in kmsp11/operation/crypter_ops.cc [57:81]
absl::StatusOr<EncryptOp> NewEncryptOp(std::shared_ptr<Object> key,
const CK_MECHANISM* mechanism) {
switch (mechanism->mechanism) {
case CKM_RSA_PKCS_OAEP:
return NewRsaOaepEncrypter(key, mechanism);
case CKM_AES_GCM:
return NewInvalidArgumentError(
absl::StrFormat(
"Mechanism %#x not supported for AES-GCM encryption, the"
"Cloud KMS PKCS #11 library defines a custom mechanism"
"(CKM_CLOUDKMS_AES_GCM) that you can use instead",
mechanism->mechanism),
CKR_MECHANISM_INVALID, SOURCE_LOCATION);
case CKM_CLOUDKMS_AES_GCM:
return NewAesGcmEncrypter(key, mechanism);
case CKM_AES_CTR:
return NewAesCtrEncrypter(key, mechanism);
case CKM_AES_CBC:
case CKM_AES_CBC_PAD:
return NewAesCbcEncrypter(key, mechanism);
default:
return InvalidMechanismError(mechanism->mechanism, "encrypt",
SOURCE_LOCATION);
}
}