Cleanup of cross-language tests and doc update.

Change-Id: I3f7d13d4d4a872bc67d6cb432d48c7fd41e3f1b6 ORIGINAL_AUTHOR=Bartosz Przydatek <[email protected]> GitOrigin-RevId: b2353f08d87042666845a823cda4549d9a76c8d1
codeaudit · Jan 4, 2018 · 5280829 · 5280829
1 parent 958258d
commit 5280829
Show file tree

Hide file tree

Showing 77 changed files with 4,861 additions and 5,394 deletions.
diff --git a/README.md b/README.md
@@ -50,10 +50,19 @@ Tink is written by a group of cryptographers and security engineers at Google,
 but it is **not an official Google product**. In particular, it is not meant as
 a replacement or successor of [Keyczar](https://github.com/google/keyczar).
 
-**Current Status** [Tink for Java](doc/JAVA-HOWTO.md) is field tested and ready
-for production -- it is used in several Google products such as AdMob, Android
-Pay, and Google Android Search App. Tink for C++, Obj-C and Go are in active
-development.
+**Current Status**
+
+* [Tink for Java](doc/JAVA-HOWTO.md) is field tested and ready for production --
+  it is used in several Google products such as AdMob, Android Pay, and Google
+  Android Search App.
+
+* [Tink for C++](doc/CPP-HOWTO.md) is catching up with
+  [Tink for Java](doc/JAVA-HOWTO.md) in terms of features and stability,
+  and the offered functionality is 100%-compatible with Java
+  (cf. [cross-language tests](tools/testing/cross_language/).
+  We plan to make a first C++ release soon.
+
+* Tink for Obj-C and Go are in active development.
 
 ## Getting started
 
@@ -128,6 +137,7 @@ testing.
 *   [Tink Primitives](doc/PRIMITIVES.md)
 *   [Key Management](doc/KEY-MANAGEMENT.md)
 *   [Java HOW-TO](doc/JAVA-HOWTO.md)
+*   [C++ HOW-TO](doc/CPP-HOWTO.md)
 *   [Tinkey](doc/TINKEY.md)
 
 ## Contact and mailing list

diff --git a/go/aead/aead_config.go b/go/aead/aead_config.go
@@ -17,8 +17,8 @@
 package aead
 
 import (
-	"github.com/google/tink/go/tink/tink"
-	"sync"
+  "sync"
+  "github.com/google/tink/go/tink/tink"
 )
 
 // Config offers convenience methods for initializing aead.Factory()
@@ -32,32 +32,31 @@ import (
 // This divison allows for gradual retiring insecure or obsolete key types.
 var configInstance *config
 var configOnce sync.Once
-
-type config struct{}
+type config struct {}
 
 // Config creates an instance of config if there isn't and returns the instance.
 func Config() *config {
-	configOnce.Do(func() {
-		configInstance = new(config)
-	})
-	return configInstance
+  configOnce.Do(func() {
+    configInstance = new(config)
+  })
+  return configInstance
 }
 
 // RegisterStandardKeyTypes registers standard Aead key types and their managers
 // with the Registry.
 func (c *config) RegisterStandardKeyTypes() (bool, error) {
-	return c.RegisterKeyManager(NewAesGcmKeyManager())
+  return c.RegisterKeyManager(NewAesGcmKeyManager())
 }
 
 // RegisterLegacyKeyTypes registers legacy Aead key types and their managers
 // with the Registry.
 func (c *config) RegisterLegacyKeyTypes() (bool, error) {
-	return false, nil
+  return false, nil
 }
 
 // RegisterKeyManager registers the given keyManager for the key type given in
 // keyManager.KeyType(). It returns true if registration was successful, false if
 // there already exisits a key manager for the key type.
 func (c *config) RegisterKeyManager(keyManager tink.KeyManager) (bool, error) {
-	return tink.Registry().RegisterKeyManager(keyManager)
-}
+  return tink.Registry().RegisterKeyManager(keyManager)
+}
diff --git a/go/aead/aead_config_test.go b/go/aead/aead_config_test.go
@@ -13,31 +13,30 @@
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////
-
 package aead_test
 
 import (
-	"github.com/google/tink/go/aead/aead"
-	"github.com/google/tink/go/tink/tink"
-	"testing"
+  "testing"
+  "github.com/google/tink/go/tink/tink"
+  "github.com/google/tink/go/aead/aead"
 )
 
 func TestConfigInstance(t *testing.T) {
-	c := aead.Config()
-	if c == nil {
-		t.Errorf("Config() returns nil")
-	}
+  c := aead.Config()
+  if c == nil {
+    t.Errorf("Config() returns nil")
+  }
 }
 
 func TestConfigRegistration(t *testing.T) {
-	success, err := aead.Config().RegisterStandardKeyTypes()
-	if !success || err != nil {
-		t.Errorf("cannot register standard key types")
-	}
-	// check for AES-GCM key manager
-	keyManager, err := tink.Registry().GetKeyManager(aead.AES_GCM_TYPE_URL)
-	if err != nil {
-		t.Errorf("unexpected error: %s", err)
-	}
-	var _ = keyManager.(*aead.AesGcmKeyManager)
-}
+  success, err := aead.Config().RegisterStandardKeyTypes()
+  if !success || err != nil {
+    t.Errorf("cannot register standard key types")
+  }
+  // check for AES-GCM key manager
+  keyManager, err := tink.Registry().GetKeyManager(aead.AES_GCM_TYPE_URL)
+  if err != nil {
+    t.Errorf("unexpected error: %s", err)
+  }
+  var _ = keyManager.(*aead.AesGcmKeyManager)
+}
diff --git a/go/aead/aead_factory.go b/go/aead/aead_factory.go
@@ -13,13 +13,12 @@
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////
-
 package aead
 
 import (
-	"fmt"
-	"github.com/google/tink/go/tink/tink"
-	"sync"
+  "sync"
+  "fmt"
+  "github.com/google/tink/go/tink/tink"
 )
 
 // Factory offers methods for obtaining a primitive from a KeysetHandle.
@@ -34,96 +33,95 @@ import (
 // work, the primitive tries all keys with OutputPrefixType_RAW.
 var factoryInstance *factory
 var factoryOnce sync.Once
-
-type factory struct{}
+type factory struct {}
 
 // factory creates an instance of factory if there isn't and returns the instance.
 func Factory() *factory {
-	factoryOnce.Do(func() {
-		factoryInstance = new(factory)
-	})
-	return factoryInstance
+  factoryOnce.Do(func() {
+    factoryInstance = new(factory)
+  })
+  return factoryInstance
 }
 
 // GetPrimitive returns a Aead primitive from the given keyset handle.
 func (f *factory) GetPrimitive(handle *tink.KeysetHandle) (tink.Aead, error) {
-	return f.GetPrimitiveWithCustomerManager(handle, nil /*keyManager*/)
+  return f.GetPrimitiveWithCustomerManager(handle, nil /*keyManager*/)
 }
 
 // GetPrimitiveWithCustomerManager returns a Aead primitive from the given
 // keyset handle and custom key manager.
 func (f *factory) GetPrimitiveWithCustomerManager(
-	handle *tink.KeysetHandle, manager tink.KeyManager) (tink.Aead, error) {
-	ps, err := tink.Registry().GetPrimitivesWithCustomManager(handle, manager)
-	if err != nil {
-		return nil, fmt.Errorf("aead_factory: cannot obtain primitive set: %s", err)
-	}
-	var ret tink.Aead = newPrimitiveSetAead(ps)
-	return ret, nil
+    handle *tink.KeysetHandle, manager tink.KeyManager) (tink.Aead, error) {
+  ps, err := tink.Registry().GetPrimitivesWithCustomManager(handle, manager)
+  if err != nil {
+    return nil, fmt.Errorf("aead_factory: cannot obtain primitive set: %s", err)
+  }
+  var ret tink.Aead = newPrimitiveSetAead(ps)
+  return ret, nil
 }
 
 // primitiveSetAead is an Aead implementation that uses the underlying primitive
 // set for encryption and decryption.
 type primitiveSetAead struct {
-	ps *tink.PrimitiveSet
+  ps *tink.PrimitiveSet
 }
 
 // Asserts that primitiveSetAead implements the Aead interface.
 var _ tink.Aead = (*primitiveSetAead)(nil)
 
 // newPrimitiveSetAead creates a new instance of primitiveSetAead
 func newPrimitiveSetAead(ps *tink.PrimitiveSet) *primitiveSetAead {
-	ret := new(primitiveSetAead)
-	ret.ps = ps
-	return ret
+  ret := new(primitiveSetAead)
+  ret.ps = ps
+  return ret
 }
 
 // Encrypt encrypts the given plaintext with the given additional authenticated data.
 // It returns the concatenation of the primary's identifier and the ciphertext.
 func (a *primitiveSetAead) Encrypt(pt []byte, ad []byte) ([]byte, error) {
-	primary := a.ps.Primary()
-	var p tink.Aead = (primary.Primitive()).(tink.Aead)
-	ct, err := p.Encrypt(pt, ad)
-	if err != nil {
-		return nil, err
-	}
-	var ret []byte
-	ret = append(ret, primary.Identifier()...)
-	ret = append(ret, ct...)
-	return ret, nil
+  primary := a.ps.Primary()
+  var p tink.Aead = (primary.Primitive()).(tink.Aead)
+  ct, err := p.Encrypt(pt, ad)
+  if err != nil {
+    return nil, err
+  }
+  var ret []byte
+  ret = append(ret, primary.Identifier()...)
+  ret = append(ret, ct...)
+  return ret, nil
 }
 
 // Decrypt decrypts the given ciphertext and authenticates it with the given
 // additional authenticated data. It returns the corresponding plaintext if the
 // ciphertext is authenticated.
 func (a *primitiveSetAead) Decrypt(ct []byte, ad []byte) ([]byte, error) {
-	// try non-raw keys
-	prefixSize := tink.NON_RAW_PREFIX_SIZE
-	if len(ct) > prefixSize {
-		prefix := ct[:prefixSize]
-		ctNoPrefix := ct[prefixSize:]
-		entries, err := a.ps.GetPrimitivesWithByteIdentifier(prefix)
-		if err == nil {
-			for i := 0; i < len(entries); i++ {
-				var p = (entries[i].Primitive()).(tink.Aead)
-				pt, err := p.Decrypt(ctNoPrefix, ad)
-				if err == nil {
-					return pt, nil
-				}
-			}
-		}
-	}
-	// try raw keys
-	entries, err := a.ps.GetRawPrimitives()
-	if err == nil {
-		for i := 0; i < len(entries); i++ {
-			var p = (entries[i].Primitive()).(tink.Aead)
-			pt, err := p.Decrypt(ct, ad)
-			if err == nil {
-				return pt, nil
-			}
-		}
-	}
-	// nothing worked
-	return nil, fmt.Errorf("aead_factory: decryption failed")
-}
+  // try non-raw keys
+  prefixSize := tink.NON_RAW_PREFIX_SIZE
+  if len(ct) > prefixSize {
+    prefix := ct[:prefixSize]
+    ctNoPrefix := ct[prefixSize:]
+    entries, err := a.ps.GetPrimitivesWithByteIdentifier(prefix)
+    if err == nil {
+      for i := 0; i < len(entries); i++ {
+        var p = (entries[i].Primitive()).(tink.Aead)
+        pt, err := p.Decrypt(ctNoPrefix, ad)
+        if err == nil {
+          return pt, nil
+        }
+      }
+    }
+  }
+  // try raw keys
+  entries, err := a.ps.GetRawPrimitives()
+  if err == nil {
+    for i := 0; i < len(entries); i++ {
+      var p = (entries[i].Primitive()).(tink.Aead)
+      pt, err := p.Decrypt(ct, ad)
+      if err == nil {
+        return pt, nil
+      }
+    }
+  }
+  // nothing worked
+  return nil, fmt.Errorf("aead_factory: decryption failed")
+}