Implements support for PBKDF2-based key derivation, random key generation, an...

base/crypto/symmetric_key.h

Index: base/crypto/symmetric_key.h
===================================================================
--- base/crypto/symmetric_key.h	(revision 43354)
+++ base/crypto/symmetric_key.h	(working copy)
@@ -13,6 +13,8 @@
 #include "base/crypto/scoped_nss_types.h"
 #elif defined(OS_MACOSX)
 #include <Security/cssmtype.h>
+#elif defined(OS_WIN)
+#include "base/crypto/scoped_capi_types.h"
 #endif
 
 namespace base {
@@ -46,6 +48,9 @@
   PK11SymKey* key() const { return key_.get(); }
 #elif defined(OS_MACOSX)
   CSSM_DATA cssm_data() const;
+#elif defined(OS_WIN)
+  HCRYPTPROV prov() const { return provider_.get(); }
+  HCRYPTKEY key() const { return key_.get(); }
 #endif
 
   // Extracts the raw key from the platform specific data. This should only be
@@ -59,6 +64,25 @@
 #elif defined(OS_MACOSX)
   SymmetricKey(const void* key_data, size_t key_size_in_bits);
   std::string key_;
+#elif defined(OS_WIN)
+  SymmetricKey(HCRYPTPROV provider, HCRYPTKEY key, const void* key_data,
+               size_t key_size_in_bytes) : provider_(provider), key_(key) {
+    if (key_data) {
+      raw_key_.assign(reinterpret_cast<const char*>(key_data),
+                     key_size_in_bytes);
+    }
+  }
+
+  ScopedHCRYPTPROV provider_;
+  ScopedHCRYPTKEY key_;
+
+  // Contains the raw key, if it is known during initialization and when it
+  // is likely that the associated |provider_| will be unable to export the
+  // |key_|. This is the case of HMAC keys when the key size exceeds 16 bytes
+  // when using the default RSA provider.
+  // TODO(rsleevi): See if KP_EFFECTIVE_KEYLEN is the reason why CryptExportKey
+  // fails with NTE_BAD_KEY/NTE_BAD_LEN
+  std::string raw_key_;
 #endif
 
   DISALLOW_COPY_AND_ASSIGN(SymmetricKey);
@@ -66,4 +90,4 @@
 
 }  // namespace base
 
-#endif   // BASE_CRYPTO_SYMMETRIC_KEY_H_
+#endif  // BASE_CRYPTO_SYMMETRIC_KEY_H_