xref: /aosp_15_r20/external/tink/cc/jwt/internal/raw_jwt_rsa_ssa_pkcs1_verify_key_manager.h (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2021 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 
17 #ifndef TINK_JWT_INTERNAL_RAW_JWT_RSA_SSA_PKCS1_VERIFY_KEY_MANAGER_H_
18 #define TINK_JWT_INTERNAL_RAW_JWT_RSA_SSA_PKCS1_VERIFY_KEY_MANAGER_H_
19 
20 #include <algorithm>
21 #include <memory>
22 #include <string>
23 #include <vector>
24 
25 #include "absl/memory/memory.h"
26 #include "absl/strings/str_cat.h"
27 #include "tink/core/key_type_manager.h"
28 #include "tink/public_key_verify.h"
29 #include "tink/util/constants.h"
30 #include "tink/util/errors.h"
31 #include "tink/util/protobuf_helper.h"
32 #include "tink/util/status.h"
33 #include "tink/util/statusor.h"
34 #include "proto/common.pb.h"
35 #include "proto/jwt_rsa_ssa_pkcs1.pb.h"
36 
37 namespace crypto {
38 namespace tink {
39 
40 class RawJwtRsaSsaPkcs1VerifyKeyManager
41     : public KeyTypeManager<google::crypto::tink::JwtRsaSsaPkcs1PublicKey, void,
42                             List<PublicKeyVerify>> {
43  public:
44   class PublicKeyVerifyFactory : public PrimitiveFactory<PublicKeyVerify> {
45     crypto::tink::util::StatusOr<std::unique_ptr<PublicKeyVerify>> Create(
46         const google::crypto::tink::JwtRsaSsaPkcs1PublicKey&
47             jwt_rsa_ssa_pkcs1_public_key) const override;
48   };
49 
RawJwtRsaSsaPkcs1VerifyKeyManager()50   RawJwtRsaSsaPkcs1VerifyKeyManager()
51       : KeyTypeManager(absl::make_unique<PublicKeyVerifyFactory>()) {}
52 
get_version()53   uint32_t get_version() const override { return 0; }
54 
key_material_type()55   google::crypto::tink::KeyData::KeyMaterialType key_material_type()
56       const override {
57     return google::crypto::tink::KeyData::ASYMMETRIC_PUBLIC;
58   }
59 
get_key_type()60   const std::string& get_key_type() const override { return key_type_; }
61 
62   crypto::tink::util::Status ValidateKey(
63       const google::crypto::tink::JwtRsaSsaPkcs1PublicKey& key) const override;
64 
FipsStatus()65   internal::FipsCompatibility FipsStatus() const override {
66     return internal::FipsCompatibility::kRequiresBoringCrypto;
67   }
68 
69  private:
70   static crypto::tink::util::Status ValidateAlgorithm(
71       const google::crypto::tink::JwtRsaSsaPkcs1Algorithm& algorithm);
72 
73   static crypto::tink::util::StatusOr<google::crypto::tink::HashType>
74   HashForPkcs1Algorithm(
75       const google::crypto::tink::JwtRsaSsaPkcs1Algorithm& algorithm);
76 
77   const std::string key_type_ = absl::StrCat(
78       kTypeGoogleapisCom,
79       google::crypto::tink::JwtRsaSsaPkcs1PublicKey().GetTypeName());
80   friend class RawJwtRsaSsaPkcs1SignKeyManager;
81 };
82 
83 }  // namespace tink
84 }  // namespace crypto
85 
86 #endif  // TINK_JWT_INTERNAL_RAW_JWT_RSA_SSA_PKCS1_VERIFY_KEY_MANAGER_H_
87