• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2020 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //      http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ////////////////////////////////////////////////////////////////////////////////
16 
17 package com.google.crypto.tink.testing;
18 
19 import com.google.crypto.tink.KmsClients;
20 import com.google.crypto.tink.aead.AeadConfig;
21 import com.google.crypto.tink.daead.DeterministicAeadConfig;
22 import com.google.crypto.tink.hybrid.HybridConfig;
23 import com.google.crypto.tink.integration.awskms.AwsKmsClient;
24 import com.google.crypto.tink.integration.gcpkms.GcpKmsClient;
25 import com.google.crypto.tink.jwt.JwtMacConfig;
26 import com.google.crypto.tink.jwt.JwtSignatureConfig;
27 import com.google.crypto.tink.mac.MacConfig;
28 import com.google.crypto.tink.prf.PrfConfig;
29 import com.google.crypto.tink.signature.SignatureConfig;
30 import com.google.crypto.tink.streamingaead.StreamingAeadConfig;
31 import io.grpc.ServerBuilder;
32 import java.io.IOException;
33 import java.security.GeneralSecurityException;
34 import java.security.Security;
35 import java.util.Optional;
36 import org.conscrypt.Conscrypt;
37 import org.kohsuke.args4j.CmdLineException;
38 import org.kohsuke.args4j.CmdLineParser;
39 import org.kohsuke.args4j.Option;
40 
41 /** Starts a server with Tink testing services. */
42 public final class TestingServer {
43 
44   @Option(name = "--port", usage = "The service port")
45   private int port;
46 
47   @Option(name = "--gcp_credentials_path", usage = "Google Cloud KMS credentials path")
48   private String gcpCredentialsPath;
49 
50   @Option(
51       name = "--gcp_key_uri",
52       usage =
53           "Google Cloud KMS key URL of the form:"
54               + " gcp-kms://projects/*/locations/*/keyRings/*/cryptoKeys/*.")
55   private String gcpKeyUri;
56 
57   @Option(name = "--aws_credentials_path", usage = "AWS KMS credentials path")
58   private String awsCredentialsPath;
59 
60   @Option(
61       name = "--aws_key_uri",
62       usage =
63           "AWS KMS key URL of the form: aws-kms://arn:aws:kms:<region>:<account-id>:key/<key-id>.")
64   private String awsKeyUri;
65 
run()66   public void run() throws InterruptedException, GeneralSecurityException, IOException {
67     installConscrypt();
68     AeadConfig.register();
69     DeterministicAeadConfig.register();
70     HybridConfig.register();
71     JwtMacConfig.register();
72     JwtSignatureConfig.register();
73     MacConfig.register();
74     PrfConfig.register();
75     SignatureConfig.register();
76     StreamingAeadConfig.register();
77     GcpKmsClient.register(Optional.ofNullable(gcpKeyUri), Optional.of(gcpCredentialsPath));
78     AwsKmsClient.register(Optional.ofNullable(awsKeyUri), Optional.of(awsCredentialsPath));
79 
80     System.out.println("Start server on port " + port);
81     KmsClients.add(new FakeKmsClient());
82     ServerBuilder.forPort(port)
83         .addService(new MetadataServiceImpl())
84         .addService(new KeysetServiceImpl())
85         .addService(new AeadServiceImpl())
86         .addService(new DeterministicAeadServiceImpl())
87         .addService(new StreamingAeadServiceImpl())
88         .addService(new HybridServiceImpl())
89         .addService(new MacServiceImpl())
90         .addService(new PrfSetServiceImpl())
91         .addService(new SignatureServiceImpl())
92         .addService(new JwtServiceImpl())
93         .build()
94         .start()
95         .awaitTermination();
96   }
97 
main(String[] args)98   public static void main(String[] args)
99       throws InterruptedException, GeneralSecurityException, IOException {
100 
101     TestingServer server = new TestingServer();
102     CmdLineParser parser = new CmdLineParser(server);
103     try {
104       parser.parseArgument(args);
105     } catch (CmdLineException e) {
106       System.err.println("TestingServer [options...] arguments...");
107       parser.printUsage(System.err);
108     }
109     server.run();
110   }
111 
installConscrypt()112   private static void installConscrypt() {
113     try {
114       Conscrypt.checkAvailability();
115       Security.addProvider(Conscrypt.newProvider());
116     } catch (Throwable cause) {
117       throw new IllegalStateException("Cannot test AesGcmSiv without Conscrypt Provider", cause);
118     }
119   }
120 }
121