Define JWT MAC V0 config and key gen config.

PiperOrigin-RevId: 707982364 Change-Id: I4dacfe00a06cde3053952468a116ab08ff05f5c4
tink-crypto · Dec 19, 2024 · fffa2bc · fffa2bc
1 parent c988c03
commit fffa2bc
Show file tree

Hide file tree

Showing 14 changed files with 674 additions and 0 deletions.
diff --git a/tink/jwt/BUILD.bazel b/tink/jwt/BUILD.bazel
@@ -622,6 +622,30 @@ cc_library(
     ],
 )
 
+cc_library(
+    name = "jwt_mac_config_v0",
+    srcs = ["jwt_mac_config_v0.cc"],
+    hdrs = ["jwt_mac_config_v0.h"],
+    include_prefix = "tink/jwt",
+    deps = [
+        "//tink:configuration",
+        "//tink/jwt/internal:jwt_mac_config_v0",
+        "@com_google_absl//absl/log:check",
+    ],
+)
+
+cc_library(
+    name = "jwt_mac_key_gen_config_v0",
+    srcs = ["jwt_mac_key_gen_config_v0.cc"],
+    hdrs = ["jwt_mac_key_gen_config_v0.h"],
+    include_prefix = "tink/jwt",
+    deps = [
+        "//tink:key_gen_configuration",
+        "//tink/jwt/internal:jwt_mac_key_gen_config_v0",
+        "@com_google_absl//absl/log:check",
+    ],
+)
+
 # tests
 
 cc_test(
@@ -1177,3 +1201,21 @@ cc_test(
         "@com_google_googletest//:gtest_main",
     ],
 )
+
+cc_test(
+    name = "jwt_mac_config_v0_test",
+    srcs = ["jwt_mac_config_v0_test.cc"],
+    deps = [
+        ":jwt_key_templates",
+        ":jwt_mac",
+        ":jwt_mac_config_v0",
+        ":jwt_mac_key_gen_config_v0",
+        ":jwt_validator",
+        ":raw_jwt",
+        "//tink:keyset_handle",
+        "//tink/util:statusor",
+        "//tink/util:test_matchers",
+        "@com_google_absl//absl/time",
+        "@com_google_googletest//:gtest_main",
+    ],
+)
diff --git a/tink/jwt/CMakeLists.txt b/tink/jwt/CMakeLists.txt
@@ -586,6 +586,28 @@ tink_cc_library(
     tink::proto::tink_cc_proto
 )
 
+tink_cc_library(
+  NAME jwt_mac_config_v0
+  SRCS
+    jwt_mac_config_v0.cc
+    jwt_mac_config_v0.h
+  DEPS
+    absl::check
+    tink::core::configuration
+    tink::jwt::internal::jwt_mac_config_v0
+)
+
+tink_cc_library(
+  NAME jwt_mac_key_gen_config_v0
+  SRCS
+    jwt_mac_key_gen_config_v0.cc
+    jwt_mac_key_gen_config_v0.h
+  DEPS
+    absl::check
+    tink::core::key_gen_configuration
+    tink::jwt::internal::jwt_mac_key_gen_config_v0
+)
+
 # tests
 
 tink_cc_test(
@@ -1136,3 +1158,21 @@ tink_cc_test(
     tink::proto::jwt_rsa_ssa_pss_cc_proto
     tink::proto::tink_cc_proto
 )
+
+tink_cc_test(
+  NAME jwt_mac_config_v0_test
+  SRCS
+    jwt_mac_config_v0_test.cc
+  DEPS
+    tink::jwt::jwt_key_templates
+    tink::jwt::jwt_mac
+    tink::jwt::jwt_mac_config_v0
+    tink::jwt::jwt_mac_key_gen_config_v0
+    tink::jwt::jwt_validator
+    tink::jwt::raw_jwt
+    gmock
+    absl::time
+    tink::core::keyset_handle
+    tink::util::statusor
+    tink::util::test_matchers
+)
diff --git a/tink/jwt/internal/BUILD.bazel b/tink/jwt/internal/BUILD.bazel
@@ -1083,3 +1083,57 @@ cc_library(
         "@com_google_absl//absl/types:optional",
     ],
 )
+
+cc_library(
+    name = "jwt_mac_config_v0",
+    srcs = ["jwt_mac_config_v0.cc"],
+    hdrs = ["jwt_mac_config_v0.h"],
+    include_prefix = "tink/jwt/internal",
+    deps = [
+        ":jwt_hmac_key_manager",
+        ":jwt_mac_wrapper",
+        "//tink:configuration",
+        "//tink/internal:configuration_impl",
+        "//tink/util:status",
+        "@com_google_absl//absl/memory",
+    ],
+)
+
+cc_library(
+    name = "jwt_mac_key_gen_config_v0",
+    srcs = ["jwt_mac_key_gen_config_v0.cc"],
+    hdrs = ["jwt_mac_key_gen_config_v0.h"],
+    include_prefix = "tink/jwt/internal",
+    deps = [
+        ":jwt_hmac_key_manager",
+        "//tink:key_gen_configuration",
+        "//tink/internal:key_gen_configuration_impl",
+        "//tink/util:status",
+        "@com_google_absl//absl/memory",
+    ],
+)
+
+cc_test(
+    name = "jwt_mac_config_v0_test",
+    srcs = ["jwt_mac_config_v0_test.cc"],
+    deps = [
+        ":jwt_hmac_key_manager",
+        ":jwt_mac_config_v0",
+        ":jwt_mac_key_gen_config_v0",
+        "//tink:configuration",
+        "//tink:key_gen_configuration",
+        "//tink:keyset_handle",
+        "//tink/internal:configuration_impl",
+        "//tink/internal:key_gen_configuration_impl",
+        "//tink/internal:key_type_info_store",
+        "//tink/internal:keyset_wrapper_store",
+        "//tink/jwt:jwt_key_templates",
+        "//tink/jwt:jwt_mac",
+        "//tink/jwt:jwt_validator",
+        "//tink/jwt:raw_jwt",
+        "//tink/util:statusor",
+        "//tink/util:test_matchers",
+        "@com_google_absl//absl/time",
+        "@com_google_googletest//:gtest_main",
+    ],
+)
diff --git a/tink/jwt/internal/CMakeLists.txt b/tink/jwt/internal/CMakeLists.txt
@@ -1049,3 +1049,54 @@ tink_cc_library(
     tink::util::statusor
 )
 
+tink_cc_library(
+  NAME jwt_mac_config_v0
+  SRCS
+    jwt_mac_config_v0.cc
+    jwt_mac_config_v0.h
+  DEPS
+    tink::jwt::internal::jwt_hmac_key_manager
+    tink::jwt::internal::jwt_mac_wrapper
+    absl::memory
+    tink::core::configuration
+    tink::internal::configuration_impl
+    tink::util::status
+)
+
+tink_cc_library(
+  NAME jwt_mac_key_gen_config_v0
+  SRCS
+    jwt_mac_key_gen_config_v0.cc
+    jwt_mac_key_gen_config_v0.h
+  DEPS
+    tink::jwt::internal::jwt_hmac_key_manager
+    absl::memory
+    tink::core::key_gen_configuration
+    tink::internal::key_gen_configuration_impl
+    tink::util::status
+)
+
+tink_cc_test(
+  NAME jwt_mac_config_v0_test
+  SRCS
+    jwt_mac_config_v0_test.cc
+  DEPS
+    tink::jwt::internal::jwt_hmac_key_manager
+    tink::jwt::internal::jwt_mac_config_v0
+    tink::jwt::internal::jwt_mac_key_gen_config_v0
+    gmock
+    absl::time
+    tink::core::configuration
+    tink::core::key_gen_configuration
+    tink::core::keyset_handle
+    tink::internal::configuration_impl
+    tink::internal::key_gen_configuration_impl
+    tink::internal::key_type_info_store
+    tink::internal::keyset_wrapper_store
+    tink::jwt::jwt_key_templates
+    tink::jwt::jwt_mac
+    tink::jwt::jwt_validator
+    tink::jwt::raw_jwt
+    tink::util::statusor
+    tink::util::test_matchers
+)
diff --git a/tink/jwt/internal/jwt_mac_config_v0.cc b/tink/jwt/internal/jwt_mac_config_v0.cc
@@ -0,0 +1,42 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+#include "tink/jwt/internal/jwt_mac_config_v0.h"
+
+#include "absl/memory/memory.h"
+#include "tink/configuration.h"
+#include "tink/internal/configuration_impl.h"
+#include "tink/jwt/internal/jwt_hmac_key_manager.h"
+#include "tink/jwt/internal/jwt_mac_wrapper.h"
+#include "tink/util/status.h"
+
+namespace crypto {
+namespace tink {
+namespace jwt_internal {
+
+util::Status AddJwtMacV0(Configuration& config) {
+  util::Status status = internal::ConfigurationImpl::AddPrimitiveWrapper(
+      absl::make_unique<JwtMacWrapper>(), config);
+  if (!status.ok()) {
+    return status;
+  }
+  return internal::ConfigurationImpl::AddKeyTypeManager(
+      absl::make_unique<JwtHmacKeyManager>(), config);
+}
+
+}  // namespace jwt_internal
+}  // namespace tink
+}  // namespace crypto
diff --git a/tink/jwt/internal/jwt_mac_config_v0.h b/tink/jwt/internal/jwt_mac_config_v0.h
@@ -0,0 +1,35 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+#ifndef TINK_JWT_INTERNAL_JWT_MAC_CONFIG_V0_H_
+#define TINK_JWT_INTERNAL_JWT_MAC_CONFIG_V0_H_
+
+#include "tink/configuration.h"
+#include "tink/util/status.h"
+
+namespace crypto {
+namespace tink {
+namespace jwt_internal {
+
+// Add recommended JWT MAC primitive wrappers and key managers to `config`, used
+// to generate primitives.
+util::Status AddJwtMacV0(Configuration& config);
+
+}  // namespace jwt_internal
+}  // namespace tink
+}  // namespace crypto
+
+#endif  // TINK_JWT_INTERNAL_JWT_MAC_CONFIG_V0_H_