Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(131)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: base/crypto/symmetric_key_nss.cc

Issue 1347002: Add Mac implementations of new SymmetricKey and Encryptor classes. (Closed)
Patch Set: Responding to feedback Created 10 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« base/crypto/symmetric_key_mac.cc ('K') | « base/crypto/symmetric_key_mac.cc ('k') | base/crypto/symmetric_key_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/crypto/symmetric_key.h" 5 #include "base/crypto/symmetric_key.h"
6 6
7 #include <nss.h> 7 #include <nss.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 9
10 #include "base/nss_util.h" 10 #include "base/nss_util.h"
11 #include "base/logging.h" 11 #include "base/logging.h"
12 12
13 namespace base { 13 namespace base {
14 14
15 // static 15 // static
16 SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm, size_t key_si ze) { 16 SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm,
17 size_t key_size_in_bits) {
17 DCHECK_EQ(AES, algorithm); 18 DCHECK_EQ(AES, algorithm);
18 19
19 EnsureNSSInit(); 20 EnsureNSSInit();
20 if (key_size == 0) 21 if (key_size_in_bits == 0)
21 return NULL; 22 return NULL;
22 23
23 ScopedPK11Slot slot(PK11_GetBestSlot(CKM_AES_KEY_GEN, NULL)); 24 ScopedPK11Slot slot(PK11_GetBestSlot(CKM_AES_KEY_GEN, NULL));
24 if (!slot.get()) 25 if (!slot.get())
25 return NULL; 26 return NULL;
26 27
27 PK11SymKey* sym_key = PK11_KeyGen(slot.get(), CKM_AES_KEY_GEN, NULL, key_size, 28 PK11SymKey* sym_key = PK11_KeyGen(slot.get(), CKM_AES_KEY_GEN, NULL,
28 NULL); 29 key_size_in_bits / 8, NULL);
29 if (!sym_key) 30 if (!sym_key)
30 return NULL; 31 return NULL;
31 32
32 return new SymmetricKey(sym_key); 33 return new SymmetricKey(sym_key);
33 } 34 }
34 35
35 // static 36 // static
36 SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm, 37 SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm,
37 const std::string& password, 38 const std::string& password,
38 const std::string& salt, 39 const std::string& salt,
39 size_t iterations, 40 size_t iterations,
40 size_t key_size) { 41 size_t key_size_in_bits) {
41 EnsureNSSInit(); 42 EnsureNSSInit();
42 if (salt.empty() || iterations == 0 || key_size == 0) 43 if (salt.empty() || iterations == 0 || key_size_in_bits == 0)
43 return NULL; 44 return NULL;
44 45
45 SECItem password_item; 46 SECItem password_item;
46 password_item.type = siBuffer; 47 password_item.type = siBuffer;
47 password_item.data = reinterpret_cast<unsigned char*>( 48 password_item.data = reinterpret_cast<unsigned char*>(
48 const_cast<char *>(password.data())); 49 const_cast<char *>(password.data()));
49 password_item.len = password.size(); 50 password_item.len = password.size();
50 51
51 SECItem salt_item; 52 SECItem salt_item;
52 salt_item.type = siBuffer; 53 salt_item.type = siBuffer;
53 salt_item.data = reinterpret_cast<unsigned char*>( 54 salt_item.data = reinterpret_cast<unsigned char*>(
54 const_cast<char *>(salt.data())); 55 const_cast<char *>(salt.data()));
55 salt_item.len = salt.size(); 56 salt_item.len = salt.size();
56 57
57 58
58 SECOidTag cipher_algorithm = 59 SECOidTag cipher_algorithm =
59 algorithm == AES ? SEC_OID_AES_256_CBC : SEC_OID_HMAC_SHA1; 60 algorithm == AES ? SEC_OID_AES_256_CBC : SEC_OID_HMAC_SHA1;
60 ScopedSECAlgorithmID alg_id(PK11_CreatePBEV2AlgorithmID(SEC_OID_PKCS5_PBKDF2, 61 ScopedSECAlgorithmID alg_id(PK11_CreatePBEV2AlgorithmID(SEC_OID_PKCS5_PBKDF2,
61 cipher_algorithm, 62 cipher_algorithm,
62 SEC_OID_HMAC_SHA1, 63 SEC_OID_HMAC_SHA1,
63 key_size, 64 key_size_in_bits / 8,
64 iterations, 65 iterations,
65 &salt_item)); 66 &salt_item));
66 if (!alg_id.get()) 67 if (!alg_id.get())
67 return NULL; 68 return NULL;
68 69
69 ScopedPK11Slot slot(PK11_GetBestSlot(SEC_OID_PKCS5_PBKDF2, NULL)); 70 ScopedPK11Slot slot(PK11_GetBestSlot(SEC_OID_PKCS5_PBKDF2, NULL));
70 if (!slot.get()) 71 if (!slot.get())
71 return NULL; 72 return NULL;
72 73
73 PK11SymKey* sym_key = PK11_PBEKeyGen(slot.get(), alg_id.get(), &password_item, 74 PK11SymKey* sym_key = PK11_PBEKeyGen(slot.get(), alg_id.get(), &password_item,
(...skipping 11 matching lines...) Expand all
85 86
86 SECItem* key_item = PK11_GetKeyData(key_.get()); 87 SECItem* key_item = PK11_GetKeyData(key_.get());
87 if (!key_item) 88 if (!key_item)
88 return false; 89 return false;
89 90
90 raw_key->assign(reinterpret_cast<char*>(key_item->data), key_item->len); 91 raw_key->assign(reinterpret_cast<char*>(key_item->data), key_item->len);
91 return true; 92 return true;
92 } 93 }
93 94
94 } // namespace base 95 } // namespace base
OLDNEW
« base/crypto/symmetric_key_mac.cc ('K') | « base/crypto/symmetric_key_mac.cc ('k') | base/crypto/symmetric_key_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698