cc/jwt/internal/jwt_public_key_sign_impl.cc - third_party/tink - Git at Google

 // Copyright 2021 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ///////////////////////////////////////////////////////////////////////////////

 #include "tink/jwt/internal/jwt_public_key_sign_impl.h"

 #include <string>

 #include "absl/status/status.h"
 #include "absl/strings/escaping.h"
 #include "absl/strings/str_split.h"
 #include "tink/jwt/internal/jwt_format.h"

 namespace crypto {
 namespace tink {
 namespace jwt_internal {

 util::StatusOr<std::string> JwtPublicKeySignImpl::SignAndEncodeWithKid(
     const RawJwt& token, absl::optional<absl::string_view> kid) const {
   absl::optional<std::string> type_header;
   if (token.HasTypeHeader()) {
     util::StatusOr<std::string> type = token.GetTypeHeader();
     if (!type.ok()) {
       return type.status();
     }
     type_header = *type;
   }
   if (custom_kid_.has_value()) {
     if (kid.has_value()) {
       return util::Status(absl::StatusCode::kInvalidArgument,
                           "TINK keys are not allowed to have a kid value set.");
     }
     kid = *custom_kid_;
   }
   util::StatusOr<std::string> encoded_header =
       CreateHeader(algorithm_, type_header, kid);
   if (!encoded_header.ok()) {
     return encoded_header.status();
   }
   util::StatusOr<std::string> payload = token.GetJsonPayload();
   if (!payload.ok()) {
     return payload.status();
   }
   std::string encoded_payload = EncodePayload(*payload);
   std::string unsigned_token =
       absl::StrCat(*encoded_header, ".", encoded_payload);
   util::StatusOr<std::string> tag = sign_->Sign(unsigned_token);
   if (!tag.ok()) {
     return tag.status();
   }
   std::string encoded_tag = EncodeSignature(*tag);
   return absl::StrCat(unsigned_token, ".", encoded_tag);
 }

 }  // namespace jwt_internal
 }  // namespace tink
 }  // namespace crypto
	// Copyright 2021 Google LLC
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	///////////////////////////////////////////////////////////////////////////////

	#include "tink/jwt/internal/jwt_public_key_sign_impl.h"

	#include <string>

	#include "absl/status/status.h"
	#include "absl/strings/escaping.h"
	#include "absl/strings/str_split.h"
	#include "tink/jwt/internal/jwt_format.h"

	namespace crypto {
	namespace tink {
	namespace jwt_internal {

	util::StatusOr<std::string> JwtPublicKeySignImpl::SignAndEncodeWithKid(
	const RawJwt& token, absl::optional<absl::string_view> kid) const {
	absl::optional<std::string> type_header;
	if (token.HasTypeHeader()) {
	util::StatusOr<std::string> type = token.GetTypeHeader();
	if (!type.ok()) {
	return type.status();
	}
	type_header = *type;
	}
	if (custom_kid_.has_value()) {
	if (kid.has_value()) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"TINK keys are not allowed to have a kid value set.");
	}
	kid = *custom_kid_;
	}
	util::StatusOr<std::string> encoded_header =
	CreateHeader(algorithm_, type_header, kid);
	if (!encoded_header.ok()) {
	return encoded_header.status();
	}
	util::StatusOr<std::string> payload = token.GetJsonPayload();
	if (!payload.ok()) {
	return payload.status();
	}
	std::string encoded_payload = EncodePayload(*payload);
	std::string unsigned_token =
	absl::StrCat(*encoded_header, ".", encoded_payload);
	util::StatusOr<std::string> tag = sign_->Sign(unsigned_token);
	if (!tag.ok()) {
	return tag.status();
	}
	std::string encoded_tag = EncodeSignature(*tag);
	return absl::StrCat(unsigned_token, ".", encoded_tag);
	}

	} // namespace jwt_internal
	} // namespace tink
	} // namespace crypto