diff --git a/README.md b/README.md index 9b04e36bad..aed3bcefa4 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,4 @@ # Tink - *A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.* **`Ubuntu`** | **`macOS`** @@ -7,12 +6,11 @@ [![Kokoro Ubuntu](https://storage.googleapis.com/tink-kokoro-build-badges/tink-ubuntu.png)](#) | [![Kokoro macOS](https://storage.googleapis.com/tink-kokoro-build-badges/tink-macos.png)](#) ## Index - 1. [Introduction](#introduction) -2. [Getting started](#getting-started) -3. [Current status](#current-status) -4. [Learn more](#learn-more) -5. [Contact and mailing list](#contact-and-mailing-list) +2. [Getting Started](#getting-started) +3. [Current Status](#current-status) +4. [Learn More](#learn-more) +5. [Contact and Mailing List](#contact-and-mailing-list) 6. [Maintainers](#maintainers) ## Introduction @@ -37,6 +35,7 @@ To get a quick overview of Tink design please take a look at talk about Tink](https://www.youtube.com/watch?v=pqev9r3rUJs&t=9665) presented at [Real World Crypto 2019](https://rwc.iacr.org/2019/). + ## Getting started **TIP** The easiest way to get started with Tink is to install @@ -94,7 +93,7 @@ AEAD primitive in Java: byte[] ciphertext = aead.encrypt(plaintext, associatedData); ``` -## Current status +## Current Status * [Java and Android](docs/JAVA-HOWTO.md), [C++](docs/CPP-HOWTO.md) and [Obj-C](docs/OBJC-HOWTO.md) are field tested and ready for production. The @@ -104,7 +103,7 @@ AEAD primitive in Java: * Tink for Go and JavaScript are in active development. -## Learn more +## Learn More * [Java HOW-TO](docs/JAVA-HOWTO.md) * [C++ HOW-TO](docs/CPP-HOWTO.md) @@ -127,7 +126,6 @@ ported it to their favorite languages! Below you can find notable ports. maintain them and have no plan to support them in the foreseeable future. * [C# (with JNI)](https://github.com/google-pay/tink-jni-examples) -* [Clojure](https://github.com/perkss/tinklj) ## Contact and mailing list diff --git a/apps/rewardedads/README.md b/apps/rewardedads/README.md index cc41695404..0650c2f0a4 100644 --- a/apps/rewardedads/README.md +++ b/apps/rewardedads/README.md @@ -3,28 +3,11 @@ This app implements the verifier side of Server-Side Verification of Google AdMob Rewarded Ads. -## Latest Release - -The most recent release is -[1.2.2](https://github.com/google/tink/releases/tag/v1.2.2), released -2019-01-24. API docs can be found -[here](https://google.github.com/tink/javadoc/apps-rewardedads/1.2.2). - -The Maven group ID is `com.google.crypto.tink`, and the artifact ID is -`apps-rewardedads`. - -To add a dependency using Maven: - -```xml - - com.google.crypto.tink - apps-rewardedads - 1.2.2 - -``` - ## Snapshots +This app has yet not been released, though you can still play with it using +snapshot versions. + Snapshots of this app built from the master branch are available through Maven using version `HEAD-SNAPSHOT`. API docs can be found [here](https://google.github.com/tink/javadoc/apps-rewardedads/HEAD-SNAPSHOT). diff --git a/apps/rewardedads/src/main/java/com/google/crypto/tink/apps/rewardedads/RewardedAdsVerifier.java b/apps/rewardedads/src/main/java/com/google/crypto/tink/apps/rewardedads/RewardedAdsVerifier.java index 8cc1460ac0..2fb19fb516 100644 --- a/apps/rewardedads/src/main/java/com/google/crypto/tink/apps/rewardedads/RewardedAdsVerifier.java +++ b/apps/rewardedads/src/main/java/com/google/crypto/tink/apps/rewardedads/RewardedAdsVerifier.java @@ -205,12 +205,12 @@ public Map get() throws GeneralSecurityException { * { * "keys": [ * { - * keyId: 1916455855, + * key_id: 1916455855, * pem: "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUaWMKcBHWdhUE+DncSIHhFCLLEln\nUs0LB9oanZ4K/FNICIM8ltS4nzc9yjmhgVQOlmSS6unqvN9t8sqajRTPcw==\n-----END PUBLIC KEY-----" * base64: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUaWMKcBHWdhUE+DncSIHhFCLLElnUs0LB9oanZ4K/FNICIM8ltS4nzc9yjmhgVQOlmSS6unqvN9t8sqajRTPcw==" * }, * { - * keyId: 3901585526, + * key_id: 3901585526, * pem: "-----BEGIN PUBLIC KEY-----\nMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEtxg2BsK/fllIeADtLspezS6YfHFWXZ8tiJncm8LDBa/NxEC84akdWbWDCUrMMGIV27/3/e7UuKSEonjGvaDUsw==\n-----END PUBLIC KEY-----" * base64: "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEtxg2BsK/fllIeADtLspezS6YfHFWXZ8tiJncm8LDBa/NxEC84akdWbWDCUrMMGIV27/3/e7UuKSEonjGvaDUsw==" * }, diff --git a/cc/BUILD.bazel b/cc/BUILD.bazel index 276a5d0a52..b6a10140f2 100644 --- a/cc/BUILD.bazel +++ b/cc/BUILD.bazel @@ -999,8 +999,8 @@ cc_test( ) cc_test( - name = "core/template_util_test", - srcs = ["core/template_util_test.cc"], + name = "core/template_utils_test", + srcs = ["core/template_utils_test.cc"], deps = [ ":core/template_util", "@com_google_googletest//:gtest_main", diff --git a/cc/CMakeLists.txt b/cc/CMakeLists.txt index 7d4ac1ca1e..9e3cf4b1a0 100644 --- a/cc/CMakeLists.txt +++ b/cc/CMakeLists.txt @@ -520,7 +520,6 @@ tink_cc_library( SRCS core/internal_key_manager.h DEPS - absl::hash absl::container tink::core::internal_key_manager tink::proto::tink_cc_proto @@ -594,7 +593,6 @@ tink_cc_test( tink::proto::common_cc_proto tink::proto::tink_cc_proto absl::memory - gmock ) tink_cc_test( @@ -759,10 +757,10 @@ tink_cc_test( ) tink_cc_test( - NAME template_util_test - SRCS core/template_util_test.cc + NAME template_utils_test + SRCS core/template_utils_test.cc DEPS - tink::core::template_util + tink::core::template_utils ) tink_cc_test( diff --git a/cc/aead/CMakeLists.txt b/cc/aead/CMakeLists.txt index 0a20b12e06..fecb6cb8a5 100644 --- a/cc/aead/CMakeLists.txt +++ b/cc/aead/CMakeLists.txt @@ -452,7 +452,6 @@ tink_cc_test( SRCS kms_envelope_aead_key_manager_test.cc DEPS tink::aead::aead_config - tink::aead::aead_key_templates tink::aead::kms_envelope_aead_key_manager tink::core::aead tink::core::kms_client diff --git a/cc/core/internal_key_manager.h b/cc/core/internal_key_manager.h index 2a6232697c..bed95ddf5b 100644 --- a/cc/core/internal_key_manager.h +++ b/cc/core/internal_key_manager.h @@ -14,8 +14,8 @@ // /////////////////////////////////////////////////////////////////////////////// -#ifndef TINK_CORE_INTERNAL_KEY_MANAGER_H_ -#define TINK_CORE_INTERNAL_KEY_MANAGER_H_ +#ifndef TINK_INTERNAL_KEY_MANAGER_H_ +#define TINK_INTERNAL_KEY_MANAGER_H_ #include @@ -53,10 +53,6 @@ class InternalKeyFactory { } // namespace internal -template -class InternalKeyManager; - // An InternalKeyManager manages a single key proto. This includes // * parsing and validating keys // * parsing and validating key formats (in case generating keys is allowed). @@ -66,13 +62,8 @@ class InternalKeyManager; // the key manager cannot produce keys and a protobuf otherwise. // // The constructor should take unique pointers to primitive factories. -// -// InternalKeyManager uses templates for KeyProto, KeyFormatProto and a list of -// Primitives which have to be provided as a std::tuple. -template -class InternalKeyManager> +template +class InternalKeyManager : public internal::InternalKeyFactory { public: // A PrimitiveFactory knows how to create instances of the @@ -80,6 +71,9 @@ class InternalKeyManager class PrimitiveFactory { public: + // Used for template deduction. + using UnderlyingPrimitive = Primitive; + virtual ~PrimitiveFactory() {} virtual crypto::tink::util::StatusOr> Create( const KeyProto& key) const = 0; @@ -87,14 +81,11 @@ class InternalKeyManager> types. + template explicit InternalKeyManager( - std::unique_ptr>... primitives) { - static_assert( - !crypto::tink::internal::HasDuplicates::value, - "List or primitives contains a duplicate, which is not allowed."); - // https://stackoverflow.com/questions/17339789/how-to-call-a-function-on-all-variadic-template-args - ABSL_ATTRIBUTE_UNUSED - int unused[] = {(AddPrimitive(std::move(primitives)), 0)...}; + std::unique_ptr... primitives) { + AddAllPrimitives( + std::move(primitives)...); } // Returns the type_url identifying the key type handled by this manager. @@ -127,6 +118,19 @@ class InternalKeyManager + typename std::enable_if< + !crypto::tink::internal::HasDuplicates::value>::type + AddAllPrimitives( + std::unique_ptr>... primitives) { + // https://stackoverflow.com/questions/17339789/how-to-call-a-function-on-all-variadic-template-args + ABSL_ATTRIBUTE_UNUSED + int unused[] = {(AddPrimitive(std::move(primitives)), 0)...}; + } + // Helper function which adds a single primivie. template void AddPrimitive(std::unique_ptr> primitive) { @@ -134,6 +138,19 @@ class InternalKeyManager + typename std::enable_if< + crypto::tink::internal::HasDuplicates::value>::type + AddAllPrimitives( + std::unique_ptr>... primitives) { + static_assert(sizeof(KeyProto) < 0, + "The list of arguments to InternalKeyManager contains two " + "PrimitiveFactory objects for the same primitive."); + } + // We use a shared_ptr here because shared_ptr is valid (as opposed to // unique_ptr, where we would have to add a custom deleter with extra // work). @@ -144,4 +161,4 @@ class InternalKeyManager> { + : public InternalKeyManager { public: class AeadFactory : public PrimitiveFactory { public: @@ -138,8 +137,7 @@ TEST(KeyManagerTest, CreateFails) { } class ExampleInternalKeyManagerWithoutFactory - : public InternalKeyManager> { + : public InternalKeyManager { public: class AeadFactory : public PrimitiveFactory { public: diff --git a/cc/core/template_util_test.cc b/cc/core/template_utils_test.cc similarity index 100% rename from cc/core/template_util_test.cc rename to cc/core/template_utils_test.cc diff --git a/cc/integration/gcpkms/BUILD.bazel b/cc/integration/gcpkms/BUILD.bazel index 9966abfe9a..604ed57bb5 100644 --- a/cc/integration/gcpkms/BUILD.bazel +++ b/cc/integration/gcpkms/BUILD.bazel @@ -31,8 +31,8 @@ cc_library( name = "gcp_kms_client", srcs = ["gcp_kms_client.cc"], hdrs = ["gcp_kms_client.h"], - include_prefix = "tink", strip_include_prefix = "/cc", + include_prefix = "tink", deps = [ ":gcp_kms_aead", "//cc:kms_client", @@ -47,30 +47,29 @@ cc_library( # tests -# TODO(b/119547792): Temporarily disabling until reliability concerns are addressed. -#cc_test( -# name = "gcp_kms_aead_test", -# size = "medium", -# srcs = ["gcp_kms_aead_test.cc"], -# deps = [ -# ":gcp_kms_aead", -# "//cc/util:errors", -# "//cc/util:status", -# "//cc/util:statusor", -# "@com_google_googletest//:gtest_main", -# ], -#) -# -#cc_test( -# name = "gcp_kms_client_test", -# size = "medium", -# srcs = ["gcp_kms_client_test.cc"], -# data = ["//testdata:credentials"], -# deps = [ -# ":gcp_kms_client", -# "//cc/util:errors", -# "//cc/util:status", -# "//cc/util:statusor", -# "@com_google_googletest//:gtest_main", -# ], -#) +cc_test( + name = "gcp_kms_aead_test", + size = "medium", + srcs = ["gcp_kms_aead_test.cc"], + deps = [ + ":gcp_kms_aead", + "//cc/util:errors", + "//cc/util:status", + "//cc/util:statusor", + "@com_google_googletest//:gtest_main", + ], +) + +cc_test( + name = "gcp_kms_client_test", + size = "medium", + srcs = ["gcp_kms_client_test.cc"], + data = ["//testdata:credentials"], + deps = [ + ":gcp_kms_client", + "//cc/util:errors", + "//cc/util:status", + "//cc/util:statusor", + "@com_google_googletest//:gtest_main", + ], +) diff --git a/cc/util/BUILD.bazel b/cc/util/BUILD.bazel index 0da8eda855..09e3e41495 100644 --- a/cc/util/BUILD.bazel +++ b/cc/util/BUILD.bazel @@ -141,7 +141,6 @@ cc_library( include_prefix = "tink", strip_include_prefix = "/cc", deps = [ - ":constants", ":enums", ":protobuf_helper", ":status", @@ -152,8 +151,8 @@ cc_library( "//cc:hybrid_decrypt", "//cc:hybrid_encrypt", "//cc:input_stream", - "//cc:keyset_handle", "//cc:kms_client", + "//cc:keyset_handle", "//cc:mac", "//cc:output_stream", "//cc:public_key_sign", @@ -301,15 +300,3 @@ cc_test( "@com_google_googletest//:gtest_main", ], ) - -cc_test( - name = "test_util_test", - srcs = ["test_util_test.cc"], - deps = [ - ":test_util", - "//cc/subtle:random", - "//proto:aes_gcm_cc_proto", - "//proto:tink_cc_proto", - "@com_google_googletest//:gtest_main", - ], -) diff --git a/cc/util/CMakeLists.txt b/cc/util/CMakeLists.txt index 9855f2a28a..5dfbc7e3ee 100644 --- a/cc/util/CMakeLists.txt +++ b/cc/util/CMakeLists.txt @@ -117,7 +117,6 @@ tink_cc_library( test_util.cc test_util.h DEPS - tink::util::constants tink::util::enums tink::util::protobuf_helper tink::util::status @@ -241,16 +240,3 @@ tink_cc_test( absl::memory absl::strings ) - -tink_cc_test( - NAME test_util_test - SRCS - test_util_test.cc - DEPS - tink::proto::aes_gcm_cc_proto - tink::proto::tink_cc_proto - tink::util::test_util - tink::subtle::random - absl::strings - gmock -) diff --git a/cc/util/status.cc b/cc/util/status.cc index fd5d31eb7e..eab3fe36fd 100644 --- a/cc/util/status.cc +++ b/cc/util/status.cc @@ -29,21 +29,15 @@ namespace { const Status& GetCancelled() { - static const Status* status = - new Status(::crypto::tink::util::error::CANCELLED, ""); - return *status; + static const Status status(::crypto::tink::util::error::CANCELLED, ""); + return status; } const Status& GetUnknown() { - static const Status* status = - new Status(::crypto::tink::util::error::UNKNOWN, ""); - return *status; + static const Status status(::crypto::tink::util::error::UNKNOWN, ""); + return status; } -const Status& GetOk() { - static const Status* status = new Status; - return *status; -} } // namespace @@ -68,7 +62,7 @@ Status& Status::operator=(const Status& other) { const Status& Status::CANCELLED = GetCancelled(); const Status& Status::UNKNOWN = GetUnknown(); -const Status& Status::OK = GetOk(); +const Status& Status::OK = Status(); std::string Status::ToString() const { if (code_ == ::crypto::tink::util::error::OK) { diff --git a/cc/util/test_util.h b/cc/util/test_util.h index c206841380..b0affa06fc 100644 --- a/cc/util/test_util.h +++ b/cc/util/test_util.h @@ -28,15 +28,14 @@ #include "tink/hybrid_decrypt.h" #include "tink/hybrid_encrypt.h" #include "tink/input_stream.h" -#include "tink/keyset_handle.h" #include "tink/kms_client.h" +#include "tink/keyset_handle.h" #include "tink/mac.h" #include "tink/output_stream.h" #include "tink/public_key_sign.h" #include "tink/public_key_verify.h" #include "tink/streaming_aead.h" #include "tink/subtle/common_enums.h" -#include "tink/util/constants.h" #include "tink/util/protobuf_helper.h" #include "tink/util/status.h" #include "tink/util/statusor.h" @@ -128,18 +127,6 @@ google::crypto::tink::EcdsaPrivateKey GetEcdsaTestPrivateKey( // Generates a fresh test key for ED25519. google::crypto::tink::Ed25519PrivateKey GetEd25519TestPrivateKey(); -// Embeds the given Proto into a KeyData proto. -template -google::crypto::tink::KeyData AsKeyData( - const Proto& proto, - google::crypto::tink::KeyData::KeyMaterialType key_material_type) { - google::crypto::tink::KeyData result; - result.set_value(proto.SerializeAsString()); - result.set_type_url(absl::StrCat(kTypeGoogleapisCom, proto.GetTypeName())); - result.set_key_material_type(key_material_type); - return result; -} - // A dummy implementation of Aead-interface. // An instance of DummyAead can be identified by a name specified // as a parameter of the constructor. diff --git a/cc/util/test_util_test.cc b/cc/util/test_util_test.cc deleted file mode 100644 index dc8ad5b992..0000000000 --- a/cc/util/test_util_test.cc +++ /dev/null @@ -1,49 +0,0 @@ -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -/////////////////////////////////////////////////////////////////////////////// -#include "tink/util/test_util.h" - -#include "gmock/gmock.h" -#include "gtest/gtest.h" -#include "tink/subtle/random.h" -#include "proto/aes_gcm.pb.h" -#include "proto/tink.pb.h" - -namespace crypto { -namespace tink { -namespace test { -namespace { - -using ::google::crypto::tink::AesGcmKey; -using ::google::crypto::tink::KeyData; -using ::testing::Eq; - -TEST(AsKeyDataTest, Basic) { - AesGcmKey key; - key.set_key_value(crypto::tink::subtle::Random::GetRandomBytes(11)); - - KeyData key_data = AsKeyData(key, KeyData::SYMMETRIC); - - EXPECT_THAT(key_data.type_url(), - Eq("type.googleapis.com/google.crypto.tink.AesGcmKey")); - EXPECT_THAT(key_data.key_material_type(), Eq(KeyData::SYMMETRIC)); - AesGcmKey deserialized_key; - EXPECT_TRUE(deserialized_key.ParseFromString(key_data.value())); - EXPECT_THAT(deserialized_key.key_value(), Eq(key.key_value())); -} - -} // namespace - -} // namespace test -} // namespace tink -} // namespace crypto diff --git a/docs/CPP-HOWTO.md b/docs/CPP-HOWTO.md index a478bdaff7..08cec2ec4e 100644 --- a/docs/CPP-HOWTO.md +++ b/docs/CPP-HOWTO.md @@ -277,11 +277,11 @@ currently available or planned (the latter are listed in brackets). | Primitive | Implementations | | ------------------ | --------------------------------------------- | -| AEAD | AES-GCM, AES-CTR-HMAC, AES-EAX, KMS Envelope, XCHACHA20-POLY1305 | +| AEAD | AES-GCM, AES-CTR-HMAC, AES-EAX | | Deterministic AEAD | AES-SIV | | Streaming AEAD | AES-GCM-HKDF-STREAMING | | MAC | HMAC-SHA2 | -| Digital Signatures | ECDSA over NIST curves, Ed25519, RSA-SSA-PKCS1, RSA-SSA-PSS | +| Digital Signatures | ECDSA over NIST curves, (Ed25519) | | Hybrid Encryption | ECIES with AEAD and HKDF | The user obtains a primitive by calling the function `getPrimitive<>` of the diff --git a/docs/JAVA-HOWTO.md b/docs/JAVA-HOWTO.md index 11280a40f4..83ee50f86a 100644 --- a/docs/JAVA-HOWTO.md +++ b/docs/JAVA-HOWTO.md @@ -264,7 +264,7 @@ currently available or planned (the latter are listed in brackets). | Streaming AEAD | AES-GCM-HKDF-STREAMING, AES-CTR-HMAC-STREAMING | | Deterministic AEAD | AES-SIV | | MAC | HMAC-SHA2 | -| Digital Signatures | ECDSA over NIST curves, Ed25519, RSA-SSA-PKCS1, RSA-SSA-PSS | +| Digital Signatures | ECDSA over NIST curves, ED25519 | | Hybrid Encryption | ECIES with AEAD and HKDF, (NaCl CryptoBox) | Exact listings of primitives and their implementations available in a release _x.y.z_ of Tink diff --git a/java/src/main/java/com/google/crypto/tink/KeysetHandle.java b/java/src/main/java/com/google/crypto/tink/KeysetHandle.java index ecf3c4d502..81704ed983 100644 --- a/java/src/main/java/com/google/crypto/tink/KeysetHandle.java +++ b/java/src/main/java/com/google/crypto/tink/KeysetHandle.java @@ -16,6 +16,7 @@ package com.google.crypto.tink; +import com.google.crypto.tink.annotations.Alpha; import com.google.crypto.tink.proto.EncryptedKeyset; import com.google.crypto.tink.proto.KeyData; import com.google.crypto.tink.proto.KeyTemplate; @@ -291,6 +292,7 @@ public

P getPrimitive(Class

classObject) throws GeneralSecurityException * registry to get resources creating the primitive. The given keyManager will take precedence * when creating primitives over the globally registered keyManagers. */ + @Alpha public

P getPrimitive(KeyManager

customKeyManager, Class

classObject) throws GeneralSecurityException { if (customKeyManager == null) { diff --git a/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20.java b/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20.java index 0ac59a561f..8c9aefe5a9 100644 --- a/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20.java +++ b/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20.java @@ -16,6 +16,7 @@ package com.google.crypto.tink.subtle; +import com.google.crypto.tink.annotations.Alpha; import java.security.InvalidKeyException; import java.util.Arrays; @@ -26,6 +27,7 @@ * *

This cipher is meant to be used to construct an AEAD with Poly1305. */ +@Alpha class XChaCha20 extends ChaCha20Base { /** * Constructs a new XChaCha20 cipher with the supplied {@code key}. diff --git a/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20Poly1305.java b/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20Poly1305.java index f8a4864e34..ccfd5ff91e 100644 --- a/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20Poly1305.java +++ b/java/src/main/java/com/google/crypto/tink/subtle/XChaCha20Poly1305.java @@ -16,12 +16,14 @@ package com.google.crypto.tink.subtle; +import com.google.crypto.tink.annotations.Alpha; import java.security.InvalidKeyException; /** * XChaCha20Poly1305 AEAD construction, as described in * https://tools.ietf.org/html/draft-arciszewski-xchacha-01. */ +@Alpha public final class XChaCha20Poly1305 extends ChaCha20Poly1305Base { public XChaCha20Poly1305(final byte[] key) throws InvalidKeyException { super(key); diff --git a/kokoro/run_tests.sh b/kokoro/run_tests.sh index 1f100fb9b8..6517072edd 100755 --- a/kokoro/run_tests.sh +++ b/kokoro/run_tests.sh @@ -34,7 +34,7 @@ if [[ -z "${TMP}" ]]; then exit 4 fi -readonly PLATFORM="$(uname | tr '[:upper:]' '[:lower:]')" +PLATFORM=`uname | tr '[:upper:]' '[:lower:]'` declare -a DISABLE_SANDBOX_ARGS DISABLE_SANDBOX_ARGS=( @@ -48,20 +48,14 @@ DISABLE_SANDBOX_ARGS=( ) readonly DISABLE_SANDBOX_ARGS -# Only in Kokoro environments. -if [[ -n "${KOKORO_ROOT}" ]]; then - # TODO(b/73748835): Workaround on Kokoro. +# Workaround b/73748835#comment5 on Kokoro. +if ! [ -z "${KOKORO_ROOT}" ]; then rm -f ~/.bazelrc - # Install the latest version of Bazel. use_bazel.sh latest - - if [[ "${PLATFORM}" == 'darwin' ]]; then + if [[ "$PLATFORM" == 'darwin' ]]; then export DEVELOPER_DIR="/Applications/Xcode_${XCODE_VERSION}.app/Contents/Developer" export ANDROID_HOME="/Users/kbuilder/Library/Android/sdk" - - # TODO(b/120214184): Workaround for broken macos_external time sync. - sudo ntpdate -u time.apple.com fi fi diff --git a/objc/TINKKeysetHandle+Cleartext.h b/objc/TINKKeysetHandle+Cleartext.h index 84e91a2073..053859ad8e 100644 --- a/objc/TINKKeysetHandle+Cleartext.h +++ b/objc/TINKKeysetHandle+Cleartext.h @@ -40,11 +40,6 @@ NS_ASSUME_NONNULL_BEGIN - (nullable instancetype)initCleartextKeysetHandleWithKeysetReader:(TINKKeysetReader *)reader error:(NSError **)error; -/** - * Returns the serialized Keyset-proto for this TINKKeysetHandle. - */ -- (NSData *)serializedKeyset; - @end NS_ASSUME_NONNULL_END diff --git a/objc/Tests/UnitTests/core/TINKCleartextKeysetHandleTest.mm b/objc/Tests/UnitTests/core/TINKCleartextKeysetHandleTest.mm index 9d746f6cac..f724b0d8b1 100644 --- a/objc/Tests/UnitTests/core/TINKCleartextKeysetHandleTest.mm +++ b/objc/Tests/UnitTests/core/TINKCleartextKeysetHandleTest.mm @@ -87,32 +87,4 @@ - (void)testReadInvalidKeyset { XCTAssertTrue(error.code == crypto::tink::util::error::INVALID_ARGUMENT); } -- (void)testSerializeKeyset { - google::crypto::tink::Keyset keyset; - google::crypto::tink::Keyset::Key key; - crypto::tink::test::AddTinkKey("some key type", 42, key, - google::crypto::tink::KeyStatusType::ENABLED, - google::crypto::tink::KeyData::SYMMETRIC, &keyset); - crypto::tink::test::AddRawKey("some other key type", 711, key, - google::crypto::tink::KeyStatusType::ENABLED, - google::crypto::tink::KeyData::SYMMETRIC, &keyset); - keyset.set_primary_key_id(42); - - NSData *serializedKeyset = TINKStringToNSData(keyset.SerializeAsString()); - - NSError *error = nil; - TINKBinaryKeysetReader *reader = - [[TINKBinaryKeysetReader alloc] initWithSerializedKeyset:serializedKeyset error:&error]; - - XCTAssertNil(error); - XCTAssertNotNil(reader); - - TINKKeysetHandle *handle = - [[TINKKeysetHandle alloc] initCleartextKeysetHandleWithKeysetReader:reader error:&error]; - - XCTAssertNotNil(handle); - XCTAssertTrue([serializedKeyset isEqualToData:handle.serializedKeyset]); -} - - @end diff --git a/objc/core/TINKKeysetHandle+Cleartext.mm b/objc/core/TINKKeysetHandle+Cleartext.mm index c740e78d24..0adde45b73 100644 --- a/objc/core/TINKKeysetHandle+Cleartext.mm +++ b/objc/core/TINKKeysetHandle+Cleartext.mm @@ -24,7 +24,6 @@ #import "objc/core/TINKKeysetHandle_Internal.h" #import "objc/core/TINKKeysetReader_Internal.h" #import "objc/util/TINKErrors.h" -#import "objc/util/TINKStrings.h" @implementation TINKKeysetHandle (Cleartext) @@ -53,9 +52,4 @@ - (nullable instancetype)initCleartextKeysetHandleWithKeysetReader:(TINKKeysetRe return [[TINKKeysetHandle alloc] initWithCCKeysetHandle:std::move(st.ValueOrDie())]; } -- (NSData *)serializedKeyset { - auto keyset = crypto::tink::CleartextKeysetHandle::GetKeyset(*self.ccKeysetHandle); - return TINKStringToNSData(keyset.SerializeAsString()); -} - @end diff --git a/third_party/rules_protobuf/protobuf/rules.bzl b/third_party/rules_protobuf/protobuf/rules.bzl index ecaaf192b5..80f6f72e70 100644 --- a/third_party/rules_protobuf/protobuf/rules.bzl +++ b/third_party/rules_protobuf/protobuf/rules.bzl @@ -2,16 +2,5 @@ """ -load( - "//third_party/rules_protobuf/protobuf:internal/proto_compile.bzl", - _proto_compile = "proto_compile", -) -load( - "//third_party/rules_protobuf/protobuf:internal/proto_language.bzl", - _proto_language = "proto_language", - _proto_language_deps = "proto_language_deps", -) - -proto_compile = _proto_compile -proto_language = _proto_language -proto_language_deps = _proto_language_deps +load("//third_party/rules_protobuf/protobuf:internal/proto_compile.bzl", "proto_compile") +load("//third_party/rules_protobuf/protobuf:internal/proto_language.bzl", "proto_language", "proto_language_deps") diff --git a/tools/testing/cc/BUILD.bazel b/tools/testing/cc/BUILD.bazel index 676fedb8ad..d5b7277103 100644 --- a/tools/testing/cc/BUILD.bazel +++ b/tools/testing/cc/BUILD.bazel @@ -39,8 +39,8 @@ cc_binary( deps = [ ":cli_util", "//cc", - "//cc/integration/gcpkms:gcp_kms_aead", "//cc/integration/gcpkms:gcp_kms_client", + "//cc/integration/gcpkms:gcp_kms_aead", ], ) @@ -149,16 +149,15 @@ sh_test( ], ) -# TODO(b/119547792): Temporarily disabling until reliability concerns are addressed. -#sh_test( -# name = "gcp_kms_aead_test", -# size = "medium", -# srcs = [ -# "gcp_kms_aead_test.sh", -# ], -# data = [ -# ":gcp_kms_aead_cli", -# "//testdata:credentials", -# "//tools/testing/cross_language:test_lib", -# ], -#) +sh_test( + name = "gcp_kms_aead_test", + size = "medium", + srcs = [ + "gcp_kms_aead_test.sh", + ], + data = [ + ":gcp_kms_aead_cli", + "//testdata:credentials", + "//tools/testing/cross_language:test_lib", + ], +)