RyuNen344 · RyuNen344 · Apr 19, 2023 · Apr 19, 2023
@@ -1,7 +1,9 @@
 package io.github.ryunen344.tink
 
+import com.google.crypto.tink.BinaryKeysetWriter
 import io.github.ryunen344.tink.aead.Aead
 import io.github.ryunen344.tink.aead.AndroidAead
+import io.github.ryunen344.tink.aead.NativeAead
 import io.github.ryunen344.tink.daead.AndroidDeterministicAead
 import io.github.ryunen344.tink.daead.DeterministicAead
 import io.github.ryunen344.tink.exception.GeneralSecurityException
@@ -15,12 +17,31 @@ import io.github.ryunen344.tink.signature.AndroidPublicKeySign
 import io.github.ryunen344.tink.signature.AndroidPublicKeyVerify
 import io.github.ryunen344.tink.signature.PublicKeySign
 import io.github.ryunen344.tink.signature.PublicKeyVerify
+import java.io.ByteArrayOutputStream
 import kotlin.reflect.KClass
 
 actual typealias KeysetHandle = com.google.crypto.tink.KeysetHandle
 
 @Throws(GeneralSecurityException::class)
-actual fun generateNew(keyTemplate: KeyTemplate): KeysetHandle = KeysetHandle.generateNew(keyTemplate)
+actual fun KeysetHandleGenerator.Companion.generateNew(keyTemplate: KeyTemplate): KeysetHandle =
+    KeysetHandle.generateNew(keyTemplate)
+
+@Throws(GeneralSecurityException::class)
+actual fun KeysetHandleGenerator.Companion.read(
+    reader: KeysetReader,
+    aead: Aead,
+): KeysetHandle = KeysetHandle.read(reader, aead as NativeAead)
+
+@Throws(GeneralSecurityException::class)
+actual fun KeysetHandleGenerator.Companion.readNoSecret(keyset: ByteArray): KeysetHandle =
+    KeysetHandle.readNoSecret(keyset)
+
+@Throws(GeneralSecurityException::class)
+actual fun KeysetHandle.writeNoSecret(): ByteArray =
+    ByteArrayOutputStream().use {
+        writeNoSecret(BinaryKeysetWriter.withOutputStream(it))
+        it.toByteArray()
+    }
 
 @Suppress("UNCHECKED_CAST")
 @Throws(GeneralSecurityException::class)

@@ -0,0 +1,5 @@
+package io.github.ryunen344.tink
+
+internal typealias NativeKeysetReader = com.google.crypto.tink.KeysetReader
+
+actual open class KeysetReader(private val native: NativeKeysetReader) : NativeKeysetReader by native
@@ -4,7 +4,7 @@ import io.github.ryunen344.tink.exception.GeneralSecurityException
 
 internal typealias NativeAead = com.google.crypto.tink.Aead
 
-class AndroidAead(private val native: NativeAead) : Aead {
+class AndroidAead(private val native: NativeAead) : Aead, NativeAead by native {
     constructor(handle: com.google.crypto.tink.KeysetHandle) :
         this(handle.getPrimitive(NativeAead::class.java))
 

@@ -4,7 +4,10 @@ import io.github.ryunen344.tink.exception.GeneralSecurityException
 
 internal typealias NativeDeterministicAead = com.google.crypto.tink.DeterministicAead
 
-class AndroidDeterministicAead(private val native: NativeDeterministicAead) : DeterministicAead {
+class AndroidDeterministicAead(
+    private val native: NativeDeterministicAead,
+) : DeterministicAead, NativeDeterministicAead by native {
+
     constructor(handle: com.google.crypto.tink.KeysetHandle) :
         this(handle.getPrimitive(NativeDeterministicAead::class.java))
 

@@ -4,7 +4,7 @@ import io.github.ryunen344.tink.exception.GeneralSecurityException
 
 internal typealias NativeHybridDecrypt = com.google.crypto.tink.HybridDecrypt
 
-class AndroidHybridDecrypt(private val native: NativeHybridDecrypt) : HybridDecrypt {
+class AndroidHybridDecrypt(private val native: NativeHybridDecrypt) : HybridDecrypt, NativeHybridDecrypt by native {
     constructor(handle: com.google.crypto.tink.KeysetHandle) :
         this(handle.getPrimitive(NativeHybridDecrypt::class.java))
 

@@ -4,7 +4,7 @@ import io.github.ryunen344.tink.exception.GeneralSecurityException
 
 internal typealias NativeHybridEncrypt = com.google.crypto.tink.HybridEncrypt
 
-class AndroidHybridEncrypt(private val native: NativeHybridEncrypt) : HybridEncrypt {
+class AndroidHybridEncrypt(private val native: NativeHybridEncrypt) : HybridEncrypt, NativeHybridEncrypt by native {
     constructor(handle: com.google.crypto.tink.KeysetHandle) :
         this(handle.getPrimitive(NativeHybridEncrypt::class.java))
 

@@ -4,7 +4,7 @@ import io.github.ryunen344.tink.exception.GeneralSecurityException
 
 internal typealias NativeMac = com.google.crypto.tink.Mac
 
-class AndroidMac(private val native: NativeMac) : Mac {
+class AndroidMac(private val native: NativeMac) : Mac, NativeMac by native {
     constructor(handle: com.google.crypto.tink.KeysetHandle) :
         this(handle.getPrimitive(NativeMac::class.java))
 

@@ -4,7 +4,7 @@ import io.github.ryunen344.tink.exception.GeneralSecurityException
 
 internal typealias NativePublicKeySign = com.google.crypto.tink.PublicKeySign
 
-class AndroidPublicKeySign(private val native: NativePublicKeySign) : PublicKeySign {
+class AndroidPublicKeySign(private val native: NativePublicKeySign) : PublicKeySign, NativePublicKeySign by native {
     constructor(handle: com.google.crypto.tink.KeysetHandle) :
         this(handle.getPrimitive(NativePublicKeySign::class.java))
 

@@ -4,7 +4,10 @@ import io.github.ryunen344.tink.exception.GeneralSecurityException
 
 internal typealias NativePublicKeyVerify = com.google.crypto.tink.PublicKeyVerify
 
-class AndroidPublicKeyVerify(private val native: NativePublicKeyVerify) : PublicKeyVerify {
+class AndroidPublicKeyVerify(
+    private val native: NativePublicKeyVerify,
+) : PublicKeyVerify, NativePublicKeyVerify by native {
+
     constructor(handle: com.google.crypto.tink.KeysetHandle) :
         this(handle.getPrimitive(NativePublicKeyVerify::class.java))
 

@@ -0,0 +1,21 @@
+package io.github.ryunen344.tink
+
+import com.google.crypto.tink.BinaryKeysetReader
+import io.github.ryunen344.tink.aead.Aead
+import io.github.ryunen344.tink.aead.AeadConfig
+import kotlin.test.Test
+
+class KeysetReaderTest {
+    @Test
+    fun test_read() {
+        runCatching {
+            AeadConfig().register()
+            val aead = KeysetHandleGenerator
+                .generateNew(KeyTemplateSet.AES256_GCM.template())
+                .getPrimitive(Aead::class)
+            KeysetHandleGenerator.read(KeysetReader(BinaryKeysetReader.withBytes("hoge".encodeToByteArray())), aead)
+        }.onFailure {
+            it.printStackTrace()
+        }
+    }
+}
@@ -1,12 +1,26 @@
 package io.github.ryunen344.tink
 
+import io.github.ryunen344.tink.aead.Aead
 import io.github.ryunen344.tink.exception.GeneralSecurityException
 import kotlin.reflect.KClass
 
 expect class KeysetHandle
 
+class KeysetHandleGenerator {
+    companion object
+}
+
+@Throws(GeneralSecurityException::class)
+expect fun KeysetHandleGenerator.Companion.generateNew(keyTemplate: KeyTemplate): KeysetHandle
+
+@Throws(GeneralSecurityException::class)
+expect fun KeysetHandleGenerator.Companion.read(reader: KeysetReader, aead: Aead): KeysetHandle
+
+@Throws(GeneralSecurityException::class)
+expect fun KeysetHandleGenerator.Companion.readNoSecret(keyset: ByteArray): KeysetHandle
+
 @Throws(GeneralSecurityException::class)
-expect fun generateNew(keyTemplate: KeyTemplate): KeysetHandle
+expect fun KeysetHandle.writeNoSecret(): ByteArray
 
 @Throws(GeneralSecurityException::class)
 expect fun <P : TinkPrimitive> KeysetHandle.getPrimitive(kClass: KClass<P>): P

@@ -0,0 +1,3 @@
+package io.github.ryunen344.tink
+
+expect open class KeysetReader
@@ -1,6 +1,7 @@
 package io.github.ryunen344.tink.aead
 
 import io.github.ryunen344.tink.KeyTemplateSet
+import io.github.ryunen344.tink.KeysetHandleGenerator
 import io.github.ryunen344.tink.generateNew
 import io.github.ryunen344.tink.getPrimitive
 import io.github.ryunen344.tink.template
@@ -11,7 +12,7 @@ class AeadTest {
     @Test
     fun test_exec_encryption() {
         AeadConfig().register()
-        val handle = generateNew(KeyTemplateSet.AES256_GCM.template()).getPrimitive(Aead::class)
+        val handle = KeysetHandleGenerator.generateNew(KeyTemplateSet.AES256_GCM.template()).getPrimitive(Aead::class)
         val plaintext = "hogehogehowgheowa"
         val associatedData = "associated"
         println("input $plaintext")

@@ -1,6 +1,7 @@
 package io.github.ryunen344.tink.daead
 
 import io.github.ryunen344.tink.KeyTemplateSet
+import io.github.ryunen344.tink.KeysetHandleGenerator
 import io.github.ryunen344.tink.generateNew
 import io.github.ryunen344.tink.getPrimitive
 import io.github.ryunen344.tink.template
@@ -11,7 +12,8 @@ class DeterministicAeadTest {
     @Test
     fun test_exec_encryption() {
         DeterministicAeadConfig().register()
-        val handle = generateNew(KeyTemplateSet.AES256_SIV.template()).getPrimitive(DeterministicAead::class)
+        val handle = KeysetHandleGenerator.generateNew(KeyTemplateSet.AES256_SIV.template())
+            .getPrimitive(DeterministicAead::class)
         val plaintext = "hogehogehowgheowa"
         val associatedData = "associated"
         println("input $plaintext")

@@ -1,6 +1,7 @@
 package io.github.ryunen344.tink.hybrid
 
 import io.github.ryunen344.tink.KeyTemplateSet
+import io.github.ryunen344.tink.KeysetHandleGenerator
 import io.github.ryunen344.tink.generateNew
 import io.github.ryunen344.tink.getPrimitive
 import io.github.ryunen344.tink.publicKeysetHandle
@@ -13,7 +14,8 @@ class HybridTest {
     fun test_exec_encryption() {
         runCatching {
             HybridConfig().register()
-            val privateKeysetHandle = generateNew(KeyTemplateSet.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM.template())
+            val privateKeysetHandle =
+                KeysetHandleGenerator.generateNew(KeyTemplateSet.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM.template())
             val publicKeysetHandle = privateKeysetHandle.publicKeysetHandle()
 
             val plaintext = "hogehogehowgheowa"

@@ -1,6 +1,7 @@
 package io.github.ryunen344.tink.mac
 
 import io.github.ryunen344.tink.KeyTemplateSet
+import io.github.ryunen344.tink.KeysetHandleGenerator
 import io.github.ryunen344.tink.generateNew
 import io.github.ryunen344.tink.getPrimitive
 import io.github.ryunen344.tink.template
@@ -10,7 +11,8 @@ class MacTest {
     @Test
     fun test_exec_encryption() {
         MacConfig().register()
-        val mac = generateNew(KeyTemplateSet.HMAC_SHA512_512BITTAG.template()).getPrimitive(Mac::class)
+        val mac =
+            KeysetHandleGenerator.generateNew(KeyTemplateSet.HMAC_SHA512_512BITTAG.template()).getPrimitive(Mac::class)
         val plaintext = "hogehogehowgheowa"
         val tag = mac.computeMac(plaintext.encodeToByteArray())
         mac.verifyMac(tag, plaintext.encodeToByteArray())

@@ -1,6 +1,7 @@
 package io.github.ryunen344.tink.signature
 
 import io.github.ryunen344.tink.KeyTemplateSet
+import io.github.ryunen344.tink.KeysetHandleGenerator
 import io.github.ryunen344.tink.generateNew
 import io.github.ryunen344.tink.getPrimitive
 import io.github.ryunen344.tink.publicKeysetHandle
@@ -11,7 +12,7 @@ class SignatureTest {
     @Test
     fun test_exec_encryption() {
         SignatureConfig().register()
-        val privateKeysetHandle = generateNew(KeyTemplateSet.ED25519.template())
+        val privateKeysetHandle = KeysetHandleGenerator.generateNew(KeyTemplateSet.ED25519.template())
         val signer = privateKeysetHandle.getPrimitive(PublicKeySign::class)
 
         val input = "hogewefaewawefawefa"

@@ -17,17 +17,41 @@ import io.github.ryunen344.tink.signature.PublicKeySign
 import io.github.ryunen344.tink.signature.PublicKeyVerify
 import io.github.ryunen344.tink.util.asThrowable
 import io.github.ryunen344.tink.util.memScopedInstance
+import io.github.ryunen344.tink.util.toByteArray
+import io.github.ryunen344.tink.util.toNSData
 import kotlinx.cinterop.ptr
 import kotlinx.cinterop.value
 import kotlin.reflect.KClass
 
 actual typealias KeysetHandle = com.google.crypto.tink.TINKKeysetHandle
 
-actual fun generateNew(keyTemplate: KeyTemplate): KeysetHandle = memScopedInstance(
+@Throws(GeneralSecurityException::class)
+actual fun KeysetHandleGenerator.Companion.generateNew(keyTemplate: KeyTemplate): KeysetHandle = memScopedInstance(
     block = { KeysetHandle(keyTemplate, it.ptr) },
     onError = { throw GeneralSecurityException(cause = it.asThrowable()) }
 )
 
+@Throws(GeneralSecurityException::class)
+actual fun KeysetHandleGenerator.Companion.read(
+    reader: KeysetReader,
+    aead: Aead,
+): KeysetHandle = memScopedInstance(
+    block = { KeysetHandle(keysetReader = reader, andKey = (aead as DarwinAead).native, error = it.ptr) },
+    onError = { throw GeneralSecurityException(cause = it.asThrowable()) }
+)
+
+@Throws(GeneralSecurityException::class)
+actual fun KeysetHandleGenerator.Companion.readNoSecret(keyset: ByteArray): KeysetHandle = memScopedInstance(
+    block = { KeysetHandle(noSecretKeyset = keyset.toNSData(), error = it.ptr) },
+    onError = { throw GeneralSecurityException(cause = it.asThrowable()) }
+)
+
+@Throws(GeneralSecurityException::class)
+actual fun KeysetHandle.writeNoSecret(): ByteArray = memScopedInstance(
+    block = { serializedKeysetNoSecret(it.ptr).toByteArray() },
+    onError = { throw GeneralSecurityException(cause = it.asThrowable()) }
+)
+
 @Suppress("UNCHECKED_CAST")
 @Throws(GeneralSecurityException::class)
 actual fun <P : TinkPrimitive> KeysetHandle.getPrimitive(kClass: KClass<P>): P {

@@ -0,0 +1,3 @@
+package io.github.ryunen344.tink
+
+actual typealias KeysetReader = com.google.crypto.tink.TINKKeysetReader
@@ -11,7 +11,7 @@ import io.github.ryunen344.tink.util.toNSData
 import kotlinx.cinterop.ptr
 import kotlinx.cinterop.value
 
-class DarwinAead(private val native: TINKAeadProtocol) : Aead {
+class DarwinAead(val native: TINKAeadProtocol) : Aead {
 
     @Throws(GeneralSecurityException::class)
     constructor(handle: TINKKeysetHandle) : this(

@@ -0,0 +1,21 @@
+package io.github.ryunen344.tink
+
+import com.google.crypto.tink.TINKKeysetReader
+import io.github.ryunen344.tink.aead.Aead
+import io.github.ryunen344.tink.aead.AeadConfig
+import kotlin.test.Test
+
+class KeysetReaderTest {
+    @Test
+    fun test_read() {
+        runCatching {
+            AeadConfig().register()
+            val aead = KeysetHandleGenerator
+                .generateNew(KeyTemplateSet.AES256_GCM.template())
+                .getPrimitive(Aead::class)
+            KeysetHandleGenerator.read(TINKKeysetReader(), aead)
+        }.onFailure {
+            it.printStackTrace()
+        }
+    }
+}