From 6a3604369f39a2d53192d3da046a9f48ac395d43 Mon Sep 17 00:00:00 2001 From: Cindy Lin Date: Fri, 18 Aug 2023 11:42:08 -0700 Subject: [PATCH] Define function to add AEAD v0 primitive wrappers and key type managers. PiperOrigin-RevId: 558205274 Change-Id: I0df200adb5751dba64a1c2a3fe77a6e094cd4606 --- tink/config/BUILD.bazel | 7 +- tink/config/CMakeLists.txt | 9 +-- tink/config/internal/BUILD.bazel | 48 ++++++++++++++ tink/config/internal/CMakeLists.txt | 45 +++++++++++++ tink/config/internal/aead_v0.cc | 67 +++++++++++++++++++ tink/config/internal/aead_v0.h | 35 ++++++++++ tink/config/internal/test.cc | 99 +++++++++++++++++++++++++++++ tink/config/v0.cc | 40 +----------- 8 files changed, 300 insertions(+), 50 deletions(-) create mode 100644 tink/config/internal/BUILD.bazel create mode 100644 tink/config/internal/CMakeLists.txt create mode 100644 tink/config/internal/aead_v0.cc create mode 100644 tink/config/internal/aead_v0.h create mode 100644 tink/config/internal/test.cc diff --git a/tink/config/BUILD.bazel b/tink/config/BUILD.bazel index 10dc0519..d21d3fca 100644 --- a/tink/config/BUILD.bazel +++ b/tink/config/BUILD.bazel @@ -128,12 +128,7 @@ cc_library( tags = ["requires_boringcrypto_update"], deps = [ "//tink:configuration", - "//tink/aead:aead_wrapper", - "//tink/aead:aes_ctr_hmac_aead_key_manager", - "//tink/aead:aes_eax_key_manager", - "//tink/aead:aes_gcm_key_manager", - "//tink/aead:aes_gcm_siv_key_manager", - "//tink/aead:xchacha20_poly1305_key_manager", + "//tink/config/internal:aead_v0", "//tink/daead:aes_siv_key_manager", "//tink/daead:deterministic_aead_wrapper", "//tink/hybrid:ecies_aead_hkdf_private_key_manager", diff --git a/tink/config/CMakeLists.txt b/tink/config/CMakeLists.txt index 652a84d5..a25e6bd5 100644 --- a/tink/config/CMakeLists.txt +++ b/tink/config/CMakeLists.txt @@ -1,5 +1,7 @@ tink_module(config) +add_subdirectory(internal) + tink_cc_library( NAME tink_config SRCS @@ -111,12 +113,7 @@ tink_cc_library( DEPS absl::check tink::core::configuration - tink::aead::aead_wrapper - tink::aead::aes_ctr_hmac_aead_key_manager - tink::aead::aes_eax_key_manager - tink::aead::aes_gcm_key_manager - tink::aead::aes_gcm_siv_key_manager - tink::aead::xchacha20_poly1305_key_manager + tink::config::internal::aead_v0 tink::daead::aes_siv_key_manager tink::daead::deterministic_aead_wrapper tink::hybrid::ecies_aead_hkdf_private_key_manager diff --git a/tink/config/internal/BUILD.bazel b/tink/config/internal/BUILD.bazel new file mode 100644 index 00000000..190ad5c7 --- /dev/null +++ b/tink/config/internal/BUILD.bazel @@ -0,0 +1,48 @@ +package(default_visibility = ["//:__subpackages__"]) + +licenses(["notice"]) + +cc_library( + name = "aead_v0", + srcs = ["aead_v0.cc"], + hdrs = ["aead_v0.h"], + include_prefix = "tink/config/internal", + deps = [ + "//tink:configuration", + "//tink/aead:aead_wrapper", + "//tink/aead:aes_ctr_hmac_aead_key_manager", + "//tink/aead:aes_eax_key_manager", + "//tink/aead:aes_gcm_key_manager", + "//tink/aead:aes_gcm_siv_key_manager", + "//tink/aead:xchacha20_poly1305_key_manager", + "//tink/internal:configuration_impl", + "//tink/util:status", + "@com_google_absl//absl/memory", + ], +) + +cc_test( + name = "test", + srcs = ["test.cc"], + deps = [ + ":aead_v0", + "//tink:aead", + "//tink:configuration", + "//tink:key_gen_configuration", + "//tink:keyset_handle", + "//tink/aead:aead_key_templates", + "//tink/aead:aes_ctr_hmac_aead_key_manager", + "//tink/aead:aes_eax_key_manager", + "//tink/aead:aes_gcm_key_manager", + "//tink/aead:aes_gcm_siv_key_manager", + "//tink/aead:xchacha20_poly1305_key_manager", + "//tink/internal:configuration_impl", + "//tink/internal:key_gen_configuration_impl", + "//tink/internal:key_type_info_store", + "//tink/internal:keyset_wrapper_store", + "//tink/util:statusor", + "//tink/util:test_matchers", + "@com_google_absl//absl/memory", + "@com_google_googletest//:gtest_main", + ], +) diff --git a/tink/config/internal/CMakeLists.txt b/tink/config/internal/CMakeLists.txt new file mode 100644 index 00000000..0d3803b4 --- /dev/null +++ b/tink/config/internal/CMakeLists.txt @@ -0,0 +1,45 @@ +tink_module(config::internal) + +tink_cc_library( + NAME aead_v0 + SRCS + aead_v0.cc + aead_v0.h + DEPS + absl::memory + tink::core::configuration + tink::aead::aead_wrapper + tink::aead::aes_ctr_hmac_aead_key_manager + tink::aead::aes_eax_key_manager + tink::aead::aes_gcm_key_manager + tink::aead::aes_gcm_siv_key_manager + tink::aead::xchacha20_poly1305_key_manager + tink::internal::configuration_impl + tink::util::status +) + +tink_cc_test( + NAME test + SRCS + test.cc + DEPS + tink::config::internal::aead_v0 + gmock + absl::memory + tink::core::aead + tink::core::configuration + tink::core::key_gen_configuration + tink::core::keyset_handle + tink::aead::aead_key_templates + tink::aead::aes_ctr_hmac_aead_key_manager + tink::aead::aes_eax_key_manager + tink::aead::aes_gcm_key_manager + tink::aead::aes_gcm_siv_key_manager + tink::aead::xchacha20_poly1305_key_manager + tink::internal::configuration_impl + tink::internal::key_gen_configuration_impl + tink::internal::key_type_info_store + tink::internal::keyset_wrapper_store + tink::util::statusor + tink::util::test_matchers +) diff --git a/tink/config/internal/aead_v0.cc b/tink/config/internal/aead_v0.cc new file mode 100644 index 00000000..c97d2ac8 --- /dev/null +++ b/tink/config/internal/aead_v0.cc @@ -0,0 +1,67 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#include "tink/config/internal/aead_v0.h" + +#include "absl/memory/memory.h" +#include "tink/aead/aead_wrapper.h" +#include "tink/aead/aes_ctr_hmac_aead_key_manager.h" +#include "tink/aead/aes_eax_key_manager.h" +#include "tink/aead/aes_gcm_key_manager.h" +#include "tink/aead/aes_gcm_siv_key_manager.h" +#include "tink/aead/xchacha20_poly1305_key_manager.h" +#include "tink/configuration.h" +#include "tink/internal/configuration_impl.h" +#include "tink/util/status.h" + +namespace crypto { +namespace tink { +namespace internal { + +util::Status AddAeadV0(Configuration& config) { + util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + + status = internal::ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + status = internal::ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + status = internal::ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + status = internal::ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + return internal::ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); +} + +} // namespace internal +} // namespace tink +} // namespace crypto diff --git a/tink/config/internal/aead_v0.h b/tink/config/internal/aead_v0.h new file mode 100644 index 00000000..47e8b240 --- /dev/null +++ b/tink/config/internal/aead_v0.h @@ -0,0 +1,35 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#ifndef TINK_CONFIG_INTERNAL_AEAD_V0_H_ +#define TINK_CONFIG_INTERNAL_AEAD_V0_H_ + +#include "tink/configuration.h" +#include "tink/util/status.h" + +namespace crypto { +namespace tink { +namespace internal { + +// Add recommended AEAD primitive wrappers and key managers to `config`, which +// is used to generate primitives. +util::Status AddAeadV0(Configuration& config); + +} // namespace internal +} // namespace tink +} // namespace crypto + +#endif // TINK_CONFIG_INTERNAL_AEAD_V0_H_ diff --git a/tink/config/internal/test.cc b/tink/config/internal/test.cc new file mode 100644 index 00000000..983116d0 --- /dev/null +++ b/tink/config/internal/test.cc @@ -0,0 +1,99 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#include +#include + +#include "gmock/gmock.h" +#include "gtest/gtest.h" +#include "absl/memory/memory.h" +#include "tink/aead.h" +#include "tink/aead/aead_key_templates.h" +#include "tink/aead/aes_ctr_hmac_aead_key_manager.h" +#include "tink/aead/aes_eax_key_manager.h" +#include "tink/aead/aes_gcm_key_manager.h" +#include "tink/aead/aes_gcm_siv_key_manager.h" +#include "tink/aead/xchacha20_poly1305_key_manager.h" +#include "tink/config/internal/aead_v0.h" +#include "tink/configuration.h" +#include "tink/internal/configuration_impl.h" +#include "tink/internal/key_gen_configuration_impl.h" +#include "tink/internal/key_type_info_store.h" +#include "tink/internal/keyset_wrapper_store.h" +#include "tink/key_gen_configuration.h" +#include "tink/keyset_handle.h" +#include "tink/util/statusor.h" +#include "tink/util/test_matchers.h" + +namespace crypto { +namespace tink { +namespace internal { +namespace { + +using ::crypto::tink::test::IsOk; +using ::crypto::tink::test::IsOkAndHolds; + +TEST(AeadV0Test, PrimitiveWrappers) { + Configuration config; + ASSERT_THAT(AddAeadV0(config), IsOk()); + util::StatusOr store = + internal::ConfigurationImpl::GetKeysetWrapperStore(config); + ASSERT_THAT(store, IsOk()); + + EXPECT_THAT((*store)->Get(), IsOk()); +} + +TEST(AeadV0Test, KeyManagers) { + Configuration config; + ASSERT_THAT(AddAeadV0(config), IsOk()); + util::StatusOr store = + internal::ConfigurationImpl::GetKeyTypeInfoStore(config); + ASSERT_THAT(store, IsOk()); + + EXPECT_THAT((*store)->Get(AesCtrHmacAeadKeyManager().get_key_type()), IsOk()); + EXPECT_THAT((*store)->Get(AesGcmKeyManager().get_key_type()), IsOk()); + EXPECT_THAT((*store)->Get(AesGcmSivKeyManager().get_key_type()), IsOk()); + EXPECT_THAT((*store)->Get(AesEaxKeyManager().get_key_type()), IsOk()); + EXPECT_THAT((*store)->Get(XChaCha20Poly1305KeyManager().get_key_type()), + IsOk()); +} + +TEST(AeadV0Test, GetPrimitive) { + KeyGenConfiguration key_gen_config; + ASSERT_THAT(KeyGenConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), key_gen_config), + IsOk()); + util::StatusOr> handle = + KeysetHandle::GenerateNew(AeadKeyTemplates::Aes128Gcm(), key_gen_config); + ASSERT_THAT(handle, IsOk()); + + Configuration config; + ASSERT_THAT(AddAeadV0(config), IsOk()); + util::StatusOr> aead = + (*handle)->GetPrimitive(config); + ASSERT_THAT(aead, IsOk()); + + std::string plaintext = "plaintext"; + std::string ad = "ad"; + util::StatusOr ciphertext = (*aead)->Encrypt(plaintext, ad); + ASSERT_THAT(ciphertext, IsOk()); + EXPECT_THAT((*aead)->Decrypt(*ciphertext, ad), IsOkAndHolds(plaintext)); +} + +} // namespace +} // namespace internal +} // namespace tink +} // namespace crypto diff --git a/tink/config/v0.cc b/tink/config/v0.cc index 091fdbc0..d56e9472 100644 --- a/tink/config/v0.cc +++ b/tink/config/v0.cc @@ -17,12 +17,7 @@ #include "tink/config/v0.h" #include "absl/log/check.h" -#include "tink/aead/aead_wrapper.h" -#include "tink/aead/aes_ctr_hmac_aead_key_manager.h" -#include "tink/aead/aes_eax_key_manager.h" -#include "tink/aead/aes_gcm_key_manager.h" -#include "tink/aead/aes_gcm_siv_key_manager.h" -#include "tink/aead/xchacha20_poly1305_key_manager.h" +#include "tink/config/internal/aead_v0.h" #include "tink/configuration.h" #include "tink/daead/aes_siv_key_manager.h" #include "tink/daead/deterministic_aead_wrapper.h" @@ -80,37 +75,6 @@ util::Status AddMac(Configuration& config) { absl::make_unique(), config); } -util::Status AddAead(Configuration& config) { - util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - - status = internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - status = internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - status = internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - status = internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - return internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); -} - util::Status AddDeterministicAead(Configuration& config) { util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper( absl::make_unique(), config); @@ -223,7 +187,7 @@ const Configuration& ConfigV0() { static const Configuration* instance = [] { static Configuration* config = new Configuration(); CHECK_OK(AddMac(*config)); - CHECK_OK(AddAead(*config)); + CHECK_OK(internal::AddAeadV0(*config)); CHECK_OK(AddDeterministicAead(*config)); CHECK_OK(AddStreamingAead(*config)); CHECK_OK(AddHybrid(*config));