From 2f783013e59c2e43c304e5e9bb5de73bf4d71ddd Mon Sep 17 00:00:00 2001 From: Cindy Lin Date: Thu, 19 Oct 2023 16:04:05 -0700 Subject: [PATCH] Move AddPrfV0() to prf/internal/. PiperOrigin-RevId: 575029842 Change-Id: I87a4fe61c79acbf58e01d56a18b8ebb9429301b6 --- tink/config/BUILD.bazel | 9 +- tink/config/CMakeLists.txt | 9 +- tink/config/key_gen_v0.cc | 21 +---- tink/config/v0.cc | 28 +----- tink/prf/CMakeLists.txt | 2 + tink/prf/internal/BUILD.bazel | 60 +++++++++++++ tink/prf/internal/CMakeLists.txt | 57 +++++++++++++ tink/prf/internal/config_v0.cc | 55 ++++++++++++ tink/prf/internal/config_v0.h | 35 ++++++++ tink/prf/internal/config_v0_test.cc | 114 +++++++++++++++++++++++++ tink/prf/internal/key_gen_config_v0.cc | 48 +++++++++++ tink/prf/internal/key_gen_config_v0.h | 34 ++++++++ 12 files changed, 413 insertions(+), 59 deletions(-) create mode 100644 tink/prf/internal/config_v0.cc create mode 100644 tink/prf/internal/config_v0.h create mode 100644 tink/prf/internal/config_v0_test.cc create mode 100644 tink/prf/internal/key_gen_config_v0.cc create mode 100644 tink/prf/internal/key_gen_config_v0.h diff --git a/tink/config/BUILD.bazel b/tink/config/BUILD.bazel index cde8026f..9f1f24e6 100644 --- a/tink/config/BUILD.bazel +++ b/tink/config/BUILD.bazel @@ -142,10 +142,7 @@ cc_library( "//tink/mac:hmac_key_manager", "//tink/mac:mac_wrapper", "//tink/mac/internal:chunked_mac_wrapper", - "//tink/prf:aes_cmac_prf_key_manager", - "//tink/prf:hkdf_prf_key_manager", - "//tink/prf:hmac_prf_key_manager", - "//tink/prf:prf_set_wrapper", + "//tink/prf/internal:config_v0", "//tink/signature:ecdsa_sign_key_manager", "//tink/signature:ecdsa_verify_key_manager", "//tink/signature:ed25519_sign_key_manager", @@ -183,9 +180,7 @@ cc_library( "//tink/internal:key_gen_configuration_impl", "//tink/mac:aes_cmac_key_manager", "//tink/mac:hmac_key_manager", - "//tink/prf:aes_cmac_prf_key_manager", - "//tink/prf:hkdf_prf_key_manager", - "//tink/prf:hmac_prf_key_manager", + "//tink/prf/internal:key_gen_config_v0", "//tink/signature:ecdsa_sign_key_manager", "//tink/signature:ecdsa_verify_key_manager", "//tink/signature:ed25519_sign_key_manager", diff --git a/tink/config/CMakeLists.txt b/tink/config/CMakeLists.txt index 99e8ed3c..3ee83431 100644 --- a/tink/config/CMakeLists.txt +++ b/tink/config/CMakeLists.txt @@ -127,10 +127,7 @@ tink_cc_library( tink::mac::hmac_key_manager tink::mac::mac_wrapper tink::mac::internal::chunked_mac_wrapper - tink::prf::aes_cmac_prf_key_manager - tink::prf::hkdf_prf_key_manager - tink::prf::hmac_prf_key_manager - tink::prf::prf_set_wrapper + tink::prf::internal::config_v0 tink::signature::ecdsa_verify_key_manager tink::signature::ed25519_sign_key_manager tink::signature::ed25519_verify_key_manager @@ -168,9 +165,7 @@ tink_cc_library( tink::internal::key_gen_configuration_impl tink::mac::aes_cmac_key_manager tink::mac::hmac_key_manager - tink::prf::aes_cmac_prf_key_manager - tink::prf::hkdf_prf_key_manager - tink::prf::hmac_prf_key_manager + tink::prf::internal::key_gen_config_v0 tink::signature::ecdsa_verify_key_manager tink::signature::ed25519_sign_key_manager tink::signature::ed25519_verify_key_manager diff --git a/tink/config/key_gen_v0.cc b/tink/config/key_gen_v0.cc index 1edbaf4a..d6938750 100644 --- a/tink/config/key_gen_v0.cc +++ b/tink/config/key_gen_v0.cc @@ -31,9 +31,7 @@ #include "tink/internal/key_gen_configuration_impl.h" #include "tink/mac/aes_cmac_key_manager.h" #include "tink/mac/hmac_key_manager.h" -#include "tink/prf/aes_cmac_prf_key_manager.h" -#include "tink/prf/hkdf_prf_key_manager.h" -#include "tink/prf/hmac_prf_key_manager.h" +#include "tink/prf/internal/key_gen_config_v0.h" #include "tink/signature/ecdsa_verify_key_manager.h" #include "tink/signature/ed25519_sign_key_manager.h" #include "tink/signature/ed25519_verify_key_manager.h" @@ -101,21 +99,6 @@ util::Status AddHybrid(KeyGenConfiguration& config) { absl::make_unique(), config); } -util::Status AddPrf(KeyGenConfiguration& config) { - util::Status status = internal::KeyGenConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - status = internal::KeyGenConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - return internal::KeyGenConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); -} - util::Status AddSignature(KeyGenConfiguration& config) { util::Status status = internal::KeyGenConfigurationImpl::AddAsymmetricKeyManagers( @@ -151,7 +134,7 @@ const KeyGenConfiguration& KeyGenConfigV0() { CHECK_OK(AddDeterministicAead(*config)); CHECK_OK(internal::AddStreamingAeadV0(*config)); CHECK_OK(AddHybrid(*config)); - CHECK_OK(AddPrf(*config)); + CHECK_OK(internal::AddPrfKeyGenV0(*config)); CHECK_OK(AddSignature(*config)); return config; }(); diff --git a/tink/config/v0.cc b/tink/config/v0.cc index f0a4976d..faa18e2e 100644 --- a/tink/config/v0.cc +++ b/tink/config/v0.cc @@ -32,10 +32,7 @@ #include "tink/mac/hmac_key_manager.h" #include "tink/mac/internal/chunked_mac_wrapper.h" #include "tink/mac/mac_wrapper.h" -#include "tink/prf/aes_cmac_prf_key_manager.h" -#include "tink/prf/hkdf_prf_key_manager.h" -#include "tink/prf/hmac_prf_key_manager.h" -#include "tink/prf/prf_set_wrapper.h" +#include "tink/prf/internal/config_v0.h" #include "tink/signature/ecdsa_verify_key_manager.h" #include "tink/signature/ed25519_sign_key_manager.h" #include "tink/signature/ed25519_verify_key_manager.h" @@ -107,27 +104,6 @@ util::Status AddHybrid(Configuration& config) { absl::make_unique(), config); } -util::Status AddPrf(Configuration& config) { - util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - - status = internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - status = internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); - if (!status.ok()) { - return status; - } - return internal::ConfigurationImpl::AddKeyTypeManager( - absl::make_unique(), config); -} - util::Status AddSignature(Configuration& config) { util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper( absl::make_unique(), config); @@ -173,7 +149,7 @@ const Configuration& ConfigV0() { CHECK_OK(AddDeterministicAead(*config)); CHECK_OK(internal::AddStreamingAeadV0(*config)); CHECK_OK(AddHybrid(*config)); - CHECK_OK(AddPrf(*config)); + CHECK_OK(internal::AddPrfV0(*config)); CHECK_OK(AddSignature(*config)); return config; }(); diff --git a/tink/prf/CMakeLists.txt b/tink/prf/CMakeLists.txt index ebe61bc8..51622c24 100644 --- a/tink/prf/CMakeLists.txt +++ b/tink/prf/CMakeLists.txt @@ -1,5 +1,7 @@ tink_module(prf) +add_subdirectory(internal) + tink_cc_library( NAME hkdf_prf_key_manager SRCS diff --git a/tink/prf/internal/BUILD.bazel b/tink/prf/internal/BUILD.bazel index 5b01f6e3..849d0261 100644 --- a/tink/prf/internal/BUILD.bazel +++ b/tink/prf/internal/BUILD.bazel @@ -1 +1,61 @@ +package(default_visibility = ["//:__subpackages__"]) + licenses(["notice"]) + +cc_library( + name = "config_v0", + srcs = ["config_v0.cc"], + hdrs = ["config_v0.h"], + include_prefix = "tink/prf/internal", + deps = [ + "//tink:configuration", + "//tink/internal:configuration_impl", + "//tink/prf:aes_cmac_prf_key_manager", + "//tink/prf:hkdf_prf_key_manager", + "//tink/prf:hmac_prf_key_manager", + "//tink/prf:prf_set_wrapper", + "//tink/util:status", + "@com_google_absl//absl/memory", + ], +) + +cc_library( + name = "key_gen_config_v0", + srcs = ["key_gen_config_v0.cc"], + hdrs = ["key_gen_config_v0.h"], + include_prefix = "tink/prf/internal", + deps = [ + "//tink:key_gen_configuration", + "//tink/internal:key_gen_configuration_impl", + "//tink/prf:aes_cmac_prf_key_manager", + "//tink/prf:hkdf_prf_key_manager", + "//tink/prf:hmac_prf_key_manager", + "//tink/util:status", + "@com_google_absl//absl/memory", + ], +) + +cc_test( + name = "config_v0_test", + srcs = ["config_v0_test.cc"], + deps = [ + ":config_v0", + ":key_gen_config_v0", + "//tink:configuration", + "//tink:key_gen_configuration", + "//tink:keyset_handle", + "//tink/internal:configuration_impl", + "//tink/internal:key_gen_configuration_impl", + "//tink/internal:key_type_info_store", + "//tink/internal:keyset_wrapper_store", + "//tink/prf:aes_cmac_prf_key_manager", + "//tink/prf:hkdf_prf_key_manager", + "//tink/prf:hmac_prf_key_manager", + "//tink/prf:prf_key_templates", + "//tink/prf:prf_set", + "//proto:tink_cc_proto", + "//tink/util:statusor", + "//tink/util:test_matchers", + "@com_google_googletest//:gtest_main", + ], +) diff --git a/tink/prf/internal/CMakeLists.txt b/tink/prf/internal/CMakeLists.txt index e69de29b..6415e3ed 100644 --- a/tink/prf/internal/CMakeLists.txt +++ b/tink/prf/internal/CMakeLists.txt @@ -0,0 +1,57 @@ +tink_module(prf::internal) + +tink_cc_library( + NAME config_v0 + SRCS + config_v0.cc + config_v0.h + DEPS + absl::memory + tink::core::configuration + tink::internal::configuration_impl + tink::prf::aes_cmac_prf_key_manager + tink::prf::hkdf_prf_key_manager + tink::prf::hmac_prf_key_manager + tink::prf::prf_set_wrapper + tink::util::status +) + +tink_cc_library( + NAME key_gen_config_v0 + SRCS + key_gen_config_v0.cc + key_gen_config_v0.h + DEPS + absl::memory + tink::core::key_gen_configuration + tink::internal::key_gen_configuration_impl + tink::prf::aes_cmac_prf_key_manager + tink::prf::hkdf_prf_key_manager + tink::prf::hmac_prf_key_manager + tink::util::status +) + +tink_cc_test( + NAME config_v0_test + SRCS + config_v0_test.cc + DEPS + tink::prf::internal::config_v0 + tink::prf::internal::key_gen_config_v0 + gmock + tink::core::configuration + tink::core::key_gen_configuration + tink::core::keyset_handle + tink::internal::configuration_impl + tink::internal::key_gen_configuration_impl + tink::internal::key_type_info_store + tink::internal::keyset_wrapper_store + tink::prf::aes_cmac_prf_key_manager + tink::prf::hkdf_prf_key_manager + tink::prf::hmac_prf_key_manager + tink::prf::prf_key_templates + tink::prf::prf_set + tink::util::statusor + tink::util::test_matchers + tink::proto::tink_cc_proto +) diff --git a/tink/prf/internal/config_v0.cc b/tink/prf/internal/config_v0.cc new file mode 100644 index 00000000..c9ce2092 --- /dev/null +++ b/tink/prf/internal/config_v0.cc @@ -0,0 +1,55 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#include "tink/prf/internal/config_v0.h" + +#include "absl/memory/memory.h" +#include "tink/configuration.h" +#include "tink/internal/configuration_impl.h" +#include "tink/prf/aes_cmac_prf_key_manager.h" +#include "tink/prf/hkdf_prf_key_manager.h" +#include "tink/prf/hmac_prf_key_manager.h" +#include "tink/prf/prf_set_wrapper.h" +#include "tink/util/status.h" + +namespace crypto { +namespace tink { +namespace internal { + +util::Status AddPrfV0(Configuration& config) { + util::Status status = ConfigurationImpl::AddPrimitiveWrapper( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + + status = ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + status = ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + return ConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); +} + +} // namespace internal +} // namespace tink +} // namespace crypto diff --git a/tink/prf/internal/config_v0.h b/tink/prf/internal/config_v0.h new file mode 100644 index 00000000..918cf0ec --- /dev/null +++ b/tink/prf/internal/config_v0.h @@ -0,0 +1,35 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#ifndef TINK_PRF_INTERNAL_CONFIG_V0_H_ +#define TINK_PRF_INTERNAL_CONFIG_V0_H_ + +#include "tink/configuration.h" +#include "tink/util/status.h" + +namespace crypto { +namespace tink { +namespace internal { + +// Add recommended PRF primitive wrappers and key managers to `config`, used to +// generate primitives. +util::Status AddPrfV0(Configuration& config); + +} // namespace internal +} // namespace tink +} // namespace crypto + +#endif // TINK_PRF_INTERNAL_CONFIG_V0_H_ diff --git a/tink/prf/internal/config_v0_test.cc b/tink/prf/internal/config_v0_test.cc new file mode 100644 index 00000000..a7b81879 --- /dev/null +++ b/tink/prf/internal/config_v0_test.cc @@ -0,0 +1,114 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#include "tink/prf/internal/config_v0.h" + +#include +#include +#include + +#include "gmock/gmock.h" +#include "gtest/gtest.h" +#include "tink/configuration.h" +#include "tink/internal/configuration_impl.h" +#include "tink/internal/key_gen_configuration_impl.h" +#include "tink/internal/key_type_info_store.h" +#include "tink/internal/keyset_wrapper_store.h" +#include "tink/key_gen_configuration.h" +#include "tink/keyset_handle.h" +#include "tink/prf/aes_cmac_prf_key_manager.h" +#include "tink/prf/hkdf_prf_key_manager.h" +#include "tink/prf/hmac_prf_key_manager.h" +#include "tink/prf/internal/key_gen_config_v0.h" +#include "tink/prf/prf_key_templates.h" +#include "tink/prf/prf_set.h" +#include "tink/util/statusor.h" +#include "tink/util/test_matchers.h" +#include "proto/tink.pb.h" + +namespace crypto { +namespace tink { +namespace internal { +namespace { + +using ::crypto::tink::test::IsOk; +using ::google::crypto::tink::KeyTemplate; +using ::testing::Eq; +using ::testing::TestWithParam; +using ::testing::Values; + +TEST(PrfV0Test, PrimitiveWrapper) { + Configuration config; + ASSERT_THAT(AddPrfV0(config), IsOk()); + util::StatusOr store = + internal::ConfigurationImpl::GetKeysetWrapperStore(config); + ASSERT_THAT(store, IsOk()); + + EXPECT_THAT((*store)->Get(), IsOk()); +} + +TEST(PrfV0Test, KeyManagers) { + Configuration config; + ASSERT_THAT(AddPrfV0(config), IsOk()); + util::StatusOr store = + internal::ConfigurationImpl::GetKeyTypeInfoStore(config); + ASSERT_THAT(store, IsOk()); + + KeyGenConfiguration key_gen_config; + ASSERT_THAT(AddPrfKeyGenV0(key_gen_config), IsOk()); + util::StatusOr key_gen_store = + internal::KeyGenConfigurationImpl::GetKeyTypeInfoStore(key_gen_config); + ASSERT_THAT(key_gen_store, IsOk()); + + for (const internal::KeyTypeInfoStore* s : {*store, *key_gen_store}) { + EXPECT_THAT(s->Get(AesCmacPrfKeyManager().get_key_type()), IsOk()); + EXPECT_THAT(s->Get(HkdfPrfKeyManager().get_key_type()), IsOk()); + EXPECT_THAT(s->Get(HmacPrfKeyManager().get_key_type()), IsOk()); + } +} + +using PrfV0KeyTypesTest = TestWithParam; + +INSTANTIATE_TEST_SUITE_P(PrfV0KeyTypesTestSuite, PrfV0KeyTypesTest, + Values(PrfKeyTemplates::AesCmac(), + PrfKeyTemplates::HkdfSha256(), + PrfKeyTemplates::HmacSha256())); + +TEST_P(PrfV0KeyTypesTest, GetPrimitive) { + KeyGenConfiguration key_gen_config; + ASSERT_THAT(AddPrfKeyGenV0(key_gen_config), IsOk()); + Configuration config; + ASSERT_THAT(AddPrfV0(config), IsOk()); + + util::StatusOr> handle = + KeysetHandle::GenerateNew(GetParam(), key_gen_config); + ASSERT_THAT(handle, IsOk()); + + util::StatusOr> prf = + (*handle)->GetPrimitive(config); + ASSERT_THAT(prf, IsOk()); + + size_t output_length = 16; + util::StatusOr output = + (*prf)->ComputePrimary("input", output_length); + ASSERT_THAT(output, IsOk()); + EXPECT_THAT((*output).length(), Eq(output_length)); +} + +} // namespace +} // namespace internal +} // namespace tink +} // namespace crypto diff --git a/tink/prf/internal/key_gen_config_v0.cc b/tink/prf/internal/key_gen_config_v0.cc new file mode 100644 index 00000000..62f611c2 --- /dev/null +++ b/tink/prf/internal/key_gen_config_v0.cc @@ -0,0 +1,48 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#include "tink/prf/internal/key_gen_config_v0.h" + +#include "absl/memory/memory.h" +#include "tink/internal/key_gen_configuration_impl.h" +#include "tink/key_gen_configuration.h" +#include "tink/prf/aes_cmac_prf_key_manager.h" +#include "tink/prf/hkdf_prf_key_manager.h" +#include "tink/prf/hmac_prf_key_manager.h" +#include "tink/util/status.h" + +namespace crypto { +namespace tink { +namespace internal { + +util::Status AddPrfKeyGenV0(KeyGenConfiguration& config) { + util::Status status = KeyGenConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + status = KeyGenConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); + if (!status.ok()) { + return status; + } + return KeyGenConfigurationImpl::AddKeyTypeManager( + absl::make_unique(), config); +} + +} // namespace internal +} // namespace tink +} // namespace crypto diff --git a/tink/prf/internal/key_gen_config_v0.h b/tink/prf/internal/key_gen_config_v0.h new file mode 100644 index 00000000..0ce5dd52 --- /dev/null +++ b/tink/prf/internal/key_gen_config_v0.h @@ -0,0 +1,34 @@ +// Copyright 2023 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +#ifndef TINK_PRF_INTERNAL_KEY_GEN_CONFIG_V0_H_ +#define TINK_PRF_INTERNAL_KEY_GEN_CONFIG_V0_H_ + +#include "tink/key_gen_configuration.h" +#include "tink/util/status.h" + +namespace crypto { +namespace tink { +namespace internal { + +// Add recommended PRF key managers to `config`, used to generate keys. +util::Status AddPrfKeyGenV0(KeyGenConfiguration& config); + +} // namespace internal +} // namespace tink +} // namespace crypto + +#endif // TINK_PRF_INTERNAL_KEY_GEN_CONFIG_V0_H_