Adding C++ implementation of KeysetHandle::GenerateNew(KeyTemplate).

PiperOrigin-RevId: 197935510
GitOrigin-RevId: 4d9358b99e0d8815c7e656b9ce0805c4a34b5201

cc/BUILD.bazel

@@ -87,6 +87,8 @@ cc_library(
     hdrs = PUBLIC_APIS,
     visibility = ["//visibility:public"],
     deps = PUBLIC_API_DEPS,
+    strip_include_prefix = "/cc",
+    include_prefix = "tink",
 )
 
 cc_library(
@@ -315,7 +317,7 @@ cc_library(
     deps = [
         ":catalogue",
         ":key_manager",
-        ":keyset_handle",
+        ":keyset_handle_hdr",
         ":primitive_set",
         "//cc/util:errors",
         "//cc/util:protobuf_helper",
@@ -329,12 +331,29 @@ cc_library(
     include_prefix = "tink",
 )
 
+cc_library(
+    name = "keyset_handle_hdr",
+    srcs = ["keyset_handle.h"],
+    hdrs = ["keyset_handle.h"],
+    deps = [
+        ":aead",
+        ":keyset_reader",
+        ":keyset_writer",
+        "//cc/util:errors",
+        "//proto:tink_cc_proto",
+        "@com_google_absl//absl/memory",
+    ],
+    strip_include_prefix = "/cc",
+    include_prefix = "tink",
+)
+
 cc_library(
     name = "keyset_handle",
     srcs = ["core/keyset_handle.cc"],
     hdrs = ["keyset_handle.h"],
     deps = [
         ":aead",
+        ":keyset_manager",
         ":keyset_reader",
         ":keyset_writer",
         "//cc/util:errors",
@@ -350,7 +369,7 @@ cc_library(
     srcs = ["core/cleartext_keyset_handle.cc"],
     hdrs = ["cleartext_keyset_handle.h"],
     deps = [
-        ":keyset_handle",
+        ":keyset_handle_hdr",
         "//cc/util:errors",
         "//cc/util:status",
         "//cc/util:statusor",
@@ -382,7 +401,7 @@ cc_library(
     hdrs = ["keyset_manager.h"],
     visibility = ["//visibility:public"],
     deps = [
-        ":keyset_handle",
+        ":keyset_handle_hdr",
         ":keyset_reader",
         ":registry",
         "//cc/util:errors",
@@ -565,9 +584,13 @@ cc_test(
     deps = [
         ":binary_keyset_reader",
         ":cleartext_keyset_handle",
+        ":config",
         ":json_keyset_reader",
         ":json_keyset_writer",
         ":keyset_handle",
+        "//cc",
+        "//cc/aead:aead_config",
+        "//cc/aead:aead_key_templates",
         "//cc/util:protobuf_helper",
         "//cc/util:test_util",
         "//proto:tink_cc_proto",

cc/core/keyset_handle.cc

@@ -17,6 +17,7 @@
 #include "absl/memory/memory.h"
 #include "tink/aead.h"
 #include "tink/keyset_handle.h"
+#include "tink/keyset_manager.h"
 #include "tink/keyset_reader.h"
 #include "tink/keyset_writer.h"
 #include "tink/util/errors.h"
@@ -98,8 +99,11 @@ util::Status KeysetHandle::WriteEncrypted(const Aead& master_key_aead,
 // static
 util::StatusOr<std::unique_ptr<KeysetHandle>> KeysetHandle::GenerateNew(
     const KeyTemplate& key_template) {
-  return util::Status(util::error::UNIMPLEMENTED,
-      "Generation of new keysets from templates is not implemented yet.");
+  auto manager_result = KeysetManager::New(key_template);
+  if (!manager_result.ok()) {
+    return manager_result.status();
+  }
+  return manager_result.ValueOrDie()->GetKeysetHandle();
 }
 
 KeysetHandle::KeysetHandle(std::unique_ptr<Keyset> keyset)

cc/core/keyset_handle_test.cc

@@ -14,11 +14,14 @@
 //
 ////////////////////////////////////////////////////////////////////////////////
 
+#include "tink/config.h"
+#include "tink/aead_key_templates.h"
 #include "tink/binary_keyset_reader.h"
 #include "tink/cleartext_keyset_handle.h"
 #include "tink/json_keyset_reader.h"
 #include "tink/json_keyset_writer.h"
 #include "tink/keyset_handle.h"
+#include "tink/aead/aead_config.h"
 #include "tink/util/protobuf_helper.h"
 #include "tink/util/test_util.h"
 #include "gtest/gtest.h"
@@ -33,12 +36,20 @@ using google::crypto::tink::EncryptedKeyset;
 using google::crypto::tink::KeyData;
 using google::crypto::tink::Keyset;
 using google::crypto::tink::KeyStatusType;
+using google::crypto::tink::KeyTemplate;
 
 namespace crypto {
 namespace tink {
 namespace {
 
 class KeysetHandleTest : public ::testing::Test {
+ protected:
+  void SetUp() override {
+    auto status = AeadConfig::Init();
+    ASSERT_TRUE(status.ok()) << status;
+    status = Config::Register(AeadConfig::Tink_1_1_0());
+    ASSERT_TRUE(status.ok()) << status;
+  }
 };
 
 TEST_F(KeysetHandleTest, testReadEncryptedKeyset_Binary) {
@@ -218,6 +229,30 @@ TEST_F(KeysetHandleTest, testWriteEncryptedKeyset_Json) {
   EXPECT_EQ(util::error::INVALID_ARGUMENT, status.error_code());
 }
 
+TEST_F(KeysetHandleTest, testGenerateNewKeysetHandle) {
+  const google::crypto::tink::KeyTemplate* key_templates[] = {
+    &AeadKeyTemplates::Aes128Gcm(),
+    &AeadKeyTemplates::Aes256Gcm(),
+    &AeadKeyTemplates::Aes128CtrHmacSha256(),
+    &AeadKeyTemplates::Aes256CtrHmacSha256(),
+  };
+  for (auto templ : key_templates) {
+    auto handle_result = KeysetHandle::GenerateNew(*templ);
+    EXPECT_TRUE(handle_result.ok())
+        << "Failed for template:\n " << templ->DebugString()
+        << "\n with status: "<< handle_result.status();
+  }
+}
+
+TEST_F(KeysetHandleTest, testGenerateNewKeysetHandleErrors) {
+  KeyTemplate templ;
+  templ.set_type_url("type.googleapis.com/some.unknown.KeyType");
+
+  auto handle_result = KeysetHandle::GenerateNew(templ);
+  EXPECT_FALSE(handle_result.ok());
+  EXPECT_EQ(util::error::NOT_FOUND, handle_result.status().error_code());
+}
+
 }  // namespace
 }  // namespace tink
 }  // namespace crypto

cc/keyset_manager.h

@@ -19,14 +19,15 @@
 
 #include <mutex>  // NOLINT(build/c++11)
 
-#include "tink/keyset_handle.h"
 #include "tink/util/status.h"
 #include "tink/util/statusor.h"
 #include "proto/tink.pb.h"
 
 namespace crypto {
 namespace tink {
 
+class KeysetHandle;
+
 // KeysetManager provides convenience methods for creation of Keysets, and for
 // rotating, disabling, enabling, or destroing keys.
 // An instance of this class takes care of a single Keyset, that can be

objc/Tests/UnitTests/core/TINKKeysetHandleTest.mm

@@ -165,14 +165,11 @@ - (void)testValidKeyTemplate {
   XCTAssertNotNil(keyTemplate);
   XCTAssertNil(error);
 
-  // TODO(candrian): Update this test once C++ adds support for key templates.
+  // TODO(candrian): Update this test as now C++ does support key templates.
   TINKKeysetHandle *handle =
       [[TINKKeysetHandle alloc] initWithKeyTemplate:keyTemplate error:&error];
   XCTAssertNil(handle);
   XCTAssertNotNil(error);
-  XCTAssertTrue(error.code == crypto::tink::util::error::UNIMPLEMENTED);
-  XCTAssertTrue([error.localizedFailureReason
-      containsString:@"Generation of new keysets from templates is not implemented yet"]);
 }
 
 @end