Package com.google.crypto.tink.hybrid

Class HybridKeyTemplates

  • public final class HybridKeyTemplates
extends java.lang.Object
    Pre-generated KeyTemplate for HybridDecrypt and HybridEncrypt primitives.

    We recommend to avoid this class in order to keep dependencies small.

    • Using this class adds a dependency on protobuf. We hope that eventually it is possible to use Tink without a dependency on protobuf.
    • Using this class adds a dependency on classes for all involved key types.
    These dependencies all come from static class member variables, which are initialized when the class is loaded. This implies that static analysis and code minimization tools (such as proguard) cannot remove the usages either.

    Instead, we recommend to use KeysetHandle.generateEntryFromParametersName or KeysetHandle.generateEntryFromParameters.

    One can use these templates to generate new Keyset with KeysetHandle#generateNew. To generate a new keyset that contains a single EciesAeadHkdfPrivateKey, one can do: 

    
 HybridConfig.register();
 KeysetHandle handle = KeysetHandle.generateNew(
     HybridKeyTemplates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM);
 HybridDecrypt decrypter = handle.getPrimitive(RegistryConfiguration.get(), HybridDecrypt.class);
 HybridEncrypt encrypter =
     handle.getPublicKeysetHandle()
         .getPrimitive(RegistryConfiguration.get(), HybridDecrypt.class);
    Since:
    1.0.0

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static com.google.crypto.tink.proto.KeyTemplate ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256
      A KeyTemplate that generates new instances of EciesAeadHkdfPrivateKey with the following parameters: KEM: ECDH over NIST P-256 DEM: AES128-CTR-HMAC-SHA256 with the following parameters AES key size: 16 bytes AES CTR IV size: 16 bytes HMAC key size: 32 bytes HMAC tag size: 16 bytes KDF: HKDF-HMAC-SHA256 with an empty salt
      static com.google.crypto.tink.proto.KeyTemplate ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM
      A KeyTemplate that generates new instances of EciesAeadHkdfPrivateKey with the following parameters: KEM: ECDH over NIST P-256 DEM: AES128-GCM KDF: HKDF-HMAC-SHA256 with an empty salt
      static com.google.crypto.tink.proto.KeyTemplate ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM_COMPRESSED_WITHOUT_PREFIX
      A KeyTemplate that generates new instances of EciesAeadHkdfPrivateKey with the following parameters: KEM: ECDH over NIST P-256 DEM: AES128-GCM KDF: HKDF-HMAC-SHA256 with an empty salt EC Point Format: Compressed OutputPrefixType: RAW

    • Method Summary

      All Methods Static Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      static com.google.crypto.tink.proto.KeyTemplate createEciesAeadHkdfKeyTemplate​(com.google.crypto.tink.proto.EllipticCurveType curve, com.google.crypto.tink.proto.HashType hashType, com.google.crypto.tink.proto.EcPointFormat ecPointFormat, com.google.crypto.tink.proto.KeyTemplate demKeyTemplate, com.google.crypto.tink.proto.OutputPrefixType outputPrefixType, byte[] salt)
      Deprecated.
      Use EciesParameters instead.
      static com.google.crypto.tink.proto.EciesAeadHkdfParams createEciesAeadHkdfParams​(com.google.crypto.tink.proto.EllipticCurveType curve, com.google.crypto.tink.proto.HashType hashType, com.google.crypto.tink.proto.EcPointFormat ecPointFormat, com.google.crypto.tink.proto.KeyTemplate demKeyTemplate, byte[] salt)
      Deprecated.
      Use EciesParameters instead.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM

        public static final com.google.crypto.tink.proto.KeyTemplate ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM
        A KeyTemplate that generates new instances of EciesAeadHkdfPrivateKey with the following parameters:
        • KEM: ECDH over NIST P-256
        • DEM: AES128-GCM
        • KDF: HKDF-HMAC-SHA256 with an empty salt

        Unlike other key templates that use AES-GCM, the instances of HybridDecrypt generated by this key template has no limitation on Android KitKat (API level 19). They might not work in older versions though.

      • ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM_COMPRESSED_WITHOUT_PREFIX

        public static final com.google.crypto.tink.proto.KeyTemplate ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM_COMPRESSED_WITHOUT_PREFIX
        A KeyTemplate that generates new instances of EciesAeadHkdfPrivateKey with the following parameters:
        • KEM: ECDH over NIST P-256
        • DEM: AES128-GCM
        • KDF: HKDF-HMAC-SHA256 with an empty salt
        • EC Point Format: Compressed
        • OutputPrefixType: RAW

        Unlike other key templates that use AES-GCM, the instances of HybridDecrypt generated by this key template has no limitation on Android KitKat (API level 19). They might not work in older versions though.

      • ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256

        public static final com.google.crypto.tink.proto.KeyTemplate ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256
        A KeyTemplate that generates new instances of EciesAeadHkdfPrivateKey with the following parameters:
        • KEM: ECDH over NIST P-256
        • DEM: AES128-CTR-HMAC-SHA256 with the following parameters
          • AES key size: 16 bytes
          • AES CTR IV size: 16 bytes
          • HMAC key size: 32 bytes
          • HMAC tag size: 16 bytes
        • KDF: HKDF-HMAC-SHA256 with an empty salt

    • Method Detail

      • createEciesAeadHkdfKeyTemplate

        @Deprecated
public static com.google.crypto.tink.proto.KeyTemplate createEciesAeadHkdfKeyTemplate​(com.google.crypto.tink.proto.EllipticCurveType curve,
                                                                                      com.google.crypto.tink.proto.HashType hashType,
                                                                                      com.google.crypto.tink.proto.EcPointFormat ecPointFormat,
                                                                                      com.google.crypto.tink.proto.KeyTemplate demKeyTemplate,
                                                                                      com.google.crypto.tink.proto.OutputPrefixType outputPrefixType,
                                                                                      byte[] salt)
        Deprecated.
        Use EciesParameters instead.
        Returns:
        a KeyTemplate containing a EciesAeadHkdfKeyFormat.

      • createEciesAeadHkdfParams

        @Deprecated
public static com.google.crypto.tink.proto.EciesAeadHkdfParams createEciesAeadHkdfParams​(com.google.crypto.tink.proto.EllipticCurveType curve,
                                                                                         com.google.crypto.tink.proto.HashType hashType,
                                                                                         com.google.crypto.tink.proto.EcPointFormat ecPointFormat,
                                                                                         com.google.crypto.tink.proto.KeyTemplate demKeyTemplate,
                                                                                         byte[] salt)
        Deprecated.
        Use EciesParameters instead.
        Returns:
        a EciesAeadHkdfParams with the specified parameters.