com.google.crypto.tink.signature

Class SignatureKeyTemplates

java.lang.Object

com.google.crypto.tink.signature.SignatureKeyTemplates

public final class SignatureKeyTemplates
extends Object

Pre-generated KeyTemplate for PublicKeySign and PublicKeyVerify.

We recommend to avoid this class in order to keep dependencies small.

• Using this class adds a dependency on protobuf. We hope that eventually it is possible to use Tink without a dependency on protobuf.
• Using this class adds a dependency on classes for all involved key types.

These dependencies all come from static class member variables, which are initialized when the class is loaded. This implies that static analysis and code minimization tools (such as proguard) cannot remove the usages either.

Instead, we recommend to use KeysetHandle.generateEntryFromParametersName or KeysetHandle.generateEntryFromParameters.

One can use these templates to generate new Keyset with KeysetHandle. To generate a new keyset that contains a single EcdsaPrivateKey, one can do:

 Config.register(SignatureConfig.TINK_1_1_0);
 KeysetHandle handle = KeysetHandle.generateNew(SignatureKeyTemplates.ECDSA_P256);
 PublicKeySign signer = handle.getPrimitive(PublicKeySign.class);
 PublicKeyVerify verifier = handle.getPublicKeyset().getPrimitive(PublicKeyVerify.class);
 

Since:

1.0.0

Field Summary

Fields

Modifier and Type	Field and Description
static KeyTemplate	ECDSA_P256 A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters: Hash function: SHA256 Curve: NIST P-256 Signature encoding: DER (this is the encoding that Java uses).
static KeyTemplate	ECDSA_P256_IEEE_P1363 A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters: Hash function: SHA256 Curve: NIST P-256 Signature encoding: IEEE_P1363 (this is the encoding that JWS and WebCrypto use).
static KeyTemplate	ECDSA_P256_IEEE_P1363_WITHOUT_PREFIX A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters: Hash function: SHA256 Curve: NIST P-256 Signature encoding: DER (this is the encoding that Java uses).
static KeyTemplate	ECDSA_P384 A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters: Hash function: SHA512 Curve: NIST P-384 Signature encoding: DER (this is the encoding that Java uses).
static KeyTemplate	ECDSA_P384_IEEE_P1363 A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters: Hash function: SHA512 Curve: NIST P-384 Signature encoding: IEEE_P1363 (this is the encoding that JWS and WebCrypto use).
static KeyTemplate	ECDSA_P521 A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters: Hash function: SHA512 Curve: NIST P-521 Signature encoding: DER (this is the encoding that Java uses).
static KeyTemplate	ECDSA_P521_IEEE_P1363 A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters: Hash function: SHA512 Curve: NIST P-521 Signature encoding: IEEE_P1363 (this is the encoding that JWS and WebCrypto use).
static KeyTemplate	ED25519 A KeyTemplate that generates new instances of Ed25519PrivateKey.
static KeyTemplate	ED25519WithRawOutput A KeyTemplate that generates new instances of com.google.crypto.tink.proto.ED25519PrivateKey.
static KeyTemplate	RSA_SSA_PKCS1_3072_SHA256_F4 A KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey with the following parameters: Hash function: SHA256.
static KeyTemplate	RSA_SSA_PKCS1_3072_SHA256_F4_WITHOUT_PREFIX A KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey with the following parameters: Hash function: SHA256.
static KeyTemplate	RSA_SSA_PKCS1_4096_SHA512_F4 A KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey with the following parameters: Hash function: SHA512.
static KeyTemplate	RSA_SSA_PSS_3072_SHA256_SHA256_32_F4 A KeyTemplate that generates new instances of RsaSsaPssPrivateKey with the following parameters: Signature hash: SHA256.
static KeyTemplate	RSA_SSA_PSS_4096_SHA512_SHA512_64_F4 A KeyTemplate that generates new instances of RsaSsaPssPrivateKey with the following parameters: Signature hash: SHA512.

Method Summary

Modifier and Type	Method and Description
static KeyTemplate	createEcdsaKeyTemplate(HashType hashType, EllipticCurveType curve, EcdsaSignatureEncoding encoding, OutputPrefixType prefixType)
static KeyTemplate	createRsaSsaPkcs1KeyTemplate(HashType hashType, int modulusSize, BigInteger publicExponent, OutputPrefixType prefixType)
static KeyTemplate	createRsaSsaPssKeyTemplate(HashType sigHash, HashType mgf1Hash, int saltLength, int modulusSize, BigInteger publicExponent)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ECDSA_P256

public static final KeyTemplate ECDSA_P256

A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters:

• Hash function: SHA256
• Curve: NIST P-256
• Signature encoding: DER (this is the encoding that Java uses).
• Prefix type: OutputPrefixType.TINK

ECDSA_P384

public static final KeyTemplate ECDSA_P384

A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters:

• Hash function: SHA512
• Curve: NIST P-384
• Signature encoding: DER (this is the encoding that Java uses).
• Prefix type: OutputPrefixType.TINK

ECDSA_P521

public static final KeyTemplate ECDSA_P521

A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters:

• Hash function: SHA512
• Curve: NIST P-521
• Signature encoding: DER (this is the encoding that Java uses).
• Prefix type: OutputPrefixType.TINK

ECDSA_P256_IEEE_P1363

public static final KeyTemplate ECDSA_P256_IEEE_P1363

A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters:

• Hash function: SHA256
• Curve: NIST P-256
• Signature encoding: IEEE_P1363 (this is the encoding that JWS and WebCrypto use).
• Prefix type: OutputPrefixType.TINK

ECDSA_P384_IEEE_P1363

public static final KeyTemplate ECDSA_P384_IEEE_P1363

A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters:

• Hash function: SHA512
• Curve: NIST P-384
• Signature encoding: IEEE_P1363 (this is the encoding that JWS and WebCrypto use).
• Prefix type: OutputPrefixType.TINK

ECDSA_P256_IEEE_P1363_WITHOUT_PREFIX

public static final KeyTemplate ECDSA_P256_IEEE_P1363_WITHOUT_PREFIX

A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters:

• Hash function: SHA256
• Curve: NIST P-256
• Signature encoding: DER (this is the encoding that Java uses).
• Prefix type: None

The digital signature generated by this key would be 64 bytes exactly.

ECDSA_P521_IEEE_P1363

public static final KeyTemplate ECDSA_P521_IEEE_P1363

A KeyTemplate that generates new instances of EcdsaPrivateKey with the following parameters:

• Hash function: SHA512
• Curve: NIST P-521
• Signature encoding: IEEE_P1363 (this is the encoding that JWS and WebCrypto use).
• Prefix type: OutputPrefixType.TINK

ED25519

public static final KeyTemplate ED25519

A KeyTemplate that generates new instances of Ed25519PrivateKey.

Since:

1.1.0

ED25519WithRawOutput

public static final KeyTemplate ED25519WithRawOutput

A KeyTemplate that generates new instances of com.google.crypto.tink.proto.ED25519PrivateKey. The difference between ED25519WithRawOutput and ED25519 is the format of signatures generated. ED25519WithRawOutput generates signatures of OutputPrefixType.RAW format, which is 64 bytes long.

Since:

1.3.0

RSA_SSA_PKCS1_3072_SHA256_F4

public static final KeyTemplate RSA_SSA_PKCS1_3072_SHA256_F4

A KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey with the following parameters:

• Hash function: SHA256.
• Modulus size: 3072 bit.
• Public exponent: 65537 (aka F4).
• Prefix type: OutputPrefixType.TINK

RSA_SSA_PKCS1_3072_SHA256_F4_WITHOUT_PREFIX

public static final KeyTemplate RSA_SSA_PKCS1_3072_SHA256_F4_WITHOUT_PREFIX

A KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey with the following parameters:

• Hash function: SHA256.
• Modulus size: 3072 bit.
• Public exponent: 65537 (aka F4).
• Prefix type: None

RSA_SSA_PKCS1_4096_SHA512_F4

public static final KeyTemplate RSA_SSA_PKCS1_4096_SHA512_F4

A KeyTemplate that generates new instances of RsaSsaPkcs1PrivateKey with the following parameters:

• Hash function: SHA512.
• Modulus size: 4096 bit.
• Public exponent: 65537 (aka F4).
• Prefix type: OutputPrefixType.TINK

RSA_SSA_PSS_3072_SHA256_SHA256_32_F4

public static final KeyTemplate RSA_SSA_PSS_3072_SHA256_SHA256_32_F4

A KeyTemplate that generates new instances of RsaSsaPssPrivateKey with the following parameters:

• Signature hash: SHA256.
• MGF1 hash: SHA256.
• Salt length: 32 (i.e., SHA256's output length).
• Modulus size: 3072 bit.
• Public exponent: 65537 (aka F4).

RSA_SSA_PSS_4096_SHA512_SHA512_64_F4

public static final KeyTemplate RSA_SSA_PSS_4096_SHA512_SHA512_64_F4

A KeyTemplate that generates new instances of RsaSsaPssPrivateKey with the following parameters:

• Signature hash: SHA512.
• MGF1 hash: SHA512.
• Salt length: 64 (i.e., SHA512's output length).
• Modulus size: 4096 bit.
• Public exponent: 65537 (aka F4).

Method Detail

createEcdsaKeyTemplate

public static KeyTemplate createEcdsaKeyTemplate(HashType hashType,
                                                 EllipticCurveType curve,
                                                 EcdsaSignatureEncoding encoding,
                                                 OutputPrefixType prefixType)

Returns:

a KeyTemplate containing a EcdsaKeyFormat with some specified parameters.

createRsaSsaPkcs1KeyTemplate

public static KeyTemplate createRsaSsaPkcs1KeyTemplate(HashType hashType,
                                                       int modulusSize,
                                                       BigInteger publicExponent,
                                                       OutputPrefixType prefixType)

Returns:

a KeyTemplate containing a RsaSsaPkcs1KeyFormat with some specified parameters.

createRsaSsaPssKeyTemplate

public static KeyTemplate createRsaSsaPssKeyTemplate(HashType sigHash,
                                                     HashType mgf1Hash,
                                                     int saltLength,
                                                     int modulusSize,
                                                     BigInteger publicExponent)

Returns:

a KeyTemplate containing a RsaSsaPssKeyFormat with some specified parameters.