1*e7b1675dSTing-Kang Chang // Copyright 2017 Google Inc. 2*e7b1675dSTing-Kang Chang // 3*e7b1675dSTing-Kang Chang // Licensed under the Apache License, Version 2.0 (the "License"); 4*e7b1675dSTing-Kang Chang // you may not use this file except in compliance with the License. 5*e7b1675dSTing-Kang Chang // You may obtain a copy of the License at 6*e7b1675dSTing-Kang Chang // 7*e7b1675dSTing-Kang Chang // http://www.apache.org/licenses/LICENSE-2.0 8*e7b1675dSTing-Kang Chang // 9*e7b1675dSTing-Kang Chang // Unless required by applicable law or agreed to in writing, software 10*e7b1675dSTing-Kang Chang // distributed under the License is distributed on an "AS IS" BASIS, 11*e7b1675dSTing-Kang Chang // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e7b1675dSTing-Kang Chang // See the License for the specific language governing permissions and 13*e7b1675dSTing-Kang Chang // limitations under the License. 14*e7b1675dSTing-Kang Chang // 15*e7b1675dSTing-Kang Chang /////////////////////////////////////////////////////////////////////////////// 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Chang #ifndef TINK_CLEARTEXT_KEYSET_HANDLE_H_ 18*e7b1675dSTing-Kang Chang #define TINK_CLEARTEXT_KEYSET_HANDLE_H_ 19*e7b1675dSTing-Kang Chang 20*e7b1675dSTing-Kang Chang #include <istream> 21*e7b1675dSTing-Kang Chang #include <memory> 22*e7b1675dSTing-Kang Chang #include <sstream> 23*e7b1675dSTing-Kang Chang #include <string> 24*e7b1675dSTing-Kang Chang 25*e7b1675dSTing-Kang Chang #include "absl/container/flat_hash_map.h" 26*e7b1675dSTing-Kang Chang #include "tink/keyset_handle.h" 27*e7b1675dSTing-Kang Chang #include "tink/keyset_reader.h" 28*e7b1675dSTing-Kang Chang #include "tink/util/statusor.h" 29*e7b1675dSTing-Kang Chang #include "proto/tink.pb.h" 30*e7b1675dSTing-Kang Chang 31*e7b1675dSTing-Kang Chang namespace crypto { 32*e7b1675dSTing-Kang Chang namespace tink { 33*e7b1675dSTing-Kang Chang 34*e7b1675dSTing-Kang Chang // Creates keyset handles from cleartext keysets. This API allows 35*e7b1675dSTing-Kang Chang // loading cleartext keysets, thus its usage should be restricted. 36*e7b1675dSTing-Kang Chang class CleartextKeysetHandle { 37*e7b1675dSTing-Kang Chang public: 38*e7b1675dSTing-Kang Chang // Creates a KeysetHandle with a keyset obtained via `reader`. Optionally 39*e7b1675dSTing-Kang Chang // allows to pass monitoring_annotations to attach additional data to the 40*e7b1675dSTing-Kang Chang // resulting KeysetHandle, which will be used for monitoring. 41*e7b1675dSTing-Kang Chang static crypto::tink::util::StatusOr<std::unique_ptr<KeysetHandle>> Read( 42*e7b1675dSTing-Kang Chang std::unique_ptr<KeysetReader> reader, 43*e7b1675dSTing-Kang Chang const absl::flat_hash_map<std::string, std::string>& 44*e7b1675dSTing-Kang Chang monitoring_annotations = {}); 45*e7b1675dSTing-Kang Chang 46*e7b1675dSTing-Kang Chang // Writes the keyset in the given `keyset_handle` to the `writer` which must 47*e7b1675dSTing-Kang Chang // be non-null. 48*e7b1675dSTing-Kang Chang static crypto::tink::util::Status Write(KeysetWriter* writer, 49*e7b1675dSTing-Kang Chang const KeysetHandle& keyset_handle); 50*e7b1675dSTing-Kang Chang 51*e7b1675dSTing-Kang Chang // Creates a KeysetHandle object for the given 'keyset'. 52*e7b1675dSTing-Kang Chang static std::unique_ptr<KeysetHandle> GetKeysetHandle( 53*e7b1675dSTing-Kang Chang const google::crypto::tink::Keyset& keyset); 54*e7b1675dSTing-Kang Chang 55*e7b1675dSTing-Kang Chang // Returns a Keyset-proto from the given 'keyset_handle'. 56*e7b1675dSTing-Kang Chang static const google::crypto::tink::Keyset& GetKeyset( 57*e7b1675dSTing-Kang Chang const KeysetHandle& keyset_handle); 58*e7b1675dSTing-Kang Chang 59*e7b1675dSTing-Kang Chang private: CleartextKeysetHandle()60*e7b1675dSTing-Kang Chang CleartextKeysetHandle() {} 61*e7b1675dSTing-Kang Chang }; 62*e7b1675dSTing-Kang Chang 63*e7b1675dSTing-Kang Chang } // namespace tink 64*e7b1675dSTing-Kang Chang } // namespace crypto 65*e7b1675dSTing-Kang Chang 66*e7b1675dSTing-Kang Chang #endif // TINK_CLEARTEXT_KEYSET_HANDLE_H_ 67