Define function to add AEAD v0 primitive wrappers and key type managers.

PiperOrigin-RevId: 558205274 Change-Id: I0df200adb5751dba64a1c2a3fe77a6e094cd4606
tink-crypto · Aug 18, 2023 · 6a36043 · 6a36043
1 parent d1acf67
commit 6a36043
Show file tree

Hide file tree

Showing 8 changed files with 300 additions and 50 deletions.
diff --git a/tink/config/BUILD.bazel b/tink/config/BUILD.bazel
@@ -128,12 +128,7 @@ cc_library(
     tags = ["requires_boringcrypto_update"],
     deps = [
         "//tink:configuration",
-        "//tink/aead:aead_wrapper",
-        "//tink/aead:aes_ctr_hmac_aead_key_manager",
-        "//tink/aead:aes_eax_key_manager",
-        "//tink/aead:aes_gcm_key_manager",
-        "//tink/aead:aes_gcm_siv_key_manager",
-        "//tink/aead:xchacha20_poly1305_key_manager",
+        "//tink/config/internal:aead_v0",
         "//tink/daead:aes_siv_key_manager",
         "//tink/daead:deterministic_aead_wrapper",
         "//tink/hybrid:ecies_aead_hkdf_private_key_manager",

diff --git a/tink/config/CMakeLists.txt b/tink/config/CMakeLists.txt
@@ -1,5 +1,7 @@
 tink_module(config)
 
+add_subdirectory(internal)
+
 tink_cc_library(
   NAME tink_config
   SRCS
@@ -111,12 +113,7 @@ tink_cc_library(
   DEPS
     absl::check
     tink::core::configuration
-    tink::aead::aead_wrapper
-    tink::aead::aes_ctr_hmac_aead_key_manager
-    tink::aead::aes_eax_key_manager
-    tink::aead::aes_gcm_key_manager
-    tink::aead::aes_gcm_siv_key_manager
-    tink::aead::xchacha20_poly1305_key_manager
+    tink::config::internal::aead_v0
     tink::daead::aes_siv_key_manager
     tink::daead::deterministic_aead_wrapper
     tink::hybrid::ecies_aead_hkdf_private_key_manager

diff --git a/tink/config/internal/BUILD.bazel b/tink/config/internal/BUILD.bazel
@@ -0,0 +1,48 @@
+package(default_visibility = ["//:__subpackages__"])
+
+licenses(["notice"])
+
+cc_library(
+    name = "aead_v0",
+    srcs = ["aead_v0.cc"],
+    hdrs = ["aead_v0.h"],
+    include_prefix = "tink/config/internal",
+    deps = [
+        "//tink:configuration",
+        "//tink/aead:aead_wrapper",
+        "//tink/aead:aes_ctr_hmac_aead_key_manager",
+        "//tink/aead:aes_eax_key_manager",
+        "//tink/aead:aes_gcm_key_manager",
+        "//tink/aead:aes_gcm_siv_key_manager",
+        "//tink/aead:xchacha20_poly1305_key_manager",
+        "//tink/internal:configuration_impl",
+        "//tink/util:status",
+        "@com_google_absl//absl/memory",
+    ],
+)
+
+cc_test(
+    name = "test",
+    srcs = ["test.cc"],
+    deps = [
+        ":aead_v0",
+        "//tink:aead",
+        "//tink:configuration",
+        "//tink:key_gen_configuration",
+        "//tink:keyset_handle",
+        "//tink/aead:aead_key_templates",
+        "//tink/aead:aes_ctr_hmac_aead_key_manager",
+        "//tink/aead:aes_eax_key_manager",
+        "//tink/aead:aes_gcm_key_manager",
+        "//tink/aead:aes_gcm_siv_key_manager",
+        "//tink/aead:xchacha20_poly1305_key_manager",
+        "//tink/internal:configuration_impl",
+        "//tink/internal:key_gen_configuration_impl",
+        "//tink/internal:key_type_info_store",
+        "//tink/internal:keyset_wrapper_store",
+        "//tink/util:statusor",
+        "//tink/util:test_matchers",
+        "@com_google_absl//absl/memory",
+        "@com_google_googletest//:gtest_main",
+    ],
+)
diff --git a/tink/config/internal/CMakeLists.txt b/tink/config/internal/CMakeLists.txt
@@ -0,0 +1,45 @@
+tink_module(config::internal)
+
+tink_cc_library(
+  NAME aead_v0
+  SRCS
+    aead_v0.cc
+    aead_v0.h
+  DEPS
+    absl::memory
+    tink::core::configuration
+    tink::aead::aead_wrapper
+    tink::aead::aes_ctr_hmac_aead_key_manager
+    tink::aead::aes_eax_key_manager
+    tink::aead::aes_gcm_key_manager
+    tink::aead::aes_gcm_siv_key_manager
+    tink::aead::xchacha20_poly1305_key_manager
+    tink::internal::configuration_impl
+    tink::util::status
+)
+
+tink_cc_test(
+  NAME test
+  SRCS
+    test.cc
+  DEPS
+    tink::config::internal::aead_v0
+    gmock
+    absl::memory
+    tink::core::aead
+    tink::core::configuration
+    tink::core::key_gen_configuration
+    tink::core::keyset_handle
+    tink::aead::aead_key_templates
+    tink::aead::aes_ctr_hmac_aead_key_manager
+    tink::aead::aes_eax_key_manager
+    tink::aead::aes_gcm_key_manager
+    tink::aead::aes_gcm_siv_key_manager
+    tink::aead::xchacha20_poly1305_key_manager
+    tink::internal::configuration_impl
+    tink::internal::key_gen_configuration_impl
+    tink::internal::key_type_info_store
+    tink::internal::keyset_wrapper_store
+    tink::util::statusor
+    tink::util::test_matchers
+)
diff --git a/tink/config/internal/aead_v0.cc b/tink/config/internal/aead_v0.cc
@@ -0,0 +1,67 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+#include "tink/config/internal/aead_v0.h"
+
+#include "absl/memory/memory.h"
+#include "tink/aead/aead_wrapper.h"
+#include "tink/aead/aes_ctr_hmac_aead_key_manager.h"
+#include "tink/aead/aes_eax_key_manager.h"
+#include "tink/aead/aes_gcm_key_manager.h"
+#include "tink/aead/aes_gcm_siv_key_manager.h"
+#include "tink/aead/xchacha20_poly1305_key_manager.h"
+#include "tink/configuration.h"
+#include "tink/internal/configuration_impl.h"
+#include "tink/util/status.h"
+
+namespace crypto {
+namespace tink {
+namespace internal {
+
+util::Status AddAeadV0(Configuration& config) {
+  util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper(
+      absl::make_unique<AeadWrapper>(), config);
+  if (!status.ok()) {
+    return status;
+  }
+
+  status = internal::ConfigurationImpl::AddKeyTypeManager(
+      absl::make_unique<AesCtrHmacAeadKeyManager>(), config);
+  if (!status.ok()) {
+    return status;
+  }
+  status = internal::ConfigurationImpl::AddKeyTypeManager(
+      absl::make_unique<AesGcmKeyManager>(), config);
+  if (!status.ok()) {
+    return status;
+  }
+  status = internal::ConfigurationImpl::AddKeyTypeManager(
+      absl::make_unique<AesGcmSivKeyManager>(), config);
+  if (!status.ok()) {
+    return status;
+  }
+  status = internal::ConfigurationImpl::AddKeyTypeManager(
+      absl::make_unique<AesEaxKeyManager>(), config);
+  if (!status.ok()) {
+    return status;
+  }
+  return internal::ConfigurationImpl::AddKeyTypeManager(
+      absl::make_unique<XChaCha20Poly1305KeyManager>(), config);
+}
+
+}  // namespace internal
+}  // namespace tink
+}  // namespace crypto
diff --git a/tink/config/internal/aead_v0.h b/tink/config/internal/aead_v0.h
@@ -0,0 +1,35 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+#ifndef TINK_CONFIG_INTERNAL_AEAD_V0_H_
+#define TINK_CONFIG_INTERNAL_AEAD_V0_H_
+
+#include "tink/configuration.h"
+#include "tink/util/status.h"
+
+namespace crypto {
+namespace tink {
+namespace internal {
+
+// Add recommended AEAD primitive wrappers and key managers to `config`, which
+// is used to generate primitives.
+util::Status AddAeadV0(Configuration& config);
+
+}  // namespace internal
+}  // namespace tink
+}  // namespace crypto
+
+#endif  // TINK_CONFIG_INTERNAL_AEAD_V0_H_
diff --git a/tink/config/internal/test.cc b/tink/config/internal/test.cc
@@ -0,0 +1,99 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+#include <memory>
+#include <string>
+
+#include "gmock/gmock.h"
+#include "gtest/gtest.h"
+#include "absl/memory/memory.h"
+#include "tink/aead.h"
+#include "tink/aead/aead_key_templates.h"
+#include "tink/aead/aes_ctr_hmac_aead_key_manager.h"
+#include "tink/aead/aes_eax_key_manager.h"
+#include "tink/aead/aes_gcm_key_manager.h"
+#include "tink/aead/aes_gcm_siv_key_manager.h"
+#include "tink/aead/xchacha20_poly1305_key_manager.h"
+#include "tink/config/internal/aead_v0.h"
+#include "tink/configuration.h"
+#include "tink/internal/configuration_impl.h"
+#include "tink/internal/key_gen_configuration_impl.h"
+#include "tink/internal/key_type_info_store.h"
+#include "tink/internal/keyset_wrapper_store.h"
+#include "tink/key_gen_configuration.h"
+#include "tink/keyset_handle.h"
+#include "tink/util/statusor.h"
+#include "tink/util/test_matchers.h"
+
+namespace crypto {
+namespace tink {
+namespace internal {
+namespace {
+
+using ::crypto::tink::test::IsOk;
+using ::crypto::tink::test::IsOkAndHolds;
+
+TEST(AeadV0Test, PrimitiveWrappers) {
+  Configuration config;
+  ASSERT_THAT(AddAeadV0(config), IsOk());
+  util::StatusOr<const internal::KeysetWrapperStore*> store =
+      internal::ConfigurationImpl::GetKeysetWrapperStore(config);
+  ASSERT_THAT(store, IsOk());
+
+  EXPECT_THAT((*store)->Get<Aead>(), IsOk());
+}
+
+TEST(AeadV0Test, KeyManagers) {
+  Configuration config;
+  ASSERT_THAT(AddAeadV0(config), IsOk());
+  util::StatusOr<const internal::KeyTypeInfoStore*> store =
+      internal::ConfigurationImpl::GetKeyTypeInfoStore(config);
+  ASSERT_THAT(store, IsOk());
+
+  EXPECT_THAT((*store)->Get(AesCtrHmacAeadKeyManager().get_key_type()), IsOk());
+  EXPECT_THAT((*store)->Get(AesGcmKeyManager().get_key_type()), IsOk());
+  EXPECT_THAT((*store)->Get(AesGcmSivKeyManager().get_key_type()), IsOk());
+  EXPECT_THAT((*store)->Get(AesEaxKeyManager().get_key_type()), IsOk());
+  EXPECT_THAT((*store)->Get(XChaCha20Poly1305KeyManager().get_key_type()),
+              IsOk());
+}
+
+TEST(AeadV0Test, GetPrimitive) {
+  KeyGenConfiguration key_gen_config;
+  ASSERT_THAT(KeyGenConfigurationImpl::AddKeyTypeManager(
+                  absl::make_unique<AesGcmKeyManager>(), key_gen_config),
+              IsOk());
+  util::StatusOr<std::unique_ptr<KeysetHandle>> handle =
+      KeysetHandle::GenerateNew(AeadKeyTemplates::Aes128Gcm(), key_gen_config);
+  ASSERT_THAT(handle, IsOk());
+
+  Configuration config;
+  ASSERT_THAT(AddAeadV0(config), IsOk());
+  util::StatusOr<std::unique_ptr<Aead>> aead =
+      (*handle)->GetPrimitive<Aead>(config);
+  ASSERT_THAT(aead, IsOk());
+
+  std::string plaintext = "plaintext";
+  std::string ad = "ad";
+  util::StatusOr<std::string> ciphertext = (*aead)->Encrypt(plaintext, ad);
+  ASSERT_THAT(ciphertext, IsOk());
+  EXPECT_THAT((*aead)->Decrypt(*ciphertext, ad), IsOkAndHolds(plaintext));
+}
+
+}  // namespace
+}  // namespace internal
+}  // namespace tink
+}  // namespace crypto
diff --git a/tink/config/v0.cc b/tink/config/v0.cc
@@ -17,12 +17,7 @@
 #include "tink/config/v0.h"
 
 #include "absl/log/check.h"
-#include "tink/aead/aead_wrapper.h"
-#include "tink/aead/aes_ctr_hmac_aead_key_manager.h"
-#include "tink/aead/aes_eax_key_manager.h"
-#include "tink/aead/aes_gcm_key_manager.h"
-#include "tink/aead/aes_gcm_siv_key_manager.h"
-#include "tink/aead/xchacha20_poly1305_key_manager.h"
+#include "tink/config/internal/aead_v0.h"
 #include "tink/configuration.h"
 #include "tink/daead/aes_siv_key_manager.h"
 #include "tink/daead/deterministic_aead_wrapper.h"
@@ -80,37 +75,6 @@ util::Status AddMac(Configuration& config) {
       absl::make_unique<AesCmacKeyManager>(), config);
 }
 
-util::Status AddAead(Configuration& config) {
-  util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper(
-      absl::make_unique<AeadWrapper>(), config);
-  if (!status.ok()) {
-    return status;
-  }
-
-  status = internal::ConfigurationImpl::AddKeyTypeManager(
-      absl::make_unique<AesCtrHmacAeadKeyManager>(), config);
-  if (!status.ok()) {
-    return status;
-  }
-  status = internal::ConfigurationImpl::AddKeyTypeManager(
-      absl::make_unique<AesGcmKeyManager>(), config);
-  if (!status.ok()) {
-    return status;
-  }
-  status = internal::ConfigurationImpl::AddKeyTypeManager(
-      absl::make_unique<AesGcmSivKeyManager>(), config);
-  if (!status.ok()) {
-    return status;
-  }
-  status = internal::ConfigurationImpl::AddKeyTypeManager(
-      absl::make_unique<AesEaxKeyManager>(), config);
-  if (!status.ok()) {
-    return status;
-  }
-  return internal::ConfigurationImpl::AddKeyTypeManager(
-      absl::make_unique<XChaCha20Poly1305KeyManager>(), config);
-}
-
 util::Status AddDeterministicAead(Configuration& config) {
   util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper(
       absl::make_unique<DeterministicAeadWrapper>(), config);
@@ -223,7 +187,7 @@ const Configuration& ConfigV0() {
   static const Configuration* instance = [] {
     static Configuration* config = new Configuration();
     CHECK_OK(AddMac(*config));
-    CHECK_OK(AddAead(*config));
+    CHECK_OK(internal::AddAeadV0(*config));
     CHECK_OK(AddDeterministicAead(*config));
     CHECK_OK(AddStreamingAead(*config));
     CHECK_OK(AddHybrid(*config));