xref: /aosp_15_r20/external/tink/go/signature/signature_key_templates.go (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1// Copyright 2018 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//      http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15////////////////////////////////////////////////////////////////////////////////
16
17package signature
18
19import (
20	"fmt"
21
22	"google.golang.org/protobuf/proto"
23	"github.com/google/tink/go/internal/tinkerror"
24	commonpb "github.com/google/tink/go/proto/common_go_proto"
25	ecdsapb "github.com/google/tink/go/proto/ecdsa_go_proto"
26	rsppb "github.com/google/tink/go/proto/rsa_ssa_pkcs1_go_proto"
27	rspsspb "github.com/google/tink/go/proto/rsa_ssa_pss_go_proto"
28	tinkpb "github.com/google/tink/go/proto/tink_go_proto"
29)
30
31// This file contains pre-generated KeyTemplates for Signer and Verifier.
32// One can use these templates to generate new Keysets.
33
34// ECDSAP256KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters:
35//   - Hash function: SHA256
36//   - Curve: NIST P-256
37//   - Signature encoding: DER
38//   - Output prefix type: TINK
39func ECDSAP256KeyTemplate() *tinkpb.KeyTemplate {
40	return createECDSAKeyTemplate(commonpb.HashType_SHA256,
41		commonpb.EllipticCurveType_NIST_P256,
42		ecdsapb.EcdsaSignatureEncoding_DER,
43		tinkpb.OutputPrefixType_TINK)
44}
45
46// ECDSAP256KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following
47// parameters:
48//   - Hash function: SHA256
49//   - Curve: NIST P-256
50//   - Signature encoding: DER
51//   - Output prefix type: RAW
52//
53// Note that this template uses a different encoding than ESDSA_P256_RAW in Tinkey.
54func ECDSAP256KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate {
55	return createECDSAKeyTemplate(commonpb.HashType_SHA256,
56		commonpb.EllipticCurveType_NIST_P256,
57		ecdsapb.EcdsaSignatureEncoding_DER,
58		tinkpb.OutputPrefixType_RAW)
59}
60
61// ECDSAP256RawKeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following
62// parameters:
63//   - Hash function: SHA256
64//   - Curve: NIST P-256
65//   - Signature encoding: IEEE_P1363
66//   - Output prefix type: RAW
67func ECDSAP256RawKeyTemplate() *tinkpb.KeyTemplate {
68	return createECDSAKeyTemplate(commonpb.HashType_SHA256,
69		commonpb.EllipticCurveType_NIST_P256,
70		ecdsapb.EcdsaSignatureEncoding_IEEE_P1363,
71		tinkpb.OutputPrefixType_RAW)
72}
73
74// ECDSAP384SHA384KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters:
75//   - Hash function: SHA384
76//   - Curve: NIST P-384
77//   - Signature encoding: DER
78//   - Output prefix type: TINK
79func ECDSAP384SHA384KeyTemplate() *tinkpb.KeyTemplate {
80	return createECDSAKeyTemplate(commonpb.HashType_SHA384,
81		commonpb.EllipticCurveType_NIST_P384,
82		ecdsapb.EcdsaSignatureEncoding_DER,
83		tinkpb.OutputPrefixType_TINK)
84}
85
86// ECDSAP384SHA384KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters:
87//   - Hash function: SHA384
88//   - Curve: NIST P-384
89//   - Signature encoding: DER
90//   - Output prefix type: RAW
91func ECDSAP384SHA384KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate {
92	return createECDSAKeyTemplate(commonpb.HashType_SHA384,
93		commonpb.EllipticCurveType_NIST_P384,
94		ecdsapb.EcdsaSignatureEncoding_DER,
95		tinkpb.OutputPrefixType_RAW)
96}
97
98// ECDSAP384SHA512KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters:
99//   - Hash function: SHA512
100//   - Curve: NIST P-384
101//   - Signature encoding: DER
102//   - Output prefix type: TINK
103func ECDSAP384SHA512KeyTemplate() *tinkpb.KeyTemplate {
104	return createECDSAKeyTemplate(commonpb.HashType_SHA512,
105		commonpb.EllipticCurveType_NIST_P384,
106		ecdsapb.EcdsaSignatureEncoding_DER,
107		tinkpb.OutputPrefixType_TINK)
108}
109
110// ECDSAP384KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following
111// parameters:
112//   - Hash function: SHA512
113//   - Curve: NIST P-384
114//   - Signature encoding: DER
115//   - Output prefix type: RAW
116func ECDSAP384KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate {
117	return createECDSAKeyTemplate(commonpb.HashType_SHA512,
118		commonpb.EllipticCurveType_NIST_P384,
119		ecdsapb.EcdsaSignatureEncoding_DER,
120		tinkpb.OutputPrefixType_RAW)
121}
122
123// ECDSAP521KeyTemplate is a KeyTemplate that generates a new ECDSA private key with the following parameters:
124//   - Hash function: SHA512
125//   - Curve: NIST P-521
126//   - Signature encoding: DER
127//   - Output prefix type: TINK
128func ECDSAP521KeyTemplate() *tinkpb.KeyTemplate {
129	return createECDSAKeyTemplate(commonpb.HashType_SHA512,
130		commonpb.EllipticCurveType_NIST_P521,
131		ecdsapb.EcdsaSignatureEncoding_DER,
132		tinkpb.OutputPrefixType_TINK)
133}
134
135// ECDSAP521KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ECDSA private key with the following
136// parameters:
137//   - Hash function: SHA512
138//   - Curve: NIST P-521
139//   - Signature encoding: DER
140//   - Output prefix type: RAW
141func ECDSAP521KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate {
142	return createECDSAKeyTemplate(commonpb.HashType_SHA512,
143		commonpb.EllipticCurveType_NIST_P521,
144		ecdsapb.EcdsaSignatureEncoding_DER,
145		tinkpb.OutputPrefixType_RAW)
146}
147
148// createECDSAKeyTemplate creates a KeyTemplate containing a EcdasKeyFormat
149// with the given parameters.
150func createECDSAKeyTemplate(hashType commonpb.HashType, curve commonpb.EllipticCurveType, encoding ecdsapb.EcdsaSignatureEncoding, prefixType tinkpb.OutputPrefixType) *tinkpb.KeyTemplate {
151	params := &ecdsapb.EcdsaParams{
152		HashType: hashType,
153		Curve:    curve,
154		Encoding: encoding,
155	}
156	format := &ecdsapb.EcdsaKeyFormat{Params: params}
157	serializedFormat, err := proto.Marshal(format)
158	if err != nil {
159		tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err))
160	}
161	return &tinkpb.KeyTemplate{
162		TypeUrl:          ecdsaSignerTypeURL,
163		Value:            serializedFormat,
164		OutputPrefixType: prefixType,
165	}
166}
167
168// ED25519KeyTemplate is a KeyTemplate that generates a new ED25519 private key.
169func ED25519KeyTemplate() *tinkpb.KeyTemplate {
170	return &tinkpb.KeyTemplate{
171		TypeUrl:          ed25519SignerTypeURL,
172		OutputPrefixType: tinkpb.OutputPrefixType_TINK,
173	}
174}
175
176// ED25519KeyWithoutPrefixTemplate is a KeyTemplate that generates a new ED25519 private key.
177func ED25519KeyWithoutPrefixTemplate() *tinkpb.KeyTemplate {
178	return &tinkpb.KeyTemplate{
179		TypeUrl:          ed25519SignerTypeURL,
180		OutputPrefixType: tinkpb.OutputPrefixType_RAW,
181	}
182}
183
184func create_RSA_SSA_PKCS1_Template(prefixType tinkpb.OutputPrefixType, hashType commonpb.HashType, modulusSizeInBits uint32) *tinkpb.KeyTemplate {
185	keyFormat := &rsppb.RsaSsaPkcs1KeyFormat{
186		Params: &rsppb.RsaSsaPkcs1Params{
187			HashType: hashType,
188		},
189		ModulusSizeInBits: modulusSizeInBits,
190		PublicExponent:    []byte{0x01, 0x00, 0x01},
191	}
192	serializedFormat, err := proto.Marshal(keyFormat)
193	if err != nil {
194		tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err))
195	}
196	return &tinkpb.KeyTemplate{
197		TypeUrl:          rsaSSAPKCS1SignerTypeURL,
198		OutputPrefixType: prefixType,
199		Value:            serializedFormat,
200	}
201}
202
203func create_RSA_SSA_PSS_Template(prefixType tinkpb.OutputPrefixType, hashType commonpb.HashType, saltLength int32, modulusSizeInBits uint32) *tinkpb.KeyTemplate {
204	keyFormat := &rspsspb.RsaSsaPssKeyFormat{
205		Params: &rspsspb.RsaSsaPssParams{
206			SigHash:    hashType,
207			Mgf1Hash:   hashType,
208			SaltLength: saltLength,
209		},
210		ModulusSizeInBits: modulusSizeInBits,
211		PublicExponent:    []byte{0x01, 0x00, 0x01},
212	}
213	serializedFormat, err := proto.Marshal(keyFormat)
214	if err != nil {
215		tinkerror.Fail(fmt.Sprintf("failed to marshal key format: %s", err))
216	}
217	return &tinkpb.KeyTemplate{
218		TypeUrl:          rsaSSAPSSSignerTypeURL,
219		OutputPrefixType: prefixType,
220		Value:            serializedFormat,
221	}
222}
223
224// RSA_SSA_PKCS1_3072_SHA256_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following
225// parameters:
226//   - Modulus size in bits: 3072.
227//   - Hash function: SHA256.
228//   - Public Exponent: 65537 (aka F4).
229//   - OutputPrefixType: TINK
230func RSA_SSA_PKCS1_3072_SHA256_F4_Key_Template() *tinkpb.KeyTemplate {
231	return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA256, 3072)
232}
233
234// RSA_SSA_PKCS1_3072_SHA256_F4_RAW_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following
235// parameters:
236//   - Modulus size in bits: 3072.
237//   - Hash function: SHA256.
238//   - Public Exponent: 65537 (aka F4).
239//   - OutputPrefixType: RAW
240func RSA_SSA_PKCS1_3072_SHA256_F4_RAW_Key_Template() *tinkpb.KeyTemplate {
241	return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA256, 3072)
242}
243
244// RSA_SSA_PKCS1_4096_SHA512_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following
245// parameters:
246//   - Modulus size in bits: 4096.
247//   - Hash function: SHA512.
248//   - Public Exponent: 65537 (aka F4).
249//   - OutputPrefixType: TINK
250func RSA_SSA_PKCS1_4096_SHA512_F4_Key_Template() *tinkpb.KeyTemplate {
251	return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA512, 4096)
252}
253
254// RSA_SSA_PKCS1_4096_SHA512_F4_RAW_Key_Template is a KeyTemplate that generates a new RSA SSA PKCS1 private key with the following
255// parameters:
256//   - Modulus size in bits: 4096.
257//   - Hash function: SHA512.
258//   - Public Exponent: 65537 (aka F4).
259//   - OutputPrefixType: RAW
260func RSA_SSA_PKCS1_4096_SHA512_F4_RAW_Key_Template() *tinkpb.KeyTemplate {
261	return create_RSA_SSA_PKCS1_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA512, 4096)
262}
263
264// RSA_SSA_PSS_3072_SHA256_32_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following
265// parameters:
266//   - Modulus size in bits: 3072.
267//   - Signature hash: SHA256.
268//   - MGF1 hash: SHA256.
269//   - Salt length: 32 (i.e., SHA256's output length).
270//   - Public Exponent: 65537 (aka F4).
271//   - OutputPrefixType: TINK
272func RSA_SSA_PSS_3072_SHA256_32_F4_Key_Template() *tinkpb.KeyTemplate {
273	return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA256, 32, 3072)
274}
275
276// RSA_SSA_PSS_3072_SHA256_32_F4_Raw_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following
277// parameters:
278//   - Modulus size in bits: 3072.
279//   - Signature hash: SHA256.
280//   - MGF1 hash: SHA256.
281//   - Salt length: 32 (i.e., SHA256's output length).
282//   - Public Exponent: 65537 (aka F4).
283//   - OutputPrefixType: RAW
284func RSA_SSA_PSS_3072_SHA256_32_F4_Raw_Key_Template() *tinkpb.KeyTemplate {
285	return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA256, 32, 3072)
286}
287
288// RSA_SSA_PSS_4096_SHA512_64_F4_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following
289// parameters:
290//   - Modulus size in bits: 4096.
291//   - Signature hash: SHA512.
292//   - MGF1 hash: SHA512.
293//   - Salt length: 64 (i.e., SHA512's output length).
294//   - Public Exponent: 65537 (aka F4).
295//   - OutputPrefixType: TINK
296func RSA_SSA_PSS_4096_SHA512_64_F4_Key_Template() *tinkpb.KeyTemplate {
297	return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_TINK, commonpb.HashType_SHA512, 64, 4096)
298}
299
300// RSA_SSA_PSS_4096_SHA512_64_F4_Raw_Key_Template is a KeyTemplate that generates a new RSA SSA PSS private key with the following
301// parameters:
302//   - Modulus size in bits: 4096.
303//   - Signature hash: SHA512.
304//   - MGF1 hash: SHA512.
305//   - Salt length: 64 (i.e., SHA512's output length).
306//   - Public Exponent: 65537 (aka F4).
307//   - OutputPrefixType: RAW
308func RSA_SSA_PSS_4096_SHA512_64_F4_Raw_Key_Template() *tinkpb.KeyTemplate {
309	return create_RSA_SSA_PSS_Template(tinkpb.OutputPrefixType_RAW, commonpb.HashType_SHA512, 64, 4096)
310}
311