1*6777b538SAndroid Build Coastguard Worker // Copyright 2012 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #ifndef CRYPTO_SYMMETRIC_KEY_H_ 6*6777b538SAndroid Build Coastguard Worker #define CRYPTO_SYMMETRIC_KEY_H_ 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker #include <stddef.h> 9*6777b538SAndroid Build Coastguard Worker 10*6777b538SAndroid Build Coastguard Worker #include <memory> 11*6777b538SAndroid Build Coastguard Worker #include <string> 12*6777b538SAndroid Build Coastguard Worker 13*6777b538SAndroid Build Coastguard Worker #include "build/build_config.h" 14*6777b538SAndroid Build Coastguard Worker #include "crypto/crypto_export.h" 15*6777b538SAndroid Build Coastguard Worker 16*6777b538SAndroid Build Coastguard Worker namespace crypto { 17*6777b538SAndroid Build Coastguard Worker 18*6777b538SAndroid Build Coastguard Worker // Wraps a platform-specific symmetric key and allows it to be held in a 19*6777b538SAndroid Build Coastguard Worker // scoped_ptr. 20*6777b538SAndroid Build Coastguard Worker class CRYPTO_EXPORT SymmetricKey { 21*6777b538SAndroid Build Coastguard Worker public: 22*6777b538SAndroid Build Coastguard Worker // Defines the algorithm that a key will be used with. See also 23*6777b538SAndroid Build Coastguard Worker // classs Encrptor. 24*6777b538SAndroid Build Coastguard Worker enum Algorithm { 25*6777b538SAndroid Build Coastguard Worker AES, 26*6777b538SAndroid Build Coastguard Worker HMAC_SHA1, 27*6777b538SAndroid Build Coastguard Worker }; 28*6777b538SAndroid Build Coastguard Worker 29*6777b538SAndroid Build Coastguard Worker SymmetricKey(const SymmetricKey&) = delete; 30*6777b538SAndroid Build Coastguard Worker SymmetricKey& operator=(const SymmetricKey&) = delete; 31*6777b538SAndroid Build Coastguard Worker 32*6777b538SAndroid Build Coastguard Worker virtual ~SymmetricKey(); 33*6777b538SAndroid Build Coastguard Worker 34*6777b538SAndroid Build Coastguard Worker // Generates a random key suitable to be used with |algorithm| and of 35*6777b538SAndroid Build Coastguard Worker // |key_size_in_bits| bits. |key_size_in_bits| must be a multiple of 8. 36*6777b538SAndroid Build Coastguard Worker // The caller is responsible for deleting the returned SymmetricKey. 37*6777b538SAndroid Build Coastguard Worker static std::unique_ptr<SymmetricKey> GenerateRandomKey( 38*6777b538SAndroid Build Coastguard Worker Algorithm algorithm, 39*6777b538SAndroid Build Coastguard Worker size_t key_size_in_bits); 40*6777b538SAndroid Build Coastguard Worker 41*6777b538SAndroid Build Coastguard Worker // Derives a key from the supplied password and salt using PBKDF2, suitable 42*6777b538SAndroid Build Coastguard Worker // for use with specified |algorithm|. Note |algorithm| is not the algorithm 43*6777b538SAndroid Build Coastguard Worker // used to derive the key from the password. |key_size_in_bits| must be a 44*6777b538SAndroid Build Coastguard Worker // multiple of 8. The caller is responsible for deleting the returned 45*6777b538SAndroid Build Coastguard Worker // SymmetricKey. 46*6777b538SAndroid Build Coastguard Worker static std::unique_ptr<SymmetricKey> DeriveKeyFromPasswordUsingPbkdf2( 47*6777b538SAndroid Build Coastguard Worker Algorithm algorithm, 48*6777b538SAndroid Build Coastguard Worker const std::string& password, 49*6777b538SAndroid Build Coastguard Worker const std::string& salt, 50*6777b538SAndroid Build Coastguard Worker size_t iterations, 51*6777b538SAndroid Build Coastguard Worker size_t key_size_in_bits); 52*6777b538SAndroid Build Coastguard Worker 53*6777b538SAndroid Build Coastguard Worker // Derives a key from the supplied password and salt using scrypt, suitable 54*6777b538SAndroid Build Coastguard Worker // for use with specified |algorithm|. Note |algorithm| is not the algorithm 55*6777b538SAndroid Build Coastguard Worker // used to derive the key from the password. |cost_parameter|, |block_size|, 56*6777b538SAndroid Build Coastguard Worker // and |parallelization_parameter| correspond to the parameters |N|, |r|, and 57*6777b538SAndroid Build Coastguard Worker // |p| from the scrypt specification (see RFC 7914). |key_size_in_bits| must 58*6777b538SAndroid Build Coastguard Worker // be a multiple of 8. The caller is responsible for deleting the returned 59*6777b538SAndroid Build Coastguard Worker // SymmetricKey. 60*6777b538SAndroid Build Coastguard Worker static std::unique_ptr<SymmetricKey> DeriveKeyFromPasswordUsingScrypt( 61*6777b538SAndroid Build Coastguard Worker Algorithm algorithm, 62*6777b538SAndroid Build Coastguard Worker const std::string& password, 63*6777b538SAndroid Build Coastguard Worker const std::string& salt, 64*6777b538SAndroid Build Coastguard Worker size_t cost_parameter, 65*6777b538SAndroid Build Coastguard Worker size_t block_size, 66*6777b538SAndroid Build Coastguard Worker size_t parallelization_parameter, 67*6777b538SAndroid Build Coastguard Worker size_t max_memory_bytes, 68*6777b538SAndroid Build Coastguard Worker size_t key_size_in_bits); 69*6777b538SAndroid Build Coastguard Worker 70*6777b538SAndroid Build Coastguard Worker // Imports an array of key bytes in |raw_key|. This key may have been 71*6777b538SAndroid Build Coastguard Worker // generated by GenerateRandomKey or DeriveKeyFromPassword{Pbkdf2,Scrypt} and 72*6777b538SAndroid Build Coastguard Worker // exported with key(). The key must be of suitable size for use with 73*6777b538SAndroid Build Coastguard Worker // |algorithm|. The caller owns the returned SymmetricKey. 74*6777b538SAndroid Build Coastguard Worker static std::unique_ptr<SymmetricKey> Import(Algorithm algorithm, 75*6777b538SAndroid Build Coastguard Worker const std::string& raw_key); 76*6777b538SAndroid Build Coastguard Worker 77*6777b538SAndroid Build Coastguard Worker // Returns the raw platform specific key data. key()78*6777b538SAndroid Build Coastguard Worker const std::string& key() const { return key_; } 79*6777b538SAndroid Build Coastguard Worker 80*6777b538SAndroid Build Coastguard Worker private: 81*6777b538SAndroid Build Coastguard Worker SymmetricKey(); 82*6777b538SAndroid Build Coastguard Worker 83*6777b538SAndroid Build Coastguard Worker std::string key_; 84*6777b538SAndroid Build Coastguard Worker }; 85*6777b538SAndroid Build Coastguard Worker 86*6777b538SAndroid Build Coastguard Worker } // namespace crypto 87*6777b538SAndroid Build Coastguard Worker 88*6777b538SAndroid Build Coastguard Worker #endif // CRYPTO_SYMMETRIC_KEY_H_ 89