OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/symmetric_key.h" | 5 #include "crypto/symmetric_key.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
| 10 #include <memory> |
10 #include <vector> | 11 #include <vector> |
11 | 12 |
12 // TODO(wtc): replace scoped_array by std::vector. | 13 // TODO(wtc): replace scoped_array by std::vector. |
13 #include "base/memory/scoped_ptr.h" | |
14 #include "base/sys_byteorder.h" | 14 #include "base/sys_byteorder.h" |
15 | 15 |
16 namespace crypto { | 16 namespace crypto { |
17 | 17 |
18 namespace { | 18 namespace { |
19 | 19 |
20 // The following is a non-public Microsoft header documented in MSDN under | 20 // The following is a non-public Microsoft header documented in MSDN under |
21 // CryptImportKey / CryptExportKey. Following the header is the byte array of | 21 // CryptImportKey / CryptExportKey. Following the header is the byte array of |
22 // the actual plaintext key. | 22 // the actual plaintext key. |
23 struct PlaintextBlobHeader { | 23 struct PlaintextBlobHeader { |
(...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
164 | 164 |
165 // Attempts to generate a random, |key_size_in_bits|-long HMAC key, for use | 165 // Attempts to generate a random, |key_size_in_bits|-long HMAC key, for use |
166 // with the hash function |alg|. | 166 // with the hash function |alg|. |
167 // |key_size_in_bits| must be >= 1/2 the hash size of |alg| for security. | 167 // |key_size_in_bits| must be >= 1/2 the hash size of |alg| for security. |
168 // Returns true if generation is successful, storing the generated key in | 168 // Returns true if generation is successful, storing the generated key in |
169 // |*key| and the key provider (CSP) in |*provider|. | 169 // |*key| and the key provider (CSP) in |*provider|. |
170 bool GenerateHMACKey(size_t key_size_in_bits, | 170 bool GenerateHMACKey(size_t key_size_in_bits, |
171 ALG_ID alg, | 171 ALG_ID alg, |
172 ScopedHCRYPTPROV* provider, | 172 ScopedHCRYPTPROV* provider, |
173 ScopedHCRYPTKEY* key, | 173 ScopedHCRYPTKEY* key, |
174 scoped_ptr<BYTE[]>* raw_key) { | 174 std::unique_ptr<BYTE[]>* raw_key) { |
175 DCHECK(provider); | 175 DCHECK(provider); |
176 DCHECK(key); | 176 DCHECK(key); |
177 DCHECK(raw_key); | 177 DCHECK(raw_key); |
178 | 178 |
179 if (!CheckHMACKeySize(key_size_in_bits, alg)) | 179 if (!CheckHMACKeySize(key_size_in_bits, alg)) |
180 return false; | 180 return false; |
181 | 181 |
182 ScopedHCRYPTPROV safe_provider; | 182 ScopedHCRYPTPROV safe_provider; |
183 // See comment in GenerateAESKey as to why NULL is acceptable for the | 183 // See comment in GenerateAESKey as to why NULL is acceptable for the |
184 // container name. | 184 // container name. |
185 BOOL ok = CryptAcquireContext(safe_provider.receive(), NULL, NULL, | 185 BOOL ok = CryptAcquireContext(safe_provider.receive(), NULL, NULL, |
186 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); | 186 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); |
187 if (!ok) | 187 if (!ok) |
188 return false; | 188 return false; |
189 | 189 |
190 DWORD key_size_in_bytes = static_cast<DWORD>(key_size_in_bits / 8); | 190 DWORD key_size_in_bytes = static_cast<DWORD>(key_size_in_bits / 8); |
191 scoped_ptr<BYTE[]> random(new BYTE[key_size_in_bytes]); | 191 std::unique_ptr<BYTE[]> random(new BYTE[key_size_in_bytes]); |
192 ok = CryptGenRandom(safe_provider, key_size_in_bytes, random.get()); | 192 ok = CryptGenRandom(safe_provider, key_size_in_bytes, random.get()); |
193 if (!ok) | 193 if (!ok) |
194 return false; | 194 return false; |
195 | 195 |
196 ScopedHCRYPTKEY safe_key; | 196 ScopedHCRYPTKEY safe_key; |
197 bool rv = ImportRawKey(safe_provider, CALG_HMAC, random.get(), | 197 bool rv = ImportRawKey(safe_provider, CALG_HMAC, random.get(), |
198 key_size_in_bytes, &safe_key); | 198 key_size_in_bytes, &safe_key); |
199 if (rv) { | 199 if (rv) { |
200 key->swap(safe_key); | 200 key->swap(safe_key); |
201 provider->swap(safe_provider); | 201 provider->swap(safe_provider); |
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
316 | 316 |
317 // static | 317 // static |
318 SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm, | 318 SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm, |
319 size_t key_size_in_bits) { | 319 size_t key_size_in_bits) { |
320 DCHECK_GE(key_size_in_bits, 8u); | 320 DCHECK_GE(key_size_in_bits, 8u); |
321 | 321 |
322 ScopedHCRYPTPROV provider; | 322 ScopedHCRYPTPROV provider; |
323 ScopedHCRYPTKEY key; | 323 ScopedHCRYPTKEY key; |
324 | 324 |
325 bool ok = false; | 325 bool ok = false; |
326 scoped_ptr<BYTE[]> raw_key; | 326 std::unique_ptr<BYTE[]> raw_key; |
327 | 327 |
328 switch (algorithm) { | 328 switch (algorithm) { |
329 case AES: | 329 case AES: |
330 ok = GenerateAESKey(key_size_in_bits, &provider, &key); | 330 ok = GenerateAESKey(key_size_in_bits, &provider, &key); |
331 break; | 331 break; |
332 case HMAC_SHA1: | 332 case HMAC_SHA1: |
333 ok = GenerateHMACKey(key_size_in_bits, CALG_SHA1, &provider, | 333 ok = GenerateHMACKey(key_size_in_bits, CALG_SHA1, &provider, |
334 &key, &raw_key); | 334 &key, &raw_key); |
335 break; | 335 break; |
336 } | 336 } |
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
530 HCRYPTKEY key, | 530 HCRYPTKEY key, |
531 const void* key_data, size_t key_size_in_bytes) | 531 const void* key_data, size_t key_size_in_bytes) |
532 : provider_(provider), key_(key) { | 532 : provider_(provider), key_(key) { |
533 if (key_data) { | 533 if (key_data) { |
534 raw_key_.assign(reinterpret_cast<const char*>(key_data), | 534 raw_key_.assign(reinterpret_cast<const char*>(key_data), |
535 key_size_in_bytes); | 535 key_size_in_bytes); |
536 } | 536 } |
537 } | 537 } |
538 | 538 |
539 } // namespace crypto | 539 } // namespace crypto |
OLD | NEW |