diff --git a/internal/java_8_library.bzl b/internal/java_8_library.bzl new file mode 100644 index 000000000..fbb72784b --- /dev/null +++ b/internal/java_8_library.bzl @@ -0,0 +1,8 @@ +load("@rules_java//java:java_library.bzl", "java_library") + +def java_8_library(name, javacopts = [], **kwargs): + java_library( + name = name, + javacopts = javacopts + ["--release", "8"], + **kwargs + ) diff --git a/src/main/java/com/google/crypto/tink/BUILD.bazel b/src/main/java/com/google/crypto/tink/BUILD.bazel index 035720623..2adcc7fb9 100644 --- a/src/main/java/com/google/crypto/tink/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") load("//:template_rule.bzl", "template_rule") load("//:tink_version.bzl", "get_tink_version_label") diff --git a/src/main/java/com/google/crypto/tink/aead/BUILD.bazel b/src/main/java/com/google/crypto/tink/aead/BUILD.bazel index 05a0379fa..3edea940a 100644 --- a/src/main/java/com/google/crypto/tink/aead/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/aead/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/aead/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/aead/internal/BUILD.bazel index f8aa46b18..663335d7b 100644 --- a/src/main/java/com/google/crypto/tink/aead/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/aead/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") package(default_visibility = ["//visibility:public"]) diff --git a/src/main/java/com/google/crypto/tink/aead/subtle/BUILD.bazel b/src/main/java/com/google/crypto/tink/aead/subtle/BUILD.bazel index ff230bdfe..1702c5fb5 100644 --- a/src/main/java/com/google/crypto/tink/aead/subtle/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/aead/subtle/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/annotations/BUILD.bazel b/src/main/java/com/google/crypto/tink/annotations/BUILD.bazel index f131ebb5f..41ba3073a 100644 --- a/src/main/java/com/google/crypto/tink/annotations/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/annotations/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/config/BUILD.bazel b/src/main/java/com/google/crypto/tink/config/BUILD.bazel index 02568b002..b52617c2e 100644 --- a/src/main/java/com/google/crypto/tink/config/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/config/BUILD.bazel @@ -1,5 +1,6 @@ load("@bazel_skylib//rules:common_settings.bzl", "bool_flag") load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/config/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/config/internal/BUILD.bazel index 487dd0843..07107ed81 100644 --- a/src/main/java/com/google/crypto/tink/config/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/config/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/daead/BUILD.bazel b/src/main/java/com/google/crypto/tink/daead/BUILD.bazel index 5b6274868..ac1ba073d 100644 --- a/src/main/java/com/google/crypto/tink/daead/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/daead/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/daead/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/daead/internal/BUILD.bazel index b13f84cd7..1ae6129df 100644 --- a/src/main/java/com/google/crypto/tink/daead/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/daead/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/daead/internal/testing/BUILD.bazel b/src/main/java/com/google/crypto/tink/daead/internal/testing/BUILD.bazel index 563070504..27e1b8184 100644 --- a/src/main/java/com/google/crypto/tink/daead/internal/testing/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/daead/internal/testing/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/daead/subtle/BUILD.bazel b/src/main/java/com/google/crypto/tink/daead/subtle/BUILD.bazel index ddbf71b36..79fda2d3e 100644 --- a/src/main/java/com/google/crypto/tink/daead/subtle/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/daead/subtle/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/hybrid/BUILD.bazel b/src/main/java/com/google/crypto/tink/hybrid/BUILD.bazel index 07fa8d935..0a1d2d96c 100644 --- a/src/main/java/com/google/crypto/tink/hybrid/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/hybrid/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/hybrid/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/hybrid/internal/BUILD.bazel index 4e09f521b..f73c338fd 100644 --- a/src/main/java/com/google/crypto/tink/hybrid/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/hybrid/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") package(default_visibility = ["//visibility:public"]) diff --git a/src/main/java/com/google/crypto/tink/hybrid/internal/testing/BUILD.bazel b/src/main/java/com/google/crypto/tink/hybrid/internal/testing/BUILD.bazel index 65f2283c0..d2cc3a606 100644 --- a/src/main/java/com/google/crypto/tink/hybrid/internal/testing/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/hybrid/internal/testing/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/hybrid/subtle/BUILD.bazel b/src/main/java/com/google/crypto/tink/hybrid/subtle/BUILD.bazel index db68de243..f62de288d 100644 --- a/src/main/java/com/google/crypto/tink/hybrid/subtle/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/hybrid/subtle/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/internal/BUILD.bazel index e6c7aff7d..9cfe7d67e 100644 --- a/src/main/java/com/google/crypto/tink/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/internal/testing/BUILD.bazel b/src/main/java/com/google/crypto/tink/internal/testing/BUILD.bazel index 8500207e5..a3535d001 100644 --- a/src/main/java/com/google/crypto/tink/internal/testing/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/internal/testing/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/jwt/BUILD.bazel b/src/main/java/com/google/crypto/tink/jwt/BUILD.bazel index 6ab104581..b0896bcbb 100644 --- a/src/main/java/com/google/crypto/tink/jwt/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/jwt/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/jwt/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/jwt/internal/BUILD.bazel index 31769830b..b870f0008 100644 --- a/src/main/java/com/google/crypto/tink/jwt/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/jwt/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/keyderivation/BUILD.bazel b/src/main/java/com/google/crypto/tink/keyderivation/BUILD.bazel index 5fc2208b4..49313adf9 100644 --- a/src/main/java/com/google/crypto/tink/keyderivation/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/keyderivation/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/keyderivation/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/keyderivation/internal/BUILD.bazel index 6c7cacf22..a06f9a8b4 100644 --- a/src/main/java/com/google/crypto/tink/keyderivation/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/keyderivation/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") package(default_visibility = ["//visibility:public"]) diff --git a/src/main/java/com/google/crypto/tink/mac/BUILD.bazel b/src/main/java/com/google/crypto/tink/mac/BUILD.bazel index 264337bd0..d2e9577a9 100644 --- a/src/main/java/com/google/crypto/tink/mac/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/mac/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/mac/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/mac/internal/BUILD.bazel index 17c67f16d..277e784de 100644 --- a/src/main/java/com/google/crypto/tink/mac/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/mac/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/prf/BUILD.bazel b/src/main/java/com/google/crypto/tink/prf/BUILD.bazel index 6f1c99f5f..ef2173cd3 100644 --- a/src/main/java/com/google/crypto/tink/prf/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/prf/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/prf/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/prf/internal/BUILD.bazel index 462f1712d..1203c33c5 100644 --- a/src/main/java/com/google/crypto/tink/prf/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/prf/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/signature/BUILD.bazel b/src/main/java/com/google/crypto/tink/signature/BUILD.bazel index 489d67b29..a4c6ba4b8 100644 --- a/src/main/java/com/google/crypto/tink/signature/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/signature/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) @@ -1304,6 +1305,7 @@ java_library( "//src/main/java/com/google/crypto/tink/signature/internal:ml_dsa_proto_serialization", "//src/main/java/com/google/crypto/tink/signature/internal:ml_dsa_verify_conscrypt", "//src/main/java/com/google/crypto/tink/util:bytes", + "//src/main/java/com/google/crypto/tink/util:maps", "//src/main/java/com/google/crypto/tink/util:secret_bytes", "@maven//:com_google_code_findbugs_jsr305", ], @@ -1327,6 +1329,7 @@ android_library( "//src/main/java/com/google/crypto/tink/signature/internal:ml_dsa_proto_serialization-android", "//src/main/java/com/google/crypto/tink/signature/internal:ml_dsa_verify_conscrypt-android", "//src/main/java/com/google/crypto/tink/util:bytes-android", + "//src/main/java/com/google/crypto/tink/util:maps-android", "//src/main/java/com/google/crypto/tink/util:secret_bytes-android", "@maven//:com_google_code_findbugs_jsr305", ], @@ -1388,6 +1391,7 @@ android_library( "//src/main/java/com/google/crypto/tink/signature/internal:slh_dsa_proto_serialization-android", "//src/main/java/com/google/crypto/tink/signature/internal:slh_dsa_verify_conscrypt-android", "//src/main/java/com/google/crypto/tink/util:bytes-android", + "//src/main/java/com/google/crypto/tink/util:maps-android", "//src/main/java/com/google/crypto/tink/util:secret_bytes-android", "@maven//:com_google_code_findbugs_jsr305", ], @@ -1449,6 +1453,7 @@ java_library( "//src/main/java/com/google/crypto/tink/signature/internal:slh_dsa_proto_serialization", "//src/main/java/com/google/crypto/tink/signature/internal:slh_dsa_verify_conscrypt", "//src/main/java/com/google/crypto/tink/util:bytes", + "//src/main/java/com/google/crypto/tink/util:maps", "//src/main/java/com/google/crypto/tink/util:secret_bytes", "@maven//:com_google_code_findbugs_jsr305", ], @@ -1489,6 +1494,7 @@ android_library( "//src/main/java/com/google/crypto/tink:key-android", "//src/main/java/com/google/crypto/tink/internal:output_prefix_util-android", "//src/main/java/com/google/crypto/tink/util:bytes-android", + "//src/main/java/com/google/crypto/tink/util:maps-android", "@maven//:com_google_code_findbugs_jsr305", "@maven//:com_google_errorprone_error_prone_annotations", ], @@ -1511,6 +1517,7 @@ java_library( "//src/main/java/com/google/crypto/tink:key", "//src/main/java/com/google/crypto/tink/internal:output_prefix_util", "//src/main/java/com/google/crypto/tink/util:bytes", + "//src/main/java/com/google/crypto/tink/util:maps", "@maven//:com_google_code_findbugs_jsr305", "@maven//:com_google_errorprone_error_prone_annotations", ], diff --git a/src/main/java/com/google/crypto/tink/signature/CompositeMlDsaPublicKey.java b/src/main/java/com/google/crypto/tink/signature/CompositeMlDsaPublicKey.java index 92dc561c4..1ae5bf67e 100644 --- a/src/main/java/com/google/crypto/tink/signature/CompositeMlDsaPublicKey.java +++ b/src/main/java/com/google/crypto/tink/signature/CompositeMlDsaPublicKey.java @@ -16,6 +16,9 @@ package com.google.crypto.tink.signature; +import static com.google.crypto.tink.util.Maps.entry; +import static com.google.crypto.tink.util.Maps.ofEntries; + import com.google.crypto.tink.AccessesPartialKey; import com.google.crypto.tink.Key; import com.google.crypto.tink.internal.OutputPrefixUtil; @@ -37,58 +40,66 @@ public final class CompositeMlDsaPublicKey extends SignaturePublicKey { private static Map createSupportedClassicalParameters() { try { - return Map.of( - CompositeMlDsaParameters.ClassicalAlgorithm.ED25519, - Ed25519Parameters.create(Ed25519Parameters.Variant.NO_PREFIX), - CompositeMlDsaParameters.ClassicalAlgorithm.ECDSA_P256, - EcdsaParameters.builder() - .setHashType(EcdsaParameters.HashType.SHA256) - .setCurveType(EcdsaParameters.CurveType.NIST_P256) - .setVariant(EcdsaParameters.Variant.NO_PREFIX) - .setSignatureEncoding(EcdsaParameters.SignatureEncoding.IEEE_P1363) - .build(), - CompositeMlDsaParameters.ClassicalAlgorithm.ECDSA_P384, - EcdsaParameters.builder() - .setHashType(EcdsaParameters.HashType.SHA384) - .setCurveType(EcdsaParameters.CurveType.NIST_P384) - .setSignatureEncoding(EcdsaParameters.SignatureEncoding.IEEE_P1363) - .setVariant(EcdsaParameters.Variant.NO_PREFIX) - .build(), - CompositeMlDsaParameters.ClassicalAlgorithm.ECDSA_P521, - EcdsaParameters.builder() - .setHashType(EcdsaParameters.HashType.SHA512) - .setCurveType(EcdsaParameters.CurveType.NIST_P521) - .setSignatureEncoding(EcdsaParameters.SignatureEncoding.IEEE_P1363) - .setVariant(EcdsaParameters.Variant.NO_PREFIX) - .build(), - CompositeMlDsaParameters.ClassicalAlgorithm.RSA3072_PSS, - RsaSsaPssParameters.builder() - .setModulusSizeBits(3072) - .setSigHashType(RsaSsaPssParameters.HashType.SHA256) - .setMgf1HashType(RsaSsaPssParameters.HashType.SHA256) - .setSaltLengthBytes(32) - .setVariant(RsaSsaPssParameters.Variant.NO_PREFIX) - .build(), - CompositeMlDsaParameters.ClassicalAlgorithm.RSA4096_PSS, - RsaSsaPssParameters.builder() - .setModulusSizeBits(4096) - .setSigHashType(RsaSsaPssParameters.HashType.SHA384) - .setMgf1HashType(RsaSsaPssParameters.HashType.SHA384) - .setSaltLengthBytes(48) - .setVariant(RsaSsaPssParameters.Variant.NO_PREFIX) - .build(), - CompositeMlDsaParameters.ClassicalAlgorithm.RSA3072_PKCS1, - RsaSsaPkcs1Parameters.builder() - .setModulusSizeBits(3072) - .setHashType(RsaSsaPkcs1Parameters.HashType.SHA256) - .setVariant(RsaSsaPkcs1Parameters.Variant.NO_PREFIX) - .build(), - CompositeMlDsaParameters.ClassicalAlgorithm.RSA4096_PKCS1, - RsaSsaPkcs1Parameters.builder() - .setModulusSizeBits(4096) - .setHashType(RsaSsaPkcs1Parameters.HashType.SHA384) - .setVariant(RsaSsaPkcs1Parameters.Variant.NO_PREFIX) - .build()); + return ofEntries( + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.ED25519, + Ed25519Parameters.create(Ed25519Parameters.Variant.NO_PREFIX)), + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.ECDSA_P256, + EcdsaParameters.builder() + .setHashType(EcdsaParameters.HashType.SHA256) + .setCurveType(EcdsaParameters.CurveType.NIST_P256) + .setVariant(EcdsaParameters.Variant.NO_PREFIX) + .setSignatureEncoding(EcdsaParameters.SignatureEncoding.IEEE_P1363) + .build()), + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.ECDSA_P384, + EcdsaParameters.builder() + .setHashType(EcdsaParameters.HashType.SHA384) + .setCurveType(EcdsaParameters.CurveType.NIST_P384) + .setSignatureEncoding(EcdsaParameters.SignatureEncoding.IEEE_P1363) + .setVariant(EcdsaParameters.Variant.NO_PREFIX) + .build()), + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.ECDSA_P521, + EcdsaParameters.builder() + .setHashType(EcdsaParameters.HashType.SHA512) + .setCurveType(EcdsaParameters.CurveType.NIST_P521) + .setSignatureEncoding(EcdsaParameters.SignatureEncoding.IEEE_P1363) + .setVariant(EcdsaParameters.Variant.NO_PREFIX) + .build()), + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.RSA3072_PSS, + RsaSsaPssParameters.builder() + .setModulusSizeBits(3072) + .setSigHashType(RsaSsaPssParameters.HashType.SHA256) + .setMgf1HashType(RsaSsaPssParameters.HashType.SHA256) + .setSaltLengthBytes(32) + .setVariant(RsaSsaPssParameters.Variant.NO_PREFIX) + .build()), + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.RSA4096_PSS, + RsaSsaPssParameters.builder() + .setModulusSizeBits(4096) + .setSigHashType(RsaSsaPssParameters.HashType.SHA384) + .setMgf1HashType(RsaSsaPssParameters.HashType.SHA384) + .setSaltLengthBytes(48) + .setVariant(RsaSsaPssParameters.Variant.NO_PREFIX) + .build()), + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.RSA3072_PKCS1, + RsaSsaPkcs1Parameters.builder() + .setModulusSizeBits(3072) + .setHashType(RsaSsaPkcs1Parameters.HashType.SHA256) + .setVariant(RsaSsaPkcs1Parameters.Variant.NO_PREFIX) + .build()), + entry( + CompositeMlDsaParameters.ClassicalAlgorithm.RSA4096_PKCS1, + RsaSsaPkcs1Parameters.builder() + .setModulusSizeBits(4096) + .setHashType(RsaSsaPkcs1Parameters.HashType.SHA384) + .setVariant(RsaSsaPkcs1Parameters.Variant.NO_PREFIX) + .build())); } catch (GeneralSecurityException e) { throw new IllegalStateException("Could not create supported classical parameters", e); } @@ -191,7 +202,9 @@ public CompositeMlDsaPublicKey build() throws GeneralSecurityException { } @RestrictedApi( - explanation = "Accessing parts of keys can produce unexpected incompatibilities, annotate the function with @AccessesPartialKey", + explanation = + "Accessing parts of keys can produce unexpected incompatibilities, annotate the function" + + " with @AccessesPartialKey", link = "https://developers.google.com/tink/design/access_control#accessing_partial_keys", allowedOnPath = ".*Test\\.java", allowlistAnnotations = {AccessesPartialKey.class}) diff --git a/src/main/java/com/google/crypto/tink/signature/MlDsaSignKeyManager.java b/src/main/java/com/google/crypto/tink/signature/MlDsaSignKeyManager.java index 32f32e152..bdeaa57c0 100644 --- a/src/main/java/com/google/crypto/tink/signature/MlDsaSignKeyManager.java +++ b/src/main/java/com/google/crypto/tink/signature/MlDsaSignKeyManager.java @@ -16,6 +16,9 @@ package com.google.crypto.tink.signature; +import static com.google.crypto.tink.util.Maps.entry; +import static com.google.crypto.tink.util.Maps.ofEntries; + import com.google.crypto.tink.AccessesPartialKey; import com.google.crypto.tink.InsecureSecretKeyAccess; import com.google.crypto.tink.Parameters; @@ -41,8 +44,8 @@ /** * This key manager generates new {@code MlDsaPrivateKey} keys and some named parameters. * - * NOTE: in order for the key generation functionality to work, one needs to have a version - * of Conscrypt installed that supports ML-DSA. + *

NOTE: in order for the key generation functionality to work, one needs to have a version of + * Conscrypt installed that supports ML-DSA. */ public final class MlDsaSignKeyManager { @@ -107,19 +110,25 @@ private static MlDsaPrivateKey createKey( } private static Map namedParameters() throws GeneralSecurityException { - return Map.of( - "ML_DSA_44", - MlDsaParameters.create(MlDsaInstance.ML_DSA_44, MlDsaParameters.Variant.TINK), - "ML_DSA_44_RAW", - MlDsaParameters.create(MlDsaInstance.ML_DSA_44, MlDsaParameters.Variant.NO_PREFIX), - "ML_DSA_65", - MlDsaParameters.create(MlDsaInstance.ML_DSA_65, MlDsaParameters.Variant.TINK), - "ML_DSA_65_RAW", - MlDsaParameters.create(MlDsaInstance.ML_DSA_65, MlDsaParameters.Variant.NO_PREFIX), - "ML_DSA_87", - MlDsaParameters.create(MlDsaInstance.ML_DSA_87, MlDsaParameters.Variant.TINK), - "ML_DSA_87_RAW", - MlDsaParameters.create(MlDsaInstance.ML_DSA_87, MlDsaParameters.Variant.NO_PREFIX)); + return ofEntries( + entry( + "ML_DSA_44", + MlDsaParameters.create(MlDsaInstance.ML_DSA_44, MlDsaParameters.Variant.TINK)), + entry( + "ML_DSA_44_RAW", + MlDsaParameters.create(MlDsaInstance.ML_DSA_44, MlDsaParameters.Variant.NO_PREFIX)), + entry( + "ML_DSA_65", + MlDsaParameters.create(MlDsaInstance.ML_DSA_65, MlDsaParameters.Variant.TINK)), + entry( + "ML_DSA_65_RAW", + MlDsaParameters.create(MlDsaInstance.ML_DSA_65, MlDsaParameters.Variant.NO_PREFIX)), + entry( + "ML_DSA_87", + MlDsaParameters.create(MlDsaInstance.ML_DSA_87, MlDsaParameters.Variant.TINK)), + entry( + "ML_DSA_87_RAW", + MlDsaParameters.create(MlDsaInstance.ML_DSA_87, MlDsaParameters.Variant.NO_PREFIX))); } /** diff --git a/src/main/java/com/google/crypto/tink/signature/SlhDsaSignKeyManager.java b/src/main/java/com/google/crypto/tink/signature/SlhDsaSignKeyManager.java index 5090c1a02..39978b15d 100644 --- a/src/main/java/com/google/crypto/tink/signature/SlhDsaSignKeyManager.java +++ b/src/main/java/com/google/crypto/tink/signature/SlhDsaSignKeyManager.java @@ -15,6 +15,9 @@ //////////////////////////////////////////////////////////////////////////////// package com.google.crypto.tink.signature; +import static com.google.crypto.tink.util.Maps.entry; +import static com.google.crypto.tink.util.Maps.ofEntries; + import com.google.crypto.tink.AccessesPartialKey; import com.google.crypto.tink.InsecureSecretKeyAccess; import com.google.crypto.tink.Parameters; @@ -94,21 +97,24 @@ private static SlhDsaPrivateKey createKey( */ @SuppressWarnings({"CheckedExceptionNotThrown", "JdkImmutableCollections"}) private static Map namedParameters() throws GeneralSecurityException { - return Map.of( - "SLH_DSA_SHA2_128S_TINK", - SlhDsaParameters.createSlhDsaWithSha2And128S(SlhDsaParameters.Variant.TINK), - "SLH_DSA_SHA2_128S_RAW", - SlhDsaParameters.createSlhDsaWithSha2And128S(SlhDsaParameters.Variant.NO_PREFIX)); + return ofEntries( + entry( + "SLH_DSA_SHA2_128S_TINK", + SlhDsaParameters.createSlhDsaWithSha2And128S(SlhDsaParameters.Variant.TINK)), + entry( + "SLH_DSA_SHA2_128S_RAW", + SlhDsaParameters.createSlhDsaWithSha2And128S(SlhDsaParameters.Variant.NO_PREFIX))); } /** * Registers the {@link SlhDsaProtoSerialization}, named parameters, and the key (pair) creator, * for now only supporting SLH-DSA-SHA2-128S in TINK and NO_PREFIX veriants. This enables: + * *

* * Currently the key creation functionality will only work if the Conscrypt provider was diff --git a/src/main/java/com/google/crypto/tink/signature/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/signature/internal/BUILD.bazel index deb34eb24..ceb5fa624 100644 --- a/src/main/java/com/google/crypto/tink/signature/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/signature/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/signature/internal/testing/BUILD.bazel b/src/main/java/com/google/crypto/tink/signature/internal/testing/BUILD.bazel index 2783a8b3b..0df9b1eb9 100644 --- a/src/main/java/com/google/crypto/tink/signature/internal/testing/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/signature/internal/testing/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/streamingaead/BUILD.bazel b/src/main/java/com/google/crypto/tink/streamingaead/BUILD.bazel index 7bca9420f..8b17c156b 100644 --- a/src/main/java/com/google/crypto/tink/streamingaead/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/streamingaead/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/streamingaead/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/streamingaead/internal/BUILD.bazel index 90011bf73..8755133d6 100644 --- a/src/main/java/com/google/crypto/tink/streamingaead/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/streamingaead/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/streamingaead/internal/testing/BUILD.bazel b/src/main/java/com/google/crypto/tink/streamingaead/internal/testing/BUILD.bazel index b9dd2db6e..5ac254cdd 100644 --- a/src/main/java/com/google/crypto/tink/streamingaead/internal/testing/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/streamingaead/internal/testing/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/subtle/BUILD.bazel b/src/main/java/com/google/crypto/tink/subtle/BUILD.bazel index 85fabe1ac..661080398 100644 --- a/src/main/java/com/google/crypto/tink/subtle/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/subtle/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/subtle/prf/BUILD.bazel b/src/main/java/com/google/crypto/tink/subtle/prf/BUILD.bazel index 64db7865f..406baff16 100644 --- a/src/main/java/com/google/crypto/tink/subtle/prf/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/subtle/prf/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/testing/BUILD.bazel b/src/main/java/com/google/crypto/tink/testing/BUILD.bazel index afd3f8e13..d7c6ee886 100644 --- a/src/main/java/com/google/crypto/tink/testing/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/testing/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/tinkkey/BUILD.bazel b/src/main/java/com/google/crypto/tink/tinkkey/BUILD.bazel index 3b28fee51..088b58ddf 100644 --- a/src/main/java/com/google/crypto/tink/tinkkey/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/tinkkey/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/tinkkey/internal/BUILD.bazel b/src/main/java/com/google/crypto/tink/tinkkey/internal/BUILD.bazel index 89b881777..3ae800103 100644 --- a/src/main/java/com/google/crypto/tink/tinkkey/internal/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/tinkkey/internal/BUILD.bazel @@ -1,4 +1,5 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) diff --git a/src/main/java/com/google/crypto/tink/util/BUILD.bazel b/src/main/java/com/google/crypto/tink/util/BUILD.bazel index 4db76fc77..891d447d0 100644 --- a/src/main/java/com/google/crypto/tink/util/BUILD.bazel +++ b/src/main/java/com/google/crypto/tink/util/BUILD.bazel @@ -1,9 +1,20 @@ load("@build_bazel_rules_android//android:rules.bzl", "android_library") +load("//:internal/java_8_library.bzl", java_library = "java_8_library") licenses(["notice"]) package(default_visibility = ["//visibility:public"]) +java_library( + name = "maps", + srcs = ["Maps.java"], +) + +android_library( + name = "maps-android", + srcs = ["Maps.java"], +) + java_library( name = "keys_downloader", srcs = ["KeysDownloader.java"], diff --git a/src/main/java/com/google/crypto/tink/util/Maps.java b/src/main/java/com/google/crypto/tink/util/Maps.java new file mode 100644 index 000000000..a2a3c83d5 --- /dev/null +++ b/src/main/java/com/google/crypto/tink/util/Maps.java @@ -0,0 +1,19 @@ +package com.google.crypto.tink.util; + +import java.util.AbstractMap; +import java.util.Arrays; +import java.util.Map; +import java.util.stream.Collectors; + +public final class Maps { + @SafeVarargs + public static Map ofEntries(Map.Entry... entries) { + return Arrays.stream(entries).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue)); + } + + public static Map.Entry entry(K k, V v) { + return new AbstractMap.SimpleImmutableEntry<>(k, v); + } + + private Maps() {} +}