Move the AES-GCM key manager into aesgcm

This is a safe change because key managers aren't exported from `aead`. The key manager is registered by `aesgcm.init()`; `aesgcm` is "force-included" by `aead` to make sure key managers get registered. PiperOrigin-RevId: 668897500 Change-Id: Ifc11160a162ba81c0af8e1f0678fa1da6507c035
tink-crypto · Aug 29, 2024 · 97cbe32 · 97cbe32
1 parent 01edfcf
commit 97cbe32
Show file tree

Hide file tree

Showing 9 changed files with 264 additions and 216 deletions.
diff --git a/aead/BUILD.bazel b/aead/BUILD.bazel
@@ -11,7 +11,6 @@ go_library(
         "aead_factory.go",
         "aead_key_templates.go",
         "aes_ctr_hmac_aead_key_manager.go",
-        "aes_gcm_key_manager.go",
         "aes_gcm_siv_key_manager.go",
         "chacha20poly1305_key_manager.go",
         "kms_envelope_aead.go",
@@ -21,6 +20,7 @@ go_library(
     importpath = "github.com/tink-crypto/tink-go/v2/aead",
     visibility = ["//visibility:public"],
     deps = [
+        "//aead/aesgcm",
         "//aead/subtle",
         "//core/cryptofmt",
         "//core/primitiveset",
@@ -57,7 +57,6 @@ go_test(
         "aead_key_templates_test.go",
         "aead_test.go",
         "aes_ctr_hmac_aead_key_manager_test.go",
-        "aes_gcm_key_manager_test.go",
         "aes_gcm_siv_key_manager_test.go",
         "chacha20poly1305_key_manager_test.go",
         "kms_envelope_aead_example_test.go",

diff --git a/aead/aead.go b/aead/aead.go
@@ -20,6 +20,7 @@ package aead
 import (
 	"fmt"
 
+	_ "github.com/tink-crypto/tink-go/v2/aead/aesgcm" // To register the AES-GCM key manager.
 	"github.com/tink-crypto/tink-go/v2/core/registry"
 	"github.com/tink-crypto/tink-go/v2/internal/internalregistry"
 )
@@ -29,13 +30,6 @@ func init() {
 		panic(fmt.Sprintf("aead.init() failed: %v", err))
 	}
 
-	if err := registry.RegisterKeyManager(new(aesGCMKeyManager)); err != nil {
-		panic(fmt.Sprintf("aead.init() failed: %v", err))
-	}
-	if err := internalregistry.AllowKeyDerivation(aesGCMTypeURL); err != nil {
-		panic(fmt.Sprintf("aead.init() failed: %v", err))
-	}
-
 	if err := registry.RegisterKeyManager(new(chaCha20Poly1305KeyManager)); err != nil {
 		panic(fmt.Sprintf("aead.init() failed: %v", err))
 	}

diff --git a/aead/aead_key_templates.go b/aead/aead_key_templates.go
@@ -29,6 +29,10 @@ import (
 	tinkpb "github.com/tink-crypto/tink-go/v2/proto/tink_go_proto"
 )
 
+const (
+	aesGCMTypeURL = "type.googleapis.com/google.crypto.tink.AesGcmKey"
+)
+
 // This file contains pre-generated KeyTemplates for AEAD keys. One can use these templates
 // to generate new Keysets.
 

diff --git a/aead/aesgcm/BUILD.bazel b/aead/aesgcm/BUILD.bazel
@@ -2,13 +2,25 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "aesgcm",
-    srcs = ["aesgcm.go"],
+    srcs = [
+        "aesgcm.go",
+        "key.go",
+        "key_manager.go",
+    ],
     importpath = "github.com/tink-crypto/tink-go/v2/aead/aesgcm",
     visibility = ["//visibility:public"],
     deps = [
+        "//aead/subtle",
+        "//core/registry",
+        "//internal/internalregistry",
         "//internal/outputprefix",
         "//key",
+        "//keyset",
+        "//proto/aes_gcm_go_proto",
+        "//proto/tink_go_proto",
         "//secretdata",
+        "//subtle/random",
+        "@org_golang_google_protobuf//proto",
     ],
 )
 
@@ -20,11 +32,23 @@ alias(
 
 go_test(
     name = "aesgcm_test",
-    srcs = ["aesgcm_test.go"],
+    srcs = [
+        "key_manager_test.go",
+        "key_test.go",
+    ],
     deps = [
         ":aesgcm",
+        "//aead/subtle",
         "//core/cryptofmt",
+        "//core/registry",
         "//insecuresecretdataaccess",
+        "//internal/internalregistry",
+        "//proto/aes_gcm_go_proto",
+        "//proto/tink_go_proto",
         "//secretdata",
+        "//subtle/random",
+        "//testutil",
+        "@com_github_google_go_cmp//cmp",
+        "@org_golang_google_protobuf//proto",
     ],
 )
diff --git a/aead/aesgcm/aesgcm.go b/aead/aesgcm/aesgcm.go
@@ -12,184 +12,21 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// Package aesgcm implements AES-GCM parameters and key.
+// Package aesgcm implements AES-GCM parameters and key, as well as key manager.
 package aesgcm
 
 import (
-	"bytes"
 	"fmt"
 
-	"github.com/tink-crypto/tink-go/v2/internal/outputprefix"
-	"github.com/tink-crypto/tink-go/v2/key"
-	"github.com/tink-crypto/tink-go/v2/secretdata"
+	"github.com/tink-crypto/tink-go/v2/core/registry"
+	"github.com/tink-crypto/tink-go/v2/internal/internalregistry"
 )
 
-// Variant is the prefix variant of AES-GCM keys.
-//
-// It describes how the prefix of the ciphertext is constructed. For AEAD there
-// are three options:
-//
-// * TINK: prepends '0x01<big endian key id>' to the ciphertext.
-// * CRUNCHY: prepends '0x00<big endian key id>' to the ciphertext.
-// * NO_PREFIX: adds no prefix to the ciphertext.
-type Variant int
-
-const (
-	// VariantUnknown is the default and invalid value of Variant.
-	VariantUnknown Variant = iota
-	// VariantTink prefixes '0x01<big endian key id>' to the ciphertext.
-	VariantTink
-	// VariantCrunchy prefixes '0x00<big endian key id>' to the ciphertext.
-	VariantCrunchy
-	// VariantNoPrefix adds no prefix to the ciphertext.
-	VariantNoPrefix
-)
-
-func (variant Variant) String() string {
-	switch variant {
-	case VariantTink:
-		return "TINK"
-	case VariantCrunchy:
-		return "CRUNCHY"
-	case VariantNoPrefix:
-		return "NO_PREFIX"
-	default:
-		return "UNKNOWN"
-	}
-}
-
-// calculateOutputPrefix calculates the output prefix from keyID.
-func calculateOutputPrefix(variant Variant, keyID uint32) ([]byte, error) {
-	switch variant {
-	case VariantTink:
-		return outputprefix.Tink(keyID), nil
-	case VariantCrunchy:
-		return outputprefix.Legacy(keyID), nil
-	case VariantNoPrefix:
-		return nil, nil
-	default:
-		return nil, fmt.Errorf("invalid output prefix variant: %v", variant)
-	}
-}
-
-// Parameters specifies an AES-GCM key.
-type Parameters struct {
-	keySizeInBytes int
-	ivSizeInBytes  int
-	tagSizeInBytes int
-	variant        Variant
-}
-
-var _ key.Parameters = (*Parameters)(nil)
-
-// KeySizeInBytes returns the size of the key in bytes.
-func (p *Parameters) KeySizeInBytes() int { return p.keySizeInBytes }
-
-// IVSizeInBytes returns the size of the IV in bytes.
-func (p *Parameters) IVSizeInBytes() int { return p.ivSizeInBytes }
-
-// TagSizeInBytes returns the size of the tag in bytes.
-func (p *Parameters) TagSizeInBytes() int { return p.tagSizeInBytes }
-
-// Variant returns the variant of the key.
-func (p *Parameters) Variant() Variant { return p.variant }
-
-// ParametersOpts specifies options for creating AES-GCM parameters.
-type ParametersOpts struct {
-	KeySizeInBytes int
-	IVSizeInBytes  int
-	TagSizeInBytes int
-	Variant        Variant
-}
-
-// NewParameters creates a new AES-GCM Parameters object.
-func NewParameters(opts ParametersOpts) (*Parameters, error) {
-	if opts.KeySizeInBytes != 16 && opts.KeySizeInBytes != 24 && opts.KeySizeInBytes != 32 {
-		return nil, fmt.Errorf("aesgcm.Parameters: unsupported key size; want 16, 24, or 32, got: %v", opts.KeySizeInBytes)
-	}
-	if opts.IVSizeInBytes <= 0 {
-		return nil, fmt.Errorf("aesgcm.Parameters: unsupported IV size; want > 0, got: %v", opts.IVSizeInBytes)
+func init() {
+	if err := registry.RegisterKeyManager(new(keyManager)); err != nil {
+		panic(fmt.Sprintf("aesgcm.init() failed: %v", err))
 	}
-	if opts.TagSizeInBytes < 12 || opts.TagSizeInBytes > 16 {
-		return nil, fmt.Errorf("aesgcm.Parameters: unsupported tag size; want >= 12 and <= 16, got: %v", opts.TagSizeInBytes)
+	if err := internalregistry.AllowKeyDerivation(typeURL); err != nil {
+		panic(fmt.Sprintf("aesgcm.init() failed: %v", err))
 	}
-	if opts.Variant == VariantUnknown {
-		return nil, fmt.Errorf("aesgcm.Parameters: unsupported variant: %v", opts.Variant)
-	}
-	return &Parameters{
-		keySizeInBytes: opts.KeySizeInBytes,
-		ivSizeInBytes:  opts.IVSizeInBytes,
-		tagSizeInBytes: opts.TagSizeInBytes,
-		variant:        opts.Variant,
-	}, nil
-}
-
-// HasIDRequirement returns whether the key has an ID requirement.
-func (p *Parameters) HasIDRequirement() bool { return p.variant != VariantNoPrefix }
-
-// Equals returns whether this Parameters object is equal to other.
-func (p *Parameters) Equals(other key.Parameters) bool {
-	actualParams, ok := other.(*Parameters)
-	return ok && p.HasIDRequirement() == actualParams.HasIDRequirement() &&
-		p.keySizeInBytes == actualParams.keySizeInBytes &&
-		p.ivSizeInBytes == actualParams.ivSizeInBytes &&
-		p.tagSizeInBytes == actualParams.tagSizeInBytes &&
-		p.variant == actualParams.variant
-}
-
-// Key represents an AES-GCM key.
-type Key struct {
-	keyBytes     secretdata.Bytes
-	id           uint32
-	outputPrefix []byte
-	parameters   *Parameters
-}
-
-var _ key.Key = (*Key)(nil)
-
-// NewKey creates a new AES-GCM key with key, keyID and parameters.
-func NewKey(keyBytes secretdata.Bytes, keyID uint32, parameters *Parameters) (*Key, error) {
-	if parameters == nil {
-		return nil, fmt.Errorf("aesgcm.NewKey: parameters is nil")
-	}
-	if keyBytes.Len() != int(parameters.KeySizeInBytes()) {
-		return nil, fmt.Errorf("aesgcm.NewKey: key.Len() = %v, want %v", keyBytes.Len(), parameters.KeySizeInBytes())
-	}
-	outputPrefix, err := calculateOutputPrefix(parameters.Variant(), keyID)
-	if err != nil {
-		return nil, fmt.Errorf("aesgcm.NewKey: %v", err)
-	}
-	return &Key{
-		keyBytes:     keyBytes,
-		id:           keyID,
-		outputPrefix: outputPrefix,
-		parameters:   parameters,
-	}, nil
-}
-
-// KeyBytes returns the key material.
-//
-// This function provides access to partial key material. See
-// https://developers.google.com/tink/design/access_control#access_of_parts_of_a_key
-// for more information.
-func (k *Key) KeyBytes() secretdata.Bytes { return k.keyBytes }
-
-// Parameters returns the parameters of this key.
-func (k *Key) Parameters() key.Parameters { return k.parameters }
-
-// IDRequirement returns whether the key ID and whether it is required
-//
-// If not required, the returned key ID is not usable.
-func (k *Key) IDRequirement() (uint32, bool) { return k.id, k.Parameters().HasIDRequirement() }
-
-// OutputPrefix returns the output prefix.
-func (k *Key) OutputPrefix() []byte { return bytes.Clone(k.outputPrefix) }
-
-// Equals returns whether this key object is equal to other.
-func (k *Key) Equals(other key.Key) bool {
-	that, ok := other.(*Key)
-	return ok && k.Parameters().Equals(that.Parameters()) &&
-		k.id == that.id &&
-		k.keyBytes.Equals(&that.keyBytes) &&
-		bytes.Equal(k.outputPrefix, that.outputPrefix)
 }