Adding C++ HybridConfig, to replace HybridEncrypt/Decrypt-Configs.

PiperOrigin-RevId: 191628409
GitOrigin-RevId: 133207901a7eeea3973c966dd79cbc98a4c5348a

cc/BUILD.bazel

@@ -14,6 +14,7 @@ cc_library(
         "binary_keyset_writer.h",
         "catalogue.h",
         "config.h",
+        "hybrid_config.h",
         "hybrid_decrypt.h",
         "hybrid_decrypt_config.h",
         "hybrid_decrypt_factory.h",
@@ -58,6 +59,7 @@ cc_library(
         "//cc/aead:aead_config",
         "//cc/aead:aead_factory",
         "//cc/config:tink_config",
+        "//cc/hybrid:hybrid_config",
         "//cc/hybrid:hybrid_decrypt_config",
         "//cc/hybrid:hybrid_decrypt_factory",
         "//cc/hybrid:hybrid_encrypt_config",

cc/config/BUILD.bazel

@@ -9,8 +9,7 @@ cc_library(
     deps = [
         "//cc:config",
         "//cc:key_manager",
-        "//cc/hybrid:hybrid_decrypt_config",
-        "//cc/hybrid:hybrid_encrypt_config",
+        "//cc/hybrid:hybrid_config",
         "//cc/signature:signature_config",
         "//cc/util:status",
         "//proto:config_cc_proto",

cc/config/tink_config.cc

@@ -19,8 +19,7 @@
 #include "tink/config.h"
 #include "tink/key_manager.h"
 #include "tink/registry.h"
-#include "tink/hybrid/hybrid_encrypt_config.h"
-#include "tink/hybrid/hybrid_decrypt_config.h"
+#include "tink/hybrid/hybrid_config.h"
 #include "tink/signature/signature_config.h"
 #include "tink/util/status.h"
 
@@ -32,10 +31,7 @@ namespace {
 google::crypto::tink::RegistryConfig* GenerateRegistryConfig() {
   google::crypto::tink::RegistryConfig* config =
       new google::crypto::tink::RegistryConfig();
-  config->MergeFrom(HybridEncryptConfig::Tink_1_1_0());  // includes Mac & Aead
-  config->add_entry()->MergeFrom(*Config::GetTinkKeyTypeEntry(
-      HybridDecryptConfig::kCatalogueName, HybridDecryptConfig::kPrimitiveName,
-      "EciesAeadHkdfPrivateKey", 0, true));
+  config->MergeFrom(HybridConfig::Tink_1_1_0());  // includes Mac & Aead
   config->MergeFrom(SignatureConfig::Tink_1_1_0());
   config->set_config_name("TINK_1_1_0");
   return config;
@@ -51,9 +47,7 @@ const google::crypto::tink::RegistryConfig& TinkConfig::Tink_1_1_0() {
 
 // static
 util::Status TinkConfig::Init() {
-  auto status = HybridEncryptConfig::Init();  // includes Mac & Aead
-  if (!status.ok()) return status;
-  status = HybridDecryptConfig::Init();
+  auto status = HybridConfig::Init();  // includes Mac & Aead
   if (!status.ok()) return status;
   return SignatureConfig::Init();
 }

cc/config/tink_config_test.cc

@@ -57,10 +57,10 @@ TEST_F(TinkConfigTest, testBasic) {
       "type.googleapis.com/google.crypto.tink.EcdsaPrivateKey";
   std::string public_key_verify_key_type =
       "type.googleapis.com/google.crypto.tink.EcdsaPublicKey";
-  std::string hybrid_encrypt_key_type =
-      "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey";
   std::string hybrid_decrypt_key_type =
       "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey";
+  std::string hybrid_encrypt_key_type =
+      "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey";
   std::string aes_ctr_hmac_aead_key_type =
       "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey";
   std::string aes_gcm_key_type =
@@ -89,15 +89,15 @@ TEST_F(TinkConfigTest, testBasic) {
   EXPECT_EQ(true, config.entry(2).new_key_allowed());
   EXPECT_EQ(0, config.entry(2).key_manager_version());
 
-  EXPECT_EQ("TinkHybridEncrypt", config.entry(3).catalogue_name());
-  EXPECT_EQ("HybridEncrypt", config.entry(3).primitive_name());
-  EXPECT_EQ(hybrid_encrypt_key_type, config.entry(3).type_url());
+  EXPECT_EQ("TinkHybridDecrypt", config.entry(3).catalogue_name());
+  EXPECT_EQ("HybridDecrypt", config.entry(3).primitive_name());
+  EXPECT_EQ(hybrid_decrypt_key_type, config.entry(3).type_url());
   EXPECT_EQ(true, config.entry(3).new_key_allowed());
   EXPECT_EQ(0, config.entry(3).key_manager_version());
 
-  EXPECT_EQ("TinkHybridDecrypt", config.entry(4).catalogue_name());
-  EXPECT_EQ("HybridDecrypt", config.entry(4).primitive_name());
-  EXPECT_EQ(hybrid_decrypt_key_type, config.entry(4).type_url());
+  EXPECT_EQ("TinkHybridEncrypt", config.entry(4).catalogue_name());
+  EXPECT_EQ("HybridEncrypt", config.entry(4).primitive_name());
+  EXPECT_EQ(hybrid_encrypt_key_type, config.entry(4).type_url());
   EXPECT_EQ(true, config.entry(4).new_key_allowed());
   EXPECT_EQ(0, config.entry(4).key_manager_version());
 

cc/hybrid/BUILD.bazel

@@ -2,6 +2,22 @@ package(default_visibility = ["//tools/build_defs:internal_pkg"])
 
 licenses(["notice"])  # Apache 2.0
 
+cc_library(
+    name = "hybrid_config",
+    srcs = ["hybrid_config.cc"],
+    hdrs = ["hybrid_config.h"],
+    deps = [
+        ":hybrid_decrypt_catalogue",
+        ":hybrid_encrypt_catalogue",
+        "//cc:config",
+        "//cc/aead:aead_config",
+        "//cc/util:status",
+        "//proto:config_cc_proto",
+    ],
+    strip_include_prefix = "/cc",
+    include_prefix = "tink",
+)
+
 cc_library(
     name = "hybrid_decrypt_set_wrapper",
     srcs = ["hybrid_decrypt_set_wrapper.cc"],
@@ -241,6 +257,21 @@ cc_library(
 
 # tests
 
+cc_test(
+    name = "hybrid_config_test",
+    size = "small",
+    srcs = ["hybrid_config_test.cc"],
+    copts = ["-Iexternal/gtest/include"],
+    deps = [
+        ":hybrid_config",
+        "//cc:catalogue",
+        "//cc:config",
+        "//cc:registry",
+        "//cc/util:status",
+        "@com_google_googletest//:gtest_main",
+    ],
+)
+
 cc_test(
     name = "hybrid_decrypt_set_wrapper_test",
     size = "small",

cc/hybrid/hybrid_config.cc

@@ -0,0 +1,73 @@
+// Copyright 2018 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#include "tink/hybrid/hybrid_config.h"
+
+#include "tink/config.h"
+#include "tink/aead/aead_config.h"
+#include "tink/hybrid/hybrid_decrypt_catalogue.h"
+#include "tink/hybrid/hybrid_encrypt_catalogue.h"
+#include "tink/util/status.h"
+#include "proto/config.pb.h"
+
+namespace util = crypto::tink::util;
+
+namespace crypto {
+namespace tink {
+
+namespace {
+
+google::crypto::tink::RegistryConfig* GenerateRegistryConfig() {
+  google::crypto::tink::RegistryConfig* config =
+      new google::crypto::tink::RegistryConfig();
+  config->MergeFrom(AeadConfig::Tink_1_1_0());
+  config->add_entry()->MergeFrom(*Config::GetTinkKeyTypeEntry(
+      HybridConfig::kHybridDecryptCatalogueName,
+      HybridConfig::kHybridDecryptPrimitiveName,
+      "EciesAeadHkdfPrivateKey", 0, true));
+  config->add_entry()->MergeFrom(*Config::GetTinkKeyTypeEntry(
+      HybridConfig::kHybridEncryptCatalogueName,
+      HybridConfig::kHybridEncryptPrimitiveName,
+      "EciesAeadHkdfPublicKey", 0, true));
+  config->set_config_name("TINK_HYBRID_1_1_0");
+  return config;
+}
+
+}  // anonymous namespace
+
+constexpr char HybridConfig::kHybridDecryptCatalogueName[];
+constexpr char HybridConfig::kHybridDecryptPrimitiveName[];
+constexpr char HybridConfig::kHybridEncryptCatalogueName[];
+constexpr char HybridConfig::kHybridEncryptPrimitiveName[];
+
+// static
+const google::crypto::tink::RegistryConfig& HybridConfig::Tink_1_1_0() {
+  static const auto config = GenerateRegistryConfig();
+  return *config;
+}
+
+// static
+util::Status HybridConfig::Init() {
+  AeadConfig::Init();
+  auto status = Registry::AddCatalogue(
+      kHybridDecryptCatalogueName, new HybridDecryptCatalogue());
+  if (!status.ok()) return status;
+  return Registry::AddCatalogue(
+      kHybridEncryptCatalogueName, new HybridEncryptCatalogue());
+}
+
+}  // namespace tink
+}  // namespace crypto

cc/hybrid/hybrid_config.h

@@ -0,0 +1,60 @@
+// Copyright 2018 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#ifndef TINK_HYBRID_HYBRID_CONFIG_H_
+#define TINK_HYBRID_HYBRID_CONFIG_H_
+
+#include "tink/util/status.h"
+#include "proto/config.pb.h"
+
+namespace crypto {
+namespace tink {
+
+///////////////////////////////////////////////////////////////////////////////
+// Static methods and constants for registering with the Registry
+// all instances of hybrid encryption key types supported in a particular
+// release of Tink, i.e. key types that correspond to primitives
+// HybridEncrypt and HybridDecrypt.
+//
+// To register all hybrid encryption key types provided in Tink release 1.1.0
+// one can do:
+//
+//   auto status = Config::Register(HybridConfig::Tink_1_1_0());
+//
+// For more information on creation and usage of instances of HybridDecrypt
+// and HybridDecrypt see HybridEncryptFactory resp. HybridDecryptFactory.
+class HybridConfig {
+ public:
+  static constexpr char kHybridDecryptCatalogueName[] = "TinkHybridDecrypt";
+  static constexpr char kHybridDecryptPrimitiveName[] = "HybridDecrypt";
+  static constexpr char kHybridEncryptCatalogueName[] = "TinkHybridEncrypt";
+  static constexpr char kHybridEncryptPrimitiveName[] = "HybridEncrypt";
+
+  // Returns config of HybridDecrypt implementations supported in Tink 1.1.0.
+  static const google::crypto::tink::RegistryConfig& Tink_1_1_0();
+
+  // Initialization:
+  // registers the catalogue of Tink HybridDecrypt-implementations.
+  static crypto::tink::util::Status Init();
+
+ private:
+  HybridConfig() {}
+};
+
+}  // namespace tink
+}  // namespace crypto
+
+#endif  // TINK_HYBRID_HYBRID_CONFIG_H_