package google.crypto.tink

Get desktop application:
View/edit binary Protocol Buffers messages

key_type: type.googleapis.com/google.crypto.tink.AesCmacKey

uint32 version = 1
bytes key_value = 2
Placeholder for ctype and debug_redact.
optional AesCmacParams params = 3

uint32 key_size = 1
optional AesCmacParams params = 2

Used in: AesCmacKey, AesCmacKeyFormat

uint32 tag_size = 1

key_type: type.googleapis.com/google.crypto.tink.AesCmacPrfKey

uint32 version = 1
bytes key_value = 2
Placeholder for ctype and debug_redact.

uint32 version = 2
uint32 key_size = 1

key_type: type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey

uint32 version = 1
optional AesCtrKey aes_ctr_key = 2
optional HmacKey hmac_key = 3

optional AesCtrKeyFormat aes_ctr_key_format = 1
optional HmacKeyFormat hmac_key_format = 2

key_type: type.googleapis.com/google.crypto.tink.AesCtrHmacStreamingKey

uint32 version = 1
optional AesCtrHmacStreamingParams params = 2
bytes key_value = 3
Placeholder for multi-line ctype and debug_redact. // the main key, aka. "ikm", input key material

uint32 version = 3
optional AesCtrHmacStreamingParams params = 1
uint32 key_size = 2
size of the main key (aka. "ikm", input key material)

Used in: AesCtrHmacStreamingKey, AesCtrHmacStreamingKeyFormat

uint32 ciphertext_segment_size = 1
uint32 derived_key_size = 2
size of AES-CTR keys derived for each segment
HashType hkdf_hash_type = 3
hash function for key derivation via HKDF
optional HmacParams hmac_params = 4
params for authentication tags

key_type: type.googleapis.com/google.crypto.tink.AesCtrKey

Used in: AesCtrHmacAeadKey

uint32 version = 1
optional AesCtrParams params = 2
bytes key_value = 3
Placeholder for ctype and debug_redact.

Used in: AesCtrHmacAeadKeyFormat

optional AesCtrParams params = 1
uint32 key_size = 2

Used in: AesCtrKey, AesCtrKeyFormat

uint32 iv_size = 1

key_type: type.googleapis.com/google.crypto.tink.AesEaxKey

uint32 version = 1
optional AesEaxParams params = 2
bytes key_value = 3
Placeholder for ctype and debug_redact.

optional AesEaxParams params = 1
uint32 key_size = 2

only allowing tag size in bytes = 16

Used in: AesEaxKey, AesEaxKeyFormat

uint32 iv_size = 1
possible value is 12 or 16 bytes.

key_type: type.googleapis.com/google.crypto.tink.AesGcmHkdfStreamingKey

uint32 version = 1
optional AesGcmHkdfStreamingParams params = 2
bytes key_value = 3
Placeholder for ctype and debug_redact.

uint32 version = 3
optional AesGcmHkdfStreamingParams params = 1
uint32 key_size = 2
size of the main key (aka. "ikm", input key material)

Used in: AesGcmHkdfStreamingKey, AesGcmHkdfStreamingKeyFormat

uint32 ciphertext_segment_size = 1
uint32 derived_key_size = 2
size of AES-GCM keys derived for each segment
HashType hkdf_hash_type = 3

uint32 version = 1
bytes key_value = 3
Placeholder for ctype and debug_redact.

uint32 key_size = 2
uint32 version = 3

key_type: type.googleapis.com/google.crypto.tink.AesGcmSivKey

uint32 version = 1
bytes key_value = 3
Placeholder for ctype and debug_redact.

The only allowed IV size is 12 bytes and tag size is 16 bytes. Thus, accept no params.

uint32 key_size = 2
uint32 version = 1

key_type: type.googleapis.com/google.crypto.tink.AesSivKey

uint32 version = 1
bytes key_value = 2
First half is AES-CTR key, second is AES-SIV.
Placeholder for ctype and debug_redact.

uint32 key_size = 1
Only valid value is: 64.
uint32 version = 2

key_type: type.googleapis.com/google.crypto.tink.ChaCha20Poly1305. This key type actually implements ChaCha20Poly1305 as described at https://tools.ietf.org/html/rfc7539#section-2.8.

uint32 version = 1
bytes key_value = 2
Placeholder for ctype and debug_redact.

(message has no fields)

Used in: EciesAeadHkdfParams

UNKNOWN_FORMAT = 0
UNCOMPRESSED = 1
COMPRESSED = 2
DO_NOT_USE_CRUNCHY_UNCOMPRESSED = 3
Like UNCOMPRESSED but without the \x04 prefix. Crunchy uses this format. DO NOT USE unless you are a Crunchy user moving to Tink.

optional EcdsaParams params = 2
Required.
uint32 version = 3

Protos for Ecdsa.

Used in: EcdsaKeyFormat, EcdsaPublicKey

HashType hash_type = 1
Required.
EllipticCurveType curve = 2
Required.
EcdsaSignatureEncoding encoding = 3
Required.

key_type: type.googleapis.com/google.crypto.tink.EcdsaPrivateKey

uint32 version = 1
Required.
optional EcdsaPublicKey public_key = 2
Required.
bytes key_value = 3
Unsigned big integer in bigendian representation. Required.
Placeholder for ctype and debug_redact.

key_type: type.googleapis.com/google.crypto.tink.EcdsaPublicKey

Used in: EcdsaPrivateKey

uint32 version = 1
Required.
optional EcdsaParams params = 2
Required.
bytes x = 3
Affine coordinates of the public key in bigendian representation. The public key is a point (x, y) on the curve defined by params.curve. For ECDH, it is crucial to verify whether the public key point (x, y) is on the private's key curve. For ECDSA, such verification is a defense in depth. Required.
bytes y = 4
Required.

Used in: EcdsaParams

UNKNOWN_ENCODING = 0
IEEE_P1363 = 1
The signature's format is r || s, where r and s are zero-padded and have the same size in bytes as the order of the curve. For example, for NIST P-256 curve, r and s are zero-padded to 32 bytes.
DER = 2
The signature is encoded using ASN.1 (https://tools.ietf.org/html/rfc5480#appendix-A): ECDSA-Sig-Value :: = SEQUENCE { r INTEGER, s INTEGER }

Parameters of AEAD DEM (Data Encapsulation Mechanism).

Used in: EciesAeadHkdfParams

optional KeyTemplate aead_dem = 2
Required. Contains an Aead or DeterministicAead key format (e.g: AesCtrHmacAeadKeyFormat, AesGcmKeyFormat or AesSivKeyFormat). The output_prefix_type in this template here is ignored (RAW is assumed).

optional EciesAeadHkdfParams params = 1
Required.

Used in: EciesAeadHkdfKeyFormat, EciesAeadHkdfPublicKey

optional EciesHkdfKemParams kem_params = 1
Key Encapsulation Mechanism. Required.
optional EciesAeadDemParams dem_params = 2
Data Encapsulation Mechanism. Required.
EcPointFormat ec_point_format = 3
EC point format. Required.

EciesKdfAeadPrivateKey represents HybridDecryption primitive. key_type: type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey

uint32 version = 1
Required.
optional EciesAeadHkdfPublicKey public_key = 2
Required.
bytes key_value = 3
Required.
Placeholder for multi-line ctype and debug_redact. // Big integer in bigendian representation.

EciesAeadHkdfPublicKey represents HybridEncryption primitive. key_type: type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey

Used in: EciesAeadHkdfPrivateKey

uint32 version = 1
Required.
optional EciesAeadHkdfParams params = 2
Required.
bytes x = 3
Affine coordinates of the public key in bigendian representation. The public key is a point (x, y) on the curve defined by params.kem_params.curve. Required.
bytes y = 4
Required.

Parameters of KEM (Key Encapsulation Mechanism)

Used in: EciesAeadHkdfParams

EllipticCurveType curve_type = 1
Required.
HashType hkdf_hash_type = 2
Required.
bytes hkdf_salt = 11
Optional.

uint32 version = 1

key_type: type.googleapis.com/google.crypto.tink.Ed25519PrivateKey

uint32 version = 1
Required.
bytes key_value = 2
The private key is 32 bytes of cryptographically secure random data. See https://tools.ietf.org/html/rfc8032#section-5.1.5. Required.
Placeholder for ctype and debug_redact.
optional Ed25519PublicKey public_key = 3
The corresponding public key.

key_type: type.googleapis.com/google.crypto.tink.Ed25519PublicKey

Used in: Ed25519PrivateKey

uint32 version = 1
Required.
bytes key_value = 2
The public key is 32 bytes, encoded according to https://tools.ietf.org/html/rfc8032#section-5.1.2. Required.
Placeholder for ctype.

Used in: EcdsaParams, EciesHkdfKemParams

UNKNOWN_CURVE = 0
NIST_P256 = 2
NIST_P384 = 3
NIST_P521 = 4
CURVE25519 = 5

(message has no fields)

Represents a keyset that is encrypted with a master key.

bytes encrypted_keyset = 2
Required.
optional KeysetInfo keyset_info = 3
Optional.

Used in: AesCtrHmacStreamingParams, AesGcmHkdfStreamingParams, EcdsaParams, EciesHkdfKemParams, HkdfPrfParams, HmacParams, HmacPrfParams, RsaSsaPkcs1Params, RsaSsaPssParams

UNKNOWN_HASH = 0
SHA1 = 1
Using SHA1 for digital signature is deprecated but HMAC-SHA1 is
SHA384 = 2
fine.
SHA256 = 3
SHA512 = 4
SHA224 = 5

uint32 version = 1
optional HkdfPrfParams params = 2
bytes key_value = 3
Placeholder for ctype and debug_redact.

optional HkdfPrfParams params = 1
uint32 key_size = 2
uint32 version = 3

Used in: HkdfPrfKey, HkdfPrfKeyFormat

HashType hash = 1
bytes salt = 2
Optional. An unspecified or zero-length value is equivalent to a sequence of zeros (0x00) with a length equal to the output size of hash. See https://rfc-editor.org/rfc/rfc5869.

key_type: type.googleapis.com/google.crypto.tink.HmacKey

Used in: AesCtrHmacAeadKey

uint32 version = 1
optional HmacParams params = 2
bytes key_value = 3
Placeholder for ctype and debug_redact.

Used in: AesCtrHmacAeadKeyFormat

optional HmacParams params = 1
uint32 key_size = 2
uint32 version = 3

Used in: AesCtrHmacStreamingParams, HmacKey, HmacKeyFormat

HashType hash = 1
HashType is an enum.
uint32 tag_size = 2

key_type: type.googleapis.com/google.crypto.tink.HmacPrfKey

uint32 version = 1
optional HmacPrfParams params = 2
bytes key_value = 3
Placeholder for ctype and debug_redact.

optional HmacPrfParams params = 1
uint32 key_size = 2
uint32 version = 3

Used in: HmacPrfKey, HmacPrfKeyFormat

HashType hash = 1
HashType is an enum.

Used in: HpkeParams

AEAD_UNKNOWN = 0
AES_128_GCM = 1
AES_256_GCM = 2
CHACHA20_POLY1305 = 3

Used in: HpkeParams

KDF_UNKNOWN = 0
HKDF_SHA256 = 1
HKDF_SHA384 = 2
HKDF_SHA512 = 3

Used in: HpkeParams

KEM_UNKNOWN = 0
DHKEM_X25519_HKDF_SHA256 = 1
DHKEM_P256_HKDF_SHA256 = 2
DHKEM_P384_HKDF_SHA384 = 3
DHKEM_P521_HKDF_SHA512 = 4

optional HpkeParams params = 1

Used in: HpkeKeyFormat, HpkePublicKey

HpkeKem kem = 1
HpkeKdf kdf = 2
HpkeAead aead = 3

uint32 version = 1
optional HpkePublicKey public_key = 2
bytes private_key = 3
KEM-encoding of private key (i.e., SerializePrivateKey() ) as described in https://www.rfc-editor.org/rfc/rfc9180.html#name-cryptographic-dependencies.
Placeholder for debug_redact.

Used in: HpkePrivateKey

uint32 version = 1
optional HpkeParams params = 2
bytes public_key = 3
KEM-encoding of public key (i.e., SerializePublicKey() ) as described in https://www.rfc-editor.org/rfc/rfc9180.html#name-cryptographic-dependencies.

See https://datatracker.ietf.org/doc/html/rfc7518#section-3.4

Used in: JwtEcdsaKeyFormat, JwtEcdsaPublicKey

ES_UNKNOWN = 0
ES256 = 1
ECDSA using P-256 and SHA-256
ES384 = 2
ECDSA using P-384 and SHA-384
ES512 = 3
ECDSA using P-521 and SHA-512

uint32 version = 1
JwtEcdsaAlgorithm algorithm = 2

key_type: type.googleapis.com/google.crypto.tink.JwtEcdsaPrivateKey

uint32 version = 1
optional JwtEcdsaPublicKey public_key = 2
bytes key_value = 3
Unsigned big integer in bigendian representation.
Placeholder for ctype and debug_redact.

key_type: type.googleapis.com/google.crypto.tink.JwtEcdsaPublicKey

Used in: JwtEcdsaPrivateKey

uint32 version = 1
JwtEcdsaAlgorithm algorithm = 2
bytes x = 3
Affine coordinates of the public key in big-endian representation. The public key is a point (x, y) on the curve defined by algorithm.
bytes y = 4
optional JwtEcdsaPublicKey.CustomKid custom_kid = 5

Optional, custom kid header value to be used with "RAW" keys. "TINK" keys with this value set will be rejected.

Used in: JwtEcdsaPublicKey

string value = 1

See https://datatracker.ietf.org/doc/html/rfc7518#section-3.2

Used in: JwtHmacKey, JwtHmacKeyFormat

HS_UNKNOWN = 0
HS256 = 1
HMAC using SHA-256
HS384 = 2
HMAC using SHA-384
HS512 = 3
HMAC using SHA-512

key_type: type.googleapis.com/google.crypto.tink.JwtHmacKey

uint32 version = 1
JwtHmacAlgorithm algorithm = 2
bytes key_value = 3
Placeholder for ctype and debug_redact.
optional JwtHmacKey.CustomKid custom_kid = 4

Optional, custom kid header value to be used with "RAW" keys. "TINK" keys with this value set will be rejected.

Used in: JwtHmacKey

string value = 1

uint32 version = 1
JwtHmacAlgorithm algorithm = 2
uint32 key_size = 3

See https://datatracker.ietf.org/doc/html/rfc7518#section-3.3

Used in: JwtRsaSsaPkcs1KeyFormat, JwtRsaSsaPkcs1PublicKey

RS_UNKNOWN = 0
RS256 = 1
RSASSA-PKCS1-v1_5 using SHA-256
RS384 = 2
RSASSA-PKCS1-v1_5 using SHA-384
RS512 = 3
RSASSA-PKCS1-v1_5 using SHA-512

uint32 version = 1
JwtRsaSsaPkcs1Algorithm algorithm = 2
uint32 modulus_size_in_bits = 3
bytes public_exponent = 4

key_type: type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey

uint32 version = 1
optional JwtRsaSsaPkcs1PublicKey public_key = 2
bytes d = 3
Private exponent. Unsigned big integer in big-endian representation.
bytes p = 4
The following parameters are used to optimize RSA signature computation. The prime factor p of n. Unsigned big integer in big-endian representation.
bytes q = 5
The prime factor q of n. Unsigned big integer in big-endian representation.
bytes dp = 6
d mod (p - 1). Unsigned big integer in big-endian representation.
bytes dq = 7
d mod (q - 1). Unsigned big integer in big-endian representation.
bytes crt = 8
Chinese Remainder Theorem coefficient q^(-1) mod p. Unsigned big integer in big-endian representation.

key_type: type.googleapis.com/google.crypto.tink.JwtRsaSsaPkcs1PublicKey

Used in: JwtRsaSsaPkcs1PrivateKey

uint32 version = 1
JwtRsaSsaPkcs1Algorithm algorithm = 2
bytes n = 3
Modulus. Unsigned big integer in big-endian representation.
bytes e = 4
Public exponent. Unsigned big integer in big-endian representation.
optional JwtRsaSsaPkcs1PublicKey.CustomKid custom_kid = 5

Optional, custom kid header value to be used with "RAW" keys. "TINK" keys with this value set will be rejected.

Used in: JwtRsaSsaPkcs1PublicKey

string value = 1

See https://datatracker.ietf.org/doc/html/rfc7518#section-3.5

Used in: JwtRsaSsaPssKeyFormat, JwtRsaSsaPssPublicKey

PS_UNKNOWN = 0
PS256 = 1
RSASSA-PSS using SHA-256 and MGF1 with SHA-256
PS384 = 2
RSASSA-PSS using SHA-384 and MGF1 with SHA-384
PS512 = 3
RSASSA-PSS using SHA-512 and MGF1 with SHA-512

uint32 version = 1
JwtRsaSsaPssAlgorithm algorithm = 2
uint32 modulus_size_in_bits = 3
bytes public_exponent = 4

key_type: type.googleapis.com/google.crypto.tink.JwtRsaSsaPssPrivateKey

uint32 version = 1
optional JwtRsaSsaPssPublicKey public_key = 2
bytes d = 3
Private exponent. Unsigned big integer in big-endian representation.
bytes p = 4
The following parameters are used to optimize RSA signature computation. The prime factor p of n. Unsigned big integer in big-endian representation.
bytes q = 5
The prime factor q of n. Unsigned big integer in big-endian representation.
bytes dp = 6
d mod (p - 1). Unsigned big integer in big-endian representation.
bytes dq = 7
d mod (q - 1). Unsigned big integer in big-endian representation.
bytes crt = 8
Chinese Remainder Theorem coefficient q^(-1) mod p. Unsigned big integer in big-endian representation.

key_type: type.googleapis.com/google.crypto.tink.JwtRsaSsaPssPublicKey

Used in: JwtRsaSsaPssPrivateKey

uint32 version = 1
JwtRsaSsaPssAlgorithm algorithm = 2
bytes n = 3
Modulus. Unsigned big integer in big-endian representation.
bytes e = 4
Public exponent. Unsigned big integer in big-endian representation.
optional JwtRsaSsaPssPublicKey.CustomKid custom_kid = 5

Optional, custom kid header value to be used with "RAW" keys. "TINK" keys with this value set will be rejected.

Used in: JwtRsaSsaPssPublicKey

string value = 1

The actual *Key-proto is wrapped in a KeyData message, which in addition to this serialized proto contains also type_url identifying the definition of *Key-proto (as in KeyFormat-message), and some extra metadata about the type key material.

Used in: Keyset.Key, PrfBasedDeriverKey

string type_url = 1
Required.
In format type.googleapis.com/packagename.messagename
bytes value = 2
Required. Contains specific serialized *Key proto
Placeholder for ctype and debug_redact.
KeyData.KeyMaterialType key_material_type = 3
Required.

Used in: KeyData

UNKNOWN_KEYMATERIAL = 0
SYMMETRIC = 1
ASYMMETRIC_PRIVATE = 2
ASYMMETRIC_PUBLIC = 3
REMOTE = 4
points to a remote key, i.e., in a KMS.

Used in: Keyset.Key, KeysetInfo.KeyInfo

UNKNOWN_STATUS = 0
ENABLED = 1
Can be used for crypto operations.
DISABLED = 2
Cannot be used, but exists and can become ENABLED.
DESTROYED = 3
Key data does not exist in this Keyset any more.

Used in: EciesAeadDemParams, KmsEnvelopeAeadKeyFormat, PrfBasedDeriverKeyFormat, PrfBasedDeriverParams

string type_url = 1
Required. The type_url of the key type in format type.googleapis.com/packagename.messagename -- see above for details. This is typically the protobuf type URL of the *Key proto. In particular, this is different of the protobuf type URL of the *KeyFormat proto.
bytes value = 2
Required. The serialized *KeyFormat proto.
OutputPrefixType output_prefix_type = 3
Required. The type of prefix used when computing some primitives to identify the ciphertext/signature, etc.

An entry that describes a key type to be used with Tink library, specifying the corresponding primitive, key manager, and deprecation status. All fields are required.

Used in: RegistryConfig

string primitive_name = 1
E.g. “Aead”, “Mac”, ... (case-insensitive)
string type_url = 2
Name of the key type.
uint32 key_manager_version = 3
Minimum required version of key manager.
bool new_key_allowed = 4
Can the key manager create new keys?
string catalogue_name = 5
Catalogue to be queried for key manager,

A Tink user works usually not with single keys, but with keysets, to enable key rotation. The keys in a keyset can belong to different implementations/key types, but must all implement the same primitive. Any given keyset (and any given key) can be used for one primitive only.

uint32 primary_key_id = 1
Identifies key used to generate new crypto data (encrypt, sign). Required.
repeated Keyset.Key key = 2
Actual keys in the Keyset. Required.

Used in: Keyset

optional KeyData key_data = 1
Contains the actual, instantiation specific key proto. By convention, each key proto contains a version field.
KeyStatusType status = 2
uint32 key_id = 3
Identifies a key within a keyset, is a part of metadata of a ciphertext/signature.
OutputPrefixType output_prefix_type = 4
Determines the prefix of the ciphertexts/signatures produced by this key. This value is copied verbatim from the key template.

Represents a "safe" Keyset that doesn't contain any actual key material, thus can be used for logging or monitoring. Most fields are copied from Keyset.

Used in: EncryptedKeyset

uint32 primary_key_id = 1
See Keyset.primary_key_id.
repeated KeysetInfo.KeyInfo key_info = 2
KeyInfos in the KeysetInfo. Each KeyInfo is corresponding to a Key in the corresponding Keyset.

Used in: KeysetInfo

string type_url = 1
the type url of this key, e.g., type.googleapis.com/google.crypto.tink.HmacKey.
KeyStatusType status = 2
See Keyset.Key.status.
uint32 key_id = 3
See Keyset.Key.key_id.
OutputPrefixType output_prefix_type = 4
See Keyset.Key.output_prefix_type.

There is no actual key material in the key.

uint32 version = 1
optional KmsAeadKeyFormat params = 2
The key format also contains the params.

Used in: KmsAeadKey

string key_uri = 1
Required. The location of a KMS key. With Google Cloud KMS, valid values have this format: gcp-kms://projects/*/locations/*/keyRings/*/cryptoKeys/*. With AWS KMS, valid values have this format: aws-kms://arn:aws:kms:<region>:<account-id>:key/<key-id>

There is no actual key material in the key.

uint32 version = 1
optional KmsEnvelopeAeadKeyFormat params = 2
The key format also contains the params.

Used in: KmsEnvelopeAeadKey

string kek_uri = 1
Required. The location of the KEK in a remote KMS. With Google Cloud KMS, valid values have this format: gcp-kms://projects/*/locations/*/keyRings/*/cryptoKeys/*. With AWS KMS, valid values have this format: aws-kms://arn:aws:kms:<region>:<account-id>:key/<key-id>
optional KeyTemplate dek_template = 2
Key template of the Data Encryption Key, e.g., AesCtrHmacAeadKeyFormat. Required.

Used in: MlDsaParams

ML_DSA_UNKNOWN_INSTANCE = 0
ML_DSA_65 = 1

uint32 version = 1
Required.
optional MlDsaParams params = 2
Required.

Used in: MlDsaKeyFormat, MlDsaPublicKey

MlDsaInstance ml_dsa_instance = 1
Required.

key_type: type.googleapis.com/google.crypto.tink.MlDsaPrivateKey

uint32 version = 1
Required.
bytes key_value = 2
Required. Note that this contains the seed used to generate the private key, not the private key itself.
optional MlDsaPublicKey public_key = 3
The corresponding public key.

key_type: type.googleapis.com/google.crypto.tink.MlDsaPublicKey

Used in: MlDsaPrivateKey

uint32 version = 1
Required.
bytes key_value = 2
Required.
optional MlDsaParams params = 3
Required.

Tink produces and accepts ciphertexts or signatures that consist of a prefix and a payload. The payload and its format is determined entirely by the primitive, but the prefix has to be one of the following 5 types: - Legacy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte key id that is computed from the key material. In addition to that, signature schemes and MACs will add a \x00 byte to the end of the data being signed / MACed when operating on keys with this OutputPrefixType. - Crunchy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte key id that is generated randomly. - Tink : prefix is 5 bytes, starts with \x01 and followed by 4-byte key id that is generated randomly. - Raw : prefix is 0 byte, i.e., empty. - WITH_ID_REQUIREMENT: prefix size may vary i.e., empty, 1 byte etc, but the key is always required to have an ID. This is used for example for pre-hashing, where the ID is used to sync with a remote pre-hash signer, but no prefix is added to the signature.

Used in: KeyTemplate, Keyset.Key, KeysetInfo.KeyInfo

UNKNOWN_PREFIX = 0
TINK = 1
LEGACY = 2
RAW = 3
CRUNCHY = 4
WITH_ID_REQUIREMENT = 5

key_type: type.googleapis.com/google.crypto.tink.PrfBasedDeriverKey

uint32 version = 1
optional KeyData prf_key = 2
optional PrfBasedDeriverParams params = 3

optional KeyTemplate prf_key_template = 1
optional PrfBasedDeriverParams params = 2

Used in: PrfBasedDeriverKey, PrfBasedDeriverKeyFormat

optional KeyTemplate derived_key_template = 1

A complete configuration of Tink library: a list of key types to be available via the Registry after initialization. All fields are required.

string config_name = 1
repeated KeyTypeEntry entry = 2

optional RsaSsaPkcs1Params params = 1
Required.
uint32 modulus_size_in_bits = 2
Required.
bytes public_exponent = 3
Required.

Used in: RsaSsaPkcs1KeyFormat, RsaSsaPkcs1PublicKey

HashType hash_type = 1
Hash function used in computing hash of the signing message (see https://tools.ietf.org/html/rfc8017#section-9.2). Required.

key_type: type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey

uint32 version = 1
Required.
optional RsaSsaPkcs1PublicKey public_key = 2
Required.
bytes d = 3
Private exponent. Unsigned big integer in bigendian representation. Required.
bytes p = 4
The following parameters are used to optimize RSA signature computation. The prime factor p of n. Unsigned big integer in bigendian representation. Required.
bytes q = 5
The prime factor q of n. Unsigned big integer in bigendian representation. Required.
bytes dp = 6
d mod (p - 1). Unsigned big integer in bigendian representation. Required.
bytes dq = 7
d mod (q - 1). Unsigned big integer in bigendian representation. Required.
bytes crt = 8
Chinese Remainder Theorem coefficient q^(-1) mod p. Unsigned big integer in bigendian representation. Required.

key_type: type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PublicKey

Used in: RsaSsaPkcs1PrivateKey

uint32 version = 1
Required.
optional RsaSsaPkcs1Params params = 2
Required.
bytes n = 3
Modulus. Unsigned big integer in bigendian representation.
bytes e = 4
Public exponent. Unsigned big integer in bigendian representation.

optional RsaSsaPssParams params = 1
Required.
uint32 modulus_size_in_bits = 2
Required.
bytes public_exponent = 3
Required.

Used in: RsaSsaPssKeyFormat, RsaSsaPssPublicKey

HashType sig_hash = 1
Hash function used in computing hash of the signing message (see https://tools.ietf.org/html/rfc8017#section-9.1.1). Required.
HashType mgf1_hash = 2
Hash function used in MGF1 (a mask generation function based on a hash function) (see https://tools.ietf.org/html/rfc8017#appendix-B.2.1). Required.
int32 salt_length = 3
Salt length (see https://tools.ietf.org/html/rfc8017#section-9.1.1) Required.

key_type: type.googleapis.com/google.crypto.tink.RsaSsaPssPrivateKey

uint32 version = 1
Required.
optional RsaSsaPssPublicKey public_key = 2
Required.
bytes d = 3
Private exponent. Unsigned big integer in bigendian representation. Required.
bytes p = 4
The following parameters are used to optimize RSA signature computation. The prime factor p of n. Unsigned big integer in bigendian representation. Required.
bytes q = 5
The prime factor q of n. Unsigned big integer in bigendian representation. Required.
bytes dp = 6
d mod (p - 1). Unsigned big integer in bigendian representation. Required.
bytes dq = 7
d mod (q - 1). Unsigned big integer in bigendian representation. Required.
bytes crt = 8
Chinese Remainder Theorem coefficient q^(-1) mod p. Unsigned big integer in bigendian representation. Required.

key_type: type.googleapis.com/google.crypto.tink.RsaSsaPssPublicKey

Used in: RsaSsaPssPrivateKey

uint32 version = 1
Required.
optional RsaSsaPssParams params = 2
Required.
bytes n = 3
Modulus. Unsigned big integer in bigendian representation.
bytes e = 4
Public exponent. Unsigned big integer in bigendian representation.

Used in: SlhDsaParams

SLH_DSA_HASH_TYPE_UNSPECIFIED = 0
SHA2 = 1
SHAKE = 2

uint32 version = 1
optional SlhDsaParams params = 2
Required.

Protos for the Stateless Hash-Based Digital Signature Algorithm https://csrc.nist.gov/pubs/fips/205/final

Used in: SlhDsaKeyFormat, SlhDsaPublicKey

int32 key_size = 1
Required
SlhDsaHashType hash_type = 2
Required.
SlhDsaSignatureType sig_type = 3
Required.

key_type: type.googleapis.com/google.crypto.tink.SlhDsaPrivateKey

uint32 version = 1
Required.
bytes key_value = 2
Required.
Placeholder for ctype.
optional SlhDsaPublicKey public_key = 3
Required. The corresponding public key.

key_type: type.googleapis.com/google.crypto.tink.SlhDsaPublicKey

Used in: SlhDsaPrivateKey

uint32 version = 1
Required.
bytes key_value = 2
Required.
Placeholder for ctype.
optional SlhDsaParams params = 3
Required

Used in: SlhDsaParams

SLH_DSA_SIGNATURE_TYPE_UNSPECIFIED = 0
FAST_SIGNING = 1
SMALL_SIGNATURE = 2

key_type: type.googleapis.com/google.crypto.tink.XAesGcmKey

uint32 version = 1
optional XAesGcmParams params = 2
bytes key_value = 3

uint32 version = 1
optional XAesGcmParams params = 3

Used in: XAesGcmKey, XAesGcmKeyFormat

uint32 salt_size = 1
Must be at least 8 bytes and at most 12 bytes.

key_type: type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key

uint32 version = 1
bytes key_value = 3
Placeholder for ctype and debug_redact.

uint32 version = 1

package google.crypto.tink

message AesCmacKey

uint32 version = 1

bytes key_value = 2

optional AesCmacParams params = 3

message AesCmacKeyFormat

uint32 key_size = 1

optional AesCmacParams params = 2

message AesCmacParams

uint32 tag_size = 1

message AesCmacPrfKey

uint32 version = 1

bytes key_value = 2

message AesCmacPrfKeyFormat

uint32 version = 2

uint32 key_size = 1

message AesCtrHmacAeadKey

uint32 version = 1

optional AesCtrKey aes_ctr_key = 2

optional HmacKey hmac_key = 3

message AesCtrHmacAeadKeyFormat

optional AesCtrKeyFormat aes_ctr_key_format = 1

optional HmacKeyFormat hmac_key_format = 2

message AesCtrHmacStreamingKey

uint32 version = 1

optional AesCtrHmacStreamingParams params = 2

bytes key_value = 3

message AesCtrHmacStreamingKeyFormat

uint32 version = 3

optional AesCtrHmacStreamingParams params = 1

uint32 key_size = 2

message AesCtrHmacStreamingParams

uint32 ciphertext_segment_size = 1

uint32 derived_key_size = 2

HashType hkdf_hash_type = 3

optional HmacParams hmac_params = 4

message AesCtrKey

uint32 version = 1

optional AesCtrParams params = 2

bytes key_value = 3

message AesCtrKeyFormat

optional AesCtrParams params = 1

uint32 key_size = 2

message AesCtrParams

uint32 iv_size = 1

message AesEaxKey

uint32 version = 1

optional AesEaxParams params = 2

bytes key_value = 3

message AesEaxKeyFormat

optional AesEaxParams params = 1

uint32 key_size = 2

message AesEaxParams

uint32 iv_size = 1

message AesGcmHkdfStreamingKey

uint32 version = 1

optional AesGcmHkdfStreamingParams params = 2

bytes key_value = 3

message AesGcmHkdfStreamingKeyFormat

uint32 version = 3

optional AesGcmHkdfStreamingParams params = 1

uint32 key_size = 2

message AesGcmHkdfStreamingParams

uint32 ciphertext_segment_size = 1

uint32 derived_key_size = 2

HashType hkdf_hash_type = 3

message AesGcmKey

uint32 version = 1

bytes key_value = 3

message AesGcmKeyFormat

uint32 key_size = 2

uint32 version = 3

message AesGcmSivKey

uint32 version = 1

bytes key_value = 3

message AesGcmSivKeyFormat

uint32 key_size = 2

uint32 version = 1

message AesSivKey

uint32 version = 1