Stop returning unnecessary status from secret key accessors.

#tinkApiChange PiperOrigin-RevId: 550895306
author: wconner <wconner@google.com> 2023-07-25 08:32:33 -0700
committer: Copybara-Service <copybara-worker@google.com> 2023-07-25 08:36:58 -0700
commit: 597d0768caa6977e583668cede678eec197805e1 (patch)
tree: 310d992c9ca536635a8e1487df9d9322389e4cfa
parent: 9e430be535b0c833287966d74c7bcd0981acbfcb (diff)
download: tink-597d0768caa6977e583668cede678eec197805e1.tar.gz
8 files changed, 8 insertions, 17 deletions
diff --git a/cc/aead/aes_gcm_key.h b/cc/aead/aes_gcm_key.h
index 8159ea738..55e229724 100644
--- a/cc/aead/aes_gcm_key.h
+++ b/cc/aead/aes_gcm_key.h
@@ -48,8 +48,7 @@ class AesGcmKey : public AeadKey {
                                           PartialKeyAccessToken token);
 
   // Returns the underlying AES key.
-  util::StatusOr<RestrictedData> GetKeyBytes(
-      PartialKeyAccessToken token) const {
+  const RestrictedData& GetKeyBytes(PartialKeyAccessToken token) const {
     return key_bytes_;
   }
 
diff --git a/cc/aead/aes_gcm_key_test.cc b/cc/aead/aes_gcm_key_test.cc
index 06a0a3574..acdfdb47b 100644
--- a/cc/aead/aes_gcm_key_test.cc
+++ b/cc/aead/aes_gcm_key_test.cc
@@ -33,7 +33,6 @@ namespace tink {
 namespace {
 
 using ::crypto::tink::test::IsOk;
-using ::crypto::tink::test::IsOkAndHolds;
 using ::crypto::tink::test::StatusIs;
 using ::testing::Combine;
 using ::testing::Eq;
@@ -157,7 +156,7 @@ TEST_P(AesGcmKeyTest, GetKeyBytes) {
       *params, secret, test_case.id_requirement, GetPartialKeyAccess());
   ASSERT_THAT(key, IsOk());
 
-  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), IsOkAndHolds(secret));
+  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), Eq(secret));
 }
 
 TEST_P(AesGcmKeyTest, KeyEquals) {
diff --git a/cc/daead/aes_siv_key.h b/cc/daead/aes_siv_key.h
index 8ca060d71..2c6cb24a9 100644
--- a/cc/daead/aes_siv_key.h
+++ b/cc/daead/aes_siv_key.h
@@ -48,8 +48,7 @@ class AesSivKey : public DeterministicAeadKey {
                                           PartialKeyAccessToken token);
 
   // Returns the underlying AES-SIV key.
-  util::StatusOr<RestrictedData> GetKeyBytes(
-      PartialKeyAccessToken token) const {
+  const RestrictedData& GetKeyBytes(PartialKeyAccessToken token) const {
     return key_bytes_;
   }
 
diff --git a/cc/daead/aes_siv_key_test.cc b/cc/daead/aes_siv_key_test.cc
index 294525e47..3ecc4687d 100644
--- a/cc/daead/aes_siv_key_test.cc
+++ b/cc/daead/aes_siv_key_test.cc
@@ -33,7 +33,6 @@ namespace tink {
 namespace {
 
 using ::crypto::tink::test::IsOk;
-using ::crypto::tink::test::IsOkAndHolds;
 using ::crypto::tink::test::StatusIs;
 using ::testing::Combine;
 using ::testing::Eq;
@@ -128,7 +127,7 @@ TEST_P(AesSivKeyTest, GetKeyBytes) {
   util::StatusOr<AesSivKey> key = AesSivKey::Create(
       *params, secret, test_case.id_requirement, GetPartialKeyAccess());
   ASSERT_THAT(key, IsOk());
-  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), IsOkAndHolds(secret));
+  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), Eq(secret));
 }
 
 TEST_P(AesSivKeyTest, KeyEquals) {
diff --git a/cc/mac/aes_cmac_key.h b/cc/mac/aes_cmac_key.h
index c29500b1f..4715f5eae 100644
--- a/cc/mac/aes_cmac_key.h
+++ b/cc/mac/aes_cmac_key.h
@@ -17,7 +17,6 @@
 #ifndef TINK_MAC_AES_CMAC_KEY_H_
 #define TINK_MAC_AES_CMAC_KEY_H_
 
-#include <memory>
 #include <string>
 #include <utility>
 
@@ -47,8 +46,7 @@ class AesCmacKey : public MacKey {
                                            PartialKeyAccessToken token);
 
   // Returns the underlying AES key.
-  util::StatusOr<RestrictedData> GetKeyBytes(
-      PartialKeyAccessToken token) const {
+  const RestrictedData& GetKeyBytes(PartialKeyAccessToken token) const {
     return key_bytes_;
   }
 
diff --git a/cc/mac/aes_cmac_key_test.cc b/cc/mac/aes_cmac_key_test.cc
index 8bb87cfcf..3103dcfcb 100644
--- a/cc/mac/aes_cmac_key_test.cc
+++ b/cc/mac/aes_cmac_key_test.cc
@@ -35,7 +35,6 @@ namespace tink {
 namespace {
 
 using ::crypto::tink::test::IsOk;
-using ::crypto::tink::test::IsOkAndHolds;
 using ::crypto::tink::test::StatusIs;
 using ::testing::Combine;
 using ::testing::Eq;
@@ -142,7 +141,7 @@ TEST_P(AesCmacKeyTest, GetAesCmacKey) {
       *params, secret, test_case.id_requirement, GetPartialKeyAccess());
   ASSERT_THAT(key.status(), IsOk());
 
-  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), IsOkAndHolds(secret));
+  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), Eq(secret));
 }
 
 TEST_P(AesCmacKeyTest, KeyEquals) {
diff --git a/cc/mac/hmac_key.h b/cc/mac/hmac_key.h
index 30f6bf5bf..5c371f97c 100644
--- a/cc/mac/hmac_key.h
+++ b/cc/mac/hmac_key.h
@@ -47,8 +47,7 @@ class HmacKey : public MacKey {
                                         PartialKeyAccessToken token);
 
   // Returns the underlying HMAC key bytes.
-  util::StatusOr<RestrictedData> GetKeyBytes(
-      PartialKeyAccessToken token) const {
+  const RestrictedData& GetKeyBytes(PartialKeyAccessToken token) const {
     return key_bytes_;
   }
 
diff --git a/cc/mac/hmac_key_test.cc b/cc/mac/hmac_key_test.cc
index e35aca73b..13d1f4864 100644
--- a/cc/mac/hmac_key_test.cc
+++ b/cc/mac/hmac_key_test.cc
@@ -35,7 +35,6 @@ namespace tink {
 namespace {
 
 using ::crypto::tink::test::IsOk;
-using ::crypto::tink::test::IsOkAndHolds;
 using ::crypto::tink::test::StatusIs;
 using ::testing::Combine;
 using ::testing::Eq;
@@ -147,7 +146,7 @@ TEST_P(HmacKeyTest, GetKeyBytes) {
       *params, secret, test_case.id_requirement, GetPartialKeyAccess());
   ASSERT_THAT(key.status(), IsOk());
 
-  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), IsOkAndHolds(secret));
+  EXPECT_THAT(key->GetKeyBytes(GetPartialKeyAccess()), Eq(secret));
 }
 
 TEST_P(HmacKeyTest, KeyEquals) {
author	wconner <wconner@google.com>	2023-07-25 08:32:33 -0700
committer	Copybara-Service <copybara-worker@google.com>	2023-07-25 08:36:58 -0700
commit	597d0768caa6977e583668cede678eec197805e1 (patch)
tree	310d992c9ca536635a8e1487df9d9322389e4cfa
parent	9e430be535b0c833287966d74c7bcd0981acbfcb (diff)
download	tink-597d0768caa6977e583668cede678eec197805e1.tar.gz