirement uint3...
function NewPrivateKeyFromPublicKey (line 164) | func NewPrivateKeyFromPublicKey(privateKeyBytes secretdata.Bytes, pubKey...
function createPrivateKey (line 213) | func createPrivateKey(p key.Parameters, idRequirement uint32) (key.Key, ...
FILE: hybrid/ecies/key_test.go
type keyTestCase (line 35) | type keyTestCase struct
function mustCreateParameters (line 45) | func mustCreateParameters(t *testing.T, opts ecies.ParametersOpts) *ecie...
function mustHexDecode (line 54) | func mustHexDecode(t *testing.T, hexString string) []byte {
function mustCreateKeyTestCases (line 87) | func mustCreateKeyTestCases(t *testing.T) []keyTestCase {
function TestNewPublicKeyFailsWithInvalidValues (line 238) | func TestNewPublicKeyFailsWithInvalidValues(t *testing.T) {
type stubKey (line 345) | type stubKey struct
method Parameters (line 349) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 350) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 351) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestPublicKey_Equal_FalseIfDifferentType (line 353) | func TestPublicKey_Equal_FalseIfDifferentType(t *testing.T) {
function TestNewPublicKey (line 380) | func TestNewPublicKey(t *testing.T) {
function TestPublicKeyNotEqual (line 416) | func TestPublicKeyNotEqual(t *testing.T) {
function mustCreatePublicKey (line 564) | func mustCreatePublicKey(t *testing.T, publicKeyBytes []byte, idRequirem...
function TestNewPrivateKeyFromPublicKeyFailsWithInvalidValues (line 573) | func TestNewPrivateKeyFromPublicKeyFailsWithInvalidValues(t *testing.T) {
function doTestPrivateKeyAccessors (line 650) | func doTestPrivateKeyAccessors(t *testing.T, privateKey *ecies.PrivateKe...
function TestNewPrivateKeyFromPublicKey (line 676) | func TestNewPrivateKeyFromPublicKey(t *testing.T) {
function TestPrivateKey_Equal_FalseIfDifferentType (line 710) | func TestPrivateKey_Equal_FalseIfDifferentType(t *testing.T) {
function TestNewPrivateKey (line 742) | func TestNewPrivateKey(t *testing.T) {
function TestPrivateKeyNotEqual (line 776) | func TestPrivateKeyNotEqual(t *testing.T) {
function TestPrivateKeyCreator (line 896) | func TestPrivateKeyCreator(t *testing.T) {
function TestPrivateKeyCreator_FailsWithInvalidParameters (line 964) | func TestPrivateKeyCreator_FailsWithInvalidParameters(t *testing.T) {
FILE: hybrid/ecies/parameters.go
type Variant (line 35) | type Variant
method String (line 48) | func (variant Variant) String() string {
constant VariantUnknown (line 39) | VariantUnknown Variant = iota
constant VariantTink (line 41) | VariantTink
constant VariantCrunchy (line 43) | VariantCrunchy
constant VariantNoPrefix (line 45) | VariantNoPrefix
type CurveType (line 62) | type CurveType
method String (line 77) | func (ct CurveType) String() string {
constant UnknownCurveType (line 66) | UnknownCurveType CurveType = iota
constant NISTP256 (line 68) | NISTP256
constant NISTP384 (line 70) | NISTP384
constant NISTP521 (line 72) | NISTP521
constant X25519 (line 74) | X25519
type HashType (line 93) | type HashType
method String (line 110) | func (ht HashType) String() string {
constant UnknownHashType (line 97) | UnknownHashType HashType = iota
constant SHA1 (line 99) | SHA1
constant SHA224 (line 101) | SHA224
constant SHA256 (line 103) | SHA256
constant SHA384 (line 105) | SHA384
constant SHA512 (line 107) | SHA512
type PointFormat (line 129) | type PointFormat
method String (line 145) | func (pf PointFormat) String() string {
constant UnspecifiedPointFormat (line 133) | UnspecifiedPointFormat PointFormat = iota
constant CompressedPointFormat (line 135) | CompressedPointFormat
constant UncompressedPointFormat (line 137) | UncompressedPointFormat
constant LegacyUncompressedPointFormat (line 142) | LegacyUncompressedPointFormat
type Parameters (line 162) | type Parameters struct
method CurveType (line 297) | func (p *Parameters) CurveType() CurveType { return p.curveType }
method HashType (line 300) | func (p *Parameters) HashType() HashType { return p.hashType }
method NISTCurvePointFormat (line 303) | func (p *Parameters) NISTCurvePointFormat() PointFormat { return p.nis...
method DEMParameters (line 306) | func (p *Parameters) DEMParameters() key.Parameters { return p.demPara...
method Salt (line 309) | func (p *Parameters) Salt() []byte { return bytes.Clone(p.salt) }
method Variant (line 312) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 315) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 318) | func (p *Parameters) Equal(other key.Parameters) bool {
function mustCreateAllowedDEMParameters (line 175) | func mustCreateAllowedDEMParameters() []key.Parameters {
function isAllowedDEMParameters (line 234) | func isAllowedDEMParameters(demParameters key.Parameters) error {
function isNISTCurve (line 244) | func isNISTCurve(curveType CurveType) bool {
type ParametersOpts (line 254) | type ParametersOpts struct
function NewParameters (line 264) | func NewParameters(opts ParametersOpts) (*Parameters, error) {
FILE: hybrid/ecies/parameters_test.go
function mustCreateSupportedDEMPArams (line 30) | func mustCreateSupportedDEMPArams(t *testing.T) map[string]key.Parameters {
function TestNewParametersInvalidValues (line 89) | func TestNewParametersInvalidValues(t *testing.T) {
type testCase (line 177) | type testCase struct
function testCases (line 182) | func testCases(t *testing.T) []testCase {
function TestNewParameters (line 222) | func TestNewParameters(t *testing.T) {
function TestParametersNotEqual (line 261) | func TestParametersNotEqual(t *testing.T) {
FILE: hybrid/ecies/private_key_manager_test.go
constant privateKeyTypeURL (line 30) | privateKeyTypeURL = "type.googleapis.com/google.crypto.tink.EciesAeadHkd...
constant privateKeyVersion (line 31) | privateKeyVersion = 0
function TestPrivateKeyManagerPrimitive (line 34) | func TestPrivateKeyManagerPrimitive(t *testing.T) {
function TestPrivateKeyManagerPrimitiveErrors (line 50) | func TestPrivateKeyManagerPrimitiveErrors(t *testing.T) {
function TestPrivateKeyManagerGetPublicKeyErrors (line 98) | func TestPrivateKeyManagerGetPublicKeyErrors(t *testing.T) {
function TestPrivateKeyManagerNewKey (line 146) | func TestPrivateKeyManagerNewKey(t *testing.T) {
function TestPrivateKeyManagerNewKeyErrors (line 161) | func TestPrivateKeyManagerNewKeyErrors(t *testing.T) {
function makeValidECIESAEADHKDFKeyFormat (line 244) | func makeValidECIESAEADHKDFKeyFormat(t *testing.T) *eahpb.EciesAeadHkdfK...
function makeValidECIESAEADHKDFPrivateKey (line 261) | func makeValidECIESAEADHKDFPrivateKey(t *testing.T) *eahpb.EciesAeadHkdf...
function mustMarshal (line 284) | func mustMarshal(t *testing.T, msg proto.Message) []byte {
FILE: hybrid/ecies/protoserialization.go
constant publicKeyTypeURL (line 34) | publicKeyTypeURL = "type.googleapis.com/google.crypto.tink.EciesAeadHkd...
constant privateKeyTypeURL (line 35) | privateKeyTypeURL = "type.googleapis.com/google.crypto.tink.EciesAeadHkd...
function protoOutputPrefixTypeFromVariant (line 38) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type publicKeySerializer (line 51) | type publicKeySerializer struct
method SerializeKey (line 205) | func (s *publicKeySerializer) SerializeKey(key key.Key) (*protoseriali...
function protoCurveFromCurveType (line 55) | func protoCurveFromCurveType(curveType CurveType) (commonpb.EllipticCurv...
function protoHashTypeFromHashType (line 70) | func protoHashTypeFromHashType(hashType HashType) (commonpb.HashType, er...
function protoEcPointFormatFromPointFormat (line 87) | func protoEcPointFormatFromPointFormat(pointFormat PointFormat) (commonp...
function createProtoECIESParams (line 103) | func createProtoECIESParams(p *Parameters) (*eciespb.EciesAeadHkdfParams...
function coordinateSizeForCurve (line 139) | func coordinateSizeForCurve(curveType CurveType) (int, error) {
function publicKeyToProtoPublicKey (line 152) | func publicKeyToProtoPublicKey(publicKey *PublicKey) (*eciespb.EciesAead...
type publicKeyParser (line 236) | type publicKeyParser struct
method ParseKey (line 382) | func (s *publicKeyParser) ParseKey(keySerialization *protoserializatio...
function curveTypeFromProto (line 240) | func curveTypeFromProto(curveType commonpb.EllipticCurveType) (CurveType...
function hashTypeFromProto (line 255) | func hashTypeFromProto(hashType commonpb.HashType) (HashType, error) {
function variantFromProto (line 272) | func variantFromProto(outputPrefixType tinkpb.OutputPrefixType) (Variant...
function pointFormatFromProtoPointFormat (line 285) | func pointFormatFromProtoPointFormat(pointFormat commonpb.EcPointFormat)...
function parseParameters (line 298) | func parseParameters(protoParams *eciespb.EciesAeadHkdfParams, outputPre...
function parsePublicKey (line 347) | func parsePublicKey(publicKey *eciespb.EciesAeadHkdfPublicKey, outputPre...
type privateKeySerializer (line 403) | type privateKeySerializer struct
method SerializeKey (line 407) | func (s *privateKeySerializer) SerializeKey(key key.Key) (*protoserial...
type privateKeyParser (line 463) | type privateKeyParser struct
method ParseKey (line 467) | func (s *privateKeyParser) ParseKey(keySerialization *protoserializati...
type parametersSerializer (line 508) | type parametersSerializer struct
method Serialize (line 512) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 541) | type parametersParser struct
method Parse (line 545) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: hybrid/ecies/protoserialization_test.go
type testParams (line 41) | type testParams struct
method HasIDRequirement (line 43) | func (p *testParams) HasIDRequirement() bool { return true }
method Equal (line 45) | func (p *testParams) Equal(params key.Parameters) bool { return true }
type testKey (line 47) | type testKey struct
method Parameters (line 49) | func (k *testKey) Parameters() key.Parameters { return &testParams{} }
method Equal (line 51) | func (k *testKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 53) | func (k *testKey) IDRequirement() (uint32, bool) { return 123, true }
function TestSerializePublicKeyFails (line 55) | func TestSerializePublicKeyFails(t *testing.T) {
function mustCreateKeySerialization (line 81) | func mustCreateKeySerialization(t *testing.T, url string, keyMaterialTyp...
type protoSerializationTestCase (line 99) | type protoSerializationTestCase struct
function mustCreatePrivateKey (line 107) | func mustCreatePrivateKey(t *testing.T, privateKeyBytes []byte, idRequir...
function mustCreateTestCases (line 116) | func mustCreateTestCases(t *testing.T) []protoSerializationTestCase {
function TestSerializePublicKey (line 319) | func TestSerializePublicKey(t *testing.T) {
function TestParsePublicKeyParsesDEMWithAnyOutputPrefixType (line 335) | func TestParsePublicKeyParsesDEMWithAnyOutputPrefixType(t *testing.T) {
function TestParsePublicKeyToleratesNoPadding (line 383) | func TestParsePublicKeyToleratesNoPadding(t *testing.T) {
function TestParsePublicKeyToleratesArbitraryPadding (line 434) | func TestParsePublicKeyToleratesArbitraryPadding(t *testing.T) {
function TestParsePublicKey (line 481) | func TestParsePublicKey(t *testing.T) {
function TestParsePublicKeyFails (line 519) | func TestParsePublicKeyFails(t *testing.T) {
function TestSerializePrivateKey (line 755) | func TestSerializePrivateKey(t *testing.T) {
function TestSerializePrivateKeyFails (line 769) | func TestSerializePrivateKeyFails(t *testing.T) {
function TestParsePrivateKey (line 795) | func TestParsePrivateKey(t *testing.T) {
function TestParsePrivateKeyFails (line 838) | func TestParsePrivateKeyFails(t *testing.T) {
type parametersSerializationTestCase (line 973) | type parametersSerializationTestCase struct
function mustCreateKeyTemplate (line 979) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
function mustCreateParametersTestParameters (line 1001) | func mustCreateParametersTestParameters(t *testing.T) []parametersSerial...
function TestParseParameters (line 1079) | func TestParseParameters(t *testing.T) {
function TestParseParametersFails (line 1093) | func TestParseParametersFails(t *testing.T) {
function TestSerializeParameters (line 1131) | func TestSerializeParameters(t *testing.T) {
FILE: hybrid/ecies/public_key_manager_test.go
constant publicKeyTypeURL (line 27) | publicKeyTypeURL = "type.googleapis.com/google.crypto.tink.EciesAeadHkdf...
constant publicKeyVersion (line 28) | publicKeyVersion = 0
function TestPublicKeyManagerPrimitive (line 31) | func TestPublicKeyManagerPrimitive(t *testing.T) {
function TestPublicKeyManagerPrimitiveErrors (line 47) | func TestPublicKeyManagerPrimitiveErrors(t *testing.T) {
function makeValidECIESAEADHKDFPublicKey (line 136) | func makeValidECIESAEADHKDFPublicKey(t *testing.T) *eahpb.EciesAeadHkdfP...
FILE: hybrid/hpke/hpke.go
function unmarshalHpkePublicKey (line 34) | func unmarshalHpkePublicKey(b []byte) (*hpkepb.HpkePublicKey, error) {
function unmarshalHpkePrivateKey (line 42) | func unmarshalHpkePrivateKey(b []byte) (*hpkepb.HpkePrivateKey, error) {
function init (line 50) | func init() {
function RegisterPrimitiveConstructor (line 94) | func RegisterPrimitiveConstructor(c *config.Builder, t internalapi.Token...
FILE: hybrid/hpke/hpke_test.go
function TestEncryptDecryptFromWithKeysetFromParameters (line 26) | func TestEncryptDecryptFromWithKeysetFromParameters(t *testing.T) {
FILE: hybrid/hpke/hybrid_decrypt.go
type hybridDecrypt (line 27) | type hybridDecrypt struct
method Decrypt (line 109) | func (e *hybridDecrypt) Decrypt(ciphertext, contextInfo []byte) ([]byt...
function kemIDFromParams (line 33) | func kemIDFromParams(params *Parameters) (internalhpke.KEMID, error) {
function kdfIDFromParams (line 54) | func kdfIDFromParams(params *Parameters) (internalhpke.KDFID, error) {
function aeadIDFromParams (line 67) | func aeadIDFromParams(params *Parameters) (internalhpke.AEADID, error) {
function NewHybridDecrypt (line 84) | func NewHybridDecrypt(privateKey *PrivateKey, _ internalapi.Token) (tink...
function hybridDecryptConstructor (line 119) | func hybridDecryptConstructor(k key.Key) (any, error) {
FILE: hybrid/hpke/hybrid_encrypt.go
type hybridEncrypt (line 27) | type hybridEncrypt struct
method Encrypt (line 62) | func (e *hybridEncrypt) Encrypt(plaintext, contextInfo []byte) ([]byte...
function NewHybridEncrypt (line 37) | func NewHybridEncrypt(publicKey *PublicKey, _ internalapi.Token) (tink.H...
function hybridEncryptConstructor (line 70) | func hybridEncryptConstructor(k key.Key) (any, error) {
FILE: hybrid/hpke/hybrid_encrypt_decrypt_test.go
type hybridEncryptTestVector (line 25) | type hybridEncryptTestVector struct
function hybridTestVectors (line 37) | func hybridTestVectors(t *testing.T) []hybridEncryptTestVector {
function TestEncryptDecrypt (line 180) | func TestEncryptDecrypt(t *testing.T) {
function mustEncrypt (line 223) | func mustEncrypt(t *testing.T, publicKey *hpke.PublicKey, plaintext, con...
function TestDecryptFails (line 236) | func TestDecryptFails(t *testing.T) {
FILE: hybrid/hpke/key.go
constant xWingPublicKeySize (line 32) | xWingPublicKeySize = 1216
constant xWingSecretKeySize (line 33) | xWingSecretKeySize = 32
constant mlKEM768PublicKeySize (line 34) | mlKEM768PublicKeySize = 1184
constant mlKEM768SecretKeySize (line 35) | mlKEM768SecretKeySize = 64
constant mlKEM1024PublicKeySize (line 36) | mlKEM1024PublicKeySize = 1568
constant mlKEM1024SecretKeySize (line 37) | mlKEM1024SecretKeySize = 64
type PublicKey (line 41) | type PublicKey struct
method PublicKeyBytes (line 248) | func (k *PublicKey) PublicKeyBytes() []byte { return k.publicKeyBytes }
method Parameters (line 251) | func (k *PublicKey) Parameters() key.Parameters { return k.parameters }
method IDRequirement (line 254) | func (k *PublicKey) IDRequirement() (uint32, bool) {
method OutputPrefix (line 259) | func (k *PublicKey) OutputPrefix() []byte { return bytes.Clone(k.outpu...
method Equal (line 262) | func (k *PublicKey) Equal(other key.Key) bool {
function calculateOutputPrefix (line 53) | func calculateOutputPrefix(variant Variant, idRequirement uint32) ([]byt...
function ecdhCurveFromKEMID (line 66) | func ecdhCurveFromKEMID(kemID KEMID) (ecdh.Curve, error) {
function validateECDHPublicKey (line 81) | func validateECDHPublicKey(publicKeyBytes []byte, kemID KEMID) error {
function validateXWingPublicKey (line 93) | func validateXWingPublicKey(publicKeyBytes []byte) error {
function validateMLKEMPublicKey (line 100) | func validateMLKEMPublicKey(publicKeyBytes []byte, kemID KEMID) error {
function newECDHPublicKeyFromPrivateKey (line 116) | func newECDHPublicKeyFromPrivateKey(privateKeyBytes secretdata.Bytes, ke...
function newXWingPublicKeyFromPrivateKey (line 128) | func newXWingPublicKeyFromPrivateKey(privateKeyBytes secretdata.Bytes) (...
function newMLKEMPublicKeyFromPrivateKey (line 136) | func newMLKEMPublicKeyFromPrivateKey(privateKeyBytes secretdata.Bytes, k...
function validateECDHPrivateKey (line 155) | func validateECDHPrivateKey(privateKeyBytes secretdata.Bytes, pubKey *Pu...
function validateXWingPrivateKey (line 175) | func validateXWingPrivateKey(privateKeyBytes secretdata.Bytes, pubKey *P...
function validateMLKEMPrivateKey (line 186) | func validateMLKEMPrivateKey(privateKeyBytes secretdata.Bytes, pubKey *P...
function NewPublicKey (line 215) | func NewPublicKey(publicKeyBytes []byte, idRequirement uint32, parameter...
type PrivateKey (line 270) | type PrivateKey struct
method PrivateKeyBytes (line 355) | func (k *PrivateKey) PrivateKeyBytes() secretdata.Bytes { return k.pri...
method PublicKey (line 360) | func (k *PrivateKey) PublicKey() (key.Key, error) { return k.publicKey...
method Parameters (line 363) | func (k *PrivateKey) Parameters() key.Parameters { return k.publicKey....
method IDRequirement (line 367) | func (k *PrivateKey) IDRequirement() (uint32, bool) { return k.publicK...
method OutputPrefix (line 370) | func (k *PrivateKey) OutputPrefix() []byte { return bytes.Clone(k.publ...
method Equal (line 373) | func (k *PrivateKey) Equal(other key.Key) bool {
function NewPrivateKey (line 288) | func NewPrivateKey(privateKeyBytes secretdata.Bytes, idRequirement uint3...
function NewPrivateKeyFromPublicKey (line 331) | func NewPrivateKeyFromPublicKey(privateKeyBytes secretdata.Bytes, pubKey...
function createPrivateKey (line 379) | func createPrivateKey(p key.Parameters, idRequirement uint32) (key.Key, ...
FILE: hybrid/hpke/key_test.go
type keyTestCase (line 33) | type keyTestCase struct
function mustCreateParameters (line 43) | func mustCreateParameters(t *testing.T, opts hpke.ParametersOpts) *hpke....
function mustHexDecode (line 52) | func mustHexDecode(t *testing.T, hexString string) []byte {
function mustCreateKeyTestCases (line 97) | func mustCreateKeyTestCases(t *testing.T) []keyTestCase {
function TestNewPublicKeyFailsWithInvalidValues (line 273) | func TestNewPublicKeyFailsWithInvalidValues(t *testing.T) {
type stubKey (line 342) | type stubKey struct
method Parameters (line 346) | func (k *stubKey) Parameters() key.Parameters { return nil }
method Equal (line 347) | func (k *stubKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 348) | func (k *stubKey) IDRequirement() (uint32, bool) { return 123, true }
function TestPublicKey_Equal_FalseIfDifferentType (line 350) | func TestPublicKey_Equal_FalseIfDifferentType(t *testing.T) {
function TestNewPublicKey (line 364) | func TestNewPublicKey(t *testing.T) {
function TestPublicKeyNotEqual (line 399) | func TestPublicKeyNotEqual(t *testing.T) {
function mustCreatePublicKey (line 525) | func mustCreatePublicKey(t *testing.T, publicKeyBytes []byte, idRequirem...
function TestNewPrivateKeyFromPublicKeyFailsWithInvalidValues (line 534) | func TestNewPrivateKeyFromPublicKeyFailsWithInvalidValues(t *testing.T) {
function TestPrivateKey_Equal_FalseIfDifferentType (line 599) | func TestPrivateKey_Equal_FalseIfDifferentType(t *testing.T) {
function doTestPrivateKeyAccessors (line 618) | func doTestPrivateKeyAccessors(t *testing.T, privateKey *hpke.PrivateKey...
function TestNewPrivateKeyFromPublicKey (line 644) | func TestNewPrivateKeyFromPublicKey(t *testing.T) {
function TestNewPrivateKey (line 678) | func TestNewPrivateKey(t *testing.T) {
function TestPrivateKeyNotEqual (line 712) | func TestPrivateKeyNotEqual(t *testing.T) {
function TestPrivateKeyCreator (line 812) | func TestPrivateKeyCreator(t *testing.T) {
function TestPrivateKeyCreator_FailsWithInvalidParameters (line 870) | func TestPrivateKeyCreator_FailsWithInvalidParameters(t *testing.T) {
function TestPrivateKeyCreator_CreateMultipleDiffers (line 895) | func TestPrivateKeyCreator_CreateMultipleDiffers(t *testing.T) {
FILE: hybrid/hpke/parameters.go
type Variant (line 30) | type Variant
method String (line 43) | func (variant Variant) String() string {
constant VariantUnknown (line 34) | VariantUnknown Variant = iota
constant VariantTink (line 36) | VariantTink
constant VariantCrunchy (line 38) | VariantCrunchy
constant VariantNoPrefix (line 40) | VariantNoPrefix
type KEMID (line 58) | type KEMID
method String (line 79) | func (kemID KEMID) String() string {
constant UnknownKEMID (line 62) | UnknownKEMID KEMID = iota
constant DHKEM_P256_HKDF_SHA256 (line 64) | DHKEM_P256_HKDF_SHA256
constant DHKEM_P384_HKDF_SHA384 (line 66) | DHKEM_P384_HKDF_SHA384
constant DHKEM_P521_HKDF_SHA512 (line 68) | DHKEM_P521_HKDF_SHA512
constant DHKEM_X25519_HKDF_SHA256 (line 70) | DHKEM_X25519_HKDF_SHA256
constant X_WING (line 72) | X_WING
constant ML_KEM768 (line 74) | ML_KEM768
constant ML_KEM1024 (line 76) | ML_KEM1024
type KDFID (line 102) | type KDFID
method String (line 115) | func (kdfID KDFID) String() string {
constant UnknownKDFID (line 106) | UnknownKDFID KDFID = iota
constant HKDFSHA256 (line 108) | HKDFSHA256
constant HKDFSHA384 (line 110) | HKDFSHA384
constant HKDFSHA512 (line 112) | HKDFSHA512
type AEADID (line 130) | type AEADID
method String (line 143) | func (aeadID AEADID) String() string {
constant UnknownAEADID (line 134) | UnknownAEADID AEADID = iota
constant AES128GCM (line 136) | AES128GCM
constant AES256GCM (line 138) | AES256GCM
constant ChaCha20Poly1305 (line 140) | ChaCha20Poly1305
type ParametersOpts (line 157) | type ParametersOpts struct
method String (line 164) | func (paramsOpts ParametersOpts) String() string {
type Parameters (line 169) | type Parameters struct
method KEMID (line 192) | func (p *Parameters) KEMID() KEMID { return p.kemID }
method KDFID (line 195) | func (p *Parameters) KDFID() KDFID { return p.kdfID }
method AEADID (line 198) | func (p *Parameters) AEADID() AEADID { return p.aeadID }
method Variant (line 201) | func (p *Parameters) Variant() Variant { return p.variant }
method HasIDRequirement (line 204) | func (p *Parameters) HasIDRequirement() bool { return p.variant != Var...
method Equal (line 207) | func (p *Parameters) Equal(other key.Parameters) bool {
function NewParameters (line 179) | func NewParameters(opts ParametersOpts) (*Parameters, error) {
FILE: hybrid/hpke/parameters_test.go
function TestNewParametersInvalidValues (line 24) | func TestNewParametersInvalidValues(t *testing.T) {
type testCase (line 75) | type testCase struct
function testCases (line 80) | func testCases(t *testing.T) []testCase {
function TestNewParameters (line 102) | func TestNewParameters(t *testing.T) {
function TestNewParametersNotEqual (line 136) | func TestNewParametersNotEqual(t *testing.T) {
function TestKEMIDString (line 220) | func TestKEMIDString(t *testing.T) {
function TestKDFIDString (line 276) | func TestKDFIDString(t *testing.T) {
function TestAEADIDString (line 312) | func TestAEADIDString(t *testing.T) {
function TestVariantString (line 348) | func TestVariantString(t *testing.T) {
function TestParametersOptsString (line 384) | func TestParametersOptsString(t *testing.T) {
FILE: hybrid/hpke/private_key_manager_test.go
constant privateKeyVersion (line 34) | privateKeyVersion = 0
constant privateKeyTypeURL (line 35) | privateKeyTypeURL = "type.googleapis.com/google.crypto.tink.HpkePrivateKey"
function TestPrivateKeyManagerPrimitiveRejectsInvalidPrivateKeyVersion (line 38) | func TestPrivateKeyManagerPrimitiveRejectsInvalidPrivateKeyVersion(t *te...
function TestPrivateKeyManagerPrimitiveRejectsInvalidPublicKeyVersion (line 59) | func TestPrivateKeyManagerPrimitiveRejectsInvalidPublicKeyVersion(t *tes...
function TestPrivateKeyManagerPrimitiveRejectsInvalidParams (line 80) | func TestPrivateKeyManagerPrimitiveRejectsInvalidParams(t *testing.T) {
function TestPrivateKeyManagerPrimitiveRejectsMissingParams (line 126) | func TestPrivateKeyManagerPrimitiveRejectsMissingParams(t *testing.T) {
function TestPrivateKeyManagerPrimitiveRejectsNilKey (line 137) | func TestPrivateKeyManagerPrimitiveRejectsNilKey(t *testing.T) {
function TestPrivateKeyManagerPrimitiveEncryptDecrypt (line 147) | func TestPrivateKeyManagerPrimitiveEncryptDecrypt(t *testing.T) {
function TestPrivateKeyManagerNewKeyRejectsNilKeyFormat (line 194) | func TestPrivateKeyManagerNewKeyRejectsNilKeyFormat(t *testing.T) {
function TestPrivateKeyManagerNewKeyRejectsInvalidKeyFormat (line 204) | func TestPrivateKeyManagerNewKeyRejectsInvalidKeyFormat(t *testing.T) {
function TestPrivateKeyManagerNewKeyEncryptDecrypt (line 255) | func TestPrivateKeyManagerNewKeyEncryptDecrypt(t *testing.T) {
function TestPrivateKeyManagerNewKeyDataRejectsNilKeyFormat (line 338) | func TestPrivateKeyManagerNewKeyDataRejectsNilKeyFormat(t *testing.T) {
function TestPrivateKeyManagerNewKeyData (line 348) | func TestPrivateKeyManagerNewKeyData(t *testing.T) {
function TestPrivateKeyManagerPublicKeyDataRejectsInvalidPrivateKeyVersion (line 402) | func TestPrivateKeyManagerPublicKeyDataRejectsInvalidPrivateKeyVersion(t...
function TestPrivateKeyManagerPublicKeyDataRejectsInvalidPublicKeyVersion (line 427) | func TestPrivateKeyManagerPublicKeyDataRejectsInvalidPublicKeyVersion(t ...
function TestPrivateKeyManagerPublicKeyDataRejectsNilKey (line 452) | func TestPrivateKeyManagerPublicKeyDataRejectsNilKey(t *testing.T) {
function TestPrivateKeyManagerPublicKeyData (line 466) | func TestPrivateKeyManagerPublicKeyData(t *testing.T) {
function TestPrivateKeyManagerDoesSupport (line 507) | func TestPrivateKeyManagerDoesSupport(t *testing.T) {
function TestPrivateKeyManagerTypeURL (line 521) | func TestPrivateKeyManagerTypeURL(t *testing.T) {
FILE: hybrid/hpke/protoserialization.go
constant privateKeyTypeURL (line 30) | privateKeyTypeURL = "type.googleapis.com/google.crypto.tink.HpkePrivateKey"
constant publicKeyTypeURL (line 31) | publicKeyTypeURL = "type.googleapis.com/google.crypto.tink.HpkePublicKey"
function serializeKEMID (line 34) | func serializeKEMID(kemID KEMID) (hpkepb.HpkeKem, error) {
function serializeAEADID (line 55) | func serializeAEADID(aeadID AEADID) (hpkepb.HpkeAead, error) {
function serializedKDFID (line 68) | func serializedKDFID(kdfID KDFID) (hpkepb.HpkeKdf, error) {
function parametersToProto (line 81) | func parametersToProto(p *Parameters) (*hpkepb.HpkeParams, error) {
function publicKeyToProto (line 104) | func publicKeyToProto(publicKey *PublicKey) (*hpkepb.HpkePublicKey, erro...
function protoOutputPrefixTypeFromVariant (line 120) | func protoOutputPrefixTypeFromVariant(variant Variant) (tinkpb.OutputPre...
type publicKeySerializer (line 133) | type publicKeySerializer struct
method SerializeKey (line 137) | func (s *publicKeySerializer) SerializeKey(key key.Key) (*protoseriali...
function parseKEMID (line 164) | func parseKEMID(protoKEMID hpkepb.HpkeKem) (KEMID, error) {
function parseAEADID (line 185) | func parseAEADID(protoAEADID hpkepb.HpkeAead) (AEADID, error) {
function parseKDFID (line 198) | func parseKDFID(protoKDFID hpkepb.HpkeKdf) (KDFID, error) {
function protoOutputPrefixTypeToVariant (line 211) | func protoOutputPrefixTypeToVariant(outputPrefixType tinkpb.OutputPrefix...
function parseParameters (line 224) | func parseParameters(protoParameters *hpkepb.HpkeParams, outputPrefixTyp...
function parsePublicKey (line 249) | func parsePublicKey(protoPublicKey *hpkepb.HpkePublicKey, outputPrefixTy...
type publicKeyParser (line 260) | type publicKeyParser struct
method ParseKey (line 264) | func (s *publicKeyParser) ParseKey(keySerialization *protoserializatio...
type privateKeySerializer (line 286) | type privateKeySerializer struct
method SerializeKey (line 290) | func (s *privateKeySerializer) SerializeKey(key key.Key) (*protoserial...
type privateKeyParser (line 335) | type privateKeyParser struct
method ParseKey (line 339) | func (s *privateKeyParser) ParseKey(keySerialization *protoserializati...
type parametersSerializer (line 366) | type parametersSerializer struct
method Serialize (line 370) | func (s *parametersSerializer) Serialize(parameters key.Parameters) (*...
type parametersParser (line 399) | type parametersParser struct
method Parse (line 403) | func (s *parametersParser) Parse(keyTemplate *tinkpb.KeyTemplate) (key...
FILE: hybrid/hpke/protoserialization_test.go
type testParams (line 35) | type testParams struct
method HasIDRequirement (line 37) | func (p *testParams) HasIDRequirement() bool { return true }
method Equal (line 39) | func (p *testParams) Equal(params key.Parameters) bool { return true }
type testKey (line 41) | type testKey struct
method Parameters (line 43) | func (k *testKey) Parameters() key.Parameters { return &testParams{} }
method Equal (line 45) | func (k *testKey) Equal(other key.Key) bool { return true }
method IDRequirement (line 47) | func (k *testKey) IDRequirement() (uint32, bool) { return 123, true }
function TestSerializePublicKeyFails (line 49) | func TestSerializePublicKeyFails(t *testing.T) {
type protoSerializationTestCase (line 75) | type protoSerializationTestCase struct
function mustCreateKeySerialization (line 83) | func mustCreateKeySerialization(t *testing.T, url string, keyMaterialTyp...
function mustCreatePrivateKey (line 101) | func mustCreatePrivateKey(t *testing.T, privateKeyBytes []byte, publicKe...
function mustCreateTestCases (line 111) | func mustCreateTestCases(t *testing.T) []protoSerializationTestCase {
function TestSerializePublicKey (line 210) | func TestSerializePublicKey(t *testing.T) {
function TestParsePublicKeyFails (line 224) | func TestParsePublicKeyFails(t *testing.T) {
function TestParsePublicKey (line 343) | func TestParsePublicKey(t *testing.T) {
function TestSerializePrivateKey (line 357) | func TestSerializePrivateKey(t *testing.T) {
function TestSerializePrivateKeyFails (line 371) | func TestSerializePrivateKeyFails(t *testing.T) {
function TestParsePrivateKey (line 397) | func TestParsePrivateKey(t *testing.T) {
function TestParsePrivateKeyFails (line 411) | func TestParsePrivateKeyFails(t *testing.T) {
type parametersSerializationTestCase (line 519) | type parametersSerializationTestCase struct
function mustCreateKeyTemplate (line 525) | func mustCreateKeyTemplate(t *testing.T, outputPrefixType tinkpb.OutputP...
function mustCreateParametersTestParameters (line 545) | func mustCreateParametersTestParameters(t *testing.T) []parametersSerial...
function TestParseParameters (line 601) | func TestParseParameters(t *testing.T) {
function TestParseParametersFails (line 615) | func TestParseParametersFails(t *testing.T) {
function TestSerializeParameters (line 645) | func TestSerializeParameters(t *testing.T) {
FILE: hybrid/hpke/public_key_manager_test.go
constant publicKeyVersion (line 37) | publicKeyVersion = 0
constant publicKeyTypeURL (line 38) | publicKeyTypeURL = "type.googleapis.com/google.crypto.tink.HpkePublicKey"
function TestPublicKeyManagerPrimitiveRejectsInvalidKeyVersion (line 111) | func TestPublicKeyManagerPrimitiveRejectsInvalidKeyVersion(t *testing.T) {
function TestPublicKeyManagerPrimitiveRejectsInvalidParams (line 132) | func TestPublicKeyManagerPrimitiveRejectsInvalidParams(t *testing.T) {
function TestPublicKeyManagerPrimitiveRejectsMissingParams (line 169) | func TestPublicKeyManagerPrimitiveRejectsMissingParams(t *testing.T) {
function TestPublicKeyManagerPrimitiveRejectsNilKey (line 180) | func TestPublicKeyManagerPrimitiveRejectsNilKey(t *testing.T) {
function TestPublicKeyManagerPrimitiveEncryptDecrypt (line 190) | func TestPublicKeyManagerPrimitiveEncryptDecrypt(t *testing.T) {
function TestPublicKeyManagerDoesSupport (line 244) | func TestPublicKeyManagerDoesSupport(t *testing.T) {
function TestPublicKeyManagerTypeURL (line 258) | func TestPublicKeyManagerTypeURL(t *testing.T) {
function TestPublicKeyManagerNotSupported (line 268) | func TestPublicKeyManagerNotSupported(t *testing.T) {
function serializedPubPrivKeys (line 281) | func serializedPubPrivKeys(t *testing.T, params *hpkepb.HpkeParams) ([]b...
function pubPrivKeys (line 295) | func pubPrivKeys(t *testing.T, params *hpkepb.HpkeParams) (*hpkepb.HpkeP...
FILE: hybrid/hybrid_benchmark_test.go
constant benchmarkPlaintextSize (line 28) | benchmarkPlaintextSize = 1 * 1024
constant benchmarkContextInfoSize (line 29) | benchmarkContextInfoSize = 256
function BenchmarkEncrypt (line 59) | func BenchmarkEncrypt(b *testing.B) {
function BenchmarkDecrypt (line 89) | func BenchmarkDecrypt(b *testing.B) {
FILE: hybrid/hybrid_decrypt_factory.go
function NewHybridDecrypt (line 34) | func NewHybridDecrypt(handle *keyset.Handle) (tink.HybridDecrypt, error) {
function NewHybridDecryptWithConfig (line 43) | func NewHybridDecryptWithConfig(handle *keyset.Handle, config keyset.Con...
type fullHybridDecryptAdapter (line 51) | type fullHybridDecryptAdapter struct
method Decrypt (line 58) | func (d *fullHybridDecryptAdapter) Decrypt(ciphertext, contextInfo []b...
type decrypterAndID (line 71) | type decrypterAndID struct
method Decrypt (line 78) | func (d *decrypterAndID) Decrypt(ciphertext, contextInfo []byte) ([]by...
type wrappedHybridDecrypt (line 84) | type wrappedHybridDecrypt struct
method Decrypt (line 144) | func (a *wrappedHybridDecrypt) Decrypt(ciphertext, contextInfo []byte)...
function newWrappedHybridDecrypt (line 92) | func newWrappedHybridDecrypt(ps *primitiveset.PrimitiveSet[tink.HybridDe...
function createDecryptLogger (line 127) | func createDecryptLogger(ps *primitiveset.PrimitiveSet[tink.HybridDecryp...
FILE: hybrid/hybrid_encrypt_factory.go
function NewHybridEncrypt (line 33) | func NewHybridEncrypt(handle *keyset.Handle) (tink.HybridEncrypt, error) {
function NewHybridEncryptWithConfig (line 42) | func NewHybridEncryptWithConfig(handle *keyset.Handle, config keyset.Con...
type fullHybridEncryptAdapter (line 53) | type fullHybridEncryptAdapter struct
method Encrypt (line 60) | func (e *fullHybridEncryptAdapter) Encrypt(plaintext, contextInfo []by...
type wrappedHybridEncrypt (line 69) | type wrappedHybridEncrypt struct
method Encrypt (line 80) | func (a *wrappedHybridEncrypt) Encrypt(plaintext, contextInfo []byte) ...
function isAEAD (line 90) | func isAEAD(p any) bool {
function newWrappedHybridEncrypt (line 98) | func newWrappedHybridEncrypt(ps *primitiveset.PrimitiveSet[tink.HybridEn...
function createEncryptLogger (line 130) | func createEncryptLogger(ps *primitiveset.PrimitiveSet[tink.HybridEncryp...
FILE: hybrid/hybrid_factory_test.go
function TestHybridFactoryTest (line 52) | func TestHybridFactoryTest(t *testing.T) {
function TestFactoryWithInvalidPrimitiveSetType (line 146) | func TestFactoryWithInvalidPrimitiveSetType(t *testing.T) {
function TestFactoryWithValidPrimitiveSetType (line 163) | func TestFactoryWithValidPrimitiveSetType(t *testing.T) {
function TestPrimitiveFactoryFailsWhenHandleIsEmpty (line 184) | func TestPrimitiveFactoryFailsWhenHandleIsEmpty(t *testing.T) {
function TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptWithPrefix (line 194) | func TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptW...
function TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptWithoutPrefix (line 284) | func TestPrimitiveFactoryMonitoringWithAnnotationsLogsEncryptAndDecryptW...
function TestPrimitiveFactoryWithMonitoringWithMultipleKeysLogsEncryptionDecryption (line 374) | func TestPrimitiveFactoryWithMonitoringWithMultipleKeysLogsEncryptionDec...
function TestPrimitiveFactoryMonitoringWithAnnotationsEncryptFailureIsLogged (line 517) | func TestPrimitiveFactoryMonitoringWithAnnotationsEncryptFailureIsLogged...
function TestPrimitiveFactoryMonitoringWithAnnotationsDecryptFailureIsLogged (line 595) | func TestPrimitiveFactoryMonitoringWithAnnotationsDecryptFailureIsLogged...
function TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNotMonitor (line 647) | func TestPrimitiveFactoryEncryptDecryptWithoutAnnotationsDoesNotMonitor(...
function TestEncryptFactoryFailsOnAEADHandle (line 689) | func TestEncryptFactoryFailsOnAEADHandle(t *testing.T) {
function TestDecryptFactoryFailsOnAEADHandle (line 713) | func TestDecryptFactoryFailsOnAEADHandle(t *testing.T) {
constant stubPublicKeyURL (line 737) | stubPublicKeyURL = "type.googleapis.com/google.crypto.tink.SomePublicKey"
constant stubPrivateKeyURL (line 738) | stubPrivateKeyURL = "type.googleapis.com/google.crypto.tink.SomePrivateKey"
type stubFullHybridEncrypt (line 742) | type stubFullHybridEncrypt struct
method Encrypt (line 744) | func (s *stubFullHybridEncrypt) Encrypt(data []byte, contextInfo []byt...
type stubParams (line 748) | type stubParams struct
method Equal (line 752) | func (p *stubParams) Equal(_ key.Parameters) bool { return true }
method HasIDRequirement (line 753) | func (p *stubParams) HasIDRequirement() bool { return true }
type stubPublicKey (line 755) | type stubPublicKey struct
method Equal (line 762) | func (p *stubPublicKey) Equal(_ key.Key) bool { return true }
method Parameters (line 763) | func (p *stubPublicKey) Parameters() key.Parameters { return &stubP...
method IDRequirement (line 764) | func (p *stubPublicKey) IDRequirement() (uint32, bool) { return p.idRe...
method HasIDRequirement (line 765) | func (p *stubPublicKey) HasIDRequirement() bool { return p.pref...
method OutputPrefix (line 766) | func (p *stubPublicKey) OutputPrefix() []byte {
type stubPublicKeySerialization (line 774) | type stubPublicKeySerialization struct
method SerializeKey (line 778) | func (s *stubPublicKeySerialization) SerializeKey(key key.Key) (*proto...
type stubPublicKeyParser (line 790) | type stubPublicKeyParser struct
method ParseKey (line 794) | func (s *stubPublicKeyParser) ParseKey(serialization *protoserializati...
type stubFullHybridDecrypt (line 799) | type stubFullHybridDecrypt struct
method Decrypt (line 801) | func (s *stubFullHybridDecrypt) Decrypt(ct []byte, contextInfo []byte)...
type stubPrivateKey (line 812) | type stubPrivateKey struct
method Equal (line 818) | func (p *stubPrivateKey) Equal(_ key.Key) bool { return true }
method Parameters (line 819) | func (p *stubPrivateKey) Parameters() key.Parameters { return &stub...
method IDRequirement (line 820) | func (p *stubPrivateKey) IDRequirement() (uint32, bool) { return p.pub...
method HasIDRequirement (line 821) | func (p *stubPrivateKey) HasIDRequirement() bool { return p.pub...
method PublicKey (line 822) | func (p *stubPrivateKey) PublicKey() (key.Key, error) { return p.pub...
method OutputPrefix (line 823) | func (p *stubPrivateKey) OutputPrefix() []byte { return p.pub...
type stubPrivateKeySerialization (line 825) | type stubPrivateKeySerialization struct
method SerializeKey (line 829) | func (s *stubPrivateKeySerialization) SerializeKey(key key.Key) (*prot...
type stubPrivateKeyParser (line 841) | type stubPrivateKeyParser struct
method ParseKey (line 845) | func (s *stubPrivateKeyParser) ParseKey(serialization *protoserializat...
function TestPrimitivesFactoryUsesFullPrimitiveIfRegistered (line 852) | func TestPrimitivesFactoryUsesFullPrimitiveIfRegistered(t *testing.T) {
type stubLegacyHybridEncrypt (line 934) | type stubLegacyHybridEncrypt struct
method Encrypt (line 936) | func (s *stubLegacyHybridEncrypt) Encrypt(data, contextInfo []byte) ([...
type stubLegacyHybridDecrypt (line 940) | type stubLegacyHybridDecrypt struct
method Decrypt (line 942) | func (s *stubLegacyHybridDecrypt) Decrypt(ct, contextInfo []byte) ([]b...
type stubPublicKeyManager (line 946) | type stubPublicKeyManager struct
method NewKey (line 950) | func (km *stubPublicKeyManager) NewKey(_ []byte) (proto.Message, error) {
method NewKeyData (line 953) | func (km *stubPublicKeyManager) NewKeyData(_ []byte) (*tinkpb.KeyData,...
method DoesSupport (line 956) | func (km *stubPublicKeyManager) DoesSupport(keyURL string) bool { retu...
method TypeURL (line 957) | func (km *stubPublicKeyManager) TypeURL() string { retu...
method Primitive (line 958) | func (km *stubPublicKeyManager) Primitive(_ []byte) (any, error) {
type stubPrivateKeyManager (line 962) | type stubPrivateKeyManager struct
method NewKey (line 966) | func (km *stubPrivateKeyManager) NewKey(_ []byte) (proto.Message, erro...
method NewKeyData (line 969) | func (km *stubPrivateKeyManager) NewKeyData(_ []byte) (*tinkpb.KeyData...
method DoesSupport (line 972) | func (km *stubPrivateKeyManager) DoesSupport(keyURL string) bool { ret...
method TypeURL (line 973) | func (km *stubPrivateKeyManager) TypeURL() string { ret...
method Primitive (line 974) | func (km *stubPrivateKeyManager) Primitive(_ []byte) (any, error) {
function TestPrimitiveFactoryUsesLegacyPrimitive (line 978) | func TestPrimitiveFactoryUsesLegacyPrimitive(t *testing.T) {
function TestNewWithConfig (line 1100) | func TestNewWithConfig(t *testing.T) {
FILE: hybrid/hybrid_key_templates.go
function DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template (line 39) | func DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template() *tink...
function DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Raw_Key_Template (line 55) | func DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Raw_Key_Template() *...
function DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Key_Template (line 71) | func DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Key_Template() *tink...
function DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Raw_Key_Template (line 87) | func DHKEM_P256_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Raw_Key_Template() *...
function DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template (line 103) | func DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Key_Template() *ti...
function DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Raw_Key_Template (line 119) | func DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_Raw_Key_Template()...
function DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Key_Template (line 135) | func DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Key_Template() *ti...
function DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Raw_Key_Template (line 151) | func DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_Raw_Key_Template()...
function DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_Key_Template (line 167) | func DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_Key_Template...
function DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_Raw_Key_Template (line 183) | func DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_Raw_Key_Temp...
function createHPKEKeyTemplate (line 194) | func createHPKEKeyTemplate(kem hpkepb.HpkeKem, kdf hpkepb.HpkeKdf, aead ...
function ECIESHKDFAES128GCMKeyTemplate (line 217) | func ECIESHKDFAES128GCMKeyTemplate() *tinkpb.KeyTemplate {
function ECIESHKDFAES128CTRHMACSHA256KeyTemplate (line 233) | func ECIESHKDFAES128CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate {
function createECIESAEADHKDFKeyTemplate (line 240) | func createECIESAEADHKDFKeyTemplate(c commonpb.EllipticCurveType, ht com...
FILE: hybrid/hybrid_key_templates_test.go
function createECIESKeyTemplate (line 34) | func createECIESKeyTemplate(curveType commonpb.EllipticCurveType, hashTy...
function eciesP384AES256GCMKeyTemplate (line 59) | func eciesP384AES256GCMKeyTemplate() *tinkpb.KeyTemplate {
function eciesP521AES256GCMKeyTemplate (line 63) | func eciesP521AES256GCMKeyTemplate() *tinkpb.KeyTemplate {
function eciesP256AESSIVKeyTemplate (line 67) | func eciesP256AESSIVKeyTemplate() *tinkpb.KeyTemplate {
function TestKeyTemplates (line 71) | func TestKeyTemplates(t *testing.T) {
FILE: hybrid/hybrid_test.go
function Example (line 29) | func Example() {
FILE: hybrid/internal/ecies/dem_helper.go
type DEMHelper (line 40) | type DEMHelper struct
method GetSymmetricKeySize (line 68) | func (r *DEMHelper) GetSymmetricKeySize() uint32 { return r.wantKeyMat...
method GetAEADOrDAEAD (line 71) | func (r *DEMHelper) GetAEADOrDAEAD(symmetricKeyValue []byte) (any, err...
function NewDEMHelper (line 48) | func NewDEMHelper(p key.Parameters) (*DEMHelper, error) {
FILE: hybrid/internal/ecies/dem_helper_test.go
type testCase (line 31) | type testCase struct
function newAESGCMParameters (line 37) | func newAESGCMParameters(keySizeInBytes uint32) *aesgcm.Parameters {
function newAESCTRHMACParameters (line 50) | func newAESCTRHMACParameters(aesKeySizeInBytes, hmacKeySizeInBytes uint3...
function newAESSIVParameters (line 65) | func newAESSIVParameters(keySizeInBytes uint32) *aessiv.Parameters {
function TestDEMHelper_AEADKeyTemplates (line 106) | func TestDEMHelper_AEADKeyTemplates(t *testing.T) {
function TestDEMHelper_DAEADKeyTemplates (line 145) | func TestDEMHelper_DAEADKeyTemplates(t *testing.T) {
function TestDEMHelper_KeySizes (line 184) | func TestDEMHelper_KeySizes(t *testing.T) {
type stubParameters (line 212) | type stubParameters struct
method HasIDRequirement (line 216) | func (stubParameters) HasIDRequirement() bool { return false }
method Equal (line 217) | func (stubParameters) Equal(_ key.Parameters) bool { return false }
function TestNewDEMHelper_UnsupportedParameters (line 219) | func TestNewDEMHelper_UnsupportedParameters(t *testing.T) {
FILE: hybrid/internal/hpke/aead.go
type aead (line 22) | type aead interface
FILE: hybrid/internal/hpke/aes_gcm_aead.go
type aesGCMAEAD (line 28) | type aesGCMAEAD struct
method seal (line 63) | func (a *aesGCMAEAD) seal(key, nonce, plaintext, associatedData []byte...
method open (line 80) | func (a *aesGCMAEAD) open(key, nonce, ciphertext, associatedData []byt...
method id (line 94) | func (a *aesGCMAEAD) id() AEADID { return a.aeadID }
method keyLength (line 96) | func (a *aesGCMAEAD) keyLength() int { return a.keyLen }
method nonceLength (line 98) | func (a *aesGCMAEAD) nonceLength() int { return internalaead.AESGCMIVS...
function newAESGCMAEAD (line 37) | func newAESGCMAEAD(keyLength int) (*aesGCMAEAD, error) {
function newAESGCMCipher (line 51) | func newAESGCMCipher(keyBytes []byte) (cipher.AEAD, error) {
FILE: hybrid/internal/hpke/aes_gcm_aead_test.go
function TestAESGCMAEADSealOpen (line 23) | func TestAESGCMAEADSealOpen(t *testing.T) {
FILE: hybrid/internal/hpke/chacha20poly1305_aead.go
type chaCha20Poly1305AEAD (line 26) | type chaCha20Poly1305AEAD struct
method seal (line 30) | func (c *chaCha20Poly1305AEAD) seal(key, nonce, plaintext, associatedD...
method open (line 41) | func (c *chaCha20Poly1305AEAD) open(key, nonce, ciphertext, associated...
method id (line 53) | func (c *chaCha20Poly1305AEAD) id() AEADID { return ChaCha20Poly1305 }
method keyLength (line 55) | func (c *chaCha20Poly1305AEAD) keyLength() int { return chacha20poly13...
method nonceLength (line 57) | func (c *chaCha20Poly1305AEAD) nonceLength() int { return chacha20poly...
FILE: hybrid/internal/hpke/chacha20poly1305_aead_test.go
function TestChaCha20Poly1305AEADSealOpen (line 23) | func TestChaCha20Poly1305AEADSealOpen(t *testing.T) {
FILE: hybrid/internal/hpke/context.go
type context (line 26) | type context struct
method incrementSequenceNumber (line 94) | func (c *context) incrementSequenceNumber() error {
method computeNonce (line 104) | func (c *context) computeNonce() ([]byte, error) {
method seal (line 121) | func (c *context) seal(plaintext, associatedData []byte) ([]byte, erro...
method open (line 139) | func (c *context) open(ciphertext, associatedData []byte) ([]byte, err...
function newSenderContext (line 37) | func newSenderContext(recipientPubKey []byte, kem kem, kdf kdf, aead aea...
function newRecipientContext (line 47) | func newRecipientContext(encapsulatedKey []byte, privateKeyBytes secretd...
function createContext (line 55) | func createContext(encapsulatedKey []byte, sharedSecret []byte, kem kem,...
function maxSequenceNumber (line 87) | func maxSequenceNumber(nonceLength int) *big.Int {
FILE: hybrid/internal/hpke/context_test.go
function TestContextSender (line 28) | func TestContextSender(t *testing.T) {
function TestContextRecipient (line 78) | func TestContextRecipient(t *testing.T) {
function TestContextMaxSequenceNumber (line 124) | func TestContextMaxSequenceNumber(t *testing.T) {
function TestComputeNonce (line 135) | func TestComputeNonce(t *testing.T) {
FILE: hybrid/internal/hpke/decrypt.go
type Decrypt (line 25) | type Decrypt struct
method Decrypt (line 48) | func (d *Decrypt) Decrypt(ciphertext, contextInfo []byte) ([]byte, err...
function NewDecrypt (line 36) | func NewDecrypt(recipientPrivateKeyBytes secretdata.Bytes, kemID KEMID, ...
FILE: hybrid/internal/hpke/encrypt.go
type Encrypt (line 25) | type Encrypt struct
method Encrypt (line 47) | func (e *Encrypt) Encrypt(plaintext, contextInfo []byte) ([]byte, erro...
function NewEncrypt (line 35) | func NewEncrypt(recipientPubKeyBytes []byte, kemID KEMID, kdfID KDFID, a...
FILE: hybrid/internal/hpke/encrypt_decrypt_test.go
function TestNewEncryptMissingPubKeyBytes (line 28) | func TestNewEncryptMissingPubKeyBytes(t *testing.T) {
function TestNewDecryptMissingPrivKeyBytes (line 37) | func TestNewDecryptMissingPrivKeyBytes(t *testing.T) {
function TestEncryptDecrypt (line 46) | func TestEncryptDecrypt(t *testing.T) {
function TestDecryptModifiedCiphertextOrContextInfo (line 77) | func TestDecryptModifiedCiphertextOrContextInfo(t *testing.T) {
function TestEncryptDecryptEmptyContextInfo (line 126) | func TestEncryptDecryptEmptyContextInfo(t *testing.T) {
function TestDecryptEncapsulatedKeyWithFlippedMSB (line 154) | func TestDecryptEncapsulatedKeyWithFlippedMSB(t *testing.T) {
function pubPrivKeys (line 186) | func pubPrivKeys(t *testing.T) ([]byte, secretdata.Bytes) {
function flipRandByte (line 199) | func flipRandByte(t *testing.T, b []byte) []byte {
function TestNewEncryptNewDecrypt_InvalidIDs (line 208) | func TestNewEncryptNewDecrypt_InvalidIDs(t *testing.T) {
FILE: hybrid/internal/hpke/hkdf_kdf.go
type hkdfKDF (line 26) | type hkdfKDF struct
method labeledExtract (line 48) | func (h *hkdfKDF) labeledExtract(salt, ikm []byte, ikmLabel string, su...
method labeledExpand (line 52) | func (h *hkdfKDF) labeledExpand(prk, info []byte, infoLabel string, su...
method extractAndExpand (line 65) | func (h *hkdfKDF) extractAndExpand(salt, ikm []byte, ikmLabel string, ...
method id (line 70) | func (h *hkdfKDF) id() KDFID { return h.kdfID }
function newHKDFKDF (line 35) | func newHKDFKDF(hashFunction HashType) (*hkdfKDF, error) {
FILE: hybrid/internal/hpke/hkdf_kdf_test.go
function TestHKDFKDFLabeledExtract (line 28) | func TestHKDFKDFLabeledExtract(t *testing.T) {
function TestHKDFKDFLabeledExpand (line 51) | func TestHKDFKDFLabeledExpand(t *testing.T) {
function TestHKDFKDFLabeledExpandRFCVectors (line 90) | func TestHKDFKDFLabeledExpandRFCVectors(t *testing.T) {
function TestHKDFKDFExtractAndExpand (line 154) | func TestHKDFKDFExtractAndExpand(t *testing.T) {
function TestNewHKDFKDF_UnknownHashType (line 205) | func TestNewHKDFKDF_UnknownHashType(t *testing.T) {
FILE: hybrid/internal/hpke/hpke.go
constant baseMode (line 27) | baseMode uint8 = 0x00
type KEMID (line 31) | type KEMID
constant UnknownKEMID (line 40) | UnknownKEMID KEMID = 0
constant P256HKDFSHA256 (line 42) | P256HKDFSHA256 = 0x0010
constant P384HKDFSHA384 (line 44) | P384HKDFSHA384 = 0x0011
constant P521HKDFSHA512 (line 46) | P521HKDFSHA512 = 0x0012
constant X25519HKDFSHA256 (line 48) | X25519HKDFSHA256 = 0x0020
constant MLKEM768 (line 50) | MLKEM768 = 0x0041
constant MLKEM1024 (line 52) | MLKEM1024 = 0x0042
constant XWing (line 54) | XWing = 0x647a
type KDFID (line 58) | type KDFID
constant UnknownKDFID (line 63) | UnknownKDFID KDFID = 0
constant HKDFSHA256 (line 65) | HKDFSHA256 = 0x0001
constant HKDFSHA384 (line 67) | HKDFSHA384 = 0x0002
constant HKDFSHA512 (line 69) | HKDFSHA512 = 0x0003
type AEADID (line 73) | type AEADID
method String (line 88) | func (a AEADID) String() string {
constant UnknownAEADID (line 78) | UnknownAEADID AEADID = 0
constant AES128GCM (line 80) | AES128GCM = 0x0001
constant AES256GCM (line 82) | AES256GCM = 0x0002
constant ChaCha20Poly1305 (line 84) | ChaCha20Poly1305 = 0x0003
type HashType (line 102) | type HashType
method String (line 117) | func (h HashType) String() string {
constant UnknownHashType (line 107) | UnknownHashType HashType = iota
constant SHA256 (line 109) | SHA256
constant SHA384 (line 111) | SHA384
constant SHA512 (line 113) | SHA512
constant hpkeV1 (line 130) | hpkeV1 = "HPKE-v1"
function kemSuiteID (line 158) | func kemSuiteID(kemID KEMID) []byte {
function hpkeSuiteID (line 164) | func hpkeSuiteID(kemID KEMID, kdfID KDFID, aeadID AEADID) []byte {
function keyScheduleContext (line 176) | func keyScheduleContext(mode uint8, pskIDHash, infoHash []byte) []byte {
function labelIKM (line 187) | func labelIKM(label string, ikm, suiteID []byte) []byte {
function labelInfo (line 199) | func labelInfo(label string, info, suiteID []byte, length int) ([]byte, ...
FILE: hybrid/internal/hpke/hpke_test.go
type hpkeID (line 42) | type hpkeID struct
type vector (line 50) | type vector struct
type encryptionVector (line 66) | type encryptionVector struct
type encryptionString (line 75) | type encryptionString struct
type hpkeRFCTestVector (line 83) | type hpkeRFCTestVector struct
function rfcVectorA1 (line 93) | func rfcVectorA1(t *testing.T) (hpkeID, vector) {
function rfcVectorA3 (line 163) | func rfcVectorA3(t *testing.T) (hpkeID, vector) {
function rfcVectorA6 (line 233) | func rfcVectorA6(t *testing.T) (hpkeID, vector) {
function rfcVector (line 303) | func rfcVector(t *testing.T, v hpkeRFCTestVector) (hpkeID, vector) {
function parseEncryptions (line 360) | func parseEncryptions(t *testing.T, encs []encryptionString) []encryptio...
function aeadRFCVectors (line 394) | func aeadRFCVectors(t *testing.T) map[hpkeID]encryptionVector {
constant testVectorsDir (line 508) | testVectorsDir = "testdata/testvectors"
function getTestVectorsFilePath (line 513) | func getTestVectorsFilePath(t *testing.T) string {
function hpkeBaseModeVectors (line 527) | func hpkeBaseModeVectors(t *testing.T) map[hpkeID]vector {
function TestHpkeSuiteIDMemoryAllocatedIsExact (line 582) | func TestHpkeSuiteIDMemoryAllocatedIsExact(t *testing.T) {
function TestKeyScheduleContextMemoryAllocatedIsExact (line 589) | func TestKeyScheduleContextMemoryAllocatedIsExact(t *testing.T) {
function TestLabelIKMMemoryAllocatedIsExact (line 596) | func TestLabelIKMMemoryAllocatedIsExact(t *testing.T) {
function TestLabelInfoMemoryAllocatedIsExact (line 603) | func TestLabelInfoMemoryAllocatedIsExact(t *testing.T) {
FILE: hybrid/internal/hpke/kdf.go
type kdf (line 22) | type kdf interface
FILE: hybrid/internal/hpke/kem.go
type kem (line 22) | type kem interface
FILE: hybrid/internal/hpke/mlkem_kem.go
type mlKEM (line 24) | type mlKEM struct
method encapsulate (line 42) | func (m *mlKEM) encapsulate(recipientPubKey []byte) (sharedSecret, sen...
method decapsulate (line 63) | func (m *mlKEM) decapsulate(encapsulatedKey, recipientPrivKey []byte) ...
method id (line 82) | func (m *mlKEM) id() KEMID { return m.kemID }
method encapsulatedKeyLength (line 84) | func (m *mlKEM) encapsulatedKeyLength() int { return kemLengths[m.kemI...
function newMLKEM (line 31) | func newMLKEM(kemID KEMID) (*mlKEM, error) {
FILE: hybrid/internal/hpke/mlkem_kem_test.go
function mustHexDecodeString (line 26) | func mustHexDecodeString(t *testing.T, s string) []byte {
type mlKEMTestVector (line 35) | type mlKEMTestVector struct
function mlKEMTestVectors (line 44) | func mlKEMTestVectors(t *testing.T) []mlKEMTestVector {
function TestMLKEMRoundtrip (line 78) | func TestMLKEMRoundtrip(t *testing.T) {
function TestMLKEMDecapsulateWorks (line 105) | func TestMLKEMDecapsulateWorks(t *testing.T) {
function TestMLKEMEncapsulateBadRecipientPubKey (line 128) | func TestMLKEMEncapsulateBadRecipientPubKey(t *testing.T) {
function TestMLKEMDecapsulateEncapsulatedKeyPrefixesLargerSlice (line 150) | func TestMLKEMDecapsulateEncapsulatedKeyPrefixesLargerSlice(t *testing.T) {
function TestMLKEMDecapsulateBadEncapsulatedKey (line 193) | func TestMLKEMDecapsulateBadEncapsulatedKey(t *testing.T) {
function TestMLKEMDecapsulateBadRecipientPrivKey (line 217) | func TestMLKEMDecapsulateBadRecipientPrivKey(t *testing.T) {
function TestMLKEMEncapsulatedKeyLength (line 241) | func TestMLKEMEncapsulatedKeyLength(t *testing.T) {
function TestNewMLKEM_InvalidIDs (line 256) | func TestNewMLKEM_InvalidIDs(t *testing.T) {
type mlKEMHPKETestVector (line 262) | type mlKEMHPKETestVector struct
function mlKEMHPKEVectors (line 277) | func mlKEMHPKEVectors(t *testing.T) []mlKEMHPKETestVector {
function TestMLKEMHPKEVectors (line 331) | func TestMLKEMHPKEVectors(t *testing.T) {
FILE: hybrid/internal/hpke/nist_curves_kem.go
type nistCurvesKEM (line 28) | type nistCurvesKEM struct
method encapsulate (line 70) | func (x *nistCurvesKEM) encapsulate(recipientPubKeyBytes []byte) (shar...
method decapsulate (line 91) | func (x *nistCurvesKEM) decapsulate(senderPubKeyBytes, recipientPrivKe...
method id (line 108) | func (x *nistCurvesKEM) id() KEMID { return x.kemID }
method encapsulatedKeyLength (line 110) | func (x *nistCurvesKEM) encapsulatedKeyLength() int { return kemLength...
method deriveKEMSharedSecret (line 113) | func (x *nistCurvesKEM) deriveKEMSharedSecret(dh, senderPubKey, recipi...
function newNISTCurvesKEM (line 42) | func newNISTCurvesKEM(kemID KEMID) (*nistCurvesKEM, error) {
FILE: hybrid/internal/hpke/nist_curves_kem_test.go
function TestKEMEncapsulateBoringSSLVectors (line 25) | func TestKEMEncapsulateBoringSSLVectors(t *testing.T) {
function rfcVectorTestCases (line 66) | func rfcVectorTestCases(t *testing.T) []struct {
function TestKEMEncapsulateBadRecipientPubKey (line 93) | func TestKEMEncapsulateBadRecipientPubKey(t *testing.T) {
function TestKEMDecapsulateBoringSSLVectors (line 108) | func TestKEMDecapsulateBoringSSLVectors(t *testing.T) {
function TestKEMDecapsulateEncapsulatedKeyPrefixesLargerSlice (line 146) | func TestKEMDecapsulateEncapsulatedKeyPrefixesLargerSlice(t *testing.T) {
function TestKEMDecapsulateBadEncapsulatedKey (line 177) | func TestKEMDecapsulateBadEncapsulatedKey(t *testing.T) {
function TestKEMDecapsulateBadRecipientPrivKey (line 192) | func TestKEMDecapsulateBadRecipientPrivKey(t *testing.T) {
function TestKEMEncapsulatedKeyLength (line 207) | func TestKEMEncapsulatedKeyLength(t *testing.T) {
function TestNewNISTCurvesKEM_UnknownKEMID (line 242) | func TestNewNISTCurvesKEM_UnknownKEMID(t *testing.T) {
FILE: hybrid/internal/hpke/primitive_factory.go
function newPrimitives (line 22) | func newPrimitives(kemID KEMID, kdfID KDFID, aeadID AEADID) (kem, kdf, a...
function newKEM (line 40) | func newKEM(kemID KEMID) (kem, error) {
function newKDF (line 63) | func newKDF(kdfID KDFID) (kdf, error) {
function newAEAD (line 78) | func newAEAD(aeadID AEADID) (aead, error) {
FILE: hybrid/internal/hpke/primitive_factory_test.go
function TestNewKEM (line 32) | func TestNewKEM(t *testing.T) {
function TestNewKEMUnsupportedID (line 46) | func TestNewKEMUnsupportedID(t *testing.T) {
function TestNewKDF (line 61) | func TestNewKDF(t *testing.T) {
function TestNewKDFUnsupportedID (line 75) | func TestNewKDFUnsupportedID(t *testing.T) {
function TestNewAEAD (line 90) | func TestNewAEAD(t *testing.T) {
function TestNewAEADUnsupportedID (line 104) | func TestNewAEADUnsupportedID(t *testing.T) {
function TestNewPrimitives (line 110) | func TestNewPrimitives(t *testing.T) {
function TestNewPrimitives_InvalidIDs (line 134) | func TestNewPrimitives_InvalidIDs(t *testing.T) {
FILE: hybrid/internal/hpke/x25519_kem.go
type x25519KEM (line 30) | type x25519KEM struct
method encapsulate (line 46) | func (x *x25519KEM) encapsulate(recipientPubKey []byte) (sharedSecret,...
method decapsulate (line 66) | func (x *x25519KEM) decapsulate(encapsulatedKey, recipientPrivKey []by...
method id (line 78) | func (x *x25519KEM) id() KEMID { return x.kemID }
method encapsulatedKeyLength (line 80) | func (x *x25519KEM) encapsulatedKeyLength() int { return kemLengths[x....
method deriveKEMSharedSecret (line 83) | func (x *x25519KEM) deriveKEMSharedSecret(dh, senderPubKey, recipientP...
function newX25519KEM (line 39) | func newX25519KEM(hashAlg HashType) (*x25519KEM, error) {
FILE: hybrid/internal/hpke/x25519_kem_test.go
function TestX25519KEMEncapsulateBoringSSLVectors (line 27) | func TestX25519KEMEncapsulateBoringSSLVectors(t *testing.T) {
function TestX25519KEMEncapsulateBadRecipientPubKey (line 68) | func TestX25519KEMEncapsulateBadRecipientPubKey(t *testing.T) {
function TestX25519KEMEncapsulateBadSenderPrivKey (line 80) | func TestX25519KEMEncapsulateBadSenderPrivKey(t *testing.T) {
function TestX25519KEMDecapsulateBoringSSLVectors (line 96) | func TestX25519KEMDecapsulateBoringSSLVectors(t *testing.T) {
function TestX25519KEMDecapsulateEncapsulatedKeyPrefixesLargerSlice (line 133) | func TestX25519KEMDecapsulateEncapsulatedKeyPrefixesLargerSlice(t *testi...
function TestX25519KEMDecapsulateBadEncapsulatedKey (line 161) | func TestX25519KEMDecapsulateBadEncapsulatedKey(t *testing.T) {
function TestX25519KEMDecapsulateBadRecipientPrivKey (line 173) | func TestX25519KEMDecapsulateBadRecipientPrivKey(t *testing.T) {
function TestX25519KEMEncapsulatedKeyLength (line 185) | func TestX25519KEMEncapsulatedKeyLength(t *testing.T) {
function TestNewX25519KEM_InvalidIDs (line 195) | func TestNewX25519KEM_InvalidIDs(t *testing.T) {
FILE: hybrid/internal/hpke/xwing_kem.go
type xWingKEM (line 22) | type xWingKEM struct
method encapsulate (line 30) | func (x *xWingKEM) encapsulate(recipientPubKey []byte) (sharedSecret, ...
method decapsulate (line 34) | func (x *xWingKEM) decapsulate(encapsulatedKey, recipientPrivKey []byt...
method id (line 38) | func (x *xWingKEM) id() KEMID { return XWing }
method encapsulatedKeyLength (line 40) | func (x *xWingKEM) encapsulatedKeyLength() int { return kemLengths[XWi...
function newXWingKEM (line 26) | func newXWingKEM() (*xWingKEM, error) {
FILE: hybrid/internal/hpke/xwing_kem_test.go
type xWingTestVector (line 25) | type xWingTestVector struct
function xWingTestVectors (line 33) | func xWingTestVectors(t *testing.T) []xWingTestVector {
function TestXWingRoundtrip (line 65) | func TestXWingRoundtrip(t *testing.T) {
function TestXWingDecapsulateWorks (line 92) | func TestXWingDecapsulateWorks(t *testing.T) {
function TestXWingEncapsulateBadRecipientPubKey (line 115) | func TestXWingEncapsulateBadRecipientPubKey(t *testing.T) {
function TestXWingDecapsulateEncapsulatedKeyPrefixesLargerSlice (line 137) | func TestXWingDecapsulateEncapsulatedKeyPrefixesLargerSlice(t *testing.T) {
function TestXWingDecapsulateBadEncapsulatedKey (line 180) | func TestXWingDecapsulateBadEncapsulatedKey(t *testing.T) {
function TestXWingDecapsulateBadRecipientPrivKey (line 204) | func TestXWingDecapsulateBadRecipientPrivKey(t *testing.T) {
function TestXWingEncapsulatedKeyLength (line 228) | func TestXWingEncapsulatedKeyLength(t *testing.T) {
type xWingHPKETestVector (line 239) | type xWingHPKETestVector struct
function xWingHPKEVectors (line 253) | func xWingHPKEVectors(t *testing.T) []xWingHPKETestVector {
function TestXWingHPKEVectors (line 283) | func TestXWingHPKEVectors(t *testing.T) {
FILE: hybrid/internal/xwing/xwing.go
constant xWingLabel (line 28) | xWingLabel = `\.//^\`
constant secretKeySize (line 29) | secretKeySize = 32
constant publicKeySize (line 30) | publicKeySize = 1216
constant ciphertextSize (line 31) | ciphertextSize = 1120
function Encapsulate (line 35) | func Encapsulate(publicKey []byte) (sharedSecret, ciphertext []byte, err...
function Decapsulate (line 76) | func Decapsulate(ciphertext, recipientPrivKey []byte) ([]byte, error) {
function PublicFromSecret (line 116) | func PublicFromSecret(secretKey []byte) ([]byte, error) {
function expandDecapsulationKey (line 146) | func expandDecapsulationKey(secretKey []byte) (seedM []byte, skX []byte,...
function combiner (line 162) | func combiner(ssM, ssX, ctX, pkX []byte) []byte {
FILE: hybrid/internal/xwing/xwing_test.go
function mustHexDecodeString (line 23) | func mustHexDecodeString(t *testing.T, s string) []byte {
type xWingTestVector (line 32) | type xWingTestVector struct
function xWingTestVectors (line 40) | func xWingTestVectors(t *testing.T) []xWingTestVector {
function TestXWingVectors (line 72) | func TestXWingVectors(t *testing.T) {
function TestXWingRoundtrip (line 101) | func TestXWingRoundtrip(t *testing.T) {
function TestXWingEncapsulateBadRecipientPubKey (line 123) | func TestXWingEncapsulateBadRecipientPubKey(t *testing.T) {
function TestXWingDecapsulateBadCiphertext (line 136) | func TestXWingDecapsulateBadCiphertext(t *testing.T) {
function TestXWingDecapsulateBadSecretKey (line 155) | func TestXWingDecapsulateBadSecretKey(t *testing.T) {
FILE: hybrid/subtle/ecies_aead_hkdf_dem_helper.go
type EciesAEADHKDFDEMHelper (line 18) | type EciesAEADHKDFDEMHelper interface
FILE: hybrid/subtle/ecies_aead_hkdf_hybrid_decrypt.go
type ECIESAEADHKDFHybridDecrypt (line 25) | type ECIESAEADHKDFHybridDecrypt struct
method Decrypt (line 46) | func (e *ECIESAEADHKDFHybridDecrypt) Decrypt(ciphertext, contextInfo [...
function NewECIESAEADHKDFHybridDecrypt (line 35) | func NewECIESAEADHKDFHybridDecrypt(pvt *ECPrivateKey, hkdfSalt []byte, h...
FILE: hybrid/subtle/ecies_aead_hkdf_hybrid_encrypt.go
type ECIESAEADHKDFHybridEncrypt (line 26) | type ECIESAEADHKDFHybridEncrypt struct
method Encrypt (line 54) | func (e *ECIESAEADHKDFHybridEncrypt) Encrypt(plaintext, contextInfo []...
function NewECIESAEADHKDFHybridEncrypt (line 36) | func NewECIESAEADHKDFHybridEncrypt(pub *ECPublicKey, hkdfSalt []byte, hk...
FILE: hybrid/subtle/ecies_hkdf_recipient_kem.go
type ECIESHKDFRecipientKem (line 21) | type ECIESHKDFRecipientKem struct
method decapsulate (line 26) | func (s *ECIESHKDFRecipientKem) decapsulate(kem []byte, hashAlg string...
FILE: hybrid/subtle/ecies_hkdf_sender_kem.go
type KEMKey (line 20) | type KEMKey struct
type ECIESHKDFSenderKem (line 26) | type ECIESHKDFSenderKem struct
method encapsulate (line 31) | func (s *ECIESHKDFSenderKem) encapsulate(hashAlg string, salt []byte, ...
FILE: hybrid/subtle/elliptic_curves.go
type ECPublicKey (line 27) | type ECPublicKey struct
type ECPrivateKey (line 33) | type ECPrivateKey struct
method getParams (line 63) | func (p *ECPrivateKey) getParams() *elliptic.CurveParams {
function GetECPrivateKey (line 39) | func GetECPrivateKey(c elliptic.Curve, b []byte) *ECPrivateKey {
type ECPoint (line 59) | type ECPoint struct
function getModulus (line 67) | func getModulus(c elliptic.Curve) *big.Int {
function fieldSizeInBits (line 71) | func fieldSizeInBits(c elliptic.Curve) int {
function fieldSizeInBytes (line 77) | func fieldSizeInBytes(c elliptic.Curve) int {
function encodingSizeInBytes (line 81) | func encodingSizeInBytes(c elliptic.Curve, p string) (int, error) {
function PointEncode (line 96) | func PointEncode(c elliptic.Curve, pFormat string, pt ECPoint) ([]byte, ...
function PointDecode (line 135) | func PointDecode(c elliptic.Curve, pFormat string, e []byte) (*ECPoint, ...
function getY (line 194) | func getY(x *big.Int, lsb bool, c elliptic.Curve) *big.Int {
function validatePublicPoint (line 218) | func validatePublicPoint(pub *ECPoint, priv *ECPrivateKey) error {
function ComputeSharedSecret (line 226) | func ComputeSharedSecret(pub *ECPoint, priv *ECPrivateKey) ([]byte, erro...
function maxSharedKeyLength (line 245) | func maxSharedKeyLength(pub ECPublicKey) int {
function GenerateECDHKeyPair (line 250) | func GenerateECDHKeyPair(c elliptic.Curve) (*ECPrivateKey, error) {
function GetCurve (line 269) | func GetCurve(c string) (elliptic.Curve, error) {
FILE: hybrid/subtle/elliptic_curves_test.go
type testEC1 (line 35) | type testEC1 struct
type testEC2 (line 40) | type testEC2 struct
function TestPointOnCurve (line 429) | func TestPointOnCurve(t *testing.T) {
function TestPointEncode (line 445) | func TestPointEncode(t *testing.T) {
function TestPointDecode (line 468) | func TestPointDecode(t *testing.T) {
function checkFlag (line 492) | func checkFlag(t *testing.T, flags []string, check []string) bool {
function convertX509PublicKey (line 505) | func convertX509PublicKey(t *testing.T, b []byte) (*subtle.ECPublicKey, ...
function convertPointPublicKey (line 525) | func convertPointPublicKey(t *testing.T, pk []byte, curve elliptic.Curve...
function TestECWycheproofCases (line 540) | func TestECWycheproofCases(t *testing.T) {
FILE: hybrid/subtle/public_key.go
function SerializePrimaryPublicKey (line 35) | func SerializePrimaryPublicKey(handle *keyset.Handle, template *tinkpb.K...
function KeysetHandleFromSerializedPublicKey (line 70) | func KeysetHandleFromSerializedPublicKey(pubKeyBytes []byte, template *t...
function validateParameters (line 95) | func validateParameters(params *hpke.Parameters) error {
FILE: hybrid/subtle/public_key_test.go
function TestHPKEPublicKeySerialization (line 29) | func TestHPKEPublicKeySerialization(t *testing.T) {
function TestSerializePrimaryPublicKeyInvalidTemplateFails (line 80) | func TestSerializePrimaryPublicKeyInvalidTemplateFails(t *testing.T) {
function mustCreatePublicKeysetHandle (line 115) | func mustCreatePublicKeysetHandle(t *testing.T, opts hpke.ParametersOpts...
function TestSerializePrimaryPublicKeyInvalidKeyFails (line 141) | func TestSerializePrimaryPublicKeyInvalidKeyFails(t *testing.T) {
function TestSerializePrimaryPublicKeyFailsWithEmptyHandle (line 238) | func TestSerializePrimaryPublicKeyFailsWithEmptyHandle(t *testing.T) {
function TestKeysetHandleFromSerializedPublicKeyInvalidTemplateFails (line 246) | func TestKeysetHandleFromSerializedPublicKeyInvalidTemplateFails(t *test...
FILE: hybrid/subtle/subtle_test.go
type ecdhSuite (line 22) | type ecdhSuite struct
type ecdhGroup (line 28) | type ecdhGroup struct
type ecdhCase (line 36) | type ecdhCase struct
FILE: insecurecleartextkeyset/example_test.go
function Example_cleartextKeysetInBinary (line 29) | func Example_cleartextKeysetInBinary() {
function Example_cleartextKeysetInJSON (line 77) | func Example_cleartextKeysetInJSON() {
FILE: insecurecleartextkeyset/insecurecleartextkeyset.go
function Read (line 41) | func Read(r keyset.Reader, opts ...keyset.Option) (*keyset.Handle, error) {
function Write (line 56) | func Write(handle *keyset.Handle, w keyset.Writer) error {
function KeysetMaterial (line 67) | func KeysetMaterial(handle *keyset.Handle) *tinkpb.Keyset {
function KeysetHandle (line 85) | func KeysetHandle(ks *tinkpb.Keyset) *keyset.Handle {
FILE: insecurecleartextkeyset/insecurecleartextkeyset_test.go
type NilKeysetReader (line 36) | type NilKeysetReader struct
method Read (line 39) | func (m *NilKeysetReader) Read() (*tinkpb.Keyset, error) {
method ReadEncrypted (line 43) | func (m *NilKeysetReader) ReadEncrypted() (*tinkpb.EncryptedKeyset, er...
function TestReadWithNilKeysetFails (line 47) | func TestReadWithNilKeysetFails(t *testing.T) {
function TestReadWithNilReaderFails (line 53) | func TestReadWithNilReaderFails(t *testing.T) {
function TestWriteWithNilHandleFails (line 59) | func TestWriteWithNilHandleFails(t *testing.T) {
function TestWriteWithNilWriterFails (line 66) | func TestWriteWithNilWriterFails(t *testing.T) {
function TestWriteAndReadInBinary (line 76) | func TestWriteAndReadInBinary(t *testing.T) {
function TestWriteAndReadInJson (line 101) | func TestWriteAndReadInJson(t *testing.T) {
function TestLegacyKeysetHandle (line 126) | func TestLegacyKeysetHandle(t *testing.T) {
function TestLegacyKeysetHandleWithNilKeysetReturnsNil (line 149) | func TestLegacyKeysetHandleWithNilKeysetReturnsNil(t *testing.T) {
function TestHandleFromReaderWithAnnotationsGetsMonitored (line 156) | func TestHandleFromReaderWithAnnotationsGetsMonitored(t *testing.T) {
function TestHandleFromReaderWithAnnotationsTwiceFails (line 189) | func TestHandleFromReaderWithAnnotationsTwiceFails(t *testing.T) {
function TestHandleFromReaderWithoutAnnotationsDoesNotGetMonitored (line 207) | func TestHandleFromReaderWithoutAnnotationsDoesNotGetMonitored(t *testin...
FILE: insecuresecretdataaccess/insecuresecretdataaccess.go
type Token (line 24) | type Token struct
FILE: internal/aead/aead.go
function ValidateAESKeySize (line 22) | func ValidateAESKeySize(sizeInBytes uint32) error {
FILE: internal/aead/aead_test.go
type AEADSuite (line 25) | type AEADSuite struct
type AEADGroup (line 30) | type AEADGroup struct
type AEADCase (line 38) | type AEADCase struct
function TestValidateAESKeySize (line 48) | func TestValidateAESKeySize(t *testing.T) {
FILE: internal/aead/aesctr.go
constant aesCTRMinIVSize (line 26) | aesCTRMinIVSize = 12
type AESCTR (line 30) | type AESCTR struct
method Encrypt (line 52) | func (a *AESCTR) Encrypt(dst, plaintext []byte) ([]byte, error) {
method Decrypt (line 75) | func (a *AESCTR) Decrypt(dst, ciphertext []byte) ([]byte, error) {
method newCipher (line 94) | func (a *AESCTR) newCipher(iv []byte) (cipher.Stream, error) {
function NewAESCTR (line 36) | func NewAESCTR(key []byte, ivSize int) (*AESCTR, error) {
FILE: internal/aead/aesctr_test.go
function TestNewAESCTR (line 30) | func TestNewAESCTR(t *testing.T) {
function TestNewAESCTRWithValidIVSizes (line 54) | func TestNewAESCTRWithValidIVSizes(t *testing.T) {
function TestNewAESCTRWithInvalidIVSize (line 64) | func TestNewAESCTRWithInvalidIVSize(t *testing.T) {
function TestAESCTRIVIsRandom (line 78) | func TestAESCTRIVIsRandom(t *testing.T) {
function TestAESCTRIVIsPadded (line 100) | func TestAESCTRIVIsPadded(t *testing.T) {
function TestNistTestVector (line 131) | func TestNistTestVector(t *testing.T) {
function TestMultipleEncrypt (line 175) | func TestMultipleEncrypt(t *testing.T) {
function TestEncryptDecrypt (line 210) | func TestEncryptDecrypt(t *testing.T) {
function TestEncryptRandomMessage (line 241) | func TestEncryptRandomMessage(t *testing.T) {
function TestEncryptRandomKeyAndMessage (line 270) | func TestEncryptRandomKeyAndMessage(t *testing.T) {
function TestEncryptDecryptWithDestinationBuffer (line 299) | func TestEncryptDecryptWithDestinationBuffer(t *testing.T) {
function TestEncryptDecryptWithInvalidDestinationBufferFails (line 318) | func TestEncryptDecryptWithInvalidDestinationBufferFails(t *testing.T) {
FILE: internal/aead/aesgcm.go
constant AESGCMIVSize (line 23) | AESGCMIVSize = 12
constant AESGCMTagSize (line 25) | AESGCMTagSize = 16
constant aesGCMMaxPlaintextSize (line 28) | aesGCMMaxPlaintextSize = (1 << 36) - 31
constant intSize (line 30) | intSize = 32 << (^uint(0) >> 63)
constant maxInt (line 31) | maxInt = 1<<(intSize-1) - 1
constant maxIntPlaintextSize (line 32) | maxIntPlaintextSize = maxInt - AESGCMIVSize - AESGCMTagSize
function CheckAESGCMPlaintextSize (line 36) | func CheckAESGCMPlaintextSize(size uint64) error {
FILE: internal/aead/aesgcm_test.go
function TestCheckAESGCMPlaintextSize (line 23) | func TestCheckAESGCMPlaintextSize(t *testing.T) {
FILE: internal/aead/chacha20poly1305.go
function CheckChaCha20Poly1305PlaintextSize (line 26) | func CheckChaCha20Poly1305PlaintextSize(plaintextLength int) error {
FILE: internal/aead/chacha20poly1305_test.go
function TestCheckChaCha20Poly1305PlaintextSize (line 25) | func TestCheckChaCha20Poly1305PlaintextSize(t *testing.T) {
FILE: internal/config/aeadconfig/v0.go
function mustCreateConfigV0 (line 32) | func mustCreateConfigV0() config.Config {
function V0 (line 59) | func V0() config.Config { return configV0 }
FILE: internal/config/aeadconfig/v0_test.go
function mustMarshal (line 47) | func mustMarshal(t *testing.T, m proto.Message) []byte {
function TestConfigV0AEAD (line 56) | func TestConfigV0AEAD(t *testing.T) {
FILE: internal/config/config.go
type Config (line 30) | type Config struct
method PrimitiveFromKey (line 39) | func (c *Config) PrimitiveFromKey(k key.Key, _ internalapi.Token) (any...
type Builder (line 50) | type Builder struct
method RegisterPrimitiveConstructor (line 61) | func (b *Builder) RegisterPrimitiveConstructor(keyType reflect.Type, c...
method Build (line 70) | func (b *Builder) Build() Config {
function NewBuilder (line 79) | func NewBuilder() *Builder {
FILE: internal/config/config_test.go
type testParameters0 (line 26) | type testParameters0 struct
method HasIDRequirement (line 28) | func (tp testParameters0) HasIDRequirement() bool { return false }
method Equal (line 29) | func (tp testParameters0) Equal(other key.Parameters) bool {
type testKey0 (line 33) | type testKey0 struct
method Parameters (line 35) | func (tk testKey0) Parameters() key.Parameters { return...
method IDRequirement (line 36) | func (tk testKey0) IDRequirement() (id uint32, required bool) { return...
method Equal (line 37) | func (tk testKey0) Equal(other key.Key) bool { return...
type testPrimitive0 (line 39) | type testPrimitive0 struct
type testParameters1 (line 41) | type testParameters1 struct
method HasIDRequirement (line 43) | func (tp testParameters1) HasIDRequirement() bool { return false }
method Equal (line 44) | func (tp testParameters1) Equal(other key.Parameters) bool {
function primitive0Constructor (line 48) | func primitive0Constructor(k key.Key) (any, error) { return testPrimitiv...
type testKey1 (line 50) | type testKey1 struct
method Parameters (line 52) | func (tk testKey1) Parameters() key.Parameters { return...
method IDRequirement (line 53) | func (tk testKey1) IDRequirement() (id uint32, required bool) { return...
method Equal (line 54) | func (tk testKey1) Equal(other key.Key) bool { return...
type testPrimitive1 (line 56) | type testPrimitive1 struct
type testKeyUnregistered (line 58) | type testKeyUnregistered struct
method Parameters (line 60) | func (tk testKeyUnregistered) Parameters() key.Parameters ...
method IDRequirement (line 61) | func (tk testKeyUnregistered) IDRequirement() (id uint32, required boo...
method Equal (line 62) | func (tk testKeyUnregistered) Equal(other key.Key) bool ...
function primitive1Constructor (line 64) | func primitive1Constructor(k key.Key) (any, error) { return testPrimitiv...
function TestConfigPrimitiveFromKeyWorks (line 66) | func TestConfigPrimitiveFromKeyWorks(t *testing.T) {
constant typeURL0 (line 86) | typeURL0 = "type_url_0"
constant typeURL1 (line 87) | typeURL1 = "type_url_1"
function TestMultiplePrimitiveConstructors (line 90) | func TestMultiplePrimitiveConstructors(t *testing.T) {
function TestRegisterDifferentPrimitiveConstructor (line 119) | func TestRegisterDifferentPrimitiveConstructor(t *testing.T) {
function TestUnregisteredPrimitive (line 133) | func TestUnregisteredPrimitive(t *testing.T) {
function TestConfigV0_ConfigIsDeepcopied (line 151) | func TestConfigV0_ConfigIsDeepcopied(t *testing.T) {
FILE: internal/config/daeadconfig/v0.go
function mustCreateConfigV0 (line 28) | func mustCreateConfigV0() config.Config {
function V0 (line 39) | func V0() config.Config { return configV0 }
FILE: internal/config/daeadconfig/v0_test.go
function mustMarshal (line 34) | func mustMarshal(t *testing.T, m proto.Message) []byte {
function mustHexDecode (line 43) | func mustHexDecode(t *testing.T, s string) []byte {
constant aesSIVKeyHex (line 54) | aesSIVKeyHex = "c25cafc6018b98dfbb79a40ec89c575a4f88c4116489bba27...
constant aesSIVMsgHex (line 55) | aesSIVMsgHex = "beec61030fa3d670337196beade6aeaa"
constant aesSIVAad (line 56) | aesSIVAad = "deeb0ccf3aef47a296ed1ca8f4ae5907"
constant aesSIVCiphertextHex (line 57) | aesSIVCiphertextHex = "5865208eab9163db85cab9f96d846234a2626aae22f5c17c9...
function TestConfigV0MACFailsIfKeyNotMAC (line 60) | func TestConfigV0MACFailsIfKeyNotMAC(t *testing.T) {
function TestConfigV0MAC (line 80) | func TestConfigV0MAC(t *testing.T) {
FILE: internal/config/hybridconfig/v0.go
function mustCreateConfigV0 (line 29) | func mustCreateConfigV0() config.Config {
function V0 (line 43) | func V0() config.Config { return configV0 }
FILE: internal/config/hybridconfig/v0_test.go
function TestConfigV0EncryptDecryptFailsIfKeyNotHybrid (line 33) | func TestConfigV0EncryptDecryptFailsIfKeyNotHybrid(t *testing.T) {
function TestConfigV0EncryptDecrypt (line 53) | func TestConfigV0EncryptDecrypt(t *testing.T) {
FILE: internal/config/jwtmacconfig/v0.go
function mustCreateConfigV0 (line 28) | func mustCreateConfigV0() config.Config {
function V0 (line 37) | func V0() config.Config { return configV0 }
FILE: internal/config/jwtmacconfig/v0_test.go
function TestConfigV0JWTMACFailsIfKeyNotMAC (line 32) | func TestConfigV0JWTMACFailsIfKeyNotMAC(t *testing.T) {
function mustBase64Dec (line 52) | func mustBase64Dec(t *testing.T, s string) []byte {
function TestConfigV0WithJWTHMACKey (line 61) | func TestConfigV0WithJWTHMACKey(t *testing.T) {
FILE: internal/config/jwtsignatureconfig/v0.go
function mustCreateConfigV0 (line 28) | func mustCreateConfigV0() config.Config {
function V0 (line 43) | func V0() config.Config { return configV0 }
FILE: internal/config/jwtsignatureconfig/v0_test.go
function TestConfigV0JWTSignatureFailsIfKeyNotSignature (line 35) | func TestConfigV0JWTSignatureFailsIfKeyNotSignature(t *testing.T) {
function mustBase64Decode (line 55) | func mustBase64Decode(t *testing.T, in string) []byte {
constant n2048Base64 (line 66) | n2048Base64 = "s1EKK81M5kTFtZSuUFnhKy8FS2WNXaWVmi_fGHG4CLw98-Yo0nkuUa...
constant d2048Base64 (line 67) | d2048Base64 = "GlAtDupse2niHVg5EB9wVFbtDvhS-0f-IQcfVMXzPIzrBmxi1yfjLS...
constant p2048Base64 (line 68) | p2048Base64 = "7BJc834xCi_0YmO5suBinWOQAF7IiRPU-3G9TdhWEkSYquupg9e6K9...
constant q2048Base64 (line 69) | q2048Base64 = "wnQqvNmJe9SwtnH5c_yCqPhKv1cF_4jdQZSGI6_p3KYNxlQzkHZ_6u...
constant dp2048Base64 (line 70) | dp2048Base64 = "lql5jSUCY0ALtidzQogWJ-B87N-RGHsBuJ_0cxQYinwg-ySAAVbSyF...
constant dq2048Base64 (line 71) | dq2048Base64 = "BVT0GwuH9opFcis74M9KseFlA0wakQAquPKenvni2rb-57JFW6-0ID...
constant qInv2048Base64 (line 72) | qInv2048Base64 = "HGQBidm_6MYjgzIQp2xCDG9E5ddg4lmRbOwq4rFWRWlg_ZXidHZgw4...
function TestConfigV0WithJWTSignatureKey (line 75) | func TestConfigV0WithJWTSignatureKey(t *testing.T) {
FILE: internal/config/keyderivationconfig/v0.go
function mustCreateConfigV0 (line 28) | func mustCreateConfigV0() config.Config {
function V0 (line 37) | func V0() config.Config { return configV0 }
FILE: internal/config/keyderivationconfig/v0_test.go
type keyDeriver (line 31) | type keyDeriver interface
function TestRegisterPrimitiveConstructor (line 36) | func TestRegisterPrimitiveConstructor(t *testing.T) {
FILE: internal/config/macconfig/v0.go
function mustCreateConfigV0 (line 29) | func mustCreateConfigV0() config.Config {
function V0 (line 44) | func V0() config.Config { return configV0 }
FILE: internal/config/macconfig/v0_test.go
function mustMarshal (line 36) | func mustMarshal(t *testing.T, m proto.Message) []byte {
function mustHexDecode (line 45) | func mustHexDecode(t *testing.T, s string) []byte {
constant hmacKeyHex (line 56) | hmacKeyHex = "85a7cbaae825bb82c9b6f6c5c2af5ac03d1f6daa63d2a93c189948ec41...
constant hmacMsgHex (line 57) | hmacMsgHex = "a59b"
constant hmacTagHex (line 58) | hmacTagHex = "0fe2f13bba2198f6dda1a084be928e304e9cb16a56bc0b7b939a073280...
constant aesCMACKeyHex (line 60) | aesCMACKeyHex = "ea3b016bdd387dd64d837c71683808f335dbdc53598a4ea8c5f9524...
constant aesCMACMsgHex (line 61) | aesCMACMsgHex = "6601"
constant aesCMACTagHex (line 62) | aesCMACTagHex = "c7c44e31c466334992d6f9de3c771634"
function TestConfigV0MACFailsIfKeyNotMAC (line 65) | func TestConfigV0MACFailsIfKeyNotMAC(t *testing.T) {
function TestConfigV0MAC (line 85) | func TestConfigV0MAC(t *testing.T) {
FILE: internal/config/prfconfig/v0.go
function mustCreateConfigV0 (line 30) | func mustCreateConfigV0() config.Config {
function V0 (line 47) | func V0() config.Config { return configV0 }
FILE: internal/config/prfconfig/v0_test.go
function TestConfigV0FailsIfKeyNotPRF (line 35) | func TestConfigV0FailsIfKeyNotPRF(t *testing.T) {
constant hkdfKeyHex (line 57) | hkdfKeyHex = "000102030405060708090a0b0c0d0e0f" +
constant hkdfSaltHex (line 62) | hkdfSaltHex = "606162636465666768696a6b6c6d6e6f" +
constant hkdfDataHex (line 67) | hkdfDataHex = "b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" +
constant hkdfWantOutputHex (line 72) | hkdfWantOutputHex = "b11e398dc80327a1c8e7f78c596a4934" +
constant aesCMACPRFKeyHex (line 80) | aesCMACPRFKeyHex = "e754076ceab3fdaf4f9bcab7d4f0df0cbbafbc87731b8...
constant aesCMACPRFWantOutputHex (line 81) | aesCMACPRFWantOutputHex = "9d47482c2d9252bace43a75a8335b8b8"
constant aesCMACPRFDataHex (line 82) | aesCMACPRFDataHex = "40"
constant hmacSHA256KeyHex (line 85) | hmacSHA256KeyHex = "8159fd15133cd964c9a6964c94f0ea269a806fd9f43f0...
constant hmacSHA256WantOutputHex (line 86) | hmacSHA256WantOutputHex = "dfc5105d5eecf7ae7b8b8de3930e7659e84c4172f2555...
constant hmacSHA256DataHex (line 87) | hmacSHA256DataHex = "77"
function mustHexDecode (line 90) | func mustHexDecode(t *testing.T, s string) []byte {
function TestConfigV0WithPRFKeys (line 99) | func TestConfigV0WithPRFKeys(t *testing.T) {
FILE: internal/config/signatureconfig/v0.go
function mustCreateConfigV0 (line 33) | func mustCreateConfigV0() config.Config {
function V0 (line 59) | func V0() config.Config { return configV0 }
FILE: internal/config/signatureconfig/v0_test.go
function TestConfigV0MACFailsIfKeyNotSignerOrVerifier (line 37) | func TestConfi
Copy disabled (too large)
Download .json
Condensed preview — 767 files, each showing path, character count, and a content snippet. Download the .json file for the full structured content (15,505K chars).
[
{
"path": "LICENSE",
"chars": 11358,
"preview": "\n Apache License\n Version 2.0, January 2004\n "
},
{
"path": "README.md",
"chars": 3114,
"preview": "# Tink Go\n\n<!-- GCP Ubuntu --->\n\n[tink_go_gomod_badge_gcp_ubuntu]: https://storage.googleapis.com/tink-kokoro-build-badg"
},
{
"path": "aead/aead.go",
"chars": 1808,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aead_benchmark_test.go",
"chars": 4213,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aead_factory.go",
"chars": 6077,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aead_factory_test.go",
"chars": 23322,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aead_init_test.go",
"chars": 1357,
"preview": "// Copyright 2023 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aead_key_templates.go",
"chars": 11538,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aead_key_templates_test.go",
"chars": 12749,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aead_test.go",
"chars": 2909,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/aead.go",
"chars": 3964,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/aead_test.go",
"chars": 16157,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/aesctrhmac.go",
"chars": 3073,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/aesctrhmac_test.go",
"chars": 9699,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/key.go",
"chars": 5112,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/key_manager_test.go",
"chars": 8170,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/key_parameters.go",
"chars": 6438,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/key_parameters_test.go",
"chars": 11958,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/key_test.go",
"chars": 23230,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/protoserialization.go",
"chars": 9710,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesctrhmac/protoserialization_test.go",
"chars": 32626,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/aead.go",
"chars": 4391,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/aead_test.go",
"chars": 19220,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/aesgcm.go",
"chars": 3019,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/aesgcm_test.go",
"chars": 12776,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/key.go",
"chars": 8111,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/key_manager_test.go",
"chars": 9708,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/key_test.go",
"chars": 18113,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/protoserialization.go",
"chars": 6347,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcm/protoserialization_test.go",
"chars": 16837,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/aead.go",
"chars": 2168,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/aead_test.go",
"chars": 7809,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/aesgcmsiv.go",
"chars": 3119,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/aesgcmsiv_test.go",
"chars": 7810,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/key.go",
"chars": 6873,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/key_manager_test.go",
"chars": 13360,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/key_test.go",
"chars": 15600,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/protoserialization.go",
"chars": 6250,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/aesgcmsiv/protoserialization_test.go",
"chars": 16861,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/aead.go",
"chars": 3342,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/aead_test.go",
"chars": 8247,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/chacha20poly1305.go",
"chars": 3068,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/chacha20poly1305_test.go",
"chars": 8563,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/key.go",
"chars": 5625,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/key_manager_test.go",
"chars": 7281,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/key_test.go",
"chars": 11865,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/protoserialization.go",
"chars": 5920,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/chacha20poly1305/protoserialization_test.go",
"chars": 15988,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/internal/testutil/testutil.go",
"chars": 1438,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/internal/testutil/testutil_test.go",
"chars": 2027,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/kms_envelope_aead.go",
"chars": 7981,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/kms_envelope_aead_example_test.go",
"chars": 1853,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/kms_envelope_aead_key_manager.go",
"chars": 4549,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/kms_envelope_aead_key_manager_test.go",
"chars": 6310,
"preview": "// Copyright 2023 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/kms_envelope_aead_test.go",
"chars": 11188,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/aes_ctr.go",
"chars": 1737,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/aes_ctr_test.go",
"chars": 6781,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/aes_gcm.go",
"chars": 2384,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/aes_gcm_siv.go",
"chars": 8351,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/aes_gcm_siv_test.go",
"chars": 5359,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/aes_gcm_test.go",
"chars": 7116,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/chacha20poly1305.go",
"chars": 2838,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/chacha20poly1305_test.go",
"chars": 7935,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/chacha20poly1305_vectors_test.go",
"chars": 302624,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/encrypt_then_authenticate.go",
"chars": 4229,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/encrypt_then_authenticate_test.go",
"chars": 11041,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/ind_cpa.go",
"chars": 1223,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/polyval.go",
"chars": 5995,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/polyval_test.go",
"chars": 4436,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/subtle.go",
"chars": 1019,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/subtle_test.go",
"chars": 1073,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/xchacha20poly1305.go",
"chars": 2989,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/xchacha20poly1305_test.go",
"chars": 9019,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/subtle/xchacha20poly1305_vectors_test.go",
"chars": 18631,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/aead.go",
"chars": 5195,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/aead_test.go",
"chars": 12843,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/key.go",
"chars": 6015,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/key_manager_test.go",
"chars": 6961,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/key_test.go",
"chars": 11461,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/protoserialization.go",
"chars": 6254,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/protoserialization_test.go",
"chars": 15507,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/xaesgcm.go",
"chars": 2608,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xaesgcm/xaesgcm_test.go",
"chars": 7579,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/aead.go",
"chars": 3546,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/aead_test.go",
"chars": 11311,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/key.go",
"chars": 5569,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/key_manager_test.go",
"chars": 7363,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/key_test.go",
"chars": 11934,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/protoserialization.go",
"chars": 6164,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/protoserialization_test.go",
"chars": 16027,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/xchacha20poly1305.go",
"chars": 3170,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "aead/xchacha20poly1305/xchacha20poly1305_test.go",
"chars": 8399,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/cryptofmt/cryptofmt.go",
"chars": 2392,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/cryptofmt/cryptofmt_test.go",
"chars": 2498,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/registry/custom_key_manager_test.go",
"chars": 11870,
"preview": "// Copyright 2023 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/registry/key_manager.go",
"chars": 2149,
"preview": "// Copyright 2018 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/registry/kms_client.go",
"chars": 950,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/registry/private_key_manager.go",
"chars": 953,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/registry/registry.go",
"chars": 5915,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "core/registry/registry_test.go",
"chars": 8819,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/aessiv.go",
"chars": 2975,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/aessiv_test.go",
"chars": 2636,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/daead.go",
"chars": 2504,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/daead_test.go",
"chars": 6031,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/key.go",
"chars": 4422,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/key_manager_test.go",
"chars": 8108,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/key_test.go",
"chars": 14403,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/parameters.go",
"chars": 3202,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/parameters_test.go",
"chars": 4451,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/protoserialization.go",
"chars": 6274,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/aessiv/protoserialization_test.go",
"chars": 16467,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead.go",
"chars": 970,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead_benchmark_test.go",
"chars": 1839,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead_factory.go",
"chars": 6350,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead_factory_test.go",
"chars": 31751,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead_init_test.go",
"chars": 963,
"preview": "// Copyright 2023 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead_key_templates.go",
"chars": 1345,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead_key_templates_test.go",
"chars": 2972,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/daead_test.go",
"chars": 3141,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/subtle/aes_siv.go",
"chars": 5410,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "daead/subtle/aes_siv_test.go",
"chars": 9521,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "docs/CONTRIBUTING.md",
"chars": 141,
"preview": "# How to contribute\n\nPlease see the\n[developer documentation](https://developers.google.com/tink/contributing) on\nhow to"
},
{
"path": "docs/SECURITY.md",
"chars": 267,
"preview": "To report a security issue, please use http://g.co/vulnz. We use\nhttp://g.co/vulnz for our intake and coordination, and "
},
{
"path": "go.mod",
"chars": 292,
"preview": "module github.com/tink-crypto/tink-go/v2\n\ngo 1.24.0\n\ntoolchain go1.24.4\n\nrequire (\n\tgithub.com/c2sp/wycheproof v0.0.0-20"
},
{
"path": "go.sum",
"chars": 879,
"preview": "github.com/c2sp/wycheproof v0.0.0-20260105152342-fca0d3ba9f12 h1:C34LW7dhWgjAaAOdNB8z2UCyJsXDjC6UTILljHuqOlI=\ngithub.com"
},
{
"path": "hybrid/ecies/ecies.go",
"chars": 4790,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/ecies_aead_hkdf_hybrid_decrypt_test.go",
"chars": 13708,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/ecies_aead_hkdf_hybrid_encrypt_test.go",
"chars": 4257,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/ecies_test.go",
"chars": 4996,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/hybrid_decrypt.go",
"chars": 3130,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/hybrid_encrypt.go",
"chars": 2804,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/hybrid_encrypt_test.go",
"chars": 25000,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/key.go",
"chars": 8065,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/key_test.go",
"chars": 38215,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/parameters.go",
"chars": 9988,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/parameters_test.go",
"chars": 13059,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/private_key_manager_test.go",
"chars": 7960,
"preview": "// Copyright 2023 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/protoserialization.go",
"chars": 18394,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/protoserialization_test.go",
"chars": 49327,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/ecies/public_key_manager_test.go",
"chars": 3816,
"preview": "// Copyright 2023 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/hpke.go",
"chars": 4239,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/hpke_test.go",
"chars": 2439,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/hybrid_decrypt.go",
"chars": 3718,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/hybrid_encrypt.go",
"chars": 2251,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/hybrid_encrypt_decrypt_test.go",
"chars": 31489,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/key.go",
"chars": 15423,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/key_test.go",
"chars": 44046,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/parameters.go",
"chars": 5715,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/parameters_test.go",
"chars": 10128,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/private_key_manager_test.go",
"chars": 15906,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/protoserialization.go",
"chars": 12960,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/protoserialization_test.go",
"chars": 24255,
"preview": "// Copyright 2025 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hpke/public_key_manager_test.go",
"chars": 10403,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid.go",
"chars": 1519,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid_benchmark_test.go",
"chars": 3383,
"preview": "// Copyright 2024 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid_decrypt_factory.go",
"chars": 5592,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid_encrypt_factory.go",
"chars": 4886,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid_factory_test.go",
"chars": 41772,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid_key_templates.go",
"chars": 8994,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid_key_templates_test.go",
"chars": 7169,
"preview": "// Copyright 2019 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/hybrid_test.go",
"chars": 3768,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/ecies/dem_helper.go",
"chars": 4132,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/ecies/dem_helper_test.go",
"chars": 6679,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/aead.go",
"chars": 1622,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/aes_gcm_aead.go",
"chars": 2975,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/aes_gcm_aead_test.go",
"chars": 2614,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/chacha20poly1305_aead.go",
"chars": 1959,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/chacha20poly1305_aead_test.go",
"chars": 1708,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/context.go",
"chars": 5592,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/context_test.go",
"chars": 5497,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/decrypt.go",
"chars": 2116,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/encrypt.go",
"chars": 1949,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/encrypt_decrypt_test.go",
"chars": 7405,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/hkdf_kdf.go",
"chars": 2255,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/hkdf_kdf_test.go",
"chars": 6253,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/hpke.go",
"chars": 7058,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/hpke_test.go",
"chars": 24465,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/kdf.go",
"chars": 1936,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/kem.go",
"chars": 1774,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/mlkem_kem.go",
"chars": 2283,
"preview": "// Copyright 2026 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/mlkem_kem_test.go",
"chars": 28860,
"preview": "// Copyright 2026 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/nist_curves_kem.go",
"chars": 3968,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/nist_curves_kem_test.go",
"chars": 7384,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/primitive_factory.go",
"chars": 2584,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/primitive_factory_test.go",
"chars": 4010,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/x25519_kem.go",
"chars": 3097,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/x25519_kem_test.go",
"chars": 6538,
"preview": "// Copyright 2021 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/xwing_kem.go",
"chars": 1279,
"preview": "// Copyright 2026 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/hpke/xwing_kem_test.go",
"chars": 21726,
"preview": "// Copyright 2026 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/xwing/xwing.go",
"chars": 4396,
"preview": "// Copyright 2026 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/internal/xwing/xwing_test.go",
"chars": 14588,
"preview": "// Copyright 2026 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/ecies_aead_hkdf_dem_helper.go",
"chars": 974,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/ecies_aead_hkdf_hybrid_decrypt.go",
"chars": 2677,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/ecies_aead_hkdf_hybrid_encrypt.go",
"chars": 2547,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/ecies_hkdf_recipient_kem.go",
"chars": 1438,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/ecies_hkdf_sender_kem.go",
"chars": 1712,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/elliptic_curves.go",
"chars": 6784,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/elliptic_curves_test.go",
"chars": 21627,
"preview": "// Copyright 2020 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/public_key.go",
"chars": 4646,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
},
{
"path": "hybrid/subtle/public_key_test.go",
"chars": 9952,
"preview": "// Copyright 2022 Google LLC\n//\n// Licensed under the Apache License, Version 2.0 (the \"License\");\n// you may not use th"
}
]
// ... and 567 more files (download for full content)
About this extraction
This page contains the full source code of the tink-crypto/tink-go GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 767 files (13.8 MB), approximately 3.7M tokens, and a symbol index with 8468 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.