Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(352)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/sync/util/nigori.cc

Issue 3013047: Let the Nigori client import and export raw encryption keys. (Closed)
Patch Set: Rename Init and Import Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/sync/util/nigori.h ('k') | chrome/browser/sync/util/nigori_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/sync/util/nigori.h" 5 #include "chrome/browser/sync/util/nigori.h"
6 6
7 #if defined(OS_WIN) 7 #if defined(OS_WIN)
8 #include <winsock2.h> // for htonl 8 #include <winsock2.h> // for htonl
9 #endif 9 #endif
10 10
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
54 return stream_.str(); 54 return stream_.str();
55 } 55 }
56 56
57 private: 57 private:
58 std::ostringstream stream_; 58 std::ostringstream stream_;
59 }; 59 };
60 60
61 // static 61 // static
62 const char Nigori::kSaltSalt[] = "saltsalt"; 62 const char Nigori::kSaltSalt[] = "saltsalt";
63 63
64 Nigori::Nigori(const std::string& hostname) 64 Nigori::Nigori() {
65 : hostname_(hostname) {
66 } 65 }
67 66
68 Nigori::~Nigori() { 67 Nigori::~Nigori() {
69 } 68 }
70 69
71 bool Nigori::Init(const std::string& username, const std::string& password) { 70 bool Nigori::InitByDerivation(const std::string& hostname,
71 const std::string& username,
72 const std::string& password) {
73 hostname_ = hostname;
72 username_ = username; 74 username_ = username;
73 password_ = password; 75 password_ = password;
74 76
75 NigoriStream salt_password; 77 NigoriStream salt_password;
76 salt_password << username << hostname_; 78 salt_password << username << hostname;
77 79
78 // Suser = PBKDF2(Username || Servername, "saltsalt", Nsalt, 8) 80 // Suser = PBKDF2(Username || Servername, "saltsalt", Nsalt, 8)
79 scoped_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword( 81 scoped_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword(
80 SymmetricKey::HMAC_SHA1, salt_password.str(), 82 SymmetricKey::HMAC_SHA1, salt_password.str(),
81 kSaltSalt, 83 kSaltSalt,
82 kSaltIterations, 84 kSaltIterations,
83 kSaltKeySizeInBits)); 85 kSaltKeySizeInBits));
84 DCHECK(user_salt.get()); 86 DCHECK(user_salt.get());
85 87
86 std::string raw_user_salt; 88 std::string raw_user_salt;
(...skipping 11 matching lines...) Expand all
98 100
99 // Kmac = PBKDF2(P, Suser, Nmac, 16) 101 // Kmac = PBKDF2(P, Suser, Nmac, 16)
100 mac_key_.reset(SymmetricKey::DeriveKeyFromPassword( 102 mac_key_.reset(SymmetricKey::DeriveKeyFromPassword(
101 SymmetricKey::HMAC_SHA1, password, raw_user_salt, kSigningIterations, 103 SymmetricKey::HMAC_SHA1, password, raw_user_salt, kSigningIterations,
102 kDerivedKeySizeInBits)); 104 kDerivedKeySizeInBits));
103 DCHECK(mac_key_.get()); 105 DCHECK(mac_key_.get());
104 106
105 return true; 107 return true;
106 } 108 }
107 109
110 bool Nigori::InitByImport(const std::string& user_key,
111 const std::string& encryption_key,
112 const std::string& mac_key) {
113 user_key_.reset(SymmetricKey::Import(SymmetricKey::AES, user_key));
114 DCHECK(user_key_.get());
115
116 encryption_key_.reset(SymmetricKey::Import(SymmetricKey::AES,
117 encryption_key));
118 DCHECK(encryption_key_.get());
119
120 mac_key_.reset(SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key));
121 DCHECK(mac_key_.get());
122
123 return user_key_.get() && encryption_key_.get() && mac_key_.get();
124 }
125
108 // Permute[Kenc,Kmac](type || name) 126 // Permute[Kenc,Kmac](type || name)
109 bool Nigori::Permute(Type type, const std::string& name, 127 bool Nigori::Permute(Type type, const std::string& name,
110 std::string* permuted) const { 128 std::string* permuted) const {
111 DCHECK_LT(0U, name.size()); 129 DCHECK_LT(0U, name.size());
112 130
113 NigoriStream plaintext; 131 NigoriStream plaintext;
114 plaintext << type << name; 132 plaintext << type << name;
115 133
116 Encryptor encryptor; 134 Encryptor encryptor;
117 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, 135 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC,
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after
221 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv)) 239 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv))
222 return false; 240 return false;
223 241
224 std::string plaintext; 242 std::string plaintext;
225 if (!encryptor.Decrypt(ciphertext, value)) 243 if (!encryptor.Decrypt(ciphertext, value))
226 return false; 244 return false;
227 245
228 return true; 246 return true;
229 } 247 }
230 248
249 bool Nigori::ExportKeys(std::string* user_key,
250 std::string* encryption_key,
251 std::string* mac_key) const {
252 DCHECK(user_key);
253 DCHECK(encryption_key);
254 DCHECK(mac_key);
255
256 return user_key_->GetRawKey(user_key) &&
257 encryption_key_->GetRawKey(encryption_key) &&
258 mac_key_->GetRawKey(mac_key);
259 }
260
231 } // namespace browser_sync 261 } // namespace browser_sync
OLDNEW
« no previous file with comments | « chrome/browser/sync/util/nigori.h ('k') | chrome/browser/sync/util/nigori_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698