blob: 4bc8657a755cb1123b7854f5b8218b039997a315 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
// Copyright 2017 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
///////////////////////////////////////////////////////////////////////////////
#include "tink/signature/signature_config.h"
#include "absl/memory/memory.h"
#include "tink/config/config_util.h"
#include "tink/config/tink_fips.h"
#include "tink/registry.h"
#include "tink/signature/ecdsa_verify_key_manager.h"
#include "tink/signature/ed25519_proto_serialization.h"
#include "tink/signature/ed25519_sign_key_manager.h"
#include "tink/signature/ed25519_verify_key_manager.h"
#include "tink/signature/public_key_sign_wrapper.h"
#include "tink/signature/public_key_verify_wrapper.h"
#include "tink/signature/rsa_ssa_pkcs1_sign_key_manager.h"
#include "tink/signature/rsa_ssa_pkcs1_verify_key_manager.h"
#include "tink/signature/rsa_ssa_pss_sign_key_manager.h"
#include "tink/signature/rsa_ssa_pss_verify_key_manager.h"
#include "tink/util/status.h"
#include "tink/signature/ecdsa_sign_key_manager.h"
#include "proto/config.pb.h"
namespace crypto {
namespace tink {
// static
util::Status SignatureConfig::Register() {
// Register primitive wrappers.
auto status = Registry::RegisterPrimitiveWrapper(
absl::make_unique<PublicKeySignWrapper>());
if (!status.ok()) return status;
status = Registry::RegisterPrimitiveWrapper(
absl::make_unique<PublicKeyVerifyWrapper>());
if (!status.ok()) return status;
// Register key managers which utilize FIPS validated BoringCrypto
// implementations.
// ECDSA
status = Registry::RegisterAsymmetricKeyManagers(
absl::make_unique<EcdsaSignKeyManager>(),
absl::make_unique<EcdsaVerifyKeyManager>(), true);
if (!status.ok()) return status;
// RSA SSA PSS
status = Registry::RegisterAsymmetricKeyManagers(
absl::make_unique<RsaSsaPssSignKeyManager>(),
absl::make_unique<RsaSsaPssVerifyKeyManager>(), true);
if (!status.ok()) return status;
// RSA SSA PKCS1
status = Registry::RegisterAsymmetricKeyManagers(
absl::make_unique<RsaSsaPkcs1SignKeyManager>(),
absl::make_unique<RsaSsaPkcs1VerifyKeyManager>(), true);
if (!status.ok()) return status;
if (IsFipsModeEnabled()) {
return util::OkStatus();
}
// ED25519
status = Registry::RegisterAsymmetricKeyManagers(
absl::make_unique<Ed25519SignKeyManager>(),
absl::make_unique<Ed25519VerifyKeyManager>(), true);
if (!status.ok()) return status;
status = RegisterEd25519ProtoSerialization();
if (!status.ok()) return status;
return util::OkStatus();
}
} // namespace tink
} // namespace crypto
|
