1 /* 2 * Copyright 2018 Google LLC 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * https://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef FCP_SECAGG_SHARED_AES_KEY_H_ 18 #define FCP_SECAGG_SHARED_AES_KEY_H_ 19 20 #include "fcp/base/monitoring.h" 21 #include "fcp/secagg/shared/key.h" 22 #include "fcp/secagg/shared/shamir_secret_sharing.h" 23 24 namespace fcp { 25 namespace secagg { 26 // A Key specifically intended for use with AES symmetric encryption. 27 // Keys originating on Java clients are 17 bytes or shorter (typically 28 // 16 or 17 bytes, but sometimes shorter). 29 // Keys originating on C++ clients must have 32 bytes. 30 // A 0-byte key should not be used for anything, and represents the absence of 31 // a key in a collection of keys. 32 // 33 class AesKey : public Key { 34 public: 35 static constexpr int kSize = 32; // Expected key size for AES-256 36 37 // The key is blank. AesKey()38 AesKey() : Key() {} 39 40 // The key is a standard-size 32 byte key. 41 explicit AesKey(const uint8_t* data, int key_size = kSize); 42 43 // Create a key by reconstructing it from key shares. Length depends on the 44 // key shares, and may not be 32 bytes. Threshold is the threshold used when 45 // the secret was shared, i.e. the minimum number of clients to reconstruct. 46 static StatusOr<AesKey> CreateFromShares( 47 const std::vector<ShamirShare>& shares, int threshold); 48 }; 49 } // namespace secagg 50 } // namespace fcp 51 52 #endif // FCP_SECAGG_SHARED_AES_KEY_H_ 53