vault_keyset.h - chromiumos/platform/cryptohome - Git at Google

 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef VAULT_KEYSET_H_
 #define VAULT_KEYSET_H_

 #include <base/basictypes.h>
 #include <chromeos/secure_blob.h>

 #include "cryptohome_common.h"
 #include "vault_keyset.pb.h"

 namespace cryptohome {

 class Crypto;
 class Platform;

 // VaultKeyset holds the File Encryption Key (FEK) and File Name Encryption Key
 // (FNEK) and their corresponding signatures.
 class VaultKeyset {
  public:
   VaultKeyset();
   virtual ~VaultKeyset();

   // Does not take ownership of platform and crypto. The objects pointed to by
   // them must outlive this object.
   virtual void Initialize(Platform* platform, Crypto* crypto);

   virtual void FromVaultKeyset(const VaultKeyset& vault_keyset);
   virtual void FromKeys(const VaultKeysetKeys& keys);
   virtual bool FromKeysBlob(const chromeos::SecureBlob& keys_blob);
   virtual bool ToKeys(VaultKeysetKeys* keys) const;
   virtual bool ToKeysBlob(chromeos::SecureBlob* keys_blob) const;

   virtual void CreateRandom();

   virtual const chromeos::SecureBlob& FEK() const;
   virtual const chromeos::SecureBlob& FEK_SIG() const;
   virtual const chromeos::SecureBlob& FEK_SALT() const;
   virtual const chromeos::SecureBlob& FNEK() const;
   virtual const chromeos::SecureBlob& FNEK_SIG() const;
   virtual const chromeos::SecureBlob& FNEK_SALT() const;

   virtual bool Load(const std::string& filename);
   // Load must be called first.
   virtual bool Decrypt(const chromeos::SecureBlob& key);
   // Encrypt must be called first.
   virtual bool Save(const std::string& filename);
   virtual bool Encrypt(const chromeos::SecureBlob& key);
   virtual const SerializedVaultKeyset& serialized() const {
     return serialized_;
   }
   virtual SerializedVaultKeyset* mutable_serialized() {
     return &serialized_;
   }
   virtual const std::string& source_file() const {
     return source_file_;
   }
   virtual void set_legacy_index(int index) {
     legacy_index_ = index;
   }
   virtual const int legacy_index() const {
     return legacy_index_;
   }

  private:
   chromeos::SecureBlob fek_;
   chromeos::SecureBlob fek_sig_;
   chromeos::SecureBlob fek_salt_;
   chromeos::SecureBlob fnek_;
   chromeos::SecureBlob fnek_sig_;
   chromeos::SecureBlob fnek_salt_;

   Platform* platform_;
   Crypto* crypto_;

   SerializedVaultKeyset serialized_;
   bool loaded_;
   bool encrypted_;
   std::string source_file_;
   int legacy_index_;

   DISALLOW_COPY_AND_ASSIGN(VaultKeyset);
 };

 }  // namespace cryptohome

 #endif  // VAULT_KEYSET_H_
	// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef VAULT_KEYSET_H_
	#define VAULT_KEYSET_H_

	#include <base/basictypes.h>
	#include <chromeos/secure_blob.h>

	#include "cryptohome_common.h"
	#include "vault_keyset.pb.h"

	namespace cryptohome {

	class Crypto;
	class Platform;

	// VaultKeyset holds the File Encryption Key (FEK) and File Name Encryption Key
	// (FNEK) and their corresponding signatures.
	class VaultKeyset {
	public:
	VaultKeyset();
	virtual ~VaultKeyset();

	// Does not take ownership of platform and crypto. The objects pointed to by
	// them must outlive this object.
	virtual void Initialize(Platform* platform, Crypto* crypto);

	virtual void FromVaultKeyset(const VaultKeyset& vault_keyset);
	virtual void FromKeys(const VaultKeysetKeys& keys);
	virtual bool FromKeysBlob(const chromeos::SecureBlob& keys_blob);
	virtual bool ToKeys(VaultKeysetKeys* keys) const;
	virtual bool ToKeysBlob(chromeos::SecureBlob* keys_blob) const;

	virtual void CreateRandom();

	virtual const chromeos::SecureBlob& FEK() const;
	virtual const chromeos::SecureBlob& FEK_SIG() const;
	virtual const chromeos::SecureBlob& FEK_SALT() const;
	virtual const chromeos::SecureBlob& FNEK() const;
	virtual const chromeos::SecureBlob& FNEK_SIG() const;
	virtual const chromeos::SecureBlob& FNEK_SALT() const;

	virtual bool Load(const std::string& filename);
	// Load must be called first.
	virtual bool Decrypt(const chromeos::SecureBlob& key);
	// Encrypt must be called first.
	virtual bool Save(const std::string& filename);
	virtual bool Encrypt(const chromeos::SecureBlob& key);
	virtual const SerializedVaultKeyset& serialized() const {
	return serialized_;
	}
	virtual SerializedVaultKeyset* mutable_serialized() {
	return &serialized_;
	}
	virtual const std::string& source_file() const {
	return source_file_;
	}
	virtual void set_legacy_index(int index) {
	legacy_index_ = index;
	}
	virtual const int legacy_index() const {
	return legacy_index_;
	}

	private:
	chromeos::SecureBlob fek_;
	chromeos::SecureBlob fek_sig_;
	chromeos::SecureBlob fek_salt_;
	chromeos::SecureBlob fnek_;
	chromeos::SecureBlob fnek_sig_;
	chromeos::SecureBlob fnek_salt_;

	Platform* platform_;
	Crypto* crypto_;

	SerializedVaultKeyset serialized_;
	bool loaded_;
	bool encrypted_;
	std::string source_file_;
	int legacy_index_;

	DISALLOW_COPY_AND_ASSIGN(VaultKeyset);
	};

	} // namespace cryptohome

	#endif // VAULT_KEYSET_H_