Revision cd6f4b0917ebc482b0090562b5106b51e72133df authored by Charles Lee on 16 July 2018, 23:41:19 UTC, committed by Charles Lee on 16 July 2018, 23:41:20 UTC
GitOrigin-RevId: db4c55dc6c9a7daeb59b8decb8ee997e8781e6e0
TINKHybridKeyTemplate.h
/**
* Copyright 2018 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
**************************************************************************
*/
#import <Foundation/Foundation.h>
#import "TINKKeyTemplate.h"
typedef NS_ENUM(NSInteger, TINKHybridKeyTemplates) {
/**
* EciesAeadHkdfPrivateKey with the following parameters:
* KEM: ECDH over NIST P-256,
* DEM: AES128-GCM,
* KDF: HKDF-HMAC-SHA256 with an empty salt,
* OutputPrefixType: TINK
*/
TINKEciesP256HkdfHmacSha256Aes128Gcm = 1,
/**
* EciesAeadHkdfPrivateKey with the following parameters:
* KEM: ECDH over NIST P-256
* DEM: AES128-CTR-HMAC-SHA256 with the following parameters:
* - AES key size: 16 bytes
* - AES CTR IV size: 16 bytes
* - HMAC key size: 32 bytes
* - HMAC tag size: 16 bytes
* KDF: HKDF-HMAC-SHA256 with an empty salt
* OutputPrefixType: TINK
*/
TINKEciesP256HkdfHmacSha256Aes128CtrHmacSha256 = 2,
};
NS_ASSUME_NONNULL_BEGIN
/**
* Pre-generated key templates for TINKHybrid key types.
* One can use these templates to generate new TINKKeysetHandle object with fresh keys.
*
* Example:
*
* NSError *error = nil;
* TINKHybridConfig *hybridConfig = [[TINKHybridConfig alloc] initWithError:&error];
* if (!hybridConfig || error) {
* // handle error.
* }
*
* if (![TINKConfig registerConfig:hybridConfig error:&error]) {
* // handle error.
* }
*
* TINKHybridKeyTemplate *template =
* [TINHybridKeyTemplate initWithKeyTemplate:TINKHybridEciesP256HkdfHmacSha256Aes128Gcm
* error:&error];
* if (!template || error) {
* // handle error.
* }
*
* TINKKeysetHandle *handle = [[TINKKeysetHandle alloc] initWithKeyTemplate:template
* error:&error];
* if (!handle || error) {
* // handle error.
* }
*
*/
@interface TINKHybridKeyTemplate : TINKKeyTemplate
- (nullable instancetype)init
__attribute__((unavailable("Use -initWithKeyTemplate:error: instead.")));
/**
* Creates a TINKHybridKeyTemplate that can be used to generate hybrid keysets.
*
* @param keyTemplate The hybrid key template to use.
* @param error If non-nil it will be populated with a descriptive error when the operation
* fails.
* @return A TINKHybridKeyTemplate or nil in case of error.
*/
- (nullable instancetype)initWithKeyTemplate:(TINKHybridKeyTemplates)keyTemplate
error:(NSError **)error NS_DESIGNATED_INITIALIZER;
@end
NS_ASSUME_NONNULL_END
Computing file changes ...
