• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2021 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 #include "tink/jwt/internal/jwt_ecdsa_verify_key_manager.h"
17 
18 #include <memory>
19 #include <string>
20 #include <utility>
21 
22 #include "absl/status/status.h"
23 
24 namespace crypto {
25 namespace tink {
26 namespace jwt_internal {
27 
28 using crypto::tink::util::Status;
29 using crypto::tink::util::StatusOr;
30 using google::crypto::tink::JwtEcdsaPublicKey;
31 using google::crypto::tink::JwtEcdsaAlgorithm;
32 
33 StatusOr<std::unique_ptr<JwtPublicKeyVerifyInternal>>
Create(const JwtEcdsaPublicKey & jwt_ecdsa_public_key) const34 JwtEcdsaVerifyKeyManager::PublicKeyVerifyFactory::Create(
35     const JwtEcdsaPublicKey& jwt_ecdsa_public_key) const {
36   StatusOr<std::string> name = AlgorithmName(jwt_ecdsa_public_key.algorithm());
37   if (!name.ok()) {
38     return name.status();
39   }
40   util::StatusOr<std::unique_ptr<PublicKeyVerify>> verify =
41       raw_key_manager_.GetPrimitive<PublicKeyVerify>(jwt_ecdsa_public_key);
42   if (!verify.ok()) {
43     return verify.status();
44   }
45   absl::optional<absl::string_view> custom_kid = absl::nullopt;
46   if (jwt_ecdsa_public_key.has_custom_kid()) {
47     custom_kid = jwt_ecdsa_public_key.custom_kid().value();
48   }
49   std::unique_ptr<JwtPublicKeyVerifyInternal> jwt_public_key_verify =
50       absl::make_unique<jwt_internal::JwtPublicKeyVerifyImpl>(
51           *std::move(verify), *name, custom_kid);
52   return std::move(jwt_public_key_verify);
53 }
54 
get_version() const55 uint32_t JwtEcdsaVerifyKeyManager::get_version() const {
56   return raw_key_manager_.get_version();
57 }
58 
59 google::crypto::tink::KeyData::KeyMaterialType
key_material_type() const60 JwtEcdsaVerifyKeyManager::key_material_type() const {
61   return raw_key_manager_.key_material_type();
62 }
63 
get_key_type() const64 const std::string& JwtEcdsaVerifyKeyManager::get_key_type() const {
65   return raw_key_manager_.get_key_type();
66 }
67 
ValidateKey(const JwtEcdsaPublicKey & key) const68 Status JwtEcdsaVerifyKeyManager::ValidateKey(
69     const JwtEcdsaPublicKey& key) const {
70   return raw_key_manager_.ValidateKey(key);
71 }
72 
AlgorithmName(const JwtEcdsaAlgorithm & algorithm)73 StatusOr<std::string> JwtEcdsaVerifyKeyManager::AlgorithmName(
74     const JwtEcdsaAlgorithm& algorithm) {
75   switch (algorithm) {
76     case JwtEcdsaAlgorithm::ES256:
77       return std::string("ES256");
78     case JwtEcdsaAlgorithm::ES384:
79       return std::string("ES384");
80     case JwtEcdsaAlgorithm::ES512:
81       return std::string("ES512");
82     default:
83       return Status(absl::StatusCode::kInvalidArgument, "Unknown algorithm");
84   }
85 }
86 
87 }  // namespace jwt_internal
88 }  // namespace tink
89 }  // namespace crypto
90