Google Git
Sign in
android / platform / external / tink / refs/heads/android15-automotiveos-dev / . / testing / cc / keyset_impl.cc
blob: 83fdb88c11b90fee3bd753cc5451a8b76769bba7 [file] [log] [blame] [edit]
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
///////////////////////////////////////////////////////////////////////////////
// Implementation of a Keyset Service.
#include "keyset_impl.h"
#include <ostream>
#include <memory>
#include <sstream>
#include <string>
#include <utility>
#include "tink/aead/aead_key_templates.h"
#include "tink/binary_keyset_reader.h"
#include "tink/binary_keyset_writer.h"
#include "tink/cleartext_keyset_handle.h"
#include "tink/daead/deterministic_aead_key_templates.h"
#include "tink/hybrid/hybrid_key_templates.h"
#include "tink/json_keyset_reader.h"
#include "tink/json_keyset_writer.h"
#include "tink/jwt/jwt_key_templates.h"
#include "tink/keyset_handle.h"
#include "tink/mac/mac_key_templates.h"
#include "tink/prf/prf_key_templates.h"
#include "tink/signature/signature_key_templates.h"
#include "tink/streamingaead/streaming_aead_key_templates.h"
#include "proto/tink.pb.h"
namespace tink_testing_api {
using ::crypto::tink::BinaryKeysetReader;
using ::crypto::tink::BinaryKeysetWriter;
using ::crypto::tink::CleartextKeysetHandle;
using ::crypto::tink::JsonKeysetReader;
using ::crypto::tink::JsonKeysetWriter;
using ::crypto::tink::KeysetHandle;
using ::crypto::tink::KeysetReader;
using ::crypto::tink::KeysetWriter;
using ::crypto::tink::util::StatusOr;
using ::google::crypto::tink::KeyTemplate;
KeysetImpl::KeysetImpl() {
key_templates_["AES128_EAX"] = crypto::tink::AeadKeyTemplates::Aes128Eax();
key_templates_["AES256_EAX"] = crypto::tink::AeadKeyTemplates::Aes256Eax();
key_templates_["AES128_GCM"] = crypto::tink::AeadKeyTemplates::Aes128Gcm();
key_templates_["AES128_GCM_RAW"] =
crypto::tink::AeadKeyTemplates::Aes128GcmNoPrefix();
key_templates_["AES256_GCM"] = crypto::tink::AeadKeyTemplates::Aes256Gcm();
key_templates_["AES256_GCM_RAW"] =
crypto::tink::AeadKeyTemplates::Aes256GcmNoPrefix();
key_templates_["AES128_GCM_SIV"] =
crypto::tink::AeadKeyTemplates::Aes128GcmSiv();
key_templates_["AES256_GCM_SIV"] =
crypto::tink::AeadKeyTemplates::Aes256GcmSiv();
key_templates_["AES128_CTR_HMAC_SHA256"] =
crypto::tink::AeadKeyTemplates::Aes128CtrHmacSha256();
key_templates_["AES256_CTR_HMAC_SHA256"] =
crypto::tink::AeadKeyTemplates::Aes256CtrHmacSha256();
key_templates_["CHACHA20_POLY1305"] =
crypto::tink::AeadKeyTemplates::XChaCha20Poly1305();
key_templates_["XCHACHA20_POLY1305"] =
crypto::tink::AeadKeyTemplates::XChaCha20Poly1305();
key_templates_["AES256_SIV"] =
crypto::tink::DeterministicAeadKeyTemplates::Aes256Siv();
key_templates_["AES128_CTR_HMAC_SHA256_4KB"] =
crypto::tink::StreamingAeadKeyTemplates::Aes128CtrHmacSha256Segment4KB();
key_templates_["AES128_CTR_HMAC_SHA256_1MB"] =
crypto::tink::StreamingAeadKeyTemplates::Aes128CtrHmacSha256Segment1MB();
key_templates_["AES256_CTR_HMAC_SHA256_4KB"] =
crypto::tink::StreamingAeadKeyTemplates::Aes256CtrHmacSha256Segment4KB();
key_templates_["AES256_CTR_HMAC_SHA256_1MB"] =
crypto::tink::StreamingAeadKeyTemplates::Aes256CtrHmacSha256Segment1MB();
key_templates_["AES128_GCM_HKDF_4KB"] =
crypto::tink::StreamingAeadKeyTemplates::Aes128GcmHkdf4KB();
key_templates_["AES256_GCM_HKDF_4KB"] =
crypto::tink::StreamingAeadKeyTemplates::Aes256GcmHkdf4KB();
key_templates_["AES256_GCM_HKDF_1MB"] =
crypto::tink::StreamingAeadKeyTemplates::Aes256GcmHkdf1MB();
key_templates_["ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM"] =
crypto::tink::HybridKeyTemplates::EciesP256HkdfHmacSha256Aes128Gcm();
key_templates_["ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_GCM"] = crypto::
tink::HybridKeyTemplates::EciesP256CompressedHkdfHmacSha256Aes128Gcm();
key_templates_["ECIES_P256_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256"] =
crypto::tink::HybridKeyTemplates::
EciesP256HkdfHmacSha256Aes128CtrHmacSha256();
key_templates_
["ECIES_P256_COMPRESSED_HKDF_HMAC_SHA256_AES128_CTR_HMAC_SHA256"] =
crypto::tink::HybridKeyTemplates::
EciesP256CompressedHkdfHmacSha256Aes128CtrHmacSha256();
key_templates_["DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM"] =
crypto::tink::HybridKeyTemplates::HpkeX25519HkdfSha256Aes128Gcm();
key_templates_["DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_128_GCM_RAW"] =
crypto::tink::HybridKeyTemplates::HpkeX25519HkdfSha256Aes128GcmRaw();
key_templates_["DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM"] =
crypto::tink::HybridKeyTemplates::HpkeX25519HkdfSha256Aes256Gcm();
key_templates_["DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_AES_256_GCM_RAW"] =
crypto::tink::HybridKeyTemplates::HpkeX25519HkdfSha256Aes256GcmRaw();
key_templates_["DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305"] =
crypto::tink::HybridKeyTemplates::HpkeX25519HkdfSha256ChaCha20Poly1305();
key_templates_["DHKEM_X25519_HKDF_SHA256_HKDF_SHA256_CHACHA20_POLY1305_RAW"] =
crypto::tink::HybridKeyTemplates::
HpkeX25519HkdfSha256ChaCha20Poly1305Raw();
key_templates_["AES_CMAC"] = crypto::tink::MacKeyTemplates::AesCmac();
key_templates_["HMAC_SHA256_128BITTAG"] =
crypto::tink::MacKeyTemplates::HmacSha256HalfSizeTag();
key_templates_["HMAC_SHA256_256BITTAG"] =
crypto::tink::MacKeyTemplates::HmacSha256();
key_templates_["HMAC_SHA512_256BITTAG"] =
crypto::tink::MacKeyTemplates::HmacSha512HalfSizeTag();
key_templates_["HMAC_SHA512_512BITTAG"] =
crypto::tink::MacKeyTemplates::HmacSha512();
key_templates_["ECDSA_P256"] =
crypto::tink::SignatureKeyTemplates::EcdsaP256();
key_templates_["ECDSA_P256_RAW"] =
crypto::tink::SignatureKeyTemplates::EcdsaP256Raw();
key_templates_["ECDSA_P384"] =
crypto::tink::SignatureKeyTemplates::EcdsaP384();
key_templates_["ECDSA_P384_SHA384"] =
crypto::tink::SignatureKeyTemplates::EcdsaP384Sha384();
key_templates_["ECDSA_P384_SHA512"] =
crypto::tink::SignatureKeyTemplates::EcdsaP384Sha512();
key_templates_["ECDSA_P521"] =
crypto::tink::SignatureKeyTemplates::EcdsaP521();
key_templates_["ECDSA_P256_IEEE_P1363"] =
crypto::tink::SignatureKeyTemplates::EcdsaP256Ieee();
key_templates_["ECDSA_P384_IEEE_P1363"] =
crypto::tink::SignatureKeyTemplates::EcdsaP384Ieee();
key_templates_["ECDSA_P521_IEEE_P1363"] =
crypto::tink::SignatureKeyTemplates::EcdsaP521Ieee();
key_templates_["ED25519"] = crypto::tink::SignatureKeyTemplates::Ed25519();
key_templates_["RSA_SSA_PKCS1_3072_SHA256_F4"] =
crypto::tink::SignatureKeyTemplates::RsaSsaPkcs13072Sha256F4();
key_templates_["RSA_SSA_PKCS1_4096_SHA512_F4"] =
crypto::tink::SignatureKeyTemplates::RsaSsaPkcs14096Sha512F4();
key_templates_["RSA_SSA_PSS_3072_SHA256_SHA256_32_F4"] =
crypto::tink::SignatureKeyTemplates::RsaSsaPss3072Sha256Sha256F4();
key_templates_["RSA_SSA_PSS_4096_SHA512_SHA512_64_F4"] =
crypto::tink::SignatureKeyTemplates::RsaSsaPss4096Sha512Sha512F4();
key_templates_["AES_CMAC_PRF"] = crypto::tink::PrfKeyTemplates::AesCmac();
key_templates_["HMAC_SHA256_PRF"] =
crypto::tink::PrfKeyTemplates::HmacSha256();
key_templates_["HMAC_SHA512_PRF"] =
crypto::tink::PrfKeyTemplates::HmacSha512();
key_templates_["HKDF_SHA256"] = crypto::tink::PrfKeyTemplates::HkdfSha256();
key_templates_["JWT_HS256"] = crypto::tink::JwtHs256Template();
key_templates_["JWT_HS256_RAW"] = crypto::tink::RawJwtHs256Template();
key_templates_["JWT_HS384"] = crypto::tink::JwtHs384Template();
key_templates_["JWT_HS384_RAW"] = crypto::tink::RawJwtHs384Template();
key_templates_["JWT_HS512"] = crypto::tink::JwtHs512Template();
key_templates_["JWT_HS512_RAW"] = crypto::tink::RawJwtHs512Template();
key_templates_["JWT_ES256"] = crypto::tink::JwtEs256Template();
key_templates_["JWT_ES256_RAW"] = crypto::tink::RawJwtEs256Template();
key_templates_["JWT_ES384"] = crypto::tink::JwtEs384Template();
key_templates_["JWT_ES384_RAW"] = crypto::tink::RawJwtEs384Template();
key_templates_["JWT_ES512"] = crypto::tink::JwtEs512Template();
key_templates_["JWT_ES512_RAW"] = crypto::tink::RawJwtEs512Template();
key_templates_["JWT_RS256_2048_F4"] =
crypto::tink::JwtRs256_2048_F4_Template();
key_templates_["JWT_RS256_2048_F4_RAW"] =
crypto::tink::RawJwtRs256_2048_F4_Template();
key_templates_["JWT_RS256_3072_F4"] =
crypto::tink::JwtRs256_3072_F4_Template();
key_templates_["JWT_RS256_3072_F4_RAW"] =
crypto::tink::RawJwtRs256_3072_F4_Template();
key_templates_["JWT_RS384_3072_F4"] =
crypto::tink::JwtRs384_3072_F4_Template();
key_templates_["JWT_RS384_3072_F4_RAW"] =
crypto::tink::RawJwtRs384_3072_F4_Template();
key_templates_["JWT_RS512_4096_F4"] =
crypto::tink::JwtRs512_4096_F4_Template();
key_templates_["JWT_RS512_4096_F4_RAW"] =
crypto::tink::RawJwtRs512_4096_F4_Template();
key_templates_["JWT_PS256_2048_F4"] =
crypto::tink::JwtPs256_2048_F4_Template();
key_templates_["JWT_PS256_2048_F4_RAW"] =
crypto::tink::RawJwtPs256_2048_F4_Template();
key_templates_["JWT_PS256_3072_F4"] =
crypto::tink::JwtPs256_3072_F4_Template();
key_templates_["JWT_PS256_3072_F4_RAW"] =
crypto::tink::RawJwtPs256_3072_F4_Template();
key_templates_["JWT_PS384_3072_F4"] =
crypto::tink::JwtPs384_3072_F4_Template();
key_templates_["JWT_PS384_3072_F4_RAW"] =
crypto::tink::RawJwtPs384_3072_F4_Template();
key_templates_["JWT_PS512_4096_F4"] =
crypto::tink::JwtPs512_4096_F4_Template();
key_templates_["JWT_PS512_4096_F4_RAW"] =
crypto::tink::RawJwtPs512_4096_F4_Template();
}
// Returns the key template for the given template name.
grpc::Status KeysetImpl::GetTemplate(grpc::ServerContext* context,
const KeysetTemplateRequest* request,
KeysetTemplateResponse* response) {
auto it = key_templates_.find(request->template_name());
if (it == key_templates_.end()) {
response->set_err(
absl::StrCat("key template not found: ", request->template_name()));
return grpc::Status::OK;
}
std::string templ;
if (!it->second.SerializeToString(&templ)) {
response->set_err("Failed to serialize template.");
return grpc::Status::OK;
}
response->set_key_template(templ);
return grpc::Status::OK;
}
// Generates a new keyset with one key from a template.
grpc::Status KeysetImpl::Generate(grpc::ServerContext* context,
const KeysetGenerateRequest* request,
KeysetGenerateResponse* response) {
KeyTemplate key_template;
if (!key_template.ParseFromString(request->template_())) {
response->set_err("Could not parse the key template");
return grpc::Status::OK;
}
auto handle_result = ::crypto::tink::KeysetHandle::GenerateNew(key_template);
if (!handle_result.ok()) {
response->set_err(std::string(handle_result.status().message()));
return grpc::Status::OK;
}
std::stringbuf keyset;
auto writer_result =
BinaryKeysetWriter::New(absl::make_unique<std::ostream>(&keyset));
if (!writer_result.ok()) {
response->set_err(std::string(writer_result.status().message()));
return grpc::Status::OK;
}
auto status = CleartextKeysetHandle::Write(writer_result.value().get(),
*handle_result.value());
if (!status.ok()) {
response->set_err(std::string(status.message()));
return grpc::Status::OK;
}
response->set_keyset(keyset.str());
return grpc::Status::OK;
}
// Returns a public keyset for a given private keyset.
grpc::Status KeysetImpl::Public(grpc::ServerContext* context,
const KeysetPublicRequest* request,
KeysetPublicResponse* response) {
auto reader_result = BinaryKeysetReader::New(request->private_keyset());
if (!reader_result.ok()) {
response->set_err(std::string(reader_result.status().message()));
return grpc::Status::OK;
}
auto private_handle_result =
CleartextKeysetHandle::Read(std::move(reader_result.value()));
if (!private_handle_result.ok()) {
response->set_err(std::string(private_handle_result.status().message()));
return grpc::Status::OK;
}
auto public_handle_result =
private_handle_result.value()->GetPublicKeysetHandle();
if (!public_handle_result.ok()) {
response->set_err(std::string(public_handle_result.status().message()));
return grpc::Status::OK;
}
std::stringbuf public_keyset;
auto writer_result =
BinaryKeysetWriter::New(absl::make_unique<std::ostream>(&public_keyset));
if (!writer_result.ok()) {
response->set_err(std::string(writer_result.status().message()));
return grpc::Status::OK;
}
auto status = CleartextKeysetHandle::Write(writer_result.value().get(),
*public_handle_result.value());
if (!status.ok()) {
response->set_err(std::string(status.message()));
return grpc::Status::OK;
}
response->set_public_keyset(public_keyset.str());
return grpc::Status::OK;
}
// Converts a keyset from binary to JSON format.
grpc::Status KeysetImpl::ToJson(grpc::ServerContext* context,
const KeysetToJsonRequest* request,
KeysetToJsonResponse* response) {
auto reader_result = BinaryKeysetReader::New(request->keyset());
if (!reader_result.ok()) {
response->set_err(std::string(reader_result.status().message()));
return grpc::Status::OK;
}
auto handle_result =
CleartextKeysetHandle::Read(std::move(reader_result.value()));
if (!handle_result.ok()) {
response->set_err(std::string(handle_result.status().message()));
return grpc::Status::OK;
}
std::stringbuf json_keyset;
auto writer_result =
JsonKeysetWriter::New(absl::make_unique<std::ostream>(&json_keyset));
if (!writer_result.ok()) {
response->set_err(std::string(writer_result.status().message()));
return grpc::Status::OK;
}
auto status = CleartextKeysetHandle::Write(writer_result.value().get(),
*handle_result.value());
if (!status.ok()) {
response->set_err(std::string(status.message()));
return grpc::Status::OK;
}
response->set_json_keyset(json_keyset.str());
return grpc::Status::OK;
}
// Converts a keyset from JSON to binary format.
grpc::Status KeysetImpl::FromJson(grpc::ServerContext* context,
const KeysetFromJsonRequest* request,
KeysetFromJsonResponse* response) {
auto reader_result = JsonKeysetReader::New(request->json_keyset());
if (!reader_result.ok()) {
response->set_err(std::string(reader_result.status().message()));
return grpc::Status::OK;
}
auto handle_result =
CleartextKeysetHandle::Read(std::move(reader_result.value()));
if (!handle_result.ok()) {
response->set_err(std::string(handle_result.status().message()));
return grpc::Status::OK;
}
std::stringbuf keyset;
auto writer_result =
BinaryKeysetWriter::New(absl::make_unique<std::ostream>(&keyset));
if (!writer_result.ok()) {
response->set_err(std::string(writer_result.status().message()));
return grpc::Status::OK;
}
auto status = CleartextKeysetHandle::Write(writer_result.value().get(),
*handle_result.value());
if (!status.ok()) {
response->set_err(std::string(status.message()));
return grpc::Status::OK;
}
response->set_keyset(keyset.str());
return grpc::Status::OK;
}
grpc::Status KeysetImpl::WriteEncrypted(
grpc::ServerContext* context, const KeysetWriteEncryptedRequest* request,
KeysetWriteEncryptedResponse* response) {
StatusOr<std::unique_ptr<KeysetReader>>
master_keyset_reader = BinaryKeysetReader::New(request->master_keyset());
if (!master_keyset_reader.ok()) {
response->set_err(std::string(master_keyset_reader.status().message()));
return grpc::Status::OK;
}
StatusOr<std::unique_ptr<KeysetHandle>> master_keyset_handle =
CleartextKeysetHandle::Read(*std::move(master_keyset_reader));
if (!master_keyset_handle.ok()) {
response->set_err(std::string(master_keyset_handle.status().message()));
return grpc::Status::OK;
}
StatusOr<std::unique_ptr<crypto::tink::Aead>> master_aead =
(*master_keyset_handle)->GetPrimitive<crypto::tink::Aead>();
if (!master_aead.ok()) {
response->set_err(std::string(master_aead.status().message()));
return grpc::Status::OK;
}
StatusOr<std::unique_ptr<KeysetReader>> keyset_reader =
BinaryKeysetReader::New(request->keyset());
if (!keyset_reader.ok()) {
response->set_err(std::string(keyset_reader.status().message()));
return grpc::Status::OK;
}
StatusOr<std::unique_ptr<KeysetHandle>> keyset_handle =
CleartextKeysetHandle::Read(*std::move(keyset_reader));
if (!keyset_handle.ok()) {
response->set_err(std::string(keyset_handle.status().message()));
return grpc::Status::OK;
}
std::stringbuf encrypted_keyset;
std::unique_ptr<KeysetWriter> keyset_writer;
if (request->keyset_writer_type() == KEYSET_WRITER_BINARY) {
StatusOr<std::unique_ptr<BinaryKeysetWriter>> binary_keyset_writer =
BinaryKeysetWriter::New(
absl::make_unique<std::ostream>(&encrypted_keyset));
if (!binary_keyset_writer.ok()) {
response->set_err(std::string(binary_keyset_writer.status().message()));
return grpc::Status::OK;
}
keyset_writer = *std::move(binary_keyset_writer);
} else if (request->keyset_writer_type() == KEYSET_WRITER_JSON) {
StatusOr<std::unique_ptr<JsonKeysetWriter>> json_keyset_writer =
JsonKeysetWriter::New(
absl::make_unique<std::ostream>(&encrypted_keyset));
if (!json_keyset_writer.ok()) {
response->set_err(std::string(json_keyset_writer.status().message()));
return grpc::Status::OK;
}
keyset_writer = *std::move(json_keyset_writer);
} else {
return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT,
"unknown keyset_writer_type");
}
if (request->has_associated_data()) {
crypto::tink::util::Status status =
(*keyset_handle)
->WriteWithAssociatedData(keyset_writer.get(), **master_aead,
request->associated_data().value());
if (!status.ok()) {
response->set_err(std::string(status.message()));
return grpc::Status::OK;
}
} else {
crypto::tink::util::Status status =
(*keyset_handle)->Write(keyset_writer.get(), **master_aead);
if (!status.ok()) {
response->set_err(std::string(status.message()));
return grpc::Status::OK;
}
}
response->set_encrypted_keyset(encrypted_keyset.str());
return grpc::Status::OK;
}
grpc::Status KeysetImpl::ReadEncrypted(
grpc::ServerContext* context, const KeysetReadEncryptedRequest* request,
KeysetReadEncryptedResponse* response) {
StatusOr<std::unique_ptr<KeysetReader>> master_keyset_reader =
BinaryKeysetReader::New(request->master_keyset());
if (!master_keyset_reader.ok()) {
response->set_err(std::string(master_keyset_reader.status().message()));
return grpc::Status::OK;
}
StatusOr<std::unique_ptr<KeysetHandle>> master_keyset_handle =
CleartextKeysetHandle::Read(*std::move(master_keyset_reader));
if (!master_keyset_handle.ok()) {
response->set_err(std::string(master_keyset_handle.status().message()));
return grpc::Status::OK;
}
StatusOr<std::unique_ptr<crypto::tink::Aead>> master_aead =
(*master_keyset_handle)->GetPrimitive<crypto::tink::Aead>();
if (!master_aead.ok()) {
response->set_err(std::string(master_aead.status().message()));
return grpc::Status::OK;
}
std::unique_ptr<KeysetReader> keyset_reader;
if (request->keyset_reader_type() == KEYSET_READER_BINARY) {
StatusOr<std::unique_ptr<KeysetReader>> binary_keyset_reader =
BinaryKeysetReader::New(request->encrypted_keyset());
if (!binary_keyset_reader.ok()) {
response->set_err(std::string(binary_keyset_reader.status().message()));
return grpc::Status::OK;
}
keyset_reader = *std::move(binary_keyset_reader);
} else if (request->keyset_reader_type() == KEYSET_READER_JSON) {
StatusOr<std::unique_ptr<KeysetReader>> json_keyset_reader =
JsonKeysetReader::New(request->encrypted_keyset());
if (!json_keyset_reader.ok()) {
response->set_err(std::string(json_keyset_reader.status().message()));
return grpc::Status::OK;
}
keyset_reader = *std::move(json_keyset_reader);
} else {
return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT,
"unknown keyset_writer_type");
}
std::unique_ptr<KeysetHandle> keyset_handle;
if (request->has_associated_data()) {
StatusOr<std::unique_ptr<KeysetHandle>> read_result =
::crypto::tink::KeysetHandle::ReadWithAssociatedData(
std::move(keyset_reader), **master_aead,
request->associated_data().value());
if (!read_result.ok()) {
response->set_err(std::string(read_result.status().message()));
return grpc::Status::OK;
}
keyset_handle = *std::move(read_result);
} else {
StatusOr<std::unique_ptr<KeysetHandle>> read_result =
::crypto::tink::KeysetHandle::Read(std::move(keyset_reader),
**master_aead);
if (!read_result.ok()) {
response->set_err(std::string(read_result.status().message()));
return grpc::Status::OK;
}
keyset_handle = *std::move(read_result);
}
std::stringbuf keyset;
StatusOr<std::unique_ptr<BinaryKeysetWriter>> keyset_writer =
BinaryKeysetWriter::New(absl::make_unique<std::ostream>(&keyset));
if (!keyset_writer.ok()) {
response->set_err(std::string(keyset_writer.status().message()));
return grpc::Status::OK;
}
crypto::tink::util::Status status =
CleartextKeysetHandle::Write(keyset_writer->get(), *keyset_handle);
if (!status.ok()) {
response->set_err(std::string(status.message()));
return grpc::Status::OK;
}
response->set_keyset(keyset.str());
return grpc::Status::OK;
}
} // namespace tink_testing_api