Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(61)

Side by Side Diff: src/platform/cryptohome/vault_keyset.cc

Issue 2051003: Initial patch from Will. (Closed) Base URL: ssh://git@chromiumos-git/chromiumos
Patch Set: Address style nits. Created 10 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/logging.h"
6 #include "chromeos/utility.h"
7 #include "cryptohome/cryptohome_common.h"
8 #include "cryptohome/vault_keyset.h"
9
10 namespace cryptohome {
11
12 VaultKeyset::VaultKeyset()
13 : major_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MAJOR),
14 minor_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MINOR) {
15 }
16
17 VaultKeyset::VaultKeyset(const SecureBlob& source)
18 : major_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MAJOR),
19 minor_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MINOR) {
20 AssignBuffer(source);
21 }
22
23 bool VaultKeyset::AssignBuffer(const SecureBlob& source) {
24 if(source.size() < VaultKeyset::SerializedSize()) {
25 LOG(ERROR) << "Input buffer is too small.";
26 return false;
27 }
28
29 int offset = 0;
30 VaultKeysetHeader header;
31 memcpy(&header, &source[offset], sizeof(header));
32 offset += sizeof(header);
33 if(memcmp(header.signature, kVaultKeysetSignature,
34 sizeof(header.signature))) {
35 return false;
36 }
37 major_version_ = header.major_version;
38 minor_version_ = header.minor_version;
39
40 VaultKeysetKeys keys;
41 memcpy(&keys, &source[offset], sizeof(keys));
42 fek_.resize(sizeof(keys.fek));
43 memcpy(&fek_[0], keys.fek, fek_.size());
44 fek_sig_.resize(sizeof(keys.fek_sig));
45 memcpy(&fek_sig_[0], keys.fek_sig, fek_sig_.size());
46 fek_salt_.resize(sizeof(keys.fek_salt));
47 memcpy(&fek_salt_[0], keys.fek_salt, fek_salt_.size());
48 fnek_.resize(sizeof(keys.fnek));
49 memcpy(&fnek_[0], keys.fnek, fnek_.size());
50 fnek_sig_.resize(sizeof(keys.fnek_sig));
51 memcpy(&fnek_sig_[0], keys.fnek_sig, fnek_sig_.size());
52 fnek_salt_.resize(sizeof(keys.fnek_salt));
53 memcpy(&fnek_salt_[0], keys.fnek_salt, fnek_salt_.size());
54 chromeos::SecureMemset(&keys, sizeof(keys), 0);
55
56 return true;
57 }
58
59 SecureBlob VaultKeyset::ToBuffer() const {
60 SecureBlob buffer(VaultKeyset::SerializedSize());
61
62 VaultKeysetHeader header;
63 memcpy(header.signature, kVaultKeysetSignature, sizeof(header.signature));
64 header.major_version = major_version_;
65 header.minor_version = minor_version_;
66 memcpy(&buffer[0], &header, sizeof(header));
67
68 VaultKeysetKeys keys;
69 chromeos::SecureMemset(&keys, sizeof(keys), 0);
70 memcpy(keys.fek, &fek_[0],
71 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIZE, sizeof(keys.fek)));
72 memcpy(keys.fek_sig, &fek_sig_[0],
73 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE,
74 sizeof(keys.fek_sig)));
75 memcpy(keys.fek_salt, &fek_salt_[0],
76 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE,
77 sizeof(keys.fek_salt)));
78 memcpy(keys.fnek, &fnek_[0],
79 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIZE, sizeof(keys.fnek)));
80 memcpy(keys.fnek_sig, &fnek_sig_[0],
81 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE,
82 sizeof(keys.fnek_sig)));
83 memcpy(keys.fnek_salt, &fnek_salt_[0],
84 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE,
85 sizeof(keys.fnek_salt)));
86 memcpy(&buffer[sizeof(header)], &keys, sizeof(keys));
87 chromeos::SecureMemset(&keys, sizeof(keys), 0);
88
89 return buffer;
90 }
91
92 void VaultKeyset::CreateRandom(const EntropySource& entropy_source) {
93 fek_.resize(CRYPTOHOME_DEFAULT_KEY_SIZE);
94 entropy_source.GetSecureRandom(&fek_[0], fek_.size());
95
96 fek_sig_.resize(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE);
97 entropy_source.GetSecureRandom(&fek_sig_[0], fek_sig_.size());
98
99 fek_salt_.resize(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE);
100 entropy_source.GetSecureRandom(&fek_salt_[0], fek_salt_.size());
101
102 fnek_.resize(CRYPTOHOME_DEFAULT_KEY_SIZE);
103 entropy_source.GetSecureRandom(&fnek_[0], fnek_.size());
104
105 fnek_sig_.resize(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE);
106 entropy_source.GetSecureRandom(&fnek_sig_[0], fnek_sig_.size());
107
108 fnek_salt_.resize(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE);
109 entropy_source.GetSecureRandom(&fnek_salt_[0], fnek_salt_.size());
110 }
111
112 const SecureBlob& VaultKeyset::FEK() const {
113 return fek_;
114 }
115
116 const SecureBlob& VaultKeyset::FEK_SIG() const {
117 return fek_sig_;
118 }
119
120 const SecureBlob& VaultKeyset::FEK_SALT() const {
121 return fek_salt_;
122 }
123
124 const SecureBlob& VaultKeyset::FNEK() const {
125 return fnek_;
126 }
127
128 const SecureBlob& VaultKeyset::FNEK_SIG() const {
129 return fnek_sig_;
130 }
131
132 const SecureBlob& VaultKeyset::FNEK_SALT() const {
133 return fnek_salt_;
134 }
135
136 unsigned int VaultKeyset::SerializedSize() {
137 return sizeof(VaultKeysetHeader) + sizeof(VaultKeysetKeys);
138 }
139
140 } // cryptohome
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698