com.google.crypto.tink

Class KeyTypeManager<KeyProtoT extends com.google.protobuf.MessageLite>

java.lang.Object

com.google.crypto.tink.KeyTypeManager<KeyProtoT>

Direct Known Subclasses:

AesCmacKeyManager, AesCtrHmacAeadKeyManager, AesCtrHmacStreamingKeyManager, AesCtrKeyManager, AesEaxKeyManager, AesGcmHkdfStreamingKeyManager, AesGcmKeyManager, AesSivKeyManager, ChaCha20Poly1305KeyManager, HkdfPrfKeyManager, HmacKeyManager, KmsAeadKeyManager, KmsEnvelopeAeadKeyManager, PrivateKeyTypeManager, XChaCha20Poly1305KeyManager

@Alpha
public abstract class KeyTypeManager<KeyProtoT extends com.google.protobuf.MessageLite>
extends Object

An object which collects all the operations which one can do on for a single key type, identified by a single KeyProto.

A KeyTypeManager manages all the operations one can do on a given KeyProto. This includes generating primitives, generating keys (if applicable), parsing and validating keys and key formats. This object is meant to be implemented, i.e., one should use it via the Registry, and not directly.

In order to implement a new key manager, one should subclass this class, setting the type parameter to the proto of the corresponding key (e.g., subclass KeyTypeManager<AesGcmKey>).

For each primitive the key manager should implement, one needs to add an argument to the constructor. The type of it should be a PrimitiveFactory<PrimitiveT, KeyT>, an object which knows how to produce primitives.

If the key manager can create new keys, one also needs to implement the method #keyFactory. In this case it needs to return an object of type KeyFactory<KeyFormatProto, KeyProtoT>, where one has to specify a proto for the key format as well.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	KeyTypeManager.KeyFactory<KeyFormatProtoT extends com.google.protobuf.MessageLite,KeyT> A KeyFactory creates new keys from a given KeyFormat.
protected static class	KeyTypeManager.PrimitiveFactory<PrimitiveT,KeyT> A PrimitiveFactory knows how to create primitives from a given key.

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	KeyTypeManager(Class<KeyProtoT> clazz, KeyTypeManager.PrimitiveFactory<?,KeyProtoT>... factories) Constructs a new KeyTypeManager.

Method Summary

Modifier and Type	Method and Description
Class<KeyProtoT>	getKeyClass() Returns the class corresponding to the key protobuffer.
abstract String	getKeyType() Returns the type URL that identifies the key type of keys managed by this KeyManager.
<P> P	getPrimitive(KeyProtoT key, Class<P> primitiveClass) Creates the requested primitive.
abstract int	getVersion() Returns the version number of this KeyManager.
KeyTypeManager.KeyFactory<?,KeyProtoT>	keyFactory() Returns the KeyTypeManager.KeyFactory for this key type.
abstract com.google.crypto.tink.proto.KeyData.KeyMaterialType	keyMaterialType() Returns the KeyData.KeyMaterialType for this proto.
abstract KeyProtoT	parseKey(com.google.protobuf.ByteString byteString) Parses a serialized key proto.
Set<Class<?>>	supportedPrimitives() Returns a set containing the supported primitives.
abstract void	validateKey(KeyProtoT keyProto) Checks if the given keyProto is a valid key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

KeyTypeManager

@SafeVarargs
protected KeyTypeManager(Class<KeyProtoT> clazz,
                                      KeyTypeManager.PrimitiveFactory<?,KeyProtoT>... factories)

Constructs a new KeyTypeManager.

Takes an arbitrary number of KeyTypeManager.PrimitiveFactory objects as input. These will be used and provided via getPrimitive(KeyProtoT, java.lang.Class<P>) to the user.

Throws:

IllegalArgumentException - if two of the passed in factories produce primitives of the same class.

Method Detail

getKeyClass

public final Class<KeyProtoT> getKeyClass()

Returns the class corresponding to the key protobuffer.

getKeyType

public abstract String getKeyType()

Returns the type URL that identifies the key type of keys managed by this KeyManager.

getVersion

public abstract int getVersion()

Returns the version number of this KeyManager.

keyMaterialType

public abstract com.google.crypto.tink.proto.KeyData.KeyMaterialType keyMaterialType()

Returns the KeyData.KeyMaterialType for this proto.

parseKey

public abstract KeyProtoT parseKey(com.google.protobuf.ByteString byteString)
                            throws com.google.protobuf.InvalidProtocolBufferException

Parses a serialized key proto.

Implement as return KeyProtoT.parseFrom(byteString);.

Throws:

com.google.protobuf.InvalidProtocolBufferException

validateKey

public abstract void validateKey(KeyProtoT keyProto)
                          throws GeneralSecurityException

Checks if the given keyProto is a valid key.

Throws:

GeneralSecurityException - if the passed keyProto is not valid in any way.

getPrimitive

public final <P> P getPrimitive(KeyProtoT key,
                                Class<P> primitiveClass)
                         throws GeneralSecurityException

Creates the requested primitive.

Throws:

IllegalArgumentException - if the given primitiveClass is not supported (i.e., not returned by supportedPrimitives().

GeneralSecurityException - if the underlying factory throws a GeneralSecurityException creating the primitive.

supportedPrimitives

public final Set<Class<?>> supportedPrimitives()

Returns a set containing the supported primitives.

keyFactory

public KeyTypeManager.KeyFactory<?,KeyProtoT> keyFactory()

Returns the KeyTypeManager.KeyFactory for this key type.

By default, this throws an UnsupportedOperationException. Hence, if an implementation does not support creating primitives, no implementation is required.

Throws:

UnsupportedOperationException - if the manager does not support creating primitives.