Adding C++ DeterministicEncryption to TinkConfig.

PiperOrigin-RevId: 215896406 GitOrigin-RevId: a62e7efa8d508f0f3f325208e37047a179d313db
tink-crypto · Oct 9, 2018 · b5b707f · b5b707f
1 parent 6f45019
commit b5b707f
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 3 deletions.
diff --git a/cc/config/BUILD.bazel b/cc/config/BUILD.bazel
@@ -9,6 +9,7 @@ cc_library(
     deps = [
         "//cc:config",
         "//cc:key_manager",
+        "//cc/daead:deterministic_aead_config",
         "//cc/hybrid:hybrid_config",
         "//cc/signature:signature_config",
         "//cc/util:status",
@@ -30,6 +31,7 @@ cc_test(
         "//cc:aead",
         "//cc:catalogue",
         "//cc:config",
+        "//cc:deterministic_aead",
         "//cc:hybrid_decrypt",
         "//cc:hybrid_encrypt",
         "//cc:mac",

diff --git a/cc/config/tink_config.cc b/cc/config/tink_config.cc
@@ -19,6 +19,7 @@
 #include "tink/config.h"
 #include "tink/key_manager.h"
 #include "tink/registry.h"
+#include "tink/daead/deterministic_aead_config.h"
 #include "tink/hybrid/hybrid_config.h"
 #include "tink/signature/signature_config.h"
 #include "tink/util/status.h"
@@ -33,6 +34,7 @@ google::crypto::tink::RegistryConfig* GenerateRegistryConfig() {
       new google::crypto::tink::RegistryConfig();
   config->MergeFrom(HybridConfig::Latest());  // includes Mac & Aead
   config->MergeFrom(SignatureConfig::Latest());
+  config->MergeFrom(DeterministicAeadConfig::Latest());
   config->set_config_name("TINK");
   return config;
 }
@@ -49,7 +51,9 @@ const google::crypto::tink::RegistryConfig& TinkConfig::Latest() {
 util::Status TinkConfig::Register() {
   auto status = HybridConfig::Register();  // includes Mac & Aead
   if (!status.ok()) return status;
-  return SignatureConfig::Register();
+  status = SignatureConfig::Register();
+  if (!status.ok()) return status;
+  return DeterministicAeadConfig::Register();
 }
 
 }  // namespace tink

diff --git a/cc/config/tink_config_test.cc b/cc/config/tink_config_test.cc
@@ -19,6 +19,7 @@
 #include "tink/aead.h"
 #include "tink/catalogue.h"
 #include "tink/config.h"
+#include "tink/deterministic_aead.h"
 #include "tink/hybrid_decrypt.h"
 #include "tink/hybrid_encrypt.h"
 #include "tink/mac.h"
@@ -71,9 +72,11 @@ TEST_F(TinkConfigTest, testBasic) {
       "type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key";
   std::string hmac_key_type =
       "type.googleapis.com/google.crypto.tink.HmacKey";
+  std::string aes_siv_key_type =
+      "type.googleapis.com/google.crypto.tink.AesSivKey";
   auto& config = TinkConfig::Latest();
 
-  EXPECT_EQ(9, TinkConfig::Latest().entry_size());
+  EXPECT_EQ(10, TinkConfig::Latest().entry_size());
 
   EXPECT_EQ("TinkMac", config.entry(0).catalogue_name());
   EXPECT_EQ("Mac", config.entry(0).primitive_name());
@@ -129,6 +132,12 @@ TEST_F(TinkConfigTest, testBasic) {
   EXPECT_EQ(true, config.entry(8).new_key_allowed());
   EXPECT_EQ(0, config.entry(8).key_manager_version());
 
+  EXPECT_EQ("TinkDeterministicAead", config.entry(9).catalogue_name());
+  EXPECT_EQ("DeterministicAead", config.entry(9).primitive_name());
+  EXPECT_EQ(aes_siv_key_type, config.entry(9).type_url());
+  EXPECT_EQ(true, config.entry(9).new_key_allowed());
+  EXPECT_EQ(0, config.entry(9).key_manager_version());
+
   // No key manager before registration.
   {
     auto manager_result = Registry::get_key_manager<Aead>(aes_gcm_key_type);
@@ -164,6 +173,12 @@ TEST_F(TinkConfigTest, testBasic) {
     EXPECT_FALSE(manager_result.ok());
     EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
   }
+  {
+    auto manager_result =
+        Registry::get_key_manager<DeterministicAead>(aes_siv_key_type);
+    EXPECT_FALSE(manager_result.ok());
+    EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code());
+  }
 
   // Registration of standard key types works.
   auto status = TinkConfig::Register();
@@ -206,6 +221,12 @@ TEST_F(TinkConfigTest, testBasic) {
     EXPECT_TRUE(manager_result.ValueOrDie()->DoesSupport(
         public_key_verify_key_type));
   }
+  {
+    auto manager_result =
+        Registry::get_key_manager<DeterministicAead>(aes_siv_key_type);
+    EXPECT_TRUE(manager_result.ok()) << manager_result.status();
+    EXPECT_TRUE(manager_result.ValueOrDie()->DoesSupport(aes_siv_key_type));
+  }
 }
 
 TEST_F(TinkConfigTest, testRegister) {

diff --git a/objc/Tests/UnitTests/core/TINKAllConfigTest.mm b/objc/Tests/UnitTests/core/TINKAllConfigTest.mm
@@ -39,7 +39,7 @@ - (void)test110Config {
   XCTAssertNil(error);
   google::crypto::tink::RegistryConfig config = allConfig.ccConfig;
 
-  XCTAssertTrue(config.entry_size() == 9);
+  XCTAssertTrue(config.entry_size() == 10);
 
   std::string hmac_key_type = "type.googleapis.com/google.crypto.tink.HmacKey";
   XCTAssertTrue("TinkMac" == config.entry(0).catalogue_name());
@@ -107,6 +107,13 @@ - (void)test110Config {
   XCTAssertTrue(ecdsa_verify_key_type == config.entry(8).type_url());
   XCTAssertTrue(config.entry(8).new_key_allowed());
   XCTAssertTrue(0 == config.entry(8).key_manager_version());
+
+  std::string aes_siv_key_type = "type.googleapis.com/google.crypto.tink.AesSivKey";
+  XCTAssertTrue("TinkDeterministicAead" == config.entry(9).catalogue_name());
+  XCTAssertTrue("DeterministicAead" == config.entry(9).primitive_name());
+  XCTAssertTrue(aes_siv_key_type == config.entry(9).type_url());
+  XCTAssertTrue(config.entry(9).new_key_allowed());
+  XCTAssertTrue(0 == config.entry(9).key_manager_version());
 }
 
 - (void)testConfigRegistration {