Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(399)

Side by Side Diff: vault_keyset.cc

Issue 2645008: Update on feedback, update dbus API, add unit tests. TEST=manual,unit,BVT BUG=3628 323 (Closed) Base URL: ssh://git@chromiumos-git/cryptohome.git
Patch Set: Address second round of feedback. Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « vault_keyset.h ('k') | vault_keyset_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. 1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/logging.h" 5 #include <base/logging.h>
6 #include "chromeos/utility.h" 6 #include <chromeos/utility.h>
7 #include "cryptohome/cryptohome_common.h" 7
8 #include "cryptohome/vault_keyset.h" 8 #include "cryptohome_common.h"
9 #include "vault_keyset.h"
9 10
10 namespace cryptohome { 11 namespace cryptohome {
11 12
12 VaultKeyset::VaultKeyset() 13 VaultKeyset::VaultKeyset()
13 : major_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MAJOR), 14 : major_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MAJOR),
14 minor_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MINOR) { 15 minor_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MINOR) {
15 } 16 }
16 17
17 VaultKeyset::VaultKeyset(const SecureBlob& source)
18 : major_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MAJOR),
19 minor_version_(CRYPTOHOME_VAULT_KEYSET_VERSION_MINOR) {
20 AssignBuffer(source);
21 }
22
23 bool VaultKeyset::AssignBuffer(const SecureBlob& source) { 18 bool VaultKeyset::AssignBuffer(const SecureBlob& source) {
24 if(source.size() < VaultKeyset::SerializedSize()) { 19 if(source.size() < VaultKeyset::SerializedSize()) {
25 LOG(ERROR) << "Input buffer is too small."; 20 LOG(ERROR) << "Input buffer is too small.";
26 return false; 21 return false;
27 } 22 }
28 23
29 int offset = 0; 24 int offset = 0;
30 VaultKeysetHeader header; 25 VaultKeysetHeader header;
31 memcpy(&header, &source[offset], sizeof(header)); 26 memcpy(&header, &source[offset], sizeof(header));
32 offset += sizeof(header); 27 offset += sizeof(header);
(...skipping 11 matching lines...) Expand all
44 fek_sig_.resize(sizeof(keys.fek_sig)); 39 fek_sig_.resize(sizeof(keys.fek_sig));
45 memcpy(&fek_sig_[0], keys.fek_sig, fek_sig_.size()); 40 memcpy(&fek_sig_[0], keys.fek_sig, fek_sig_.size());
46 fek_salt_.resize(sizeof(keys.fek_salt)); 41 fek_salt_.resize(sizeof(keys.fek_salt));
47 memcpy(&fek_salt_[0], keys.fek_salt, fek_salt_.size()); 42 memcpy(&fek_salt_[0], keys.fek_salt, fek_salt_.size());
48 fnek_.resize(sizeof(keys.fnek)); 43 fnek_.resize(sizeof(keys.fnek));
49 memcpy(&fnek_[0], keys.fnek, fnek_.size()); 44 memcpy(&fnek_[0], keys.fnek, fnek_.size());
50 fnek_sig_.resize(sizeof(keys.fnek_sig)); 45 fnek_sig_.resize(sizeof(keys.fnek_sig));
51 memcpy(&fnek_sig_[0], keys.fnek_sig, fnek_sig_.size()); 46 memcpy(&fnek_sig_[0], keys.fnek_sig, fnek_sig_.size());
52 fnek_salt_.resize(sizeof(keys.fnek_salt)); 47 fnek_salt_.resize(sizeof(keys.fnek_salt));
53 memcpy(&fnek_salt_[0], keys.fnek_salt, fnek_salt_.size()); 48 memcpy(&fnek_salt_[0], keys.fnek_salt, fnek_salt_.size());
54 chromeos::SecureMemset(&keys, sizeof(keys), 0); 49 chromeos::SecureMemset(&keys, 0, sizeof(keys));
55 50
56 return true; 51 return true;
57 } 52 }
58 53
59 SecureBlob VaultKeyset::ToBuffer() const { 54 bool VaultKeyset::ToBuffer(SecureBlob* buffer) const {
60 SecureBlob buffer(VaultKeyset::SerializedSize()); 55 SecureBlob local_buffer(VaultKeyset::SerializedSize());
56 unsigned char* data = static_cast<unsigned char*>(local_buffer.data());
61 57
62 VaultKeysetHeader header; 58 VaultKeysetHeader header;
63 memcpy(header.signature, kVaultKeysetSignature, sizeof(header.signature)); 59 memcpy(header.signature, kVaultKeysetSignature, sizeof(header.signature));
64 header.major_version = major_version_; 60 header.major_version = major_version_;
65 header.minor_version = minor_version_; 61 header.minor_version = minor_version_;
66 memcpy(&buffer[0], &header, sizeof(header)); 62 memcpy(data, &header, sizeof(header));
67 63
68 VaultKeysetKeys keys; 64 VaultKeysetKeys keys;
69 chromeos::SecureMemset(&keys, sizeof(keys), 0); 65 chromeos::SecureMemset(&keys, 0, sizeof(keys));
70 memcpy(keys.fek, &fek_[0], 66 if (fek_.size() != sizeof(keys.fek)) {
71 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIZE, sizeof(keys.fek))); 67 return false;
72 memcpy(keys.fek_sig, &fek_sig_[0], 68 }
73 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE, 69 memcpy(keys.fek, fek_.const_data(), sizeof(keys.fek));
74 sizeof(keys.fek_sig))); 70 if (fek_sig_.size() != sizeof(keys.fek_sig)) {
75 memcpy(keys.fek_salt, &fek_salt_[0], 71 return false;
76 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE, 72 }
77 sizeof(keys.fek_salt))); 73 memcpy(keys.fek_sig, fek_sig_.const_data(), sizeof(keys.fek_sig));
78 memcpy(keys.fnek, &fnek_[0], 74 if (fek_salt_.size() != sizeof(keys.fek_salt)) {
79 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIZE, sizeof(keys.fnek))); 75 return false;
80 memcpy(keys.fnek_sig, &fnek_sig_[0], 76 }
81 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE, 77 memcpy(keys.fek_salt, fek_salt_.const_data(), sizeof(keys.fek_salt));
82 sizeof(keys.fnek_sig))); 78 if (fnek_.size() != sizeof(keys.fnek)) {
83 memcpy(keys.fnek_salt, &fnek_salt_[0], 79 return false;
84 CRYPTOHOME_MIN(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE, 80 }
85 sizeof(keys.fnek_salt))); 81 memcpy(keys.fnek, fnek_.const_data(), sizeof(keys.fnek));
86 memcpy(&buffer[sizeof(header)], &keys, sizeof(keys)); 82 if (fnek_sig_.size() != sizeof(keys.fnek_sig)) {
87 chromeos::SecureMemset(&keys, sizeof(keys), 0); 83 return false;
84 }
85 memcpy(keys.fnek_sig, fnek_sig_.const_data(), sizeof(keys.fnek_sig));
86 if (fnek_salt_.size() != sizeof(keys.fnek_salt)) {
87 return false;
88 }
89 memcpy(keys.fnek_salt, fnek_salt_.const_data(), sizeof(keys.fnek_salt));
90 memcpy(&data[sizeof(header)], &keys, sizeof(keys));
91 chromeos::SecureMemset(&keys, 0, sizeof(keys));
88 92
89 return buffer; 93 buffer->swap(local_buffer);
94 return true;
90 } 95 }
91 96
92 void VaultKeyset::CreateRandom(const EntropySource& entropy_source) { 97 void VaultKeyset::CreateRandom(const EntropySource& entropy_source) {
93 fek_.resize(CRYPTOHOME_DEFAULT_KEY_SIZE); 98 fek_.resize(CRYPTOHOME_DEFAULT_KEY_SIZE);
94 entropy_source.GetSecureRandom(&fek_[0], fek_.size()); 99 entropy_source.GetSecureRandom(&fek_[0], fek_.size());
95 100
96 fek_sig_.resize(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE); 101 fek_sig_.resize(CRYPTOHOME_DEFAULT_KEY_SIGNATURE_SIZE);
97 entropy_source.GetSecureRandom(&fek_sig_[0], fek_sig_.size()); 102 entropy_source.GetSecureRandom(&fek_sig_[0], fek_sig_.size());
98 103
99 fek_salt_.resize(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE); 104 fek_salt_.resize(CRYPTOHOME_DEFAULT_KEY_SALT_SIZE);
(...skipping 30 matching lines...) Expand all
130 } 135 }
131 136
132 const SecureBlob& VaultKeyset::FNEK_SALT() const { 137 const SecureBlob& VaultKeyset::FNEK_SALT() const {
133 return fnek_salt_; 138 return fnek_salt_;
134 } 139 }
135 140
136 unsigned int VaultKeyset::SerializedSize() { 141 unsigned int VaultKeyset::SerializedSize() {
137 return sizeof(VaultKeysetHeader) + sizeof(VaultKeysetKeys); 142 return sizeof(VaultKeysetHeader) + sizeof(VaultKeysetKeys);
138 } 143 }
139 144
140 } // cryptohome 145 } // namespace cryptohome
OLDNEW
« no previous file with comments | « vault_keyset.h ('k') | vault_keyset_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698