Implement symmetric key for openssl

base/crypto/symmetric_key_openssl.cc

Index: base/crypto/symmetric_key_openssl.cc
diff --git a/base/crypto/symmetric_key_openssl.cc b/base/crypto/symmetric_key_openssl.cc
index 591252dc225393a1cbc20916a93d51f6a5b2d5af..a519e931d26d2996258f4b04e417dc59fdf5d535 100644
--- a/base/crypto/symmetric_key_openssl.cc
+++ b/base/crypto/symmetric_key_openssl.cc
@@ -4,18 +4,44 @@
 
 #include "base/crypto/symmetric_key.h"
 
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
 #include "base/logging.h"
+#include "base/openssl_util.h"
+#include "base/scoped_ptr.h"
+#include "base/string_util.h"
 
 namespace base {
 
+SymmetricKey::SymmetricKey(std::string* key) {
+  key->swap(key_);
+}
+
 SymmetricKey::~SymmetricKey() {
+  // Zero out the content.
+  key_.assign(key_.length(), '\0');
 }
 
 // static
 SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm,
                                               size_t key_size_in_bits) {
-  NOTIMPLEMENTED();
-  return NULL;
+  DCHECK_EQ(AES, algorithm);
+  int key_size_in_bytes = key_size_in_bits / 8;
+  DCHECK_EQ(static_cast<int>(key_size_in_bits), key_size_in_bytes * 8);
+  ScopedERRStackClearer err_stack;
+
+  if (key_size_in_bits == 0)
+    return NULL;
+
+  std::string key;
+  uint8* key_data =
+      reinterpret_cast<uint8*>(WriteInto(&key, key_size_in_bytes + 1));
+
+  int res = RAND_bytes(key_data, key.length());
+  if (res != 1)
+    return NULL;
+  return new SymmetricKey(&key);
 }
 
 // static
@@ -24,20 +50,35 @@ SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm,
                                                   const std::string& salt,
                                                   size_t iterations,
                                                   size_t key_size_in_bits) {
-  NOTIMPLEMENTED();
-  return NULL;
+  DCHECK(algorithm == AES || algorithm == HMAC_SHA1);
+  int key_size_in_bytes = key_size_in_bits / 8;
+  DCHECK_EQ(static_cast<int>(key_size_in_bits), key_size_in_bytes * 8);
+  ScopedERRStackClearer err_stack;
+
+  std::string key;
+  uint8* key_data =
+      reinterpret_cast<uint8*>(WriteInto(&key, key_size_in_bytes + 1));
+  int res = PKCS5_PBKDF2_HMAC_SHA1(password.data(), password.length(),
+                                   reinterpret_cast<const uint8*>(salt.data()),
+                                   salt.length(), iterations,
+                                   key.length(), key_data);
+  if (res != 1) {
+    NOTREACHED() << "HMAC SHA1 failed. res = " << res;

[Ryan Sleevi, 2010/11/11 18:07:16]

nit: The other impl's don't NOTREACHED(). DLOG(ERROR) would be appropriate (the
others DCHECK)

[joth, 2010/11/11 19:54:36]

Done.

+    return NULL;
+  }
+  return new SymmetricKey(&key);
 }
 
 // static
 SymmetricKey* SymmetricKey::Import(Algorithm algorithm,
                                    const std::string& raw_key) {
-  NOTIMPLEMENTED();
-  return NULL;
+  std::string copy(raw_key);
+  return new SymmetricKey(&copy);
 }
 
 bool SymmetricKey::GetRawKey(std::string* raw_key) {
-  NOTIMPLEMENTED();
-  return false;
+  *raw_key = key_;
+  return true;
 }
 
 }  // namespace base