1 // Copyright 2020 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16
17 #include <grpcpp/grpcpp.h>
18
19 #include <iostream>
20 #include <memory>
21 #include <ostream>
22 #include <string>
23
24 #include "absl/flags/flag.h"
25 #include "absl/flags/parse.h"
26 #include "absl/strings/str_cat.h"
27 #include "tink/config/tink_config.h"
28 #include "tink/hybrid/hpke_config.h"
29 #ifdef TINK_CROSS_LANG_TESTS_AWSKMS
30 #include "tink/integration/awskms/aws_kms_client.h"
31 #endif // TINK_CROSS_LANG_TESTS_AWSKMS
32 #include "tink/integration/gcpkms/gcp_kms_client.h"
33 #include "tink/jwt/jwt_mac_config.h"
34 #include "tink/jwt/jwt_signature_config.h"
35 #include "tink/util/fake_kms_client.h"
36 #include "tink/util/status.h"
37 #include "aead_impl.h"
38 #include "deterministic_aead_impl.h"
39 #include "hybrid_impl.h"
40 #include "jwt_impl.h"
41 #include "keyset_impl.h"
42 #include "mac_impl.h"
43 #include "metadata_impl.h"
44 #include "prf_set_impl.h"
45 #include "signature_impl.h"
46 #include "streaming_aead_impl.h"
47 #include "proto/testing_api.grpc.pb.h"
48
49 ABSL_FLAG(int, port, 23456, "the port");
50 ABSL_FLAG(std::string, gcp_credentials_path, "",
51 "Google Cloud KMS credentials path");
52 ABSL_FLAG(
53 std::string, gcp_key_uri, "",
54 absl::StrCat("Google Cloud KMS key URL of the form: ",
55 "gcp-kms://projects/*/locations/*/keyRings/*/cryptoKeys/*."));
56 ABSL_FLAG(std::string, aws_credentials_path, "", "AWS KMS credentials path");
57 ABSL_FLAG(
58 std::string, aws_key_uri, "",
59 absl::StrCat("AWS KMS key URL of the form: ",
60 "aws-kms://arn:aws:kms:<region>:<account-id>:key/<key-id>."));
61
62 namespace tink_testing_api {
63
RunServer()64 void RunServer() {
65 auto status = crypto::tink::TinkConfig::Register();
66 if (!status.ok()) {
67 std::cerr << "TinkConfig::Register() failed: " << status.message()
68 << std::endl;
69 return;
70 }
71 auto hpke_status = crypto::tink::RegisterHpke();
72 if (!hpke_status.ok()) {
73 std::cerr << "RegisterHpke() failed: " << hpke_status.message()
74 << std::endl;
75 return;
76 }
77 auto jwt_mac_status = crypto::tink::JwtMacRegister();
78 if (!jwt_mac_status.ok()) {
79 std::cerr << "JwtMacRegister() failed: " << jwt_mac_status.message()
80 << std::endl;
81 return;
82 }
83 auto jwt_signature_status = crypto::tink::JwtSignatureRegister();
84 if (!jwt_signature_status.ok()) {
85 std::cerr << "JwtSignatureRegister() failed: "
86 << jwt_signature_status.message() << std::endl;
87 return;
88 }
89 auto register_fake_kms_client_status =
90 crypto::tink::test::FakeKmsClient::RegisterNewClient("", "");
91 if (!register_fake_kms_client_status.ok()) {
92 std::cerr << "FakeKmsClient::RegisterNewClient(\"\", \"\") failed: "
93 << register_fake_kms_client_status.message() << std::endl;
94 return;
95 }
96 std::string gcp_credentials_path = absl::GetFlag(FLAGS_gcp_credentials_path);
97 std::string gcp_key_uri = absl::GetFlag(FLAGS_gcp_key_uri);
98 crypto::tink::util::Status register_gcpkms_client_status =
99 crypto::tink::integration::gcpkms::GcpKmsClient::RegisterNewClient(
100 gcp_key_uri, gcp_credentials_path);
101 if (!register_gcpkms_client_status.ok()) {
102 std::cerr << "GcpKmsClient::RegisterNewClient(\"\", \""
103 << gcp_credentials_path
104 << "\") failed: " << register_gcpkms_client_status.message()
105 << std::endl;
106 return;
107 }
108 #ifdef TINK_CROSS_LANG_TESTS_AWSKMS
109 std::string aws_credentials_path = absl::GetFlag(FLAGS_aws_credentials_path);
110 std::string aws_key_uri = absl::GetFlag(FLAGS_aws_key_uri);
111 crypto::tink::util::Status register_awskms_client_status =
112 crypto::tink::integration::awskms::AwsKmsClient::RegisterNewClient(
113 aws_key_uri, aws_credentials_path);
114 if (!register_awskms_client_status.ok()) {
115 std::cerr << "AwsKmsClient::RegisterNewClient(\"\", \""
116 << aws_credentials_path
117 << "\") failed: " << register_awskms_client_status.message()
118 << std::endl;
119 return;
120 }
121 #endif // TINK_CROSS_LANG_TESTS_AWSKMS
122
123 const int port = absl::GetFlag(FLAGS_port);
124 std::string server_address = absl::StrCat("[::]:", port);
125
126 MetadataImpl metadata;
127 KeysetImpl keyset;
128 AeadImpl aead;
129 DeterministicAeadImpl deterministic_aead;
130 HybridImpl hybrid;
131 MacImpl mac;
132 SignatureImpl signature;
133 StreamingAeadImpl streaming_aead;
134 PrfSetImpl prf_set;
135 JwtImpl jwt;
136
137 grpc::ServerBuilder builder;
138 builder.AddListeningPort(
139 server_address, ::grpc::experimental::LocalServerCredentials(LOCAL_TCP));
140
141 builder.RegisterService(&metadata);
142 builder.RegisterService(&keyset);
143 builder.RegisterService(&aead);
144 builder.RegisterService(&deterministic_aead);
145 builder.RegisterService(&hybrid);
146 builder.RegisterService(&mac);
147 builder.RegisterService(&signature);
148 builder.RegisterService(&prf_set);
149 builder.RegisterService(&streaming_aead);
150 builder.RegisterService(&jwt);
151
152 std::unique_ptr<grpc::Server> server(builder.BuildAndStart());
153 std::cout << "Server listening on " << server_address << std::endl;
154 server->Wait();
155 }
156
157 } // namespace tink_testing_api
158
main(int argc,char ** argv)159 int main(int argc, char** argv) {
160 absl::ParseCommandLine(argc, argv);
161 tink_testing_api::RunServer();
162 return 0;
163 }
164