Package com.google.crypto.tink

Interface KeyManager<P>

All Known Subinterfaces:

PrivateKeyManager<P>

All Known Implementing Classes:

LegacyKeyManagerImpl, PrfBasedDeriverKeyManager

public interface KeyManager<P>

A KeyManager "understands" keys of a specific key type: it can generate keys of the supported type and create primitives for supported keys.

A key type is identified by the global name of the protocol buffer that holds the corresponding key material, and is given by typeUrl-field of KeyData-protocol buffer.

The template parameter P denotes the primitive corresponding to the keys handled by this manager.

Since:

1.0.0

Method Summary

Modifier and Type	Method	Description
default boolean	doesSupport(java.lang.String typeUrl)	Deprecated. Use getKeyType() instead.
java.lang.String	getKeyType()	Returns the type URL that identifies the key type of keys managed by this KeyManager.
P	getPrimitive(com.google.protobuf.ByteString serializedKey)	Constructs an instance of P for the key given in serializedKey, which must be a serialized key protocol buffer handled by this manager.
default P	getPrimitive(com.google.protobuf.MessageLite key)	Deprecated. Use getPrimitive(serializedKey) instead.
java.lang.Class<P>	getPrimitiveClass()	Returns the primitive class object of the P.
default int	getVersion()	Deprecated. Do not use it.
default com.google.protobuf.MessageLite	newKey(com.google.protobuf.ByteString serializedKeyFormat)	Deprecated. Use newKeyData(serializedKeyFormat) instead.
default com.google.protobuf.MessageLite	newKey(com.google.protobuf.MessageLite keyFormat)	Deprecated. Use newKeyData(serializedKeyFormat) instead.
com.google.crypto.tink.proto.KeyData	newKeyData(com.google.protobuf.ByteString serializedKeyFormat)	Generates a new KeyData according to specification in serializedKeyFormat.

Method Detail

getPrimitive

P getPrimitive(com.google.protobuf.ByteString serializedKey)
        throws java.security.GeneralSecurityException

Constructs an instance of P for the key given in serializedKey, which must be a serialized key protocol buffer handled by this manager.

For primitives of type Mac, Aead, PublicKeySign, PublicKeyVerify, DeterministicAead, HybridEncrypt, and HybridDecrypt this should be a primitive which ignores the output prefix and assumes "RAW".

Returns:

the new constructed P

Throws:

java.security.GeneralSecurityException - if the key given in serializedKey is corrupted or not supported

getPrimitive

@Deprecated
default P getPrimitive(com.google.protobuf.MessageLite key)
                throws java.security.GeneralSecurityException

Deprecated.

Use getPrimitive(serializedKey) instead.

Constructs an instance of P for the key given in key.

For primitives of type Mac, Aead, PublicKeySign, PublicKeyVerify, DeterministicAead, HybridEncrypt, and HybridDecrypt this should be a primitive which ignores the output prefix and assumes "RAW".

This method is not used by Tink. It does not need to be implemented.

Returns:

the new constructed P

Throws:

java.security.GeneralSecurityException - if the key given in key is corrupted or not supported

newKey

@Deprecated
default com.google.protobuf.MessageLite newKey(com.google.protobuf.ByteString serializedKeyFormat)
                                        throws java.security.GeneralSecurityException

Deprecated.

Use newKeyData(serializedKeyFormat) instead.

Generates a new key according to specification in serializedKeyFormat, which must be a serialized key format protocol buffer handled by this manager.

This method is not used by Tink anymore. It does not need to be implemented.

Returns:

the new generated key

Throws:

java.security.GeneralSecurityException - if the specified format is wrong or not supported

newKey

@Deprecated
default com.google.protobuf.MessageLite newKey(com.google.protobuf.MessageLite keyFormat)
                                        throws java.security.GeneralSecurityException

Deprecated.

Use newKeyData(serializedKeyFormat) instead.

Generates a new key according to specification in keyFormat.

This method is only used by Registry.newKey which is deprecated and not used by Tink anymore. This method does not need to be implemented.

Returns:

the new generated key

Throws:

java.security.GeneralSecurityException - if the specified format is wrong or not supported

doesSupport

@Deprecated
default boolean doesSupport(java.lang.String typeUrl)

Deprecated.

Use getKeyType() instead.

Returns true iff this KeyManager supports key type identified by typeUrl.

This method is not used by Tink anymore. It does not need to be implemented.

getKeyType

java.lang.String getKeyType()

Returns the type URL that identifies the key type of keys managed by this KeyManager.

getVersion

@Deprecated
default int getVersion()

Deprecated.

Do not use it.

Returns the version number of this KeyManager.

This method is not used by Tink anymore. It does not need to be implemented.

getPrimitiveClass

java.lang.Class<P> getPrimitiveClass()

Returns the primitive class object of the P. Should be implemented as return P.class; when implementing a key manager for primitive {$code P}.

Returns:

P.class

newKeyData

com.google.crypto.tink.proto.KeyData newKeyData(com.google.protobuf.ByteString serializedKeyFormat)
                                         throws java.security.GeneralSecurityException

Generates a new KeyData according to specification in serializedKeyFormat.

Returns:

the new generated key

Throws:

java.security.GeneralSecurityException - if the specified format is wrong or not supported