Add a ReadMe file and an example how to run refaster patches.

I would like to expand these patches in the following weeks. PiperOrigin-RevId: 517150589
author: tholenst <tholenst@google.com> 2023-03-16 09:56:14 -0700
committer: Copybara-Service <copybara-worker@google.com> 2023-03-16 09:57:52 -0700
commit: 94e792a57c0e6c5a2bac6b7892981ffe6fa66673 (patch)
tree: 9ba00e278c20a7cad66fbd992614d57dd43ad9eb /java_src/tools
parent: 91e73e19487ce1721f854f89345bdc002b6ccf14 (diff)
download: tink-94e792a57c0e6c5a2bac6b7892981ffe6fa66673.tar.gz
4 files changed, 129 insertions, 0 deletions
diff --git a/java_src/tools/refaster/README.md b/java_src/tools/refaster/README.md
new file mode 100644
index 000000000..af48b2522
--- /dev/null
+++ b/java_src/tools/refaster/README.md
@@ -0,0 +1,49 @@
+# Refaster templates for Tink
+
+In this directory, we store refaster templates for usage with Tink. These
+help users modernize the code and move to preferred APIs.
+
+We sometimes run these templates manually, but do not test them via continuous
+integration.
+
+```bash
+tink_version="1.8.0"
+errorprone_version="2.18.0"
+
+## STEP 1: We get the 3 jar files:
+## tink-{version}-jar, error_prone_refaster-{version}.jar, and error_prone_core-{version}.jar
+## (For good measure, we verify the 3 sha256sums.)
+
+maven_base="repo1.maven.org/maven2/com/google"
+
+tink_jar="tink-${tink_version}.jar"
+tink_sha256="92b8676c15b11a7faa15f3d1f05ed776a2897da3deba18c528ff32043339f248"
+
+refaster_jar="error_prone_refaster-${errorprone_version}.jar"
+refaster_sha256="0cde0a3db5c2f748fae4633ccd8c66a9ba9c5a0f7a380c9104b99372fd0c4959"
+errorprone_jar="error_prone_core-${errorprone_version}-with-dependencies.jar"
+errorprone_sha256="2b3f2d21e7754bece946cf8f7b0e2b2f805c46f58b4839eb302c3d2498a3a55e"
+
+wget "https://${maven_base}/crypto/tink/tink/${tink_version}/${tink_jar}"
+echo "${tink_sha256} ${tink_jar}" | sha256sum -c
+
+wget "https://${maven_base}/errorprone/error_prone_refaster/${errorprone_version}/${refaster_jar}"
+echo "${refaster_sha256} ${refaster_jar}" | sha256sum -c
+
+wget "https://${maven_base}/errorprone/error_prone_core/${errorprone_version}/${errorprone_jar}"
+echo "${errorprone_sha256} ${errorprone_jar}" | sha256sum -c
+
+## STEP 2: Use the current file in tink1to2 to create a "tinkrule.refaster":
+javac -cp "${tink_jar}:${refaster_jar}" \
+    "-Xplugin:RefasterRuleCompiler --out ${PWD}/tinkrule.refaster" \
+    java/com/google/tink1to2/KeysetHandleChanges.java
+
+## STEP 3: Use error prone to create a patch:
+javac -cp "${tink_jar}:${errorprone_jar}" \
+           -XDcompilePolicy=byfile  \
+           -processorpath "${errorprone_jar}" \
+           "-Xplugin:ErrorProne -XepPatchChecks:refaster:${PWD}/tinkrule.refaster -XepPatchLocation:${PWD}" \
+           java/com/google/tinkuser/TinkUser.java
+
+cmp error-prone.patch expected-error-prone.patch
+```
diff --git a/java_src/tools/refaster/expected-error-prone.patch b/java_src/tools/refaster/expected-error-prone.patch
new file mode 100644
index 000000000..81f4b61aa
--- /dev/null
+++ b/java_src/tools/refaster/expected-error-prone.patch
@@ -0,0 +1,15 @@
+--- java/com/google/tinkuser/TinkUser.java
++++ java/com/google/tinkuser/TinkUser.java
+@@ -19,4 +19,5 @@
+ import com.google.crypto.tink.Aead;
+ import com.google.crypto.tink.KeysetHandle;
++import com.google.crypto.tink.TinkProtoKeysetFormat;
+ import java.security.GeneralSecurityException;
+ 
+@@ -24,5 +25,5 @@
+ public final class TinkUser {
+   public Aead useReadNoSecret(byte[] b) throws GeneralSecurityException {
+-    return KeysetHandle.readNoSecret(b).getPrimitive(Aead.class);
++    return TinkProtoKeysetFormat.parseKeysetWithoutSecret(b).getPrimitive(Aead.class);
+   }
+ }
diff --git a/java_src/tools/refaster/java/com/google/tink1to2/KeysetHandleChanges.java b/java_src/tools/refaster/java/com/google/tink1to2/KeysetHandleChanges.java
new file mode 100644
index 000000000..ffe3ac814
--- /dev/null
+++ b/java_src/tools/refaster/java/com/google/tink1to2/KeysetHandleChanges.java
@@ -0,0 +1,37 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+package com.google.tink1to2;
+
+import com.google.crypto.tink.KeysetHandle;
+import com.google.crypto.tink.TinkProtoKeysetFormat;
+import com.google.errorprone.refaster.annotation.AfterTemplate;
+import com.google.errorprone.refaster.annotation.BeforeTemplate;
+import java.security.GeneralSecurityException;
+
+final class KeysetHandleChanges {
+  class CleanupKeysetHandleReaderNoSecret {
+    @BeforeTemplate
+    public KeysetHandle beforeTemplate(byte[] b) throws GeneralSecurityException {
+      return KeysetHandle.readNoSecret(b);
+    }
+
+    @AfterTemplate
+    public KeysetHandle afterTemplate(byte[] b) throws GeneralSecurityException {
+      return TinkProtoKeysetFormat.parseKeysetWithoutSecret(b);
+    }
+  }
+}
diff --git a/java_src/tools/refaster/java/com/google/tinkuser/TinkUser.java b/java_src/tools/refaster/java/com/google/tinkuser/TinkUser.java
new file mode 100644
index 000000000..eda5ca015
--- /dev/null
+++ b/java_src/tools/refaster/java/com/google/tinkuser/TinkUser.java
@@ -0,0 +1,28 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+package com.google.tinkuser;
+
+import com.google.crypto.tink.Aead;
+import com.google.crypto.tink.KeysetHandle;
+import java.security.GeneralSecurityException;
+
+/** Example user code */
+public final class TinkUser {
+  public Aead useReadNoSecret(byte[] b) throws GeneralSecurityException {
+    return KeysetHandle.readNoSecret(b).getPrimitive(Aead.class);
+  }
+}
author	tholenst <tholenst@google.com>	2023-03-16 09:56:14 -0700
committer	Copybara-Service <copybara-worker@google.com>	2023-03-16 09:57:52 -0700
commit	94e792a57c0e6c5a2bac6b7892981ffe6fa66673 (patch)
tree	9ba00e278c20a7cad66fbd992614d57dd43ad9eb /java_src/tools
parent	91e73e19487ce1721f854f89345bdc002b6ccf14 (diff)
download	tink-94e792a57c0e6c5a2bac6b7892981ffe6fa66673.tar.gz