github.com/hyperledger/aries-framework-go@v0.3.2/pkg/crypto/tinkcrypto/primitive/composite/keyio/composite_key_export.go

github.com/hyperledger/aries-framework-go@v0.3.2/pkg/crypto/tinkcrypto/primitive/composite/keyio/composite_key_export.go (about)

     1  /*
     2  Copyright SecureKey Technologies Inc. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package keyio
     8  
     9  import (
    10  	"io"
    11  
    12  	"github.com/google/tink/go/keyset"
    13  
    14  	"github.com/hyperledger/aries-framework-go/component/kmscrypto/crypto/tinkcrypto/primitive/composite/keyio"
    15  
    16  	cryptoapi "github.com/hyperledger/aries-framework-go/pkg/crypto"
    17  	"github.com/hyperledger/aries-framework-go/pkg/crypto/tinkcrypto/primitive/composite/ecdh"
    18  )
    19  
    20  // Package keyio supports exporting of Composite keys (aka Write) and converting the public key part of the a composite
    21  // key (aka PublicKeyToHandle to be used as a valid Tink key)
    22  
    23  // PubKeyWriter will write the raw bytes of a Tink KeySet's primary public key. The raw bytes are a marshaled
    24  // composite.VerificationMethod type.
    25  // The keyset must have a keyURL value equal to either one of the public key URLs:
    26  //   - `nistPECDHKWPublicKeyTypeURL`
    27  //   - `x25519ECDHKWPublicKeyTypeURL`
    28  //
    29  // constants of ecdh package.
    30  // Note: This writer should be used only for ECDH public key exports. Other export of public keys should be
    31  //
    32  //	called via localkms package.
    33  type PubKeyWriter = keyio.PubKeyWriter
    34  
    35  // NewWriter creates a new PubKeyWriter instance.
    36  func NewWriter(w io.Writer) *PubKeyWriter {
    37  	return keyio.NewWriter(w)
    38  }
    39  
    40  // ExtractPrimaryPublicKey is a utility function that will extract the main public key from *keyset.Handle kh.
    41  func ExtractPrimaryPublicKey(kh *keyset.Handle) (*cryptoapi.PublicKey, error) {
    42  	return keyio.ExtractPrimaryPublicKey(kh)
    43  }
    44  
    45  // PublicKeyToKeysetHandle converts pubKey into a *keyset.Handle where pubKey could be either a sender or a
    46  // recipient key. The resulting handle cannot be directly used for primitive execution as the cek is not set. This
    47  // function serves as a helper to get a senderKH to be used as an option for ECDH execution (for ECDH-1PU/authcrypt).
    48  // The keyset handle will be set with either AES256-GCM, AES128CBC+SHA256, AES192CBC+SHA384, AES256CBC+SHA384 or
    49  // AES256CBC+SHA512 AEAD key template for content encryption. With:
    50  // - pubKey the public key to convert.
    51  // - aeadAlg the content encryption algorithm to use along the ECDH primitive.
    52  func PublicKeyToKeysetHandle(pubKey *cryptoapi.PublicKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error) {
    53  	return keyio.PublicKeyToKeysetHandle(pubKey, aeadAlg)
    54  }
    55  
    56  // PrivateKeyToKeysetHandle converts privKey into a *keyset.Handle where privKey could be either a sender or a
    57  // recipient key. The resulting handle cannot be directly used for primitive execution as the cek is not set. This
    58  // function serves as a helper to get a senderKH to be used as an option for ECDH execution (for ECDH-1PU/authcrypt).
    59  // The keyset handle will be set with either AES256-GCM, AES128CBC+SHA256, AES192CBC+SHA384, AES256CBC+SHA384 or
    60  // AES256CBC+SHA512 AEAD key template for content encryption. With:
    61  // - privKey the private key to convert.
    62  // - aeadAlg the content encryption algorithm to use along the ECDH primitive.
    63  func PrivateKeyToKeysetHandle(privKey *cryptoapi.PrivateKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error) {
    64  	return keyio.PrivateKeyToKeysetHandle(privKey, aeadAlg)
    65  }