语言支持的密钥类型
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
下表列出了每个基元支持的密钥类型(按语言分类)。
AEAD
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
AES-GCM |
是1 |
是 |
是 |
是 |
是 |
是 |
AES-GCM-SIV |
是2 |
是 |
否 |
否 |
是 |
是 |
AES-CTR-HMAC |
是 |
是 |
是 |
是 |
是 |
是 |
AES-EAX |
是 |
是 |
是 |
是 |
否 |
是 |
KMS 信封 |
是 |
是 |
是 |
否 |
是 |
是 |
CHACHA20-POLY1305 |
是 |
否 |
否 |
否 |
是 |
否 |
XCHACHA20-POLY1305 |
是 |
是 |
否 |
是 |
是 |
是 |
流式 AEAD
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
AES-GCM-HKDF-STREAMING |
是 |
是 |
是 |
否 |
是 |
是 |
AES-CTR-HMAC-STREAMING |
是 |
是 |
是 |
否 |
是 |
是 |
确定性 AEAD
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
AES-SIV |
是 |
是 |
是 |
是 |
是 |
是 |
MAC
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
HMAC-SHA2 |
是 |
是 |
是 |
是 |
是 |
是 |
AES-CMAC |
是 |
是 |
是 |
是 |
是 |
是 |
PRF
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
HKDF-SHA2 |
是 |
是 |
是 |
否 |
是 |
是 |
HMAC-SHA2 |
是 |
是 |
是 |
否 |
是 |
是 |
AES-CMAC |
是 |
是 |
是 |
否 |
是 |
是 |
签名
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
ECDSA 对比 NIST 曲线 |
是 |
是 |
是 |
是 |
是 |
是 |
Ed25519 |
是 |
是 |
是 |
是 |
是 |
是 |
RSA-SSA-PKCS1 |
是 |
是 |
是 |
是 |
是 |
是 |
RSA-SSA-PSS |
是 |
是 |
是 |
是 |
是 |
是 |
混合加密
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
惠普克 |
是 |
是 |
否 |
否 |
是 |
是 |
采用 AEAD 和 HKDF 的 ECIES |
是3 |
是 |
是 |
是 |
是 |
是 |
采用 DeterministicAEAD 和 HKDF 的 ECIES |
是4 |
是 |
是 |
否 |
是 |
是 |
JWT MAC
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
JWT HMAC-SHA2 |
是 |
是 |
是 |
否 |
是 |
是 |
JWT 签名
实施步骤 |
Java |
C++ (BoringSSL) |
C++ (OpenSSL) |
Objective-C |
Go |
Python |
基于 NIST 曲线的 JWT ECDSA |
是 |
是 |
是 |
否 |
是 |
是 |
JWT RSA-SSA-PKCS1 |
是 |
是 |
是 |
否 |
是 |
是 |
JWT RSA-SSA-PSS |
是 |
是 |
是 |
否 |
是 |
是 |
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可,并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情,请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2025-07-25。
[null,null,["最后更新时间 (UTC):2025-07-25。"],[[["\u003cp\u003eThe tables provide a comprehensive overview of the cryptographic primitives supported by Tink across various programming languages, including Java, C++, Objective-C, Go, and Python.\u003c/p\u003e\n"],["\u003cp\u003eSupport for specific primitives can vary depending on the chosen language and underlying cryptographic library (e.g., BoringSSL, OpenSSL).\u003c/p\u003e\n"],["\u003cp\u003eTink offers a wide range of cryptographic capabilities, encompassing AEAD, Streaming AEAD, Deterministic AEAD, MAC, PRF, Signatures, Hybrid Encryption, and JWT support.\u003c/p\u003e\n"],["\u003cp\u003eWhile most primitives are widely supported, some exceptions exist, such as limited AES-GCM functionality on older Android versions and the need for Conscrypt for AES-GCM-SIV in Java.\u003c/p\u003e\n"],["\u003cp\u003eDevelopers should consult the tables to ensure their target language and platform support the required cryptographic primitives for their specific use case.\u003c/p\u003e\n"]]],["The content outlines the supported cryptographic primitives across different programming languages, including Java, C++, Objective-C, Go, and Python. Key actions involve identifying language support for AEAD (AES-GCM, AES-GCM-SIV, etc.), Streaming AEAD, Deterministic AEAD, MAC (HMAC-SHA2, AES-CMAC), PRF, Signature (ECDSA, Ed25519, RSA), Hybrid Encryption, JWT MAC, and JWT Signature. Each table indicates whether a specific implementation is supported (\"yes\") or not (\"no\") within each language's Tink library.\n"],null,["# Key types supported by language\n\nThe following tables list the key types each [primitive](/tink/primitives-by-language)\nsupports, classified by language.\n\nAEAD\n----\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|--------------------|----------------|-----------------|---------------|-------------|--------|--------|\n| AES-GCM | yes^[1](#fn1)^ | yes | yes | yes | yes | yes |\n| AES-GCM-SIV | yes^[2](#fn2)^ | yes | **no** | **no** | yes | yes |\n| AES-CTR-HMAC | yes | yes | yes | yes | yes | yes |\n| AES-EAX | yes | yes | yes | yes | **no** | yes |\n| KMS Envelope | yes | yes | yes | **no** | yes | yes |\n| CHACHA20-POLY1305 | yes | **no** | **no** | **no** | yes | **no** |\n| XCHACHA20-POLY1305 | yes | yes | **no** | yes | yes | yes |\n\nStreaming AEAD\n--------------\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|------------------------|------|-----------------|---------------|-------------|-----|--------|\n| AES-GCM-HKDF-STREAMING | yes | yes | yes | **no** | yes | yes |\n| AES-CTR-HMAC-STREAMING | yes | yes | yes | **no** | yes | yes |\n\nDeterministic AEAD\n------------------\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|----------------|------|-----------------|---------------|-------------|-----|--------|\n| AES-SIV | yes | yes | yes | yes | yes | yes |\n\nMAC\n---\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|----------------|------|-----------------|---------------|-------------|-----|--------|\n| HMAC-SHA2 | yes | yes | yes | yes | yes | yes |\n| AES-CMAC | yes | yes | yes | yes | yes | yes |\n\nPRF\n---\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|----------------|------|-----------------|---------------|-------------|-----|--------|\n| HKDF-SHA2 | yes | yes | yes | **no** | yes | yes |\n| HMAC-SHA2 | yes | yes | yes | **no** | yes | yes |\n| AES-CMAC | yes | yes | yes | **no** | yes | yes |\n\nSignature\n---------\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|------------------------|------|-----------------|---------------|-------------|-----|--------|\n| ECDSA over NIST curves | yes | yes | yes | yes | yes | yes |\n| Ed25519 | yes | yes | yes | yes | yes | yes |\n| RSA-SSA-PKCS1 | yes | yes | yes | yes | yes | yes |\n| RSA-SSA-PSS | yes | yes | yes | yes | yes | yes |\n\nHybrid Encryption\n-----------------\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|---------------------------------------|----------------|-----------------|---------------|-------------|-----|--------|\n| HPKE | yes | yes | **no** | **no** | yes | yes |\n| ECIES with AEAD and HKDF | yes^[3](#fn3)^ | yes | yes | yes | yes | yes |\n| ECIES with DeterministicAEAD and HKDF | yes^[4](#fn4)^ | yes | yes | **no** | yes | yes |\n\nJWT MAC\n-------\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|----------------|------|-----------------|---------------|-------------|-----|--------|\n| JWT HMAC-SHA2 | yes | yes | yes | **no** | yes | yes |\n\nJWT Signature\n-------------\n\n| Implementation | Java | C++ (BoringSSL) | C++ (OpenSSL) | Objective-C | Go | Python |\n|----------------------------|------|-----------------|---------------|-------------|-----|--------|\n| JWT ECDSA over NIST curves | yes | yes | yes | **no** | yes | yes |\n| JWT RSA-SSA-PKCS1 | yes | yes | yes | **no** | yes | yes |\n| JWT RSA-SSA-PSS | yes | yes | yes | **no** | yes | yes |\n\n*** ** * ** ***\n\n1. AES-GCM does not work [properly](/tink/issues/aes_gcm_android_19) on Android \\\u003c=19. [↩](#fnref1)\n\n2. Requires Conscrypt to be installed as a JCE security provider. [↩](#fnref2)\n\n3. Requires a NIST curve. [↩](#fnref3)\n\n4. Requires a NIST curve. [↩](#fnref4)"]]