Index: base/crypto/symmetric_key_openssl.cc |
diff --git a/base/crypto/symmetric_key_openssl.cc b/base/crypto/symmetric_key_openssl.cc |
index 591252dc225393a1cbc20916a93d51f6a5b2d5af..9eebb3f6c074680b00040d33be08390ff4f30f91 100644 |
--- a/base/crypto/symmetric_key_openssl.cc |
+++ b/base/crypto/symmetric_key_openssl.cc |
@@ -4,18 +4,44 @@ |
#include "base/crypto/symmetric_key.h" |
+#include <openssl/evp.h> |
+#include <openssl/rand.h> |
+ |
#include "base/logging.h" |
+#include "base/openssl_util.h" |
+#include "base/scoped_ptr.h" |
+#include "base/string_util.h" |
namespace base { |
+SymmetricKey::SymmetricKey(std::string* key) { |
+ key->swap(key_); |
+} |
+ |
SymmetricKey::~SymmetricKey() { |
+ // Zero out the content. |
+ key_.assign(key_.length(), '\0'); |
} |
// static |
SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm, |
size_t key_size_in_bits) { |
- NOTIMPLEMENTED(); |
- return NULL; |
+ DCHECK_EQ(AES, algorithm); |
+ int key_size_in_bytes = key_size_in_bits / 8; |
+ DCHECK_EQ(static_cast<int>(key_size_in_bits), key_size_in_bytes * 8); |
+ ScopedERRStackClearer err_stack; |
+ |
+ if (key_size_in_bits == 0) |
+ return NULL; |
+ |
+ std::string key; |
+ uint8* key_data = |
+ reinterpret_cast<uint8*>(WriteInto(&key, key_size_in_bytes + 1)); |
+ |
+ int res = RAND_bytes(key_data, key.length()); |
+ if (res != 1) |
+ return NULL; |
+ return new SymmetricKey(&key); |
} |
// static |
@@ -24,20 +50,35 @@ SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm, |
const std::string& salt, |
size_t iterations, |
size_t key_size_in_bits) { |
- NOTIMPLEMENTED(); |
- return NULL; |
+ DCHECK(algorithm == AES || algorithm == HMAC_SHA1); |
+ int key_size_in_bytes = key_size_in_bits / 8; |
+ DCHECK_EQ(static_cast<int>(key_size_in_bits), key_size_in_bytes * 8); |
+ ScopedERRStackClearer err_stack; |
+ |
+ std::string key; |
+ uint8* key_data = |
+ reinterpret_cast<uint8*>(WriteInto(&key, key_size_in_bytes + 1)); |
+ int res = PKCS5_PBKDF2_HMAC_SHA1(password.data(), password.length(), |
+ reinterpret_cast<const uint8*>(salt.data()), |
+ salt.length(), iterations, |
+ key.length(), key_data); |
+ if (res != 1) { |
+ DLOG(ERROR) << "HMAC SHA1 failed. res = " << res; |
+ return NULL; |
+ } |
+ return new SymmetricKey(&key); |
} |
// static |
SymmetricKey* SymmetricKey::Import(Algorithm algorithm, |
const std::string& raw_key) { |
- NOTIMPLEMENTED(); |
- return NULL; |
+ std::string copy(raw_key); |
+ return new SymmetricKey(©); |
} |
bool SymmetricKey::GetRawKey(std::string* raw_key) { |
- NOTIMPLEMENTED(); |
- return false; |
+ *raw_key = key_; |
+ return true; |
} |
} // namespace base |