1*e7b1675dSTing-Kang Chang // Copyright 2020 Google LLC 2*e7b1675dSTing-Kang Chang // 3*e7b1675dSTing-Kang Chang // Licensed under the Apache License, Version 2.0 (the "License"); 4*e7b1675dSTing-Kang Chang // you may not use this file except in compliance with the License. 5*e7b1675dSTing-Kang Chang // You may obtain a copy of the License at 6*e7b1675dSTing-Kang Chang // 7*e7b1675dSTing-Kang Chang // http://www.apache.org/licenses/LICENSE-2.0 8*e7b1675dSTing-Kang Chang // 9*e7b1675dSTing-Kang Chang // Unless required by applicable law or agreed to in writing, software 10*e7b1675dSTing-Kang Chang // distributed under the License is distributed on an "AS IS" BASIS, 11*e7b1675dSTing-Kang Chang // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e7b1675dSTing-Kang Chang // See the License for the specific language governing permissions and 13*e7b1675dSTing-Kang Chang // limitations under the License. 14*e7b1675dSTing-Kang Chang // 15*e7b1675dSTing-Kang Chang //////////////////////////////////////////////////////////////////////////////// 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Chang #ifndef TINK_INTERNAL_KEYSET_WRAPPER_IMPL_H_ 18*e7b1675dSTing-Kang Chang #define TINK_INTERNAL_KEYSET_WRAPPER_IMPL_H_ 19*e7b1675dSTing-Kang Chang 20*e7b1675dSTing-Kang Chang #include <memory> 21*e7b1675dSTing-Kang Chang #include <string> 22*e7b1675dSTing-Kang Chang #include <utility> 23*e7b1675dSTing-Kang Chang 24*e7b1675dSTing-Kang Chang #include "absl/container/flat_hash_map.h" 25*e7b1675dSTing-Kang Chang #include "absl/functional/any_invocable.h" 26*e7b1675dSTing-Kang Chang #include "tink/internal/key_info.h" 27*e7b1675dSTing-Kang Chang #include "tink/internal/keyset_wrapper.h" 28*e7b1675dSTing-Kang Chang #include "tink/primitive_set.h" 29*e7b1675dSTing-Kang Chang #include "tink/primitive_wrapper.h" 30*e7b1675dSTing-Kang Chang #include "tink/util/status.h" 31*e7b1675dSTing-Kang Chang #include "tink/util/statusor.h" 32*e7b1675dSTing-Kang Chang #include "tink/util/validation.h" 33*e7b1675dSTing-Kang Chang #include "proto/tink.pb.h" 34*e7b1675dSTing-Kang Chang 35*e7b1675dSTing-Kang Chang namespace crypto { 36*e7b1675dSTing-Kang Chang namespace tink { 37*e7b1675dSTing-Kang Chang namespace internal { 38*e7b1675dSTing-Kang Chang 39*e7b1675dSTing-Kang Chang template <typename P, typename Q> 40*e7b1675dSTing-Kang Chang class KeysetWrapperImpl : public KeysetWrapper<Q> { 41*e7b1675dSTing-Kang Chang public: 42*e7b1675dSTing-Kang Chang // We allow injection of a function creating the P primitive from KeyData for 43*e7b1675dSTing-Kang Chang // testing -- later, this function will just be Registry::GetPrimitive(). KeysetWrapperImpl(const PrimitiveWrapper<P,Q> * transforming_wrapper,absl::AnyInvocable<crypto::tink::util::StatusOr<std::unique_ptr<P>> (const google::crypto::tink::KeyData & key_data)const> primitive_getter)44*e7b1675dSTing-Kang Chang explicit KeysetWrapperImpl( 45*e7b1675dSTing-Kang Chang const PrimitiveWrapper<P, Q>* transforming_wrapper, 46*e7b1675dSTing-Kang Chang absl::AnyInvocable<crypto::tink::util::StatusOr<std::unique_ptr<P>>( 47*e7b1675dSTing-Kang Chang const google::crypto::tink::KeyData& key_data) const> 48*e7b1675dSTing-Kang Chang primitive_getter) 49*e7b1675dSTing-Kang Chang : primitive_getter_(std::move(primitive_getter)), 50*e7b1675dSTing-Kang Chang transforming_wrapper_(*transforming_wrapper) {} 51*e7b1675dSTing-Kang Chang Wrap(const google::crypto::tink::Keyset & keyset,const absl::flat_hash_map<std::string,std::string> & annotations)52*e7b1675dSTing-Kang Chang crypto::tink::util::StatusOr<std::unique_ptr<Q>> Wrap( 53*e7b1675dSTing-Kang Chang const google::crypto::tink::Keyset& keyset, 54*e7b1675dSTing-Kang Chang const absl::flat_hash_map<std::string, std::string>& annotations) 55*e7b1675dSTing-Kang Chang const override { 56*e7b1675dSTing-Kang Chang crypto::tink::util::Status status = ValidateKeyset(keyset); 57*e7b1675dSTing-Kang Chang if (!status.ok()) return status; 58*e7b1675dSTing-Kang Chang typename PrimitiveSet<P>::Builder primitives_builder; 59*e7b1675dSTing-Kang Chang primitives_builder.AddAnnotations(annotations); 60*e7b1675dSTing-Kang Chang for (const google::crypto::tink::Keyset::Key& key : keyset.key()) { 61*e7b1675dSTing-Kang Chang if (key.status() != google::crypto::tink::KeyStatusType::ENABLED) { 62*e7b1675dSTing-Kang Chang continue; 63*e7b1675dSTing-Kang Chang } 64*e7b1675dSTing-Kang Chang auto primitive = primitive_getter_(key.key_data()); 65*e7b1675dSTing-Kang Chang if (!primitive.ok()) return primitive.status(); 66*e7b1675dSTing-Kang Chang if (key.key_id() == keyset.primary_key_id()) { 67*e7b1675dSTing-Kang Chang primitives_builder.AddPrimaryPrimitive(std::move(primitive.value()), 68*e7b1675dSTing-Kang Chang KeyInfoFromKey(key)); 69*e7b1675dSTing-Kang Chang } else { 70*e7b1675dSTing-Kang Chang primitives_builder.AddPrimitive(std::move(primitive.value()), 71*e7b1675dSTing-Kang Chang KeyInfoFromKey(key)); 72*e7b1675dSTing-Kang Chang } 73*e7b1675dSTing-Kang Chang } 74*e7b1675dSTing-Kang Chang crypto::tink::util::StatusOr<PrimitiveSet<P>> primitives = 75*e7b1675dSTing-Kang Chang std::move(primitives_builder).Build(); 76*e7b1675dSTing-Kang Chang if (!primitives.ok()) return primitives.status(); 77*e7b1675dSTing-Kang Chang return transforming_wrapper_.Wrap( 78*e7b1675dSTing-Kang Chang absl::make_unique<PrimitiveSet<P>>(*std::move(primitives))); 79*e7b1675dSTing-Kang Chang } 80*e7b1675dSTing-Kang Chang 81*e7b1675dSTing-Kang Chang private: 82*e7b1675dSTing-Kang Chang absl::AnyInvocable<crypto::tink::util::StatusOr<std::unique_ptr<P>>( 83*e7b1675dSTing-Kang Chang const google::crypto::tink::KeyData& key_data) const> 84*e7b1675dSTing-Kang Chang primitive_getter_; 85*e7b1675dSTing-Kang Chang const PrimitiveWrapper<P, Q>& transforming_wrapper_; 86*e7b1675dSTing-Kang Chang }; 87*e7b1675dSTing-Kang Chang 88*e7b1675dSTing-Kang Chang } // namespace internal 89*e7b1675dSTing-Kang Chang } // namespace tink 90*e7b1675dSTing-Kang Chang } // namespace crypto 91*e7b1675dSTing-Kang Chang 92*e7b1675dSTing-Kang Chang #endif // TINK_INTERNAL_KEYSET_WRAPPER_IMPL_H_ 93