1 // Copyright 2018 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16
17 #include "tink/signature/signature_key_templates.h"
18
19 #include <memory>
20
21 #include "absl/memory/memory.h"
22 #include "absl/strings/str_cat.h"
23 #include "openssl/bn.h"
24 #include "openssl/rsa.h"
25 #include "tink/internal/bn_util.h"
26 #include "tink/internal/ssl_unique_ptr.h"
27 #include "tink/util/constants.h"
28 #include "proto/common.pb.h"
29 #include "proto/ecdsa.pb.h"
30 #include "proto/ed25519.pb.h"
31 #include "proto/rsa_ssa_pkcs1.pb.h"
32 #include "proto/rsa_ssa_pss.pb.h"
33 #include "proto/tink.pb.h"
34
35 namespace crypto {
36 namespace tink {
37 namespace {
38
39 using google::crypto::tink::EcdsaKeyFormat;
40 using google::crypto::tink::EcdsaPrivateKey;
41 using google::crypto::tink::EcdsaSignatureEncoding;
42 using google::crypto::tink::Ed25519PrivateKey;
43 using google::crypto::tink::EllipticCurveType;
44 using google::crypto::tink::HashType;
45 using google::crypto::tink::KeyTemplate;
46 using google::crypto::tink::OutputPrefixType;
47 using google::crypto::tink::RsaSsaPkcs1KeyFormat;
48 using google::crypto::tink::RsaSsaPkcs1PrivateKey;
49 using google::crypto::tink::RsaSsaPssKeyFormat;
50 using google::crypto::tink::RsaSsaPssPrivateKey;
51
NewEcdsaKeyTemplate(HashType hash_type,EllipticCurveType curve_type,EcdsaSignatureEncoding encoding,OutputPrefixType output_prefix_type)52 std::unique_ptr<KeyTemplate> NewEcdsaKeyTemplate(
53 HashType hash_type, EllipticCurveType curve_type,
54 EcdsaSignatureEncoding encoding, OutputPrefixType output_prefix_type) {
55 auto key_template = absl::make_unique<KeyTemplate>();
56 key_template->set_type_url(
57 absl::StrCat(kTypeGoogleapisCom, EcdsaPrivateKey().GetTypeName()));
58 key_template->set_output_prefix_type(output_prefix_type);
59 EcdsaKeyFormat key_format;
60 auto params = key_format.mutable_params();
61 params->set_hash_type(hash_type);
62 params->set_curve(curve_type);
63 params->set_encoding(encoding);
64 key_format.SerializeToString(key_template->mutable_value());
65 return key_template;
66 }
67
NewEcdsaKeyTemplate(HashType hash_type,EllipticCurveType curve_type,EcdsaSignatureEncoding encoding)68 std::unique_ptr<KeyTemplate> NewEcdsaKeyTemplate(
69 HashType hash_type, EllipticCurveType curve_type,
70 EcdsaSignatureEncoding encoding) {
71 return NewEcdsaKeyTemplate(hash_type, curve_type, encoding,
72 OutputPrefixType::TINK);
73 }
74
NewRsaSsaPkcs1KeyTemplate(HashType hash_type,int modulus_size_in_bits,int public_exponent)75 std::unique_ptr<KeyTemplate> NewRsaSsaPkcs1KeyTemplate(HashType hash_type,
76 int modulus_size_in_bits,
77 int public_exponent) {
78 auto key_template = absl::make_unique<KeyTemplate>();
79 key_template->set_type_url(
80 absl::StrCat(kTypeGoogleapisCom, RsaSsaPkcs1PrivateKey().GetTypeName()));
81 key_template->set_output_prefix_type(OutputPrefixType::TINK);
82 RsaSsaPkcs1KeyFormat key_format;
83 auto params = key_format.mutable_params();
84 params->set_hash_type(hash_type);
85 key_format.set_modulus_size_in_bits(modulus_size_in_bits);
86 internal::SslUniquePtr<BIGNUM> e(BN_new());
87 BN_set_word(e.get(), public_exponent);
88 key_format.set_public_exponent(
89 internal::BignumToString(e.get(), BN_num_bytes(e.get())).value());
90 key_format.SerializeToString(key_template->mutable_value());
91 return key_template;
92 }
93
NewRsaSsaPssKeyTemplate(HashType sig_hash,HashType mgf1_hash,int salt_length,int modulus_size_in_bits,int public_exponent)94 std::unique_ptr<KeyTemplate> NewRsaSsaPssKeyTemplate(HashType sig_hash,
95 HashType mgf1_hash,
96 int salt_length,
97 int modulus_size_in_bits,
98 int public_exponent) {
99 auto key_template = absl::make_unique<KeyTemplate>();
100 key_template->set_type_url(
101 absl::StrCat(kTypeGoogleapisCom, RsaSsaPssPrivateKey().GetTypeName()));
102 key_template->set_output_prefix_type(OutputPrefixType::TINK);
103 RsaSsaPssKeyFormat key_format;
104 auto params = key_format.mutable_params();
105 params->set_sig_hash(sig_hash);
106 params->set_mgf1_hash(mgf1_hash);
107 params->set_salt_length(salt_length);
108 key_format.set_modulus_size_in_bits(modulus_size_in_bits);
109 internal::SslUniquePtr<BIGNUM> e(BN_new());
110 BN_set_word(e.get(), public_exponent);
111 key_format.set_public_exponent(
112 internal::BignumToString(e.get(), BN_num_bytes(e.get())).value());
113 key_format.SerializeToString(key_template->mutable_value());
114 return key_template;
115 }
116
117 } // anonymous namespace
118
119 // static
EcdsaP256()120 const KeyTemplate& SignatureKeyTemplates::EcdsaP256() {
121 static const KeyTemplate* key_template =
122 NewEcdsaKeyTemplate(HashType::SHA256, EllipticCurveType::NIST_P256,
123 EcdsaSignatureEncoding::DER)
124 .release();
125 return *key_template;
126 }
127
128 // Deprecated, use EcdsaP384Sha384() or EcdsaP384Sha512() instead.
129 // static
EcdsaP384()130 const KeyTemplate& SignatureKeyTemplates::EcdsaP384() {
131 static const KeyTemplate* key_template =
132 NewEcdsaKeyTemplate(HashType::SHA512, EllipticCurveType::NIST_P384,
133 EcdsaSignatureEncoding::DER)
134 .release();
135 return *key_template;
136 }
137
138 // static
EcdsaP384Sha384()139 const KeyTemplate& SignatureKeyTemplates::EcdsaP384Sha384() {
140 static const KeyTemplate* key_template =
141 NewEcdsaKeyTemplate(HashType::SHA384, EllipticCurveType::NIST_P384,
142 EcdsaSignatureEncoding::DER)
143 .release();
144 return *key_template;
145 }
146
147 // static
EcdsaP384Sha512()148 const KeyTemplate& SignatureKeyTemplates::EcdsaP384Sha512() {
149 static const KeyTemplate* key_template =
150 NewEcdsaKeyTemplate(HashType::SHA512, EllipticCurveType::NIST_P384,
151 EcdsaSignatureEncoding::DER)
152 .release();
153 return *key_template;
154 }
155
156 // static
EcdsaP521()157 const KeyTemplate& SignatureKeyTemplates::EcdsaP521() {
158 static const KeyTemplate* key_template =
159 NewEcdsaKeyTemplate(HashType::SHA512, EllipticCurveType::NIST_P521,
160 EcdsaSignatureEncoding::DER)
161 .release();
162 return *key_template;
163 }
164
165 // static
EcdsaP256Raw()166 const KeyTemplate& SignatureKeyTemplates::EcdsaP256Raw() {
167 static const KeyTemplate* key_template =
168 NewEcdsaKeyTemplate(HashType::SHA256, EllipticCurveType::NIST_P256,
169 EcdsaSignatureEncoding::IEEE_P1363,
170 OutputPrefixType::RAW)
171 .release();
172 return *key_template;
173 }
174
175 // static
EcdsaP256Ieee()176 const KeyTemplate& SignatureKeyTemplates::EcdsaP256Ieee() {
177 static const KeyTemplate* key_template =
178 NewEcdsaKeyTemplate(HashType::SHA256, EllipticCurveType::NIST_P256,
179 EcdsaSignatureEncoding::IEEE_P1363)
180 .release();
181 return *key_template;
182 }
183
184 // static
EcdsaP384Ieee()185 const KeyTemplate& SignatureKeyTemplates::EcdsaP384Ieee() {
186 static const KeyTemplate* key_template =
187 NewEcdsaKeyTemplate(HashType::SHA512, EllipticCurveType::NIST_P384,
188 EcdsaSignatureEncoding::IEEE_P1363)
189 .release();
190 return *key_template;
191 }
192
193 // static
EcdsaP521Ieee()194 const KeyTemplate& SignatureKeyTemplates::EcdsaP521Ieee() {
195 static const KeyTemplate* key_template =
196 NewEcdsaKeyTemplate(HashType::SHA512, EllipticCurveType::NIST_P521,
197 EcdsaSignatureEncoding::IEEE_P1363)
198 .release();
199 return *key_template;
200 }
201
202 // static
RsaSsaPkcs13072Sha256F4()203 const KeyTemplate& SignatureKeyTemplates::RsaSsaPkcs13072Sha256F4() {
204 static const KeyTemplate* key_template =
205 NewRsaSsaPkcs1KeyTemplate(HashType::SHA256, 3072, RSA_F4).release();
206 return *key_template;
207 }
208
209 // static
RsaSsaPkcs14096Sha512F4()210 const KeyTemplate& SignatureKeyTemplates::RsaSsaPkcs14096Sha512F4() {
211 static const KeyTemplate* key_template =
212 NewRsaSsaPkcs1KeyTemplate(HashType::SHA512, 4096, RSA_F4).release();
213 return *key_template;
214 }
215
216 // static
RsaSsaPss3072Sha256Sha256F4()217 const KeyTemplate& SignatureKeyTemplates::RsaSsaPss3072Sha256Sha256F4() {
218 static const KeyTemplate* key_template =
219 NewRsaSsaPssKeyTemplate(HashType::SHA256, HashType::SHA256, 32, 3072,
220 RSA_F4)
221 .release();
222 return *key_template;
223 }
224
225 // static
RsaSsaPss4096Sha512Sha512F4()226 const KeyTemplate& SignatureKeyTemplates::RsaSsaPss4096Sha512Sha512F4() {
227 static const KeyTemplate* key_template =
228 NewRsaSsaPssKeyTemplate(HashType::SHA512, HashType::SHA512, 64, 4096,
229 RSA_F4)
230 .release();
231 return *key_template;
232 }
233
234 // static
RsaSsaPss4096Sha384Sha384F4()235 const KeyTemplate& SignatureKeyTemplates::RsaSsaPss4096Sha384Sha384F4() {
236 static const KeyTemplate* key_template =
237 NewRsaSsaPssKeyTemplate(HashType::SHA384, HashType::SHA384, 48, 4096,
238 RSA_F4)
239 .release();
240 return *key_template;
241 }
242
243 // static
Ed25519()244 const google::crypto::tink::KeyTemplate& SignatureKeyTemplates::Ed25519() {
245 static KeyTemplate* key_template = new KeyTemplate();
246 key_template->set_type_url(
247 absl::StrCat(kTypeGoogleapisCom, Ed25519PrivateKey().GetTypeName()));
248 key_template->set_output_prefix_type(OutputPrefixType::TINK);
249 return *key_template;
250 }
251
252 // static
253 const google::crypto::tink::KeyTemplate&
Ed25519WithRawOutput()254 SignatureKeyTemplates::Ed25519WithRawOutput() {
255 static KeyTemplate* key_template = new KeyTemplate();
256 key_template->set_type_url(
257 absl::StrCat(kTypeGoogleapisCom, Ed25519PrivateKey().GetTypeName()));
258 key_template->set_output_prefix_type(OutputPrefixType::RAW);
259 return *key_template;
260 }
261
262 } // namespace tink
263 } // namespace crypto
264