diff --git a/cc/aead/aes_ctr_hmac_aead_key_manager.cc b/cc/aead/aes_ctr_hmac_aead_key_manager.cc
index 006c5623b12c1098b2f46c0a00a9ed0859d55df6..08dbf8962d7767a45bfeb5d5380cf47d43c39427 100644
--- a/cc/aead/aes_ctr_hmac_aead_key_manager.cc
+++ b/cc/aead/aes_ctr_hmac_aead_key_manager.cc
@@ -92,7 +92,7 @@ StatusOr<std::unique_ptr<Message>> AesCtrHmacAeadKeyFactory::NewKey(
aes_ctr_key->set_version(AesCtrHmacAeadKeyManager::kVersion);
*(aes_ctr_key->mutable_params()) =
aes_ctr_hmac_aead_key_format.aes_ctr_key_format().params();
- aes_ctr_key->set_key_value(Random::GetRandomBytes(
+ aes_ctr_key->set_key_value(subtle::Random::GetRandomBytes(
aes_ctr_hmac_aead_key_format.aes_ctr_key_format().key_size()));
// Generate HmacKey.
@@ -100,7 +100,7 @@ StatusOr<std::unique_ptr<Message>> AesCtrHmacAeadKeyFactory::NewKey(
hmac_key->set_version(AesCtrHmacAeadKeyManager::kVersion);
*(hmac_key->mutable_params()) =
aes_ctr_hmac_aead_key_format.hmac_key_format().params();
- hmac_key->set_key_value(Random::GetRandomBytes(
+ hmac_key->set_key_value(subtle::Random::GetRandomBytes(
aes_ctr_hmac_aead_key_format.hmac_key_format().key_size()));
std::unique_ptr<Message> key = std::move(aes_ctr_hmac_aead_key);
@@ -192,7 +192,7 @@ StatusOr<std::unique_ptr<Aead>> AesCtrHmacAeadKeyManager::GetPrimitiveImpl(
const AesCtrHmacAeadKey& aes_ctr_hmac_aead_key) const {
Status status = Validate(aes_ctr_hmac_aead_key);
if (!status.ok()) return status;
- auto aes_ctr_result = AesCtrBoringSsl::New(
+ auto aes_ctr_result = subtle::AesCtrBoringSsl::New(
aes_ctr_hmac_aead_key.aes_ctr_key().key_value(),
aes_ctr_hmac_aead_key.aes_ctr_key().params().iv_size());
if (!aes_ctr_result.ok()) return aes_ctr_result.status();
@@ -201,7 +201,7 @@ StatusOr<std::unique_ptr<Aead>> AesCtrHmacAeadKeyManager::GetPrimitiveImpl(
kHmacKeyType, aes_ctr_hmac_aead_key.hmac_key());
if (!hmac_result.ok()) return hmac_result.status();
- auto cipher_res = EncryptThenAuthenticate::New(
+ auto cipher_res = subtle::EncryptThenAuthenticate::New(
std::move(aes_ctr_result.ValueOrDie()),
std::move(hmac_result.ValueOrDie()),
aes_ctr_hmac_aead_key.hmac_key().params().tag_size());
diff --git a/cc/aead/aes_gcm_key_manager.cc b/cc/aead/aes_gcm_key_manager.cc
index 214b70539caa257104663f32134317d03c18997d..8d16f2d9fa3a75c366d441e45cfbb70cb987f8ac 100644
--- a/cc/aead/aes_gcm_key_manager.cc
+++ b/cc/aead/aes_gcm_key_manager.cc
@@ -83,7 +83,7 @@ StatusOr<std::unique_ptr<Message>> AesGcmKeyFactory::NewKey(
std::unique_ptr<AesGcmKey> aes_gcm_key(new AesGcmKey());
aes_gcm_key->set_version(AesGcmKeyManager::kVersion);
aes_gcm_key->set_key_value(
- Random::GetRandomBytes(aes_gcm_key_format.key_size()));
+ subtle::Random::GetRandomBytes(aes_gcm_key_format.key_size()));
std::unique_ptr<Message> key = std::move(aes_gcm_key);
return std::move(key);
}
@@ -169,7 +169,7 @@ StatusOr<std::unique_ptr<Aead>>
AesGcmKeyManager::GetPrimitiveImpl(const AesGcmKey& aes_gcm_key) const {
Status status = Validate(aes_gcm_key);
if (!status.ok()) return status;
- auto aes_gcm_result = AesGcmBoringSsl::New(aes_gcm_key.key_value());
+ auto aes_gcm_result = subtle::AesGcmBoringSsl::New(aes_gcm_key.key_value());
if (!aes_gcm_result.ok()) return aes_gcm_result.status();
return std::move(aes_gcm_result.ValueOrDie());
}
diff --git a/cc/hybrid/BUILD b/cc/hybrid/BUILD
index 84964c0d70e0bcb8558b2900204a03e02e20fa87..dcfb02a9344ea421cb010e3fea38c6a0c7cdae65 100644
--- a/cc/hybrid/BUILD
+++ b/cc/hybrid/BUILD
@@ -147,6 +147,7 @@ cc_library(
"//cc:hybrid_decrypt",
"//cc/subtle:ec_util",
"//cc/subtle:ecies_hkdf_recipient_kem_boringssl",
+ "//cc/util:enums",
"//cc/util:ptr_util",
"//cc/util:status",
"//cc/util:statusor",
@@ -168,6 +169,7 @@ cc_library(
"//cc:key_manager",
"//cc:registry",
"//cc/subtle:ecies_hkdf_sender_kem_boringssl",
+ "//cc/util:enums",
"//cc/util:status",
"//cc/util:statusor",
"//proto:common_cc_proto",
@@ -361,6 +363,7 @@ cc_test(
"//cc/aead:aes_gcm_key_manager",
"//cc/subtle:random",
"//cc/subtle:subtle_util_boringssl",
+ "//cc/util:enums",
"//cc/util:ptr_util",
"//cc/util:status",
"//cc/util:statusor",
@@ -383,6 +386,7 @@ cc_test(
"//cc/aead:aes_gcm_key_manager",
"//cc/subtle:random",
"//cc/subtle:subtle_util_boringssl",
+ "//cc/util:enums",
"//cc/util:ptr_util",
"//cc/util:status",
"//cc/util:statusor",
diff --git a/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.cc b/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.cc
index 3e79080ba2e1ee501e0551c7db3f69639832b718..d7171d1c3d5793d4e2e75703190c1842fcfc5956 100644
--- a/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.cc
+++ b/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.cc
@@ -20,6 +20,7 @@
#include "cc/hybrid/ecies_aead_hkdf_dem_helper.h"
#include "cc/subtle/ec_util.h"
#include "cc/subtle/ecies_hkdf_recipient_kem_boringssl.h"
+#include "cc/util/enums.h"
#include "cc/util/statusor.h"
#include "proto/ecies_aead_hkdf.pb.h"
#include "proto/tink.pb.h"
@@ -37,8 +38,9 @@ EciesAeadHkdfHybridDecrypt::New(const EciesAeadHkdfPrivateKey& recipient_key) {
util::Status status = Validate(recipient_key);
if (!status.ok()) return status;
- auto kem_result = EciesHkdfRecipientKemBoringSsl::New(
- recipient_key.public_key().params().kem_params().curve_type(),
+ auto kem_result = subtle::EciesHkdfRecipientKemBoringSsl::New(
+ util::Enums::ProtoToSubtle(
+ recipient_key.public_key().params().kem_params().curve_type()),
recipient_key.key_value());
if (!kem_result.ok()) return kem_result.status();
@@ -56,9 +58,11 @@ util::StatusOr<std::string> EciesAeadHkdfHybridDecrypt::Decrypt(
absl::string_view ciphertext,
absl::string_view context_info) const {
// Extract KEM-bytes from the ciphertext.
- auto header_size_result = EcUtil::EncodingSizeInBytes(
- recipient_key_.public_key().params().kem_params().curve_type(),
- recipient_key_.public_key().params().ec_point_format());
+ auto header_size_result = subtle::EcUtil::EncodingSizeInBytes(
+ util::Enums::ProtoToSubtle(
+ recipient_key_.public_key().params().kem_params().curve_type()),
+ util::Enums::ProtoToSubtle(
+ recipient_key_.public_key().params().ec_point_format()));
if (!header_size_result.ok()) return header_size_result.status();
auto header_size = header_size_result.ValueOrDie();
if (ciphertext.size() < header_size) {
@@ -70,11 +74,13 @@ util::StatusOr<std::string> EciesAeadHkdfHybridDecrypt::Decrypt(
// Use KEM to get a symmetric key.
auto symmetric_key_result = recipient_kem_->GenerateKey(
kem_bytes,
- recipient_key_.public_key().params().kem_params().hkdf_hash_type(),
+ util::Enums::ProtoToSubtle(
+ recipient_key_.public_key().params().kem_params().hkdf_hash_type()),
recipient_key_.public_key().params().kem_params().hkdf_salt(),
context_info,
dem_helper_->dem_key_size_in_bytes(),
- recipient_key_.public_key().params().ec_point_format());
+ util::Enums::ProtoToSubtle(
+ recipient_key_.public_key().params().ec_point_format()));
if (!symmetric_key_result.ok()) return symmetric_key_result.status();
auto symmetric_key = std::move(symmetric_key_result.ValueOrDie());
diff --git a/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.h b/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.h
index e197a308c3f4de9f009fdca736e65bdaccda3c3f..541a2afe99d8cd7467f792626fc5fd9b2917ed2c 100644
--- a/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.h
+++ b/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt.h
@@ -49,13 +49,13 @@ class EciesAeadHkdfHybridDecrypt : public HybridDecrypt {
EciesAeadHkdfHybridDecrypt(
const google::crypto::tink::EciesAeadHkdfPrivateKey& recipient_key,
- std::unique_ptr<EciesHkdfRecipientKemBoringSsl> recipient_kem,
+ std::unique_ptr<subtle::EciesHkdfRecipientKemBoringSsl> recipient_kem,
std::unique_ptr<EciesAeadHkdfDemHelper> dem_helper)
: recipient_key_(recipient_key), recipient_kem_(std::move(recipient_kem)),
dem_helper_(std::move(dem_helper)) {}
google::crypto::tink::EciesAeadHkdfPrivateKey recipient_key_;
- std::unique_ptr<EciesHkdfRecipientKemBoringSsl> recipient_kem_;
+ std::unique_ptr<subtle::EciesHkdfRecipientKemBoringSsl> recipient_kem_;
std::unique_ptr<EciesAeadHkdfDemHelper> dem_helper_;
};
diff --git a/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt_test.cc b/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt_test.cc
index e931c3043f1fca3d265534cfa1cf159164986f46..0016fe39f453dc516b893a10e3a94e462e93fba6 100644
--- a/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt_test.cc
+++ b/cc/hybrid/ecies_aead_hkdf_hybrid_decrypt_test.cc
@@ -22,6 +22,7 @@
#include "cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.h"
#include "cc/subtle/random.h"
#include "cc/subtle/subtle_util_boringssl.h"
+#include "cc/util/enums.h"
#include "cc/util/ptr_util.h"
#include "cc/util/statusor.h"
#include "cc/util/test_util.h"
@@ -30,6 +31,7 @@
#include "proto/ecies_aead_hkdf.pb.h"
#include "gtest/gtest.h"
+using crypto::tink::subtle::Random;
using google::crypto::tink::EciesAeadHkdfPrivateKey;
using google::crypto::tink::EcPointFormat;
using google::crypto::tink::EllipticCurveType;
@@ -87,7 +89,8 @@ TEST_F(EciesAeadHkdfHybridDecryptTest, testInvalidKeys) {
{ // Unsupported DEM key type.
EllipticCurveType curve = EllipticCurveType::NIST_P256;
- auto test_key = SubtleUtilBoringSSL::GetNewEcKey(curve).ValueOrDie();
+ auto test_key = subtle::SubtleUtilBoringSSL::GetNewEcKey(
+ util::Enums::ProtoToSubtle(curve)).ValueOrDie();
EciesAeadHkdfPrivateKey recipient_key;
recipient_key.set_version(0);
recipient_key.set_key_value("some key value bytes");
diff --git a/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.cc b/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.cc
index 435c3a9ac0514d2d91cfd1bf2cd9844781937d90..65a5f1d56031baa145993e2d12d7bbd7af9a7d8a 100644
--- a/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.cc
+++ b/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.cc
@@ -22,6 +22,7 @@
#include "cc/registry.h"
#include "cc/hybrid/ecies_aead_hkdf_dem_helper.h"
#include "cc/subtle/ecies_hkdf_sender_kem_boringssl.h"
+#include "cc/util/enums.h"
#include "cc/util/statusor.h"
#include "proto/aes_gcm.pb.h"
#include "proto/ecies_aead_hkdf.pb.h"
@@ -42,8 +43,9 @@ EciesAeadHkdfHybridEncrypt::New(const EciesAeadHkdfPublicKey& recipient_key) {
Status status = Validate(recipient_key);
if (!status.ok()) return status;
- auto kem_result = EciesHkdfSenderKemBoringSsl::New(
- recipient_key.params().kem_params().curve_type(),
+ auto kem_result = subtle::EciesHkdfSenderKemBoringSsl::New(
+ util::Enums::ProtoToSubtle(
+ recipient_key.params().kem_params().curve_type()),
recipient_key.x(), recipient_key.y());
if (!kem_result.ok()) return kem_result.status();
@@ -62,11 +64,13 @@ StatusOr<std::string> EciesAeadHkdfHybridEncrypt::Encrypt(
absl::string_view context_info) const {
// Use KEM to get a symmetric key.
auto kem_key_result = sender_kem_->GenerateKey(
- recipient_key_.params().kem_params().hkdf_hash_type(),
+ util::Enums::ProtoToSubtle(
+ recipient_key_.params().kem_params().hkdf_hash_type()),
recipient_key_.params().kem_params().hkdf_salt(),
context_info,
dem_helper_->dem_key_size_in_bytes(),
- recipient_key_.params().ec_point_format());
+ util::Enums::ProtoToSubtle(
+ recipient_key_.params().ec_point_format()));
if (!kem_key_result.ok()) return kem_key_result.status();
auto kem_key = std::move(kem_key_result.ValueOrDie());
diff --git a/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.h b/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.h
index dc9584d57354471f786fb5e85d813390e00bdeac..4370d8060dcd9c6eed13477711d45ac498b86b83 100644
--- a/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.h
+++ b/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt.h
@@ -51,13 +51,13 @@ class EciesAeadHkdfHybridEncrypt : public HybridEncrypt {
EciesAeadHkdfHybridEncrypt(
const google::crypto::tink::EciesAeadHkdfPublicKey& recipient_key,
- std::unique_ptr<EciesHkdfSenderKemBoringSsl> sender_kem,
+ std::unique_ptr<subtle::EciesHkdfSenderKemBoringSsl> sender_kem,
std::unique_ptr<EciesAeadHkdfDemHelper> dem_helper)
: recipient_key_(recipient_key), sender_kem_(std::move(sender_kem)),
dem_helper_(std::move(dem_helper)) {}
google::crypto::tink::EciesAeadHkdfPublicKey recipient_key_;
- std::unique_ptr<EciesHkdfSenderKemBoringSsl> sender_kem_;
+ std::unique_ptr<subtle::EciesHkdfSenderKemBoringSsl> sender_kem_;
std::unique_ptr<EciesAeadHkdfDemHelper> dem_helper_;
};
diff --git a/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt_test.cc b/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt_test.cc
index 3e84c2475317cf443e3096ce8e7b77428926cb2e..802cd83d40e9d562e800ac15dd5575e52ea7dbd5 100644
--- a/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt_test.cc
+++ b/cc/hybrid/ecies_aead_hkdf_hybrid_encrypt_test.cc
@@ -20,6 +20,7 @@
#include "cc/registry.h"
#include "cc/aead/aes_gcm_key_manager.h"
#include "cc/subtle/subtle_util_boringssl.h"
+#include "cc/util/enums.h"
#include "cc/util/ptr_util.h"
#include "cc/util/statusor.h"
#include "cc/util/test_util.h"
@@ -83,7 +84,8 @@ TEST_F(EciesAeadHkdfHybridEncryptTest, testInvalidKeys) {
{ // Unsupported DEM key type.
EllipticCurveType curve = EllipticCurveType::NIST_P256;
- auto test_key = SubtleUtilBoringSSL::GetNewEcKey(curve).ValueOrDie();
+ auto test_key = subtle::SubtleUtilBoringSSL::GetNewEcKey(
+ util::Enums::ProtoToSubtle(curve)).ValueOrDie();
EciesAeadHkdfPublicKey recipient_key;
recipient_key.set_version(0);
recipient_key.set_x(test_key.pub_x);
diff --git a/cc/mac/BUILD b/cc/mac/BUILD
index 296301d5e6dceee8e881655eaeaf8d3ba260f112..9d9323bbbc993ad264c56f89cd8e46b0bbd0585a 100644
--- a/cc/mac/BUILD
+++ b/cc/mac/BUILD
@@ -65,6 +65,7 @@ cc_library(
"//cc:mac",
"//cc/subtle:hmac_boringssl",
"//cc/subtle:random",
+ "//cc/util:enums",
"//cc/util:errors",
"//cc/util:status",
"//cc/util:statusor",
diff --git a/cc/mac/hmac_key_manager.cc b/cc/mac/hmac_key_manager.cc
index 990340e52d2e99cecd342fd23e9504326d385d10..fbc35d4feb48bd3cd81730ab9bb8b3fbc0bdd7de 100644
--- a/cc/mac/hmac_key_manager.cc
+++ b/cc/mac/hmac_key_manager.cc
@@ -23,6 +23,7 @@
#include "cc/key_manager.h"
#include "cc/subtle/hmac_boringssl.h"
#include "cc/subtle/random.h"
+#include "cc/util/enums.h"
#include "cc/util/errors.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
@@ -87,7 +88,8 @@ StatusOr<std::unique_ptr<Message>> HmacKeyFactory::NewKey(
std::unique_ptr<HmacKey> hmac_key(new HmacKey());
hmac_key->set_version(HmacKeyManager::kVersion);
*(hmac_key->mutable_params()) = hmac_key_format.params();
- hmac_key->set_key_value(Random::GetRandomBytes(hmac_key_format.key_size()));
+ hmac_key->set_key_value(
+ subtle::Random::GetRandomBytes(hmac_key_format.key_size()));
std::unique_ptr<Message> key = std::move(hmac_key);
return std::move(key);
}
@@ -174,9 +176,10 @@ StatusOr<std::unique_ptr<Mac>>
HmacKeyManager::GetPrimitiveImpl(const HmacKey& hmac_key) const {
Status status = Validate(hmac_key);
if (!status.ok()) return status;
- auto hmac_result = HmacBoringSsl::New(hmac_key.params().hash(),
- hmac_key.params().tag_size(),
- hmac_key.key_value());
+ auto hmac_result = subtle::HmacBoringSsl::New(
+ util::Enums::ProtoToSubtle(hmac_key.params().hash()),
+ hmac_key.params().tag_size(),
+ hmac_key.key_value());
if (!hmac_result.ok()) return hmac_result.status();
return std::move(hmac_result.ValueOrDie());
}
diff --git a/cc/subtle/BUILD b/cc/subtle/BUILD
index 631f0e5ec530e2eea8551ccc3ba7959cf912c270..485d93804c6ad33008ae7939583ed822b225c04d 100644
--- a/cc/subtle/BUILD
+++ b/cc/subtle/BUILD
@@ -7,13 +7,13 @@ cc_library(
srcs = ["ecies_hkdf_recipient_kem_boringssl.cc"],
hdrs = ["ecies_hkdf_recipient_kem_boringssl.h"],
deps = [
+ ":common_enums",
":hkdf",
":subtle_util_boringssl",
"//cc/util:errors",
"//cc/util:ptr_util",
"//cc/util:status",
"//cc/util:statusor",
- "//proto:common_cc_proto",
"@boringssl//:crypto",
"@com_google_absl//absl/strings",
],
@@ -24,12 +24,12 @@ cc_library(
srcs = ["ecies_hkdf_sender_kem_boringssl.cc"],
hdrs = ["ecies_hkdf_sender_kem_boringssl.h"],
deps = [
+ ":common_enums",
":hkdf",
":subtle_util_boringssl",
"//cc/util:ptr_util",
"//cc/util:status",
"//cc/util:statusor",
- "//proto:common_cc_proto",
"@boringssl//:crypto",
"@com_google_absl//absl/strings",
],
@@ -40,11 +40,11 @@ cc_library(
srcs = ["ec_util.cc"],
hdrs = ["ec_util.h"],
deps = [
+ ":common_enums",
":subtle_util_boringssl",
"//cc/util:errors",
"//cc/util:status",
"//cc/util:statusor",
- "//proto:common_cc_proto",
"@boringssl//:crypto",
"@com_google_absl//absl/strings",
],
@@ -55,11 +55,11 @@ cc_library(
srcs = ["hkdf.cc"],
hdrs = ["hkdf.h"],
deps = [
+ ":common_enums",
":subtle_util_boringssl",
"//cc/util:errors",
"//cc/util:status",
"//cc/util:statusor",
- "//proto:common_cc_proto",
"@boringssl//:crypto",
"@com_google_absl//absl/strings",
],
@@ -70,12 +70,12 @@ cc_library(
srcs = ["hmac_boringssl.cc"],
hdrs = ["hmac_boringssl.h"],
deps = [
+ ":common_enums",
":subtle_util_boringssl",
"//cc:mac",
"//cc/util:errors",
"//cc/util:status",
"//cc/util:statusor",
- "//proto:common_cc_proto",
"@boringssl//:crypto",
"@com_google_absl//absl/strings",
],
@@ -141,15 +141,21 @@ cc_library(
],
)
+cc_library(
+ name = "common_enums",
+ srcs = ["common_enums.cc"],
+ hdrs = ["common_enums.h"],
+)
+
cc_library(
name = "subtle_util_boringssl",
srcs = ["subtle_util_boringssl.cc"],
hdrs = ["subtle_util_boringssl.h"],
deps = [
+ ":common_enums",
"//cc/util:errors",
"//cc/util:status",
"//cc/util:statusor",
- "//proto:common_cc_proto",
"@boringssl//:crypto",
"@com_google_absl//absl/strings",
],
@@ -162,11 +168,11 @@ cc_test(
srcs = ["ecies_hkdf_recipient_kem_boringssl_test.cc"],
copts = ["-Iexternal/gtest/include"],
deps = [
+ ":common_enums",
":ecies_hkdf_recipient_kem_boringssl",
"//cc/util:status",
"//cc/util:statusor",
"//cc/util:test_util",
- "//proto:common_cc_proto",
"@com_google_googletest//:gtest_main",
],
)
@@ -177,13 +183,13 @@ cc_test(
srcs = ["ecies_hkdf_sender_kem_boringssl_test.cc"],
copts = ["-Iexternal/gtest/include"],
deps = [
+ ":common_enums",
":ecies_hkdf_recipient_kem_boringssl",
":ecies_hkdf_sender_kem_boringssl",
":subtle_util_boringssl",
"//cc/util:status",
"//cc/util:statusor",
"//cc/util:test_util",
- "//proto:common_cc_proto",
"@com_google_googletest//:gtest_main",
],
)
@@ -198,7 +204,6 @@ cc_test(
"//cc/util:status",
"//cc/util:statusor",
"//cc/util:test_util",
- "//proto:common_cc_proto",
"@com_google_googletest//:gtest_main",
],
)
@@ -209,11 +214,11 @@ cc_test(
srcs = ["hkdf_test.cc"],
copts = ["-Iexternal/gtest/include"],
deps = [
+ ":common_enums",
":hkdf",
"//cc/util:status",
"//cc/util:statusor",
"//cc/util:test_util",
- "//proto:common_cc_proto",
"@com_google_googletest//:gtest_main",
],
)
@@ -224,12 +229,12 @@ cc_test(
srcs = ["hmac_boringssl_test.cc"],
copts = ["-Iexternal/gtest/include"],
deps = [
+ ":common_enums",
":hmac_boringssl",
"//cc:mac",
"//cc/util:status",
"//cc/util:statusor",
"//cc/util:test_util",
- "//proto:common_cc_proto",
"@com_google_googletest//:gtest_main",
],
)
@@ -256,6 +261,7 @@ cc_test(
copts = ["-Iexternal/gtest/include"],
deps = [
":aes_ctr_boringssl",
+ ":common_enums",
":encrypt_then_authenticate",
":hmac_boringssl",
":random",
@@ -265,7 +271,6 @@ cc_test(
"//cc/util:status",
"//cc/util:statusor",
"//cc/util:test_util",
- "//proto:common_cc_proto",
"@com_google_googletest//:gtest_main",
],
)
@@ -297,6 +302,18 @@ cc_test(
],
)
+cc_test(
+ name = "common_enums_test",
+ size = "small",
+ srcs = ["common_enums_test.cc"],
+ copts = ["-Iexternal/gtest/include"],
+ linkopts = ["-pthread"],
+ deps = [
+ ":common_enums",
+ "@com_google_googletest//:gtest_main",
+ ],
+)
+
cc_test(
name = "subtle_util_boringssl_test",
size = "small",
diff --git a/cc/subtle/aes_ctr_boringssl.cc b/cc/subtle/aes_ctr_boringssl.cc
index dd06cd1b4848c7ad2857c29151b64af63b4b6300..11595997c1395b3ec18dc6653e41e469ecad751c 100644
--- a/cc/subtle/aes_ctr_boringssl.cc
+++ b/cc/subtle/aes_ctr_boringssl.cc
@@ -31,6 +31,7 @@ namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
static const EVP_CIPHER* GetCipherForKeySize(uint32_t size_in_bytes) {
switch (size_in_bytes) {
@@ -148,5 +149,6 @@ util::StatusOr<std::string> AesCtrBoringSsl::Decrypt(
return std::string(reinterpret_cast<const char*>(&pt[0]), written);
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/aes_ctr_boringssl.h b/cc/subtle/aes_ctr_boringssl.h
index 78b30ef3507a7f18235caa161466be708382a3c0..7a2b9ebbf07ce0c89dcb76feb201d7ac60badad4 100644
--- a/cc/subtle/aes_ctr_boringssl.h
+++ b/cc/subtle/aes_ctr_boringssl.h
@@ -27,6 +27,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
class AesCtrBoringSsl : public IndCpaCipher {
public:
@@ -55,6 +56,7 @@ class AesCtrBoringSsl : public IndCpaCipher {
const EVP_CIPHER *cipher_;
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/aes_ctr_boringssl_test.cc b/cc/subtle/aes_ctr_boringssl_test.cc
index 93573489ac41eed6af320abc4855967e73073d41..d46b6601a3a282a1ee3ba6bd2e6c88e0d54e537e 100644
--- a/cc/subtle/aes_ctr_boringssl_test.cc
+++ b/cc/subtle/aes_ctr_boringssl_test.cc
@@ -27,6 +27,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
TEST(AesCtrBoringSslTest, testEncryptDecrypt) {
@@ -117,6 +118,7 @@ TEST(AesCtrBoringSslTest, testMultipleEncrypt) {
}
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/aes_gcm_boringssl.cc b/cc/subtle/aes_gcm_boringssl.cc
index b76982aaa5ec28bf82723606a73ca70adbeaca18..22ee8114f54cbbe30313d92be84a8d789938466b 100644
--- a/cc/subtle/aes_gcm_boringssl.cc
+++ b/cc/subtle/aes_gcm_boringssl.cc
@@ -31,6 +31,7 @@ namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
static const EVP_CIPHER* GetCipherForKeySize(uint32_t size_in_bytes) {
switch (size_in_bytes) {
@@ -201,5 +202,6 @@ util::StatusOr<std::string> AesGcmBoringSsl::Decrypt(
return std::string(reinterpret_cast<const char*>(&pt[0]), written);
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/aes_gcm_boringssl.h b/cc/subtle/aes_gcm_boringssl.h
index 7356410c1bad969ade44a1efb1c9ddb9b20b19ea..5ab6316d13bd6b9bd00d910861f8d522a8819e61 100644
--- a/cc/subtle/aes_gcm_boringssl.h
+++ b/cc/subtle/aes_gcm_boringssl.h
@@ -27,6 +27,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
class AesGcmBoringSsl : public Aead {
public:
@@ -60,6 +61,7 @@ class AesGcmBoringSsl : public Aead {
const EVP_CIPHER *cipher_;
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/aes_gcm_boringssl_test.cc b/cc/subtle/aes_gcm_boringssl_test.cc
index 5cb798f2fcd60b8d2a3e081dcdcd5bed13557d47..083620c61db6c7229c28f9cee5f814d42726d3c1 100644
--- a/cc/subtle/aes_gcm_boringssl_test.cc
+++ b/cc/subtle/aes_gcm_boringssl_test.cc
@@ -26,6 +26,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
// Some test vectors generated by Wycheproof.
@@ -192,6 +193,7 @@ TEST(AesGcmBoringSslTest, testModification) {
}
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/common_enums.cc b/cc/subtle/common_enums.cc
new file mode 100644
index 0000000000000000000000000000000000000000..78345c1341a15eea8244f180e5900668697df8f7
--- /dev/null
+++ b/cc/subtle/common_enums.cc
@@ -0,0 +1,74 @@
+// Copyright 2017 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#include "cc/subtle/common_enums.h"
+
+#include <string>
+
+namespace crypto {
+namespace tink {
+namespace subtle {
+
+std::string EnumToString(EllipticCurveType type) {
+ switch (type) {
+ case EllipticCurveType::NIST_P224:
+ return "NIST_P224";
+ case EllipticCurveType::NIST_P256:
+ return "NIST_P256";
+ case EllipticCurveType::NIST_P384:
+ return "NIST_P384";
+ case EllipticCurveType::NIST_P521:
+ return "NIST_P521";
+ case EllipticCurveType::UNKNOWN_CURVE:
+ return "UNKNOWN_CURVE";
+ default:
+ return "UNKNOWN_CURVE: " + std::to_string(type);
+ }
+}
+
+std::string EnumToString(EcPointFormat format) {
+ switch (format) {
+ case EcPointFormat::UNCOMPRESSED:
+ return "UNCOMPRESSED";
+ case EcPointFormat::COMPRESSED:
+ return "COMPRESSED";
+ case EcPointFormat::UNKNOWN_FORMAT:
+ return "UNKNOWN_FORMAT";
+ default:
+ return "UNKNOWN_FORMAT: " + std::to_string(format);
+ }
+}
+
+std::string EnumToString(HashType type) {
+ switch (type) {
+ case HashType::SHA1:
+ return "SHA1";
+ case HashType::SHA224:
+ return "SHA224";
+ case HashType::SHA256:
+ return "SHA256";
+ case HashType::SHA512:
+ return "SHA512";
+ case HashType::UNKNOWN_HASH:
+ return "UNKNOWN_HASH";
+ default:
+ return "UNKNOWN_HASH: " + std::to_string(type);
+ }
+}
+
+} // namespace subtle
+} // namespace tink
+} // namespace crypto
diff --git a/cc/subtle/common_enums.h b/cc/subtle/common_enums.h
new file mode 100644
index 0000000000000000000000000000000000000000..1adf9d5d6a7237b4fc4d2fce370eb8913121186e
--- /dev/null
+++ b/cc/subtle/common_enums.h
@@ -0,0 +1,57 @@
+// Copyright 2017 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#ifndef TINK_SUBTLE_COMMON_ENUMS_H_
+#define TINK_SUBTLE_COMMON_ENUMS_H_
+
+#include <string>
+
+namespace crypto {
+namespace tink {
+namespace subtle {
+
+// Common enums used by classes in subtle.
+enum EllipticCurveType {
+ UNKNOWN_CURVE = 0,
+ NIST_P224 = 1,
+ NIST_P256 = 2,
+ NIST_P384 = 3,
+ NIST_P521 = 4,
+};
+
+enum EcPointFormat {
+ UNKNOWN_FORMAT = 0,
+ UNCOMPRESSED = 1,
+ COMPRESSED = 2,
+};
+
+enum HashType {
+ UNKNOWN_HASH = 0,
+ SHA1 = 1, // SHA1 for digital signature is deprecated but HMAC-SHA1 is fine.
+ SHA224 = 2,
+ SHA256 = 3,
+ SHA512 = 4,
+};
+
+std::string EnumToString(EllipticCurveType type);
+std::string EnumToString(EcPointFormat format);
+std::string EnumToString(HashType type);
+
+} // namespace subtle
+} // namespace tink
+} // namespace crypto
+
+#endif // TINK_SUBTLE_COMMON_ENUMS_H_
diff --git a/cc/subtle/common_enums_test.cc b/cc/subtle/common_enums_test.cc
new file mode 100644
index 0000000000000000000000000000000000000000..035514788bb8be65f9c646b4895d0c4e0d3b4fac
--- /dev/null
+++ b/cc/subtle/common_enums_test.cc
@@ -0,0 +1,60 @@
+// Copyright 2017 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+#include "cc/subtle/common_enums.h"
+#include "gtest/gtest.h"
+
+namespace crypto {
+namespace tink {
+namespace subtle {
+namespace {
+
+class CommonEnumsTest : public ::testing::Test {};
+
+TEST_F(CommonEnumsTest, testEllipticCurveTypeToString) {
+ EXPECT_EQ("NIST_P224", EnumToString(EllipticCurveType::NIST_P224));
+ EXPECT_EQ("NIST_P256", EnumToString(EllipticCurveType::NIST_P256));
+ EXPECT_EQ("NIST_P384", EnumToString(EllipticCurveType::NIST_P384));
+ EXPECT_EQ("NIST_P521", EnumToString(EllipticCurveType::NIST_P521));
+ EXPECT_EQ("UNKNOWN_CURVE", EnumToString(EllipticCurveType::UNKNOWN_CURVE));
+ EXPECT_EQ("UNKNOWN_CURVE: 42", EnumToString((EllipticCurveType)42));
+}
+
+TEST_F(CommonEnumsTest, testHashTypeToString) {
+ EXPECT_EQ("SHA1", EnumToString(HashType::SHA1));
+ EXPECT_EQ("SHA224", EnumToString(HashType::SHA224));
+ EXPECT_EQ("SHA256", EnumToString(HashType::SHA256));
+ EXPECT_EQ("SHA512", EnumToString(HashType::SHA512));
+ EXPECT_EQ("UNKNOWN_HASH", EnumToString(HashType::UNKNOWN_HASH));
+ EXPECT_EQ("UNKNOWN_HASH: 42", EnumToString((HashType)42));
+}
+
+TEST_F(CommonEnumsTest, testEcPointFormatToString) {
+ EXPECT_EQ("UNCOMPRESSED", EnumToString(EcPointFormat::UNCOMPRESSED));
+ EXPECT_EQ("COMPRESSED", EnumToString(EcPointFormat::COMPRESSED));
+ EXPECT_EQ("UNKNOWN_FORMAT", EnumToString(EcPointFormat::UNKNOWN_FORMAT));
+ EXPECT_EQ("UNKNOWN_FORMAT: 42", EnumToString((EcPointFormat)42));
+}
+
+} // namespace
+} // namespace subtle
+} // namespace tink
+} // namespace crypto
+
+int main(int ac, char* av[]) {
+ testing::InitGoogleTest(&ac, av);
+ return RUN_ALL_TESTS();
+}
diff --git a/cc/subtle/ec_util.cc b/cc/subtle/ec_util.cc
index 436fc544c3f55f31880a183e36bbda5fa54eaae3..b9ff892587cb1175c178c4a4ac8f83c68dd8211b 100644
--- a/cc/subtle/ec_util.cc
+++ b/cc/subtle/ec_util.cc
@@ -15,20 +15,20 @@
///////////////////////////////////////////////////////////////////////////////
#include "cc/subtle/ec_util.h"
+
#include <memory>
#include <string>
+#include "cc/subtle/common_enums.h"
#include "cc/subtle/subtle_util_boringssl.h"
#include "cc/util/errors.h"
#include "openssl/bn.h"
#include "openssl/ec.h"
#include "openssl/x509.h"
-using google::crypto::tink::EcPointFormat;
-using google::crypto::tink::EllipticCurveType;
-
namespace crypto {
namespace tink {
+namespace subtle {
// static
crypto::tink::util::StatusOr<std::string> EcUtil::ComputeEcdhSharedSecret(
@@ -48,8 +48,7 @@ crypto::tink::util::StatusOr<std::string> EcUtil::ComputeEcdhSharedSecret(
}
// static
-uint32_t EcUtil::FieldSizeInBytes(
- EllipticCurveType curve_type) {
+uint32_t EcUtil::FieldSizeInBytes(EllipticCurveType curve_type) {
auto ec_group_result = SubtleUtilBoringSSL::GetEcGroup(curve_type);
if (!ec_group_result.ok()) return 0;
bssl::UniquePtr<EC_GROUP> ec_group(ec_group_result.ValueOrDie());
@@ -63,7 +62,7 @@ crypto::tink::util::StatusOr<uint32_t> EcUtil::EncodingSizeInBytes(
if (coordinate_size == 0) {
return ToStatusF(crypto::tink::util::error::INVALID_ARGUMENT,
"Unsupported elliptic curve type: %s",
- EllipticCurveType_Name(curve_type).c_str());
+ EnumToString(curve_type).c_str());
}
switch (point_format) {
case EcPointFormat::UNCOMPRESSED:
@@ -73,9 +72,10 @@ crypto::tink::util::StatusOr<uint32_t> EcUtil::EncodingSizeInBytes(
default:
return ToStatusF(crypto::tink::util::error::INVALID_ARGUMENT,
"Unsupported elliptic curve point format: %s",
- EcPointFormat_Name(point_format).c_str());
+ EnumToString(point_format).c_str());
}
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ec_util.h b/cc/subtle/ec_util.h
index 01a5c2478f186f5f6c54b1b91f58baf0cd98c583..7f86e8f069b47dfe61af49b01c7a1066f13ba84d 100644
--- a/cc/subtle/ec_util.h
+++ b/cc/subtle/ec_util.h
@@ -18,12 +18,13 @@
#define TINK_SUBTLE_EC_UTIL_H_
#include "absl/strings/string_view.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
-#include "proto/common.pb.h"
namespace crypto {
namespace tink {
+namespace subtle {
class EcUtil {
public:
@@ -32,7 +33,7 @@ class EcUtil {
// Returns an error if the public key is not a valid point on the private
// key's curve.
static crypto::tink::util::StatusOr<std::string> ComputeEcdhSharedSecret(
- google::crypto::tink::EllipticCurveType curve_type,
+ EllipticCurveType curve_type,
absl::string_view priv,
absl::string_view pub_x,
absl::string_view pub_y);
@@ -40,15 +41,14 @@ class EcUtil {
// Returns the encoding size of a point on the specified elliptic curve
// when the given 'point_format' is used.
static crypto::tink::util::StatusOr<uint32_t> EncodingSizeInBytes(
- google::crypto::tink::EllipticCurveType curve_type,
- google::crypto::tink::EcPointFormat point_format);
+ EllipticCurveType curve_type, EcPointFormat point_format);
// Returns the size (in bytes) of an element of the field over which
// the curve is defined.
- static uint32_t FieldSizeInBytes(
- google::crypto::tink::EllipticCurveType curve_type);
+ static uint32_t FieldSizeInBytes(EllipticCurveType curve_type);
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ec_util_test.cc b/cc/subtle/ec_util_test.cc
index 54fb311d7566cdbeb719ae1dc3a8148d86e300a7..7afab99d58be5632155c2744521fae3912dafe84 100644
--- a/cc/subtle/ec_util_test.cc
+++ b/cc/subtle/ec_util_test.cc
@@ -20,10 +20,9 @@
#include "cc/util/test_util.h"
#include "gtest/gtest.h"
-using google::crypto::tink::EllipticCurveType;
-
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
// TODO(quannguyen): Add extensive tests.
@@ -90,6 +89,7 @@ TEST_F(EcUtilTest, testBasic) {
}
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc
index b9706807cbb7c2f456730718fcee30361e883c5c..60be83807fceee9fb306acbc6524fbac53499b3f 100644
--- a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc
+++ b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.cc
@@ -16,21 +16,18 @@
#include "cc/subtle/ecies_hkdf_recipient_kem_boringssl.h"
+#include "cc/subtle/common_enums.h"
#include "cc/subtle/hkdf.h"
#include "cc/subtle/subtle_util_boringssl.h"
#include "cc/util/errors.h"
#include "cc/util/ptr_util.h"
#include "openssl/ec.h"
-using google::crypto::tink::EcPointFormat;
-using google::crypto::tink::EllipticCurveType;
-using google::crypto::tink::HashType;
-using absl::string_view;
-
namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
// static
util::StatusOr<std::unique_ptr<EciesHkdfRecipientKemBoringSsl>>
@@ -51,8 +48,11 @@ EciesHkdfRecipientKemBoringSsl::EciesHkdfRecipientKemBoringSsl(
: curve_(curve), priv_key_value_(priv_key_value) {}
util::StatusOr<std::string> EciesHkdfRecipientKemBoringSsl::GenerateKey(
- absl::string_view kem_bytes, HashType hash, absl::string_view hkdf_salt,
- absl::string_view hkdf_info, uint32_t key_size_in_bytes,
+ absl::string_view kem_bytes,
+ HashType hash,
+ absl::string_view hkdf_salt,
+ absl::string_view hkdf_info,
+ uint32_t key_size_in_bytes,
EcPointFormat point_format) const {
auto status_or_ec_point =
SubtleUtilBoringSSL::EcPointDecode(curve_, point_format, kem_bytes);
@@ -75,5 +75,6 @@ util::StatusOr<std::string> EciesHkdfRecipientKemBoringSsl::GenerateKey(
hash, kem_bytes, shared_secret, hkdf_salt, hkdf_info, key_size_in_bytes);
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h
index 75118e58e129046912a4c974fd9ddcdf1a86a3f5..b85a174de30999323b5612b04fb8f51d1345bbea 100644
--- a/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h
+++ b/cc/subtle/ecies_hkdf_recipient_kem_boringssl.h
@@ -18,12 +18,13 @@
#define TINK_SUBTLE_ECIES_HKDF_RECIPIENT_KEM_BORINGSSL_H_
#include "absl/strings/string_view.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/statusor.h"
#include "openssl/ec.h"
-#include "proto/common.pb.h"
namespace crypto {
namespace tink {
+namespace subtle {
// HKDF-based KEM (key encapsulation mechanism) for ECIES recipient,
// using Boring SSL for the underlying cryptographic operations.
@@ -33,30 +34,30 @@ class EciesHkdfRecipientKemBoringSsl {
// private key, which must be a big-endian byte array.
static
crypto::tink::util::StatusOr<std::unique_ptr<EciesHkdfRecipientKemBoringSsl>>
- New(google::crypto::tink::EllipticCurveType curve,
- const std::string& priv_key);
+ New(EllipticCurveType curve, const std::string& priv_key);
// Computes the ecdh's shared secret from our private key and peer's encoded
// public key, then uses hkdf to derive the symmetric key from the shared
// secret, hkdf info and hkdf salt.
crypto::tink::util::StatusOr<std::string> GenerateKey(
absl::string_view kem_bytes,
- google::crypto::tink::HashType hash,
+ HashType hash,
absl::string_view hkdf_salt,
absl::string_view hkdf_info,
uint32_t key_size_in_bytes,
- google::crypto::tink::EcPointFormat point_format) const;
+ EcPointFormat point_format) const;
private:
EciesHkdfRecipientKemBoringSsl(
- google::crypto::tink::EllipticCurveType curve,
+ EllipticCurveType curve,
const std::string& priv_key_value);
- google::crypto::tink::EllipticCurveType curve_;
+ EllipticCurveType curve_;
std::string priv_key_value_;
bssl::UniquePtr<EC_GROUP> ec_group_;
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ecies_hkdf_recipient_kem_boringssl_test.cc b/cc/subtle/ecies_hkdf_recipient_kem_boringssl_test.cc
index 1789843e163db67bf05357249b9e2ed4a6a6a425..218e2d068dd57da74932703499d4a512d9f45f84 100644
--- a/cc/subtle/ecies_hkdf_recipient_kem_boringssl_test.cc
+++ b/cc/subtle/ecies_hkdf_recipient_kem_boringssl_test.cc
@@ -16,17 +16,15 @@
#include "cc/subtle/ecies_hkdf_recipient_kem_boringssl.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "cc/util/test_util.h"
#include "gtest/gtest.h"
-using google::crypto::tink::EcPointFormat;
-using google::crypto::tink::EllipticCurveType;
-using google::crypto::tink::HashType;
-
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
class EciesHkdfRecipientKemBoringSslTest : public ::testing::Test {};
@@ -67,7 +65,9 @@ TEST_F(EciesHkdfRecipientKemBoringSslTest, testBasic) {
EXPECT_EQ(test.out_key_hex, test::HexEncode(status_or_string.ValueOrDie()));
}
}
+
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc b/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc
index aec0090243658ab1656fa3368d361a3f279d902b..f26e05ac969ebccdbb4d74fafca79616716daf16 100644
--- a/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc
+++ b/cc/subtle/ecies_hkdf_sender_kem_boringssl.cc
@@ -16,20 +16,17 @@
#include "cc/subtle/ecies_hkdf_sender_kem_boringssl.h"
+#include "cc/subtle/common_enums.h"
#include "cc/subtle/hkdf.h"
#include "cc/subtle/subtle_util_boringssl.h"
#include "cc/util/ptr_util.h"
#include "openssl/bn.h"
-#include "proto/common.pb.h"
-
-using google::crypto::tink::EcPointFormat;
-using google::crypto::tink::EllipticCurveType;
-using google::crypto::tink::HashType;
namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
EciesHkdfSenderKemBoringSsl::KemKey::KemKey(const std::string& kem_bytes,
const std::string& symmetric_key)
@@ -44,14 +41,16 @@ std::string EciesHkdfSenderKemBoringSsl::KemKey::KemKey::get_symmetric_key() {
}
EciesHkdfSenderKemBoringSsl::EciesHkdfSenderKemBoringSsl(
-EllipticCurveType curve, const std::string& pubx, const std::string& puby)
+ subtle::EllipticCurveType curve,
+ const std::string& pubx, const std::string& puby)
: curve_(curve), pubx_(pubx), puby_(puby), peer_pub_key_(nullptr) {
}
// static
util::StatusOr<std::unique_ptr<EciesHkdfSenderKemBoringSsl>>
EciesHkdfSenderKemBoringSsl::New(
- EllipticCurveType curve, const std::string& pubx, const std::string& puby) {
+ subtle::EllipticCurveType curve,
+ const std::string& pubx, const std::string& puby) {
auto status_or_ec_point =
SubtleUtilBoringSSL::GetEcPoint(curve, pubx, puby);
if (!status_or_ec_point.ok()) return status_or_ec_point.status();
@@ -62,11 +61,12 @@ EciesHkdfSenderKemBoringSsl::New(
}
util::StatusOr<std::unique_ptr<EciesHkdfSenderKemBoringSsl::KemKey>>
-EciesHkdfSenderKemBoringSsl::GenerateKey(HashType hash,
- absl::string_view hkdf_salt,
- absl::string_view hkdf_info,
- uint32_t key_size_in_bytes,
- EcPointFormat point_format) const {
+EciesHkdfSenderKemBoringSsl::GenerateKey(
+ subtle::HashType hash,
+ absl::string_view hkdf_salt,
+ absl::string_view hkdf_info,
+ uint32_t key_size_in_bytes,
+ subtle::EcPointFormat point_format) const {
if (peer_pub_key_.get() == nullptr) {
return util::Status(util::error::INTERNAL,
"peer_pub_key_ wasn't initialized");
@@ -109,5 +109,6 @@ EciesHkdfSenderKemBoringSsl::GenerateKey(HashType hash,
return std::move(kem_key);
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ecies_hkdf_sender_kem_boringssl.h b/cc/subtle/ecies_hkdf_sender_kem_boringssl.h
index da321acaf31f08c637ef07cd062b3f6e1735486e..29fec8f64613cbfe2c0a10d6fcf10f5ecfc381e8 100644
--- a/cc/subtle/ecies_hkdf_sender_kem_boringssl.h
+++ b/cc/subtle/ecies_hkdf_sender_kem_boringssl.h
@@ -18,12 +18,13 @@
#define TINK_SUBTLE_ECIES_HKDF_SENDER_KEM_BORINGSSL_H_
#include "absl/strings/string_view.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/statusor.h"
#include "openssl/ec.h"
-#include "proto/common.pb.h"
namespace crypto {
namespace tink {
+namespace subtle {
// HKDF-based KEM (key encapsulation mechanism) for ECIES sender,
// using Boring SSL for the underlying cryptographic operations.
@@ -48,7 +49,7 @@ class EciesHkdfSenderKemBoringSsl {
// public key point. The public key's coordinates are big-endian byte array.
static
crypto::tink::util::StatusOr<std::unique_ptr<EciesHkdfSenderKemBoringSsl>>
- New(google::crypto::tink::EllipticCurveType curve,
+ New(EllipticCurveType curve,
const std::string& pubx,
const std::string& puby);
@@ -57,23 +58,24 @@ class EciesHkdfSenderKemBoringSsl {
// to derive the symmetric key from the shared secret, 'hkdf_info' and
// hkdf_salt.
crypto::tink::util::StatusOr<std::unique_ptr<KemKey>> GenerateKey(
- google::crypto::tink::HashType hash,
+ HashType hash,
absl::string_view hkdf_salt,
absl::string_view hkdf_info,
uint32_t key_size_in_bytes,
- google::crypto::tink::EcPointFormat point_format) const;
+ EcPointFormat point_format) const;
private:
EciesHkdfSenderKemBoringSsl(
- google::crypto::tink::EllipticCurveType curve,
+ EllipticCurveType curve,
const std::string& pubx, const std::string& puby);
- google::crypto::tink::EllipticCurveType curve_;
+ EllipticCurveType curve_;
std::string pubx_;
std::string puby_;
bssl::UniquePtr<EC_POINT> peer_pub_key_;
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ecies_hkdf_sender_kem_boringssl_test.cc b/cc/subtle/ecies_hkdf_sender_kem_boringssl_test.cc
index 4cb68a2bd731bb9c7de1aca95ab05f63f2a36755..c53e7d15c799336be9c50269f26fb6c00ec09b05 100644
--- a/cc/subtle/ecies_hkdf_sender_kem_boringssl_test.cc
+++ b/cc/subtle/ecies_hkdf_sender_kem_boringssl_test.cc
@@ -15,6 +15,7 @@
////////////////////////////////////////////////////////////////////////////////
#include "cc/subtle/ecies_hkdf_sender_kem_boringssl.h"
+#include "cc/subtle/common_enums.h"
#include "cc/subtle/ecies_hkdf_recipient_kem_boringssl.h"
#include "cc/subtle/subtle_util_boringssl.h"
#include "cc/util/status.h"
@@ -22,14 +23,11 @@
#include "cc/util/test_util.h"
#include "gtest/gtest.h"
-using google::crypto::tink::EcPointFormat;
-using google::crypto::tink::EllipticCurveType;
-using google::crypto::tink::HashType;
-
// TODO(quannguyen): Add extensive tests.
// It's important to test compatability with Java.
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
class EciesHkdfSenderKemBoringSslTest : public ::testing::Test {};
@@ -77,7 +75,9 @@ TEST_F(EciesHkdfSenderKemBoringSslTest, testSenderRecipientBasic) {
test::HexEncode(status_or_shared_secret.ValueOrDie()));
}
}
+
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/encrypt_then_authenticate.cc b/cc/subtle/encrypt_then_authenticate.cc
index ba134eec5e6bfeba2ebf756cb3749aaf944166d4..17701656ee186e59170b5ad5c213825190dd9834 100644
--- a/cc/subtle/encrypt_then_authenticate.cc
+++ b/cc/subtle/encrypt_then_authenticate.cc
@@ -30,6 +30,7 @@ namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
static const std::string longToBigEndianStr(uint64_t value) {
uint8_t bytes[8];
@@ -100,5 +101,6 @@ util::StatusOr<std::string> EncryptThenAuthenticate::Decrypt(
return pt.ValueOrDie();
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/encrypt_then_authenticate.h b/cc/subtle/encrypt_then_authenticate.h
index 3629f79ec891ee70cabf4df5073ea552f0585e18..93b241250f48260988658082a71a60dcfba61c92 100644
--- a/cc/subtle/encrypt_then_authenticate.h
+++ b/cc/subtle/encrypt_then_authenticate.h
@@ -28,6 +28,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
// This primitive performs an encrypt-then-Mac operation on plaintext and
// additional authenticated data (aad). The Mac is computed over (aad ||
@@ -73,6 +74,7 @@ class EncryptThenAuthenticate : public Aead {
uint8_t tag_size_;
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/encrypt_then_authenticate_test.cc b/cc/subtle/encrypt_then_authenticate_test.cc
index 976156217acc962418679e2f8e6d801b3e63e138..133bb006ced88643ab7f944271b8611648076694 100644
--- a/cc/subtle/encrypt_then_authenticate_test.cc
+++ b/cc/subtle/encrypt_then_authenticate_test.cc
@@ -20,6 +20,7 @@
#include <vector>
#include "cc/subtle/aes_ctr_boringssl.h"
+#include "cc/subtle/common_enums.h"
#include "cc/subtle/hmac_boringssl.h"
#include "cc/subtle/random.h"
#include "cc/util/ptr_util.h"
@@ -27,12 +28,10 @@
#include "cc/util/statusor.h"
#include "cc/util/test_util.h"
#include "gtest/gtest.h"
-#include "proto/common.pb.h"
-
-using google::crypto::tink::HashType;
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
// Copied from
@@ -236,6 +235,7 @@ TEST(EncryptThenAuthenticateTest, testDecrypt_modifiedCiphertext) {
}
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/hkdf.cc b/cc/subtle/hkdf.cc
index 0f59bce0f9d7cb6a274671c755f7dbfb921cd00e..2f1fa1174f35d7609d37513c9f9b865f9b955d5e 100644
--- a/cc/subtle/hkdf.cc
+++ b/cc/subtle/hkdf.cc
@@ -17,17 +17,17 @@
#include "cc/subtle/hkdf.h"
#include "cc/subtle/subtle_util_boringssl.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "openssl/evp.h"
#include "openssl/hkdf.h"
-using google::crypto::tink::HashType;
-
namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
// static
util::StatusOr<std::string> Hkdf::ComputeHkdf(HashType hash,
@@ -63,5 +63,6 @@ util::StatusOr<std::string> Hkdf::ComputeEciesHkdfSymmetricKey(
return Hkdf::ComputeHkdf(hash, ikm, salt, info, out_len);
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/hkdf.h b/cc/subtle/hkdf.h
index cc966af4b8d0e62b992bed8c8f45cb42f2755b41..75008793d9ca8b5e472a375684018138dacf43ab 100644
--- a/cc/subtle/hkdf.h
+++ b/cc/subtle/hkdf.h
@@ -18,18 +18,19 @@
#define TINK_SUBTLE_HKDF_H_
#include "absl/strings/string_view.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
-#include "proto/common.pb.h"
namespace crypto {
namespace tink {
+namespace subtle {
class Hkdf {
public:
// Computes hkdf according to RFC5869.
static crypto::tink::util::StatusOr<std::string> ComputeHkdf(
- google::crypto::tink::HashType hash,
+ HashType hash,
absl::string_view ikm,
absl::string_view salt,
absl::string_view info,
@@ -40,14 +41,14 @@ class Hkdf {
// ephemeral KEM bytes into the commputation of the symmetric key
// (cf. http://eprint.iacr.org/2001/112.pdf, Sections 15.6 and 15.6.1)
static crypto::tink::util::StatusOr<std::string> ComputeEciesHkdfSymmetricKey(
- google::crypto::tink::HashType hash,
+ HashType hash,
absl::string_view kem_bytes,
absl::string_view shared_secret,
absl::string_view salt,
absl::string_view info,
size_t out_len);
};
-
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/hkdf_test.cc b/cc/subtle/hkdf_test.cc
index 7b942df23847c75c6e9c9b32bfa36574498905d3..950c46b2b919ee1d1a5660504175daebe83390ef 100644
--- a/cc/subtle/hkdf_test.cc
+++ b/cc/subtle/hkdf_test.cc
@@ -15,15 +15,15 @@
////////////////////////////////////////////////////////////////////////////////
#include "cc/subtle/hkdf.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "cc/util/test_util.h"
#include "gtest/gtest.h"
-using google::crypto::tink::HashType;
-
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
class HkdfTest : public ::testing::Test {};
@@ -112,6 +112,7 @@ TEST_F(HkdfTest, testLongOutput) {
"BoringSSL's HKDF failed");
}
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/hmac_boringssl.cc b/cc/subtle/hmac_boringssl.cc
index 0bb9c7ddc82c91bf031ae1ca960b6d6a37c3f48c..e4f7292224769a8b5683e73685d5521ea5632de1 100644
--- a/cc/subtle/hmac_boringssl.cc
+++ b/cc/subtle/hmac_boringssl.cc
@@ -19,6 +19,7 @@
#include <string>
#include "cc/mac.h"
+#include "cc/subtle/common_enums.h"
#include "cc/subtle/subtle_util_boringssl.h"
#include "cc/util/errors.h"
#include "cc/util/status.h"
@@ -27,14 +28,12 @@
#include "openssl/err.h"
#include "openssl/evp.h"
#include "openssl/hmac.h"
-#include "proto/common.pb.h"
-
-using google::crypto::tink::HashType;
namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
// static
util::StatusOr<std::unique_ptr<Mac>> HmacBoringSsl::New(
@@ -101,5 +100,6 @@ util::Status HmacBoringSsl::VerifyMac(
}
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/hmac_boringssl.h b/cc/subtle/hmac_boringssl.h
index 899d1c15803fc24532560949ae68e08661363b4a..29e0537c714cca79b0f900158d755843e5a6293f 100644
--- a/cc/subtle/hmac_boringssl.h
+++ b/cc/subtle/hmac_boringssl.h
@@ -21,18 +21,19 @@
#include "absl/strings/string_view.h"
#include "cc/mac.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "openssl/evp.h"
-#include "proto/common.pb.h"
namespace crypto {
namespace tink {
+namespace subtle {
class HmacBoringSsl : public Mac {
public:
static crypto::tink::util::StatusOr<std::unique_ptr<Mac>> New(
- google::crypto::tink::HashType hash_type,
+ HashType hash_type,
uint32_t tag_size, const std::string& key_value);
// Computes and returns the HMAC for 'data'.
@@ -58,6 +59,7 @@ class HmacBoringSsl : public Mac {
std::string key_value_;
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/hmac_boringssl_test.cc b/cc/subtle/hmac_boringssl_test.cc
index 3533b69cf5aa2976411978a9c2eea5eede1765a6..6d5358ec19f8c3987e3ac8d578ef1e5bf6cbe7d9 100644
--- a/cc/subtle/hmac_boringssl_test.cc
+++ b/cc/subtle/hmac_boringssl_test.cc
@@ -19,16 +19,15 @@
#include <string>
#include "cc/mac.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "cc/util/test_util.h"
#include "gtest/gtest.h"
-#include "proto/common.pb.h"
-
-using google::crypto::tink::HashType;
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
class HmacBoringSslTest : public ::testing::Test {
@@ -117,6 +116,7 @@ TEST_F(HmacBoringSslTest, testTruncation) {
// hash. (HMAC hashes these keys).
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/ind_cpa_cipher.h b/cc/subtle/ind_cpa_cipher.h
index 646395d3dfd89cb7ea61f456560a53843901210d..430c789539d8e6eba1f1c88fa906cfd87e72b091 100644
--- a/cc/subtle/ind_cpa_cipher.h
+++ b/cc/subtle/ind_cpa_cipher.h
@@ -22,6 +22,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
///////////////////////////////////////////////////////////////////////////////
// This interface for symmetric key ciphers that are indistinguishable against
@@ -42,6 +43,7 @@ class IndCpaCipher {
virtual ~IndCpaCipher() {}
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/random.cc b/cc/subtle/random.cc
index a7fc542bc8101a79f8987bfe297fb8c806f49cd9..9b82f97eaf1ddb67c9eea288c61ee1d67f987d22 100644
--- a/cc/subtle/random.cc
+++ b/cc/subtle/random.cc
@@ -20,6 +20,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
// static
std::string Random::GetRandomBytes(size_t length) {
@@ -31,5 +32,6 @@ std::string Random::GetRandomBytes(size_t length) {
return std::string(reinterpret_cast<const char *>(buf.get()), length);
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/random.h b/cc/subtle/random.h
index fc837f1a3615dbda4fd34ed358593602bdcee0f4..1aeb1448dd3d68f19022a9af88460d257fcdeb79 100644
--- a/cc/subtle/random.h
+++ b/cc/subtle/random.h
@@ -22,6 +22,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
class Random {
public:
@@ -29,6 +30,7 @@ class Random {
static std::string GetRandomBytes(size_t length);
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/random_test.cc b/cc/subtle/random_test.cc
index 9ad135b2e8925fe3aa0c6b742061bb85172f7e83..73520bd636a958e09189d1855bf33098a24ac08f 100644
--- a/cc/subtle/random_test.cc
+++ b/cc/subtle/random_test.cc
@@ -19,6 +19,7 @@
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
class RandomTest : public ::testing::Test {};
@@ -35,6 +36,7 @@ TEST_F(RandomTest, testBasic) {
}
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/subtle_util_boringssl.cc b/cc/subtle/subtle_util_boringssl.cc
index b05f6d0431c79fd8ee8d4e9d11b19305fceb0ccf..517ee30be41b4d32ef2465042f10286a991db22d 100644
--- a/cc/subtle/subtle_util_boringssl.cc
+++ b/cc/subtle/subtle_util_boringssl.cc
@@ -15,16 +15,14 @@
///////////////////////////////////////////////////////////////////////////////
#include "cc/subtle/subtle_util_boringssl.h"
+#include "cc/subtle/common_enums.h"
#include "openssl/ec.h"
-using google::crypto::tink::HashType;
-using google::crypto::tink::EllipticCurveType;
-using google::crypto::tink::EcPointFormat;
-
namespace util = crypto::tink::util;
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
@@ -267,5 +265,6 @@ util::StatusOr<std::string> SubtleUtilBoringSSL::EcPointEncode(
}
}
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/subtle_util_boringssl.h b/cc/subtle/subtle_util_boringssl.h
index 356c7ccfc593b68546744451f1939961e15d3705..1b31516d1e7bec580c0e70d8cd68aa518f31af3c 100644
--- a/cc/subtle/subtle_util_boringssl.h
+++ b/cc/subtle/subtle_util_boringssl.h
@@ -18,19 +18,20 @@
#define TINK_SUBTLE_SUBTLE_UTIL_BORINGSSL_H_
#include "absl/strings/string_view.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "openssl/bn.h"
#include "openssl/evp.h"
-#include "proto/common.pb.h"
namespace crypto {
namespace tink {
+namespace subtle {
class SubtleUtilBoringSSL {
public:
struct EcKey {
- google::crypto::tink::EllipticCurveType curve;
+ EllipticCurveType curve;
std::string pub_x; // affine coordinates in bigendian representation
std::string pub_y;
std::string priv; // big integer in bigendian represnetation
@@ -38,18 +39,18 @@ class SubtleUtilBoringSSL {
// Returns BoringSSL's EC_GROUP constructed from the curve type.
static crypto::tink::util::StatusOr<EC_GROUP *> GetEcGroup(
- google::crypto::tink::EllipticCurveType curve_type);
+ EllipticCurveType curve_type);
// Returns BoringSSL's EC_POINT constructed from the curve type, big-endian
// representation of public key's x-coordinate and y-coordinate.
static crypto::tink::util::StatusOr<EC_POINT *> GetEcPoint(
- google::crypto::tink::EllipticCurveType curve,
+ EllipticCurveType curve,
absl::string_view pubx,
absl::string_view puby);
// Returns a new EC key for the specified curve.
static crypto::tink::util::StatusOr<EcKey> GetNewEcKey(
- google::crypto::tink::EllipticCurveType curve_type);
+ EllipticCurveType curve_type);
// Returns BoringSSL's EC_POINT constructed from curve type, point format and
// encoded public key's point. The uncompressed point is encoded as
@@ -58,8 +59,8 @@ class SubtleUtilBoringSSL {
// curve_size_in_bytes big-endian byte array and if the least significant bit
// of y is 1, the 1st byte is 0x03, otherwise it's 0x02.
static crypto::tink::util::StatusOr<EC_POINT *> EcPointDecode(
- google::crypto::tink::EllipticCurveType curve,
- google::crypto::tink::EcPointFormat format,
+ EllipticCurveType curve,
+ EcPointFormat format,
absl::string_view encoded);
// Returns the encoded public key based on curve type, point format and
@@ -69,22 +70,24 @@ class SubtleUtilBoringSSL {
// curve_size_in_bytes big-endian byte array and if the least significant bit
// of y is 1, the 1st byte is 0x03, otherwise it's 0x02.
static crypto::tink::util::StatusOr<std::string> EcPointEncode(
- google::crypto::tink::EllipticCurveType curve,
- google::crypto::tink::EcPointFormat format,
+ EllipticCurveType curve,
+ EcPointFormat format,
const EC_POINT *point);
// Returns the ECDH's shared secret based on our private key and peer's public
// key. Returns error if the public key is not on private key's curve.
static crypto::tink::util::StatusOr<std::string> ComputeEcdhSharedSecret(
- google::crypto::tink::EllipticCurveType curve,
- const BIGNUM *priv_key, const EC_POINT *pub_key);
+ EllipticCurveType curve,
+ const BIGNUM *priv_key,
+ const EC_POINT *pub_key);
// Returns an EVP structure for a hash function.
// The EVP_MD instances are sigletons owned by BoringSSL.
static crypto::tink::util::StatusOr<const EVP_MD *> EvpHash(
- google::crypto::tink::HashType hash_type);
+ HashType hash_type);
};
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/subtle/subtle_util_boringssl_test.cc b/cc/subtle/subtle_util_boringssl_test.cc
index 3a087ab113950d529f6bad3c6c95dc0e1b992d1b..d9f5ba872ada9edd7e4f194c94ac25c48e98d63a 100644
--- a/cc/subtle/subtle_util_boringssl_test.cc
+++ b/cc/subtle/subtle_util_boringssl_test.cc
@@ -15,6 +15,8 @@
////////////////////////////////////////////////////////////////////////////////
#include "cc/subtle/subtle_util_boringssl.h"
+
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "cc/util/test_util.h"
@@ -23,11 +25,9 @@
#include "openssl/evp.h"
#include "openssl/x509.h"
-using google::crypto::tink::EcPointFormat;
-using google::crypto::tink::EllipticCurveType;
-
namespace crypto {
namespace tink {
+namespace subtle {
namespace {
class SubtleUtilBoringSSLTest : public ::testing::Test {};
@@ -113,6 +113,7 @@ TEST_F(SubtleUtilBoringSSLTest, testEcPointDecode) {
}
} // namespace
+} // namespace subtle
} // namespace tink
} // namespace crypto
diff --git a/cc/util/BUILD b/cc/util/BUILD
index a7d62758667353111fef63bf3dc729db3a2a875d..4c2330b796fd516362739eb9c597f3d7d5242035 100644
--- a/cc/util/BUILD
+++ b/cc/util/BUILD
@@ -17,6 +17,16 @@ cc_library(
hdrs = ["ptr_util.h"],
)
+cc_library(
+ name = "enums",
+ srcs = ["enums.cc"],
+ hdrs = ["enums.h"],
+ deps = [
+ "//cc/subtle:common_enums",
+ "//proto:common_cc_proto",
+ ],
+)
+
cc_library(
name = "status",
srcs = ["status.cc"],
@@ -50,6 +60,7 @@ cc_library(
srcs = ["test_util.cc"],
hdrs = ["test_util.h"],
deps = [
+ ":enums",
":status",
":statusor",
"//cc:aead",
@@ -71,6 +82,20 @@ cc_library(
# tests
+cc_test(
+ name = "enums_test",
+ size = "small",
+ srcs = ["enums_test.cc"],
+ copts = ["-Iexternal/gtest/include"],
+ linkopts = ["-lpthread"],
+ deps = [
+ ":enums",
+ "//cc/subtle:common_enums",
+ "//proto:common_cc_proto",
+ "@com_google_googletest//:gtest_main",
+ ],
+)
+
cc_test(
name = "errors_test",
size = "small",
diff --git a/cc/util/enums.cc b/cc/util/enums.cc
new file mode 100644
index 0000000000000000000000000000000000000000..38f15c553827a52c4e461a356f152f6b30893f1b
--- /dev/null
+++ b/cc/util/enums.cc
@@ -0,0 +1,117 @@
+// Copyright 2017 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#include "cc/util/enums.h"
+#include "proto/common.pb.h"
+
+namespace proto = google::crypto::tink;
+namespace subtle = crypto::tink::subtle;
+
+namespace crypto {
+namespace tink {
+namespace util {
+
+// static
+proto::EllipticCurveType Enums::SubtleToProto(subtle::EllipticCurveType type) {
+ switch (type) {
+ case subtle::EllipticCurveType::NIST_P224:
+ return proto::EllipticCurveType::NIST_P224;
+ case subtle::EllipticCurveType::NIST_P256:
+ return proto::EllipticCurveType::NIST_P256;
+ case subtle::EllipticCurveType::NIST_P384:
+ return proto::EllipticCurveType::NIST_P384;
+ case subtle::EllipticCurveType::NIST_P521:
+ return proto::EllipticCurveType::NIST_P521;
+ default:
+ return proto::EllipticCurveType::UNKNOWN_CURVE;
+ }
+}
+
+// static
+subtle::EllipticCurveType Enums::ProtoToSubtle(proto::EllipticCurveType type) {
+ switch (type) {
+ case proto::EllipticCurveType::NIST_P224:
+ return subtle::EllipticCurveType::NIST_P224;
+ case proto::EllipticCurveType::NIST_P256:
+ return subtle::EllipticCurveType::NIST_P256;
+ case proto::EllipticCurveType::NIST_P384:
+ return subtle::EllipticCurveType::NIST_P384;
+ case proto::EllipticCurveType::NIST_P521:
+ return subtle::EllipticCurveType::NIST_P521;
+ default:
+ return subtle::EllipticCurveType::UNKNOWN_CURVE;
+ }
+}
+
+// static
+proto::EcPointFormat Enums::SubtleToProto(subtle::EcPointFormat format) {
+ switch (format) {
+ case subtle::EcPointFormat::UNCOMPRESSED:
+ return proto::EcPointFormat::UNCOMPRESSED;
+ case subtle::EcPointFormat::COMPRESSED:
+ return proto::EcPointFormat::COMPRESSED;
+ default:
+ return proto::EcPointFormat::UNKNOWN_FORMAT;
+ }
+}
+
+// static
+subtle::EcPointFormat Enums::ProtoToSubtle(proto::EcPointFormat format) {
+ switch (format) {
+ case proto::EcPointFormat::UNCOMPRESSED:
+ return subtle::EcPointFormat::UNCOMPRESSED;
+ case proto::EcPointFormat::COMPRESSED:
+ return subtle::EcPointFormat::COMPRESSED;
+ default:
+ return subtle::EcPointFormat::UNKNOWN_FORMAT;
+ }
+}
+
+// static
+proto::HashType Enums::SubtleToProto(subtle::HashType type) {
+ switch (type) {
+ case subtle::HashType::SHA1:
+ return proto::HashType::SHA1;
+ case subtle::HashType::SHA224:
+ return proto::HashType::SHA224;
+ case subtle::HashType::SHA256:
+ return proto::HashType::SHA256;
+ case subtle::HashType::SHA512:
+ return proto::HashType::SHA512;
+ default:
+ return proto::HashType::UNKNOWN_HASH;
+ }
+}
+
+// static
+subtle::HashType Enums::ProtoToSubtle(proto::HashType type) {
+ switch (type) {
+ case proto::HashType::SHA1:
+ return subtle::HashType::SHA1;
+ case proto::HashType::SHA224:
+ return subtle::HashType::SHA224;
+ case proto::HashType::SHA256:
+ return subtle::HashType::SHA256;
+ case proto::HashType::SHA512:
+ return subtle::HashType::SHA512;
+ default:
+ return subtle::HashType::UNKNOWN_HASH;
+ }
+}
+
+} // namespace util
+} // namespace tink
+} // namespace crypto
diff --git a/cc/util/enums.h b/cc/util/enums.h
new file mode 100644
index 0000000000000000000000000000000000000000..68b385f16356a514bfd3662a54763b853eac4b5a
--- /dev/null
+++ b/cc/util/enums.h
@@ -0,0 +1,58 @@
+// Copyright 2017 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#ifndef TINK_UTIL_ENUMS_H_
+#define TINK_UTIL_ENUMS_H_
+
+#include "cc/subtle/common_enums.h"
+#include "proto/common.pb.h"
+
+namespace crypto {
+namespace tink {
+namespace util {
+
+
+// Helpers for translation between protocol buffer enums and
+// common enums used in subtle.
+class Enums {
+ public:
+ // EllipticCurveType.
+ static google::crypto::tink::EllipticCurveType SubtleToProto(
+ crypto::tink::subtle::EllipticCurveType type);
+
+ static crypto::tink::subtle::EllipticCurveType ProtoToSubtle(
+ google::crypto::tink::EllipticCurveType type);
+
+ // EcPointFormat.
+ static google::crypto::tink::EcPointFormat SubtleToProto(
+ crypto::tink::subtle::EcPointFormat format);
+
+ static crypto::tink::subtle::EcPointFormat ProtoToSubtle(
+ google::crypto::tink::EcPointFormat format);
+
+ // HashType.
+ static google::crypto::tink::HashType SubtleToProto(
+ crypto::tink::subtle::HashType type);
+
+ static crypto::tink::subtle::HashType ProtoToSubtle(
+ google::crypto::tink::HashType type);
+};
+
+} // namespace util
+} // namespace tink
+} // namespace crypto
+
+#endif // TINK_UTIL_ENUMS_H_
diff --git a/cc/util/enums_test.cc b/cc/util/enums_test.cc
new file mode 100644
index 0000000000000000000000000000000000000000..920ddc6b6c6460eb9e93063f5b82336873fa56b4
--- /dev/null
+++ b/cc/util/enums_test.cc
@@ -0,0 +1,161 @@
+// Copyright 2017 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#include "cc/util/enums.h"
+
+#include "cc/subtle/common_enums.h"
+#include "gtest/gtest.h"
+#include "proto/common.pb.h"
+
+using crypto::tink::util::Enums;
+
+namespace proto = google::crypto::tink;
+namespace subtle = crypto::tink::subtle;
+
+
+namespace crypto {
+namespace tink {
+namespace {
+
+class EnumsTest : public ::testing::Test {
+};
+
+TEST_F(EnumsTest, testEllipticCurveType) {
+ EXPECT_EQ(proto::EllipticCurveType::NIST_P224,
+ Enums::SubtleToProto(subtle::EllipticCurveType::NIST_P224));
+ EXPECT_EQ(proto::EllipticCurveType::NIST_P256,
+ Enums::SubtleToProto(subtle::EllipticCurveType::NIST_P256));
+ EXPECT_EQ(proto::EllipticCurveType::NIST_P384,
+ Enums::SubtleToProto(subtle::EllipticCurveType::NIST_P384));
+ EXPECT_EQ(proto::EllipticCurveType::NIST_P521,
+ Enums::SubtleToProto(subtle::EllipticCurveType::NIST_P521));
+ EXPECT_EQ(proto::EllipticCurveType::UNKNOWN_CURVE,
+ Enums::SubtleToProto(subtle::EllipticCurveType::UNKNOWN_CURVE));
+ EXPECT_EQ(proto::EllipticCurveType::UNKNOWN_CURVE,
+ Enums::SubtleToProto((subtle::EllipticCurveType)42));
+
+ EXPECT_EQ(subtle::EllipticCurveType::NIST_P224,
+ Enums::ProtoToSubtle(proto::EllipticCurveType::NIST_P224));
+ EXPECT_EQ(subtle::EllipticCurveType::NIST_P256,
+ Enums::ProtoToSubtle(proto::EllipticCurveType::NIST_P256));
+ EXPECT_EQ(subtle::EllipticCurveType::NIST_P384,
+ Enums::ProtoToSubtle(proto::EllipticCurveType::NIST_P384));
+ EXPECT_EQ(subtle::EllipticCurveType::NIST_P521,
+ Enums::ProtoToSubtle(proto::EllipticCurveType::NIST_P521));
+ EXPECT_EQ(subtle::EllipticCurveType::UNKNOWN_CURVE,
+ Enums::ProtoToSubtle(proto::EllipticCurveType::UNKNOWN_CURVE));
+ EXPECT_EQ(subtle::EllipticCurveType::UNKNOWN_CURVE,
+ Enums::ProtoToSubtle((proto::EllipticCurveType)42));
+
+ // Check that enum conversion covers the entire range of the proto-enum.
+ int count = 0;
+ for (int int_type = (int)proto::EllipticCurveType_MIN;
+ int_type <= (int)proto::EllipticCurveType_MAX;
+ int_type++) {
+ if (proto::EllipticCurveType_IsValid(int_type)) {
+ proto::EllipticCurveType type = (proto::EllipticCurveType)int_type;
+ EXPECT_EQ(type,
+ Enums::SubtleToProto(Enums::ProtoToSubtle(type)));
+ count++;
+ }
+ }
+ EXPECT_EQ(5, count);
+}
+
+TEST_F(EnumsTest, testHashType) {
+ EXPECT_EQ(proto::HashType::SHA1,
+ Enums::SubtleToProto(subtle::HashType::SHA1));
+ EXPECT_EQ(proto::HashType::SHA224,
+ Enums::SubtleToProto(subtle::HashType::SHA224));
+ EXPECT_EQ(proto::HashType::SHA256,
+ Enums::SubtleToProto(subtle::HashType::SHA256));
+ EXPECT_EQ(proto::HashType::SHA512,
+ Enums::SubtleToProto(subtle::HashType::SHA512));
+ EXPECT_EQ(proto::HashType::UNKNOWN_HASH,
+ Enums::SubtleToProto(subtle::HashType::UNKNOWN_HASH));
+ EXPECT_EQ(proto::HashType::UNKNOWN_HASH,
+ Enums::SubtleToProto((subtle::HashType)42));
+
+ EXPECT_EQ(subtle::HashType::SHA1,
+ Enums::ProtoToSubtle(proto::HashType::SHA1));
+ EXPECT_EQ(subtle::HashType::SHA224,
+ Enums::ProtoToSubtle(proto::HashType::SHA224));
+ EXPECT_EQ(subtle::HashType::SHA256,
+ Enums::ProtoToSubtle(proto::HashType::SHA256));
+ EXPECT_EQ(subtle::HashType::SHA512,
+ Enums::ProtoToSubtle(proto::HashType::SHA512));
+ EXPECT_EQ(subtle::HashType::UNKNOWN_HASH,
+ Enums::ProtoToSubtle(proto::HashType::UNKNOWN_HASH));
+ EXPECT_EQ(subtle::HashType::UNKNOWN_HASH,
+ Enums::ProtoToSubtle((proto::HashType)42));
+
+ // Check that enum conversion covers the entire range of the proto-enum.
+ int count = 0;
+ for (int int_type = (int)proto::HashType_MIN;
+ int_type <= (int)proto::HashType_MAX;
+ int_type++) {
+ if (proto::HashType_IsValid(int_type)) {
+ proto::HashType type = (proto::HashType)int_type;
+ EXPECT_EQ(type,
+ Enums::SubtleToProto(Enums::ProtoToSubtle(type)));
+ count++;
+ }
+ }
+ EXPECT_EQ(5, count);
+}
+
+TEST_F(EnumsTest, testEcPointFormat) {
+ EXPECT_EQ(proto::EcPointFormat::UNCOMPRESSED,
+ Enums::SubtleToProto(subtle::EcPointFormat::UNCOMPRESSED));
+ EXPECT_EQ(proto::EcPointFormat::COMPRESSED,
+ Enums::SubtleToProto(subtle::EcPointFormat::COMPRESSED));
+ EXPECT_EQ(proto::EcPointFormat::UNKNOWN_FORMAT,
+ Enums::SubtleToProto(subtle::EcPointFormat::UNKNOWN_FORMAT));
+ EXPECT_EQ(proto::EcPointFormat::UNKNOWN_FORMAT,
+ Enums::SubtleToProto((subtle::EcPointFormat)42));
+
+ EXPECT_EQ(subtle::EcPointFormat::UNCOMPRESSED,
+ Enums::ProtoToSubtle(proto::EcPointFormat::UNCOMPRESSED));
+ EXPECT_EQ(subtle::EcPointFormat::COMPRESSED,
+ Enums::ProtoToSubtle(proto::EcPointFormat::COMPRESSED));
+ EXPECT_EQ(subtle::EcPointFormat::UNKNOWN_FORMAT,
+ Enums::ProtoToSubtle(proto::EcPointFormat::UNKNOWN_FORMAT));
+ EXPECT_EQ(subtle::EcPointFormat::UNKNOWN_FORMAT,
+ Enums::ProtoToSubtle((proto::EcPointFormat)42));
+
+ // Check that enum conversion covers the entire range of the proto-enum.
+ int count = 0;
+ for (int int_format = (int)proto::EcPointFormat_MIN;
+ int_format <= (int)proto::EcPointFormat_MAX;
+ int_format++) {
+ if (proto::EcPointFormat_IsValid(int_format)) {
+ proto::EcPointFormat format = (proto::EcPointFormat)int_format;
+ EXPECT_EQ(format,
+ Enums::SubtleToProto(Enums::ProtoToSubtle(format)));
+ count++;
+ }
+ }
+ EXPECT_EQ(3, count);
+}
+
+} // namespace
+} // namespace tink
+} // namespace crypto
+
+int main(int ac, char* av[]) {
+ testing::InitGoogleTest(&ac, av);
+ return RUN_ALL_TESTS();
+}
diff --git a/cc/util/test_util.cc b/cc/util/test_util.cc
index 49968c9528aaca38fb4290e2c482a2bb893c3a5c..792f103e4e03be4c675f14d9bdd3a187867083cd 100644
--- a/cc/util/test_util.cc
+++ b/cc/util/test_util.cc
@@ -23,7 +23,9 @@
#include "cc/binary_keyset_reader.h"
#include "cc/cleartext_keyset_handle.h"
#include "cc/aead/aes_gcm_key_manager.h"
+#include "cc/subtle/common_enums.h"
#include "cc/subtle/subtle_util_boringssl.h"
+#include "cc/util/enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "proto/aes_gcm.pb.h"
@@ -33,13 +35,11 @@
using google::crypto::tink::AesGcmKeyFormat;
using google::crypto::tink::EciesAeadHkdfPrivateKey;
-using google::crypto::tink::EcPointFormat;
-using google::crypto::tink::EllipticCurveType;
-using google::crypto::tink::HashType;
using google::crypto::tink::Keyset;
using google::crypto::tink::OutputPrefixType;
-using crypto::tink::util::error::Code;
+using crypto::tink::util::Enums;
using crypto::tink::util::Status;
+using crypto::tink::util::error::Code;
namespace util = crypto::tink::util;
@@ -140,11 +140,24 @@ void AddRawKey(
}
EciesAeadHkdfPrivateKey GetEciesAesGcmHkdfTestKey(
- EllipticCurveType curve_type,
- EcPointFormat ec_point_format,
- HashType hash_type,
+ subtle::EllipticCurveType curve_type,
+ subtle::EcPointFormat ec_point_format,
+ subtle::HashType hash_type,
+ uint32_t aes_gcm_key_size) {
+ return GetEciesAesGcmHkdfTestKey(
+ Enums::SubtleToProto(curve_type),
+ Enums::SubtleToProto(ec_point_format),
+ Enums::SubtleToProto(hash_type),
+ aes_gcm_key_size);
+}
+
+EciesAeadHkdfPrivateKey GetEciesAesGcmHkdfTestKey(
+ google::crypto::tink::EllipticCurveType curve_type,
+ google::crypto::tink::EcPointFormat ec_point_format,
+ google::crypto::tink::HashType hash_type,
uint32_t aes_gcm_key_size) {
- auto test_key = SubtleUtilBoringSSL::GetNewEcKey(curve_type).ValueOrDie();
+ auto test_key = subtle::SubtleUtilBoringSSL::GetNewEcKey(
+ Enums::ProtoToSubtle(curve_type)).ValueOrDie();
EciesAeadHkdfPrivateKey ecies_key;
ecies_key.set_version(0);
ecies_key.set_key_value(test_key.priv);
diff --git a/cc/util/test_util.h b/cc/util/test_util.h
index 582dae6181dd68b2875d7893adcd43f0bbf2fca3..a4f3db0fec8a9fc4b7916bf4a5ff9f5dc0901080 100644
--- a/cc/util/test_util.h
+++ b/cc/util/test_util.h
@@ -25,6 +25,7 @@
#include "cc/hybrid_encrypt.h"
#include "cc/keyset_handle.h"
#include "cc/mac.h"
+#include "cc/subtle/common_enums.h"
#include "cc/util/status.h"
#include "cc/util/statusor.h"
#include "proto/common.pb.h"
@@ -86,6 +87,14 @@ void AddRawKey(
google::crypto::tink::Keyset* keyset);
+// Generates a fresh test key for ECIES-AEAD-HKDF for the given curve,
+// using AesGcm with the specified key size as AEAD, and HKDF with 'hash_type'.
+google::crypto::tink::EciesAeadHkdfPrivateKey GetEciesAesGcmHkdfTestKey(
+ subtle::EllipticCurveType curve_type,
+ subtle::EcPointFormat ec_point_format,
+ subtle::HashType hash_type,
+ uint32_t aes_gcm_key_size);
+
// Generates a fresh test key for ECIES-AEAD-HKDF for the given curve,
// using AesGcm with the specified key size as AEAD, and HKDF with 'hash_type'.
google::crypto::tink::EciesAeadHkdfPrivateKey GetEciesAesGcmHkdfTestKey(