Small HPKE cleanups.

PiperOrigin-RevId: 734141049
Change-Id: Ibfcfd48bee48eb9624df6b15f9f512a6b32cee5f

Author: tholenst

src/main/java/com/google/crypto/tink/hybrid/internal/BUILD.bazel

@@ -68,10 +68,10 @@ java_library(
     deps = [
         ":hpke_aead",
         ":hpke_context",
-        ":hpke_encrypt",
         ":hpke_kdf",
         ":hpke_kem",
         ":hpke_kem_private_key",
+        ":hpke_primitive_factory",
         "//src/main/java/com/google/crypto/tink:accesses_partial_key",
         "//src/main/java/com/google/crypto/tink:hybrid_decrypt",
         "//src/main/java/com/google/crypto/tink:insecure_secret_key_access",
@@ -87,20 +87,15 @@ java_library(
     name = "hpke_encrypt",
     srcs = ["HpkeEncrypt.java"],
     deps = [
-        ":aes_gcm_hpke_aead",
-        ":chacha20_poly1305_hpke_aead",
-        ":hkdf_hpke_kdf",
         ":hpke_aead",
         ":hpke_context",
         ":hpke_kdf",
         ":hpke_kem",
-        ":nist_curves_hpke_kem",
-        ":x25519_hpke_kem",
+        ":hpke_primitive_factory",
         "//src/main/java/com/google/crypto/tink:accesses_partial_key",
         "//src/main/java/com/google/crypto/tink:hybrid_encrypt",
         "//src/main/java/com/google/crypto/tink/hybrid:hpke_parameters",
         "//src/main/java/com/google/crypto/tink/hybrid:hpke_public_key",
-        "//src/main/java/com/google/crypto/tink/subtle:elliptic_curves",
         "//src/main/java/com/google/crypto/tink/util:bytes",
         "@maven//:com_google_errorprone_error_prone_annotations",
     ],
@@ -336,10 +331,10 @@ android_library(
     deps = [
         ":hpke_aead-android",
         ":hpke_context-android",
-        ":hpke_encrypt-android",
         ":hpke_kdf-android",
         ":hpke_kem-android",
         ":hpke_kem_private_key-android",
+        ":hpke_primitive_factory-android",
         "//src/main/java/com/google/crypto/tink:accesses_partial_key-android",
         "//src/main/java/com/google/crypto/tink:hybrid_decrypt-android",
         "//src/main/java/com/google/crypto/tink:insecure_secret_key_access-android",
@@ -355,20 +350,15 @@ android_library(
     name = "hpke_encrypt-android",
     srcs = ["HpkeEncrypt.java"],
     deps = [
-        ":aes_gcm_hpke_aead-android",
-        ":chacha20_poly1305_hpke_aead-android",
-        ":hkdf_hpke_kdf-android",
         ":hpke_aead-android",
         ":hpke_context-android",
         ":hpke_kdf-android",
         ":hpke_kem-android",
-        ":nist_curves_hpke_kem-android",
-        ":x25519_hpke_kem-android",
+        ":hpke_primitive_factory-android",
         "//src/main/java/com/google/crypto/tink:accesses_partial_key-android",
         "//src/main/java/com/google/crypto/tink:hybrid_encrypt-android",
         "//src/main/java/com/google/crypto/tink/hybrid:hpke_parameters-android",
         "//src/main/java/com/google/crypto/tink/hybrid:hpke_public_key-android",
-        "//src/main/java/com/google/crypto/tink/subtle:elliptic_curves-android",
         "//src/main/java/com/google/crypto/tink/util:bytes-android",
         "@maven//:com_google_errorprone_error_prone_annotations",
     ],

src/main/java/com/google/crypto/tink/hybrid/internal/HpkeDecrypt.java

@@ -97,9 +97,9 @@ private static HpkeKemPrivateKey createHpkeKemPrivateKey(HpkePrivateKey privateK
 
   public static HybridDecrypt create(HpkePrivateKey privateKey) throws GeneralSecurityException {
     HpkeParameters parameters = privateKey.getParameters();
-    HpkeKem kem = HpkeEncrypt.createKem(parameters.getKemId());
-    HpkeKdf kdf = HpkeEncrypt.createKdf(parameters.getKdfId());
-    HpkeAead aead = HpkeEncrypt.createAead(parameters.getAeadId());
+    HpkeKem kem = HpkePrimitiveFactory.createKem(parameters.getKemId());
+    HpkeKdf kdf = HpkePrimitiveFactory.createKdf(parameters.getKdfId());
+    HpkeAead aead = HpkePrimitiveFactory.createAead(parameters.getAeadId());
     int encapsulatedKeyLength = encodingSizeInBytes(parameters.getKemId());
     HpkeKemPrivateKey recipientKemPrivateKey = createHpkeKemPrivateKey(privateKey);
     return new HpkeDecrypt(

src/main/java/com/google/crypto/tink/hybrid/internal/HpkeEncrypt.java

@@ -20,7 +20,6 @@
 import com.google.crypto.tink.HybridEncrypt;
 import com.google.crypto.tink.hybrid.HpkeParameters;
 import com.google.crypto.tink.hybrid.HpkePublicKey;
-import com.google.crypto.tink.subtle.EllipticCurves;
 import com.google.crypto.tink.util.Bytes;
 import com.google.errorprone.annotations.Immutable;
 import java.security.GeneralSecurityException;
@@ -58,54 +57,12 @@ public static HybridEncrypt create(HpkePublicKey key) throws GeneralSecurityExce
     HpkeParameters parameters = key.getParameters();
     return new HpkeEncrypt(
         key.getPublicKeyBytes(),
-        createKem(parameters.getKemId()),
-        createKdf(parameters.getKdfId()),
-        createAead(parameters.getAeadId()),
+        HpkePrimitiveFactory.createKem(parameters.getKemId()),
+        HpkePrimitiveFactory.createKdf(parameters.getKdfId()),
+        HpkePrimitiveFactory.createAead(parameters.getAeadId()),
         key.getOutputPrefix());
   }
 
-  static HpkeKem createKem(HpkeParameters.KemId kemId) throws GeneralSecurityException {
-    if (kemId.equals(HpkeParameters.KemId.DHKEM_X25519_HKDF_SHA256)) {
-      return new X25519HpkeKem(new HkdfHpkeKdf("HmacSha256"));
-    }
-    if (kemId.equals(HpkeParameters.KemId.DHKEM_P256_HKDF_SHA256)) {
-      return NistCurvesHpkeKem.fromCurve(EllipticCurves.CurveType.NIST_P256);
-    }
-    if (kemId.equals(HpkeParameters.KemId.DHKEM_P384_HKDF_SHA384)) {
-      return NistCurvesHpkeKem.fromCurve(EllipticCurves.CurveType.NIST_P384);
-    }
-    if (kemId.equals(HpkeParameters.KemId.DHKEM_P521_HKDF_SHA512)) {
-      return NistCurvesHpkeKem.fromCurve(EllipticCurves.CurveType.NIST_P521);
-    }
-    throw new GeneralSecurityException("Unrecognized HPKE KEM identifier");
-  }
-
-  static HpkeKdf createKdf(HpkeParameters.KdfId kdfId) throws GeneralSecurityException {
-    if (kdfId.equals(HpkeParameters.KdfId.HKDF_SHA256)) {
-      return new HkdfHpkeKdf("HmacSha256");
-    }
-    if (kdfId.equals(HpkeParameters.KdfId.HKDF_SHA384)) {
-      return new HkdfHpkeKdf("HmacSha384");
-    }
-    if (kdfId.equals(HpkeParameters.KdfId.HKDF_SHA512)) {
-      return new HkdfHpkeKdf("HmacSha512");
-    }
-    throw new GeneralSecurityException("Unrecognized HPKE KDF identifier");
-  }
-
-  static HpkeAead createAead(HpkeParameters.AeadId aeadId) throws GeneralSecurityException {
-    if (aeadId.equals(HpkeParameters.AeadId.AES_128_GCM)) {
-      return new AesGcmHpkeAead(16);
-    }
-    if (aeadId.equals(HpkeParameters.AeadId.AES_256_GCM)) {
-      return new AesGcmHpkeAead(32);
-    }
-    if (aeadId.equals(HpkeParameters.AeadId.CHACHA20_POLY1305)) {
-      return new ChaCha20Poly1305HpkeAead();
-    }
-    throw new GeneralSecurityException("Unrecognized HPKE AEAD identifier");
-  }
-
   @Override
   public byte[] encrypt(final byte[] plaintext, final byte[] contextInfo)
       throws GeneralSecurityException {