From ccbe0686e30b0f442c5e3107ddfb2e5b6754d336 Mon Sep 17 00:00:00 2001
From: tholenst <tholenst@google.com>
Date: Fri, 30 Aug 2019 03:38:15 -0700
Subject: [PATCH] Migrate the AesEaxKeyManager to a KeyTypeManager.
PiperOrigin-RevId: 266345676
---
.../google/crypto/tink/aead/AeadConfig.java | 4 +-
.../crypto/tink/aead/AeadKeyTemplates.java | 2 +-
.../crypto/tink/aead/AesEaxKeyManager.java | 87 ++++++++++---------
.../com/google/crypto/tink/RegistryTest.java | 4 +-
.../tink/aead/AeadKeyTemplatesTest.java | 6 +-
.../tink/aead/AesEaxKeyManagerTest.java | 10 ++-
6 files changed, 62 insertions(+), 51 deletions(-)
diff --git a/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java b/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java
index a6d5d697e..54c60c080 100644
--- a/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java
+++ b/java/src/main/java/com/google/crypto/tink/aead/AeadConfig.java
@@ -36,7 +36,7 @@ import java.security.GeneralSecurityException;
public final class AeadConfig {
public static final String AES_CTR_HMAC_AEAD_TYPE_URL = AesCtrHmacAeadKeyManager.TYPE_URL;
public static final String AES_GCM_TYPE_URL = new AesGcmKeyManager().getKeyType();
- public static final String AES_EAX_TYPE_URL = AesEaxKeyManager.TYPE_URL;
+ public static final String AES_EAX_TYPE_URL = new AesEaxKeyManager().getKeyType();
public static final String KMS_AEAD_TYPE_URL = KmsAeadKeyManager.TYPE_URL;
public static final String KMS_ENVELOPE_AEAD_TYPE_URL = KmsEnvelopeAeadKeyManager.TYPE_URL;
public static final String CHACHA20_POLY1305_TYPE_URL =
@@ -96,7 +96,7 @@ public final class AeadConfig {
public static void register() throws GeneralSecurityException {
MacConfig.register();
Registry.registerKeyManager(new AesCtrHmacAeadKeyManager());
- Registry.registerKeyManager(new AesEaxKeyManager());
+ Registry.registerKeyManager(new AesEaxKeyManager(), /*newKeyAllowed=*/ true);
Registry.registerKeyManager(new AesGcmKeyManager(), /*newKeyAllowed=*/ true);
Registry.registerKeyManager(new ChaCha20Poly1305KeyManager(), /*newKeyAllowed=*/ true);
Registry.registerKeyManager(new KmsAeadKeyManager());
diff --git a/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java b/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java
index 43b82723e..a8db0891b 100644
--- a/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java
+++ b/java/src/main/java/com/google/crypto/tink/aead/AeadKeyTemplates.java
@@ -176,7 +176,7 @@ public final class AeadKeyTemplates {
.build();
return KeyTemplate.newBuilder()
.setValue(format.toByteString())
- .setTypeUrl(AesEaxKeyManager.TYPE_URL)
+ .setTypeUrl(new AesEaxKeyManager().getKeyType())
.setOutputPrefixType(OutputPrefixType.TINK)
.build();
}
diff --git a/java/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java b/java/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java
index 00edb582c..bbdfb3935 100644
--- a/java/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java
+++ b/java/src/main/java/com/google/crypto/tink/aead/AesEaxKeyManager.java
@@ -17,7 +17,7 @@
package com.google.crypto.tink.aead;
import com.google.crypto.tink.Aead;
-import com.google.crypto.tink.KeyManagerBase;
+import com.google.crypto.tink.KeyTypeManager;
import com.google.crypto.tink.proto.AesEaxKey;
import com.google.crypto.tink.proto.AesEaxKeyFormat;
import com.google.crypto.tink.proto.KeyData.KeyMaterialType;
@@ -32,54 +32,37 @@ import java.security.GeneralSecurityException;
* This key manager generates new {@code AesEaxKey} keys and produces new instances of {@code
* AesEaxJce}.
*/
-class AesEaxKeyManager extends KeyManagerBase<Aead, AesEaxKey, AesEaxKeyFormat> {
+class AesEaxKeyManager extends KeyTypeManager<AesEaxKey> {
public AesEaxKeyManager() {
- super(Aead.class, AesEaxKey.class, AesEaxKeyFormat.class, TYPE_URL);
- }
-
- private static final int VERSION = 0;
-
- public static final String TYPE_URL = "type.googleapis.com/google.crypto.tink.AesEaxKey";
-
- @Override
- public Aead getPrimitiveFromKey(AesEaxKey keyProto) throws GeneralSecurityException {
- return new AesEaxJce(keyProto.getKeyValue().toByteArray(), keyProto.getParams().getIvSize());
+ super(
+ AesEaxKey.class,
+ new PrimitiveFactory<Aead, AesEaxKey>(Aead.class) {
+ @Override
+ public Aead getPrimitive(AesEaxKey key) throws GeneralSecurityException {
+ return new AesEaxJce(
+ key.getKeyValue().toByteArray(), key.getParams().getIvSize());
+ }
+ });
}
@Override
- public AesEaxKey newKeyFromFormat(AesEaxKeyFormat format) throws GeneralSecurityException {
- return AesEaxKey.newBuilder()
- .setKeyValue(ByteString.copyFrom(Random.randBytes(format.getKeySize())))
- .setParams(format.getParams())
- .setVersion(VERSION)
- .build();
+ public String getKeyType() {
+ return "type.googleapis.com/google.crypto.tink.AesEaxKey";
}
@Override
public int getVersion() {
- return VERSION;
+ return 0;
}
@Override
- protected KeyMaterialType keyMaterialType() {
+ public KeyMaterialType keyMaterialType() {
return KeyMaterialType.SYMMETRIC;
}
@Override
- protected AesEaxKey parseKeyProto(ByteString byteString)
- throws InvalidProtocolBufferException {
- return AesEaxKey.parseFrom(byteString);
- }
-
- @Override
- protected AesEaxKeyFormat parseKeyFormatProto(ByteString byteString)
- throws InvalidProtocolBufferException {
- return AesEaxKeyFormat.parseFrom(byteString);
- }
-
- @Override
- protected void validateKey(AesEaxKey key) throws GeneralSecurityException {
- Validators.validateVersion(key.getVersion(), VERSION);
+ public void validateKey(AesEaxKey key) throws GeneralSecurityException {
+ Validators.validateVersion(key.getVersion(), getVersion());
Validators.validateAesKeySize(key.getKeyValue().size());
if (key.getParams().getIvSize() != 12 && key.getParams().getIvSize() != 16) {
throw new GeneralSecurityException("invalid IV size; acceptable values have 12 or 16 bytes");
@@ -87,10 +70,36 @@ class AesEaxKeyManager extends KeyManagerBase<Aead, AesEaxKey, AesEaxKeyFormat>
}
@Override
- protected void validateKeyFormat(AesEaxKeyFormat format) throws GeneralSecurityException {
- Validators.validateAesKeySize(format.getKeySize());
- if (format.getParams().getIvSize() != 12 && format.getParams().getIvSize() != 16) {
- throw new GeneralSecurityException("invalid IV size; acceptable values have 12 or 16 bytes");
- }
+ public AesEaxKey parseKey(ByteString byteString) throws InvalidProtocolBufferException {
+ return AesEaxKey.parseFrom(byteString);
+ }
+
+ @Override
+ public KeyFactory<AesEaxKeyFormat, AesEaxKey> keyFactory() {
+ return new KeyFactory<AesEaxKeyFormat, AesEaxKey>(AesEaxKeyFormat.class) {
+ @Override
+ public void validateKeyFormat(AesEaxKeyFormat format) throws GeneralSecurityException {
+ Validators.validateAesKeySize(format.getKeySize());
+ if (format.getParams().getIvSize() != 12 && format.getParams().getIvSize() != 16) {
+ throw new GeneralSecurityException(
+ "invalid IV size; acceptable values have 12 or 16 bytes");
+ }
+ }
+
+ @Override
+ public AesEaxKeyFormat parseKeyFormat(ByteString byteString)
+ throws InvalidProtocolBufferException {
+ return AesEaxKeyFormat.parseFrom(byteString);
+ }
+
+ @Override
+ public AesEaxKey createKey(AesEaxKeyFormat format) throws GeneralSecurityException {
+ return AesEaxKey.newBuilder()
+ .setKeyValue(ByteString.copyFrom(Random.randBytes(format.getKeySize())))
+ .setParams(format.getParams())
+ .setVersion(getVersion())
+ .build();
+ }
+ };
}
}
diff --git a/java/src/test/java/com/google/crypto/tink/RegistryTest.java b/java/src/test/java/com/google/crypto/tink/RegistryTest.java
index 0c16ab7dc..0b46f25e9 100644
--- a/java/src/test/java/com/google/crypto/tink/RegistryTest.java
+++ b/java/src/test/java/com/google/crypto/tink/RegistryTest.java
@@ -125,7 +125,7 @@ public class RegistryTest {
@Test
public void testGetKeyManager_legacy_shouldWork() throws Exception {
testGetKeyManager_shouldWork(AeadConfig.AES_CTR_HMAC_AEAD_TYPE_URL, "AesCtrHmacAeadKeyManager");
- testGetKeyManager_shouldWork(AeadConfig.AES_EAX_TYPE_URL, "AesEaxKeyManager");
+ testGetKeyManager_shouldWork(AeadConfig.AES_EAX_TYPE_URL, "KeyManagerImpl");
testGetKeyManager_shouldWork(MacConfig.HMAC_TYPE_URL, "KeyManagerImpl");
}
@@ -133,7 +133,7 @@ public class RegistryTest {
public void testGetKeyManager_shouldWorkAesEax() throws Exception {
assertThat(
Registry.getKeyManager(AeadConfig.AES_EAX_TYPE_URL, Aead.class).getClass().toString())
- .contains("AesEaxKeyManager");
+ .contains("KeyManagerImpl");
}
@Test
diff --git a/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java b/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java
index 710ad1865..964c0eb61 100644
--- a/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java
+++ b/java/src/test/java/com/google/crypto/tink/aead/AeadKeyTemplatesTest.java
@@ -68,7 +68,7 @@ public class AeadKeyTemplatesTest {
@Test
public void testAES128_EAX() throws Exception {
KeyTemplate template = AeadKeyTemplates.AES128_EAX;
- assertEquals(AesEaxKeyManager.TYPE_URL, template.getTypeUrl());
+ assertEquals(new AesEaxKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
AesEaxKeyFormat format = AesEaxKeyFormat.parseFrom(template.getValue());
assertEquals(16, format.getKeySize());
@@ -79,7 +79,7 @@ public class AeadKeyTemplatesTest {
@Test
public void testAES256_EAX() throws Exception {
KeyTemplate template = AeadKeyTemplates.AES256_EAX;
- assertEquals(AesEaxKeyManager.TYPE_URL, template.getTypeUrl());
+ assertEquals(new AesEaxKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
AesEaxKeyFormat format = AesEaxKeyFormat.parseFrom(template.getValue());
assertEquals(32, format.getKeySize());
@@ -94,7 +94,7 @@ public class AeadKeyTemplatesTest {
int keySize = 42;
int ivSize = 72;
KeyTemplate template = AeadKeyTemplates.createAesEaxKeyTemplate(keySize, ivSize);
- assertEquals(AesEaxKeyManager.TYPE_URL, template.getTypeUrl());
+ assertEquals(new AesEaxKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
AesEaxKeyFormat format = AesEaxKeyFormat.parseFrom(template.getValue());
diff --git a/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java b/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java
index d7e194441..120276a45 100644
--- a/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java
+++ b/java/src/test/java/com/google/crypto/tink/aead/AesEaxKeyManagerTest.java
@@ -22,6 +22,8 @@ import static org.junit.Assert.fail;
import com.google.crypto.tink.Aead;
import com.google.crypto.tink.CryptoFormat;
+import com.google.crypto.tink.KeyManager;
+import com.google.crypto.tink.KeyManagerImpl;
import com.google.crypto.tink.KeysetHandle;
import com.google.crypto.tink.TestUtil;
import com.google.crypto.tink.proto.AesEaxKey;
@@ -60,10 +62,10 @@ public class AesEaxKeyManagerTest {
.build();
ByteString serialized = ByteString.copyFrom(eaxKeyFormat.toByteArray());
KeyTemplate keyTemplate = KeyTemplate.newBuilder()
- .setTypeUrl(AesEaxKeyManager.TYPE_URL)
+ .setTypeUrl(new AesEaxKeyManager().getKeyType())
.setValue(serialized)
.build();
- AesEaxKeyManager keyManager = new AesEaxKeyManager();
+ KeyManager<Aead> keyManager = new KeyManagerImpl<>(new AesEaxKeyManager(), Aead.class);
Set<String> keys = new TreeSet<String>();
// Calls newKey multiple times and make sure that they generate different keys.
int numTests = 27;
@@ -88,10 +90,10 @@ public class AesEaxKeyManagerTest {
public void testNewKeyWithCorruptedFormat() throws Exception {
ByteString serialized = ByteString.copyFrom(new byte[128]);
KeyTemplate keyTemplate = KeyTemplate.newBuilder()
- .setTypeUrl(AesEaxKeyManager.TYPE_URL)
+ .setTypeUrl(new AesEaxKeyManager().getKeyType())
.setValue(serialized)
.build();
- AesEaxKeyManager keyManager = new AesEaxKeyManager();
+ KeyManager<Aead> keyManager = new KeyManagerImpl<>(new AesEaxKeyManager(), Aead.class);
try {
keyManager.newKey(serialized);
fail("Corrupted format, should have thrown exception");
--
GitLab